diff options
Diffstat (limited to 'src/vpn/gnunet-service-vpn.c')
-rw-r--r-- | src/vpn/gnunet-service-vpn.c | 3814 |
1 files changed, 1935 insertions, 1879 deletions
diff --git a/src/vpn/gnunet-service-vpn.c b/src/vpn/gnunet-service-vpn.c index e2d8a8e50..4c042ea80 100644 --- a/src/vpn/gnunet-service-vpn.c +++ b/src/vpn/gnunet-service-vpn.c | |||
@@ -16,7 +16,7 @@ | |||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | 16 | along with this program. If not, see <http://www.gnu.org/licenses/>. |
17 | 17 | ||
18 | SPDX-License-Identifier: AGPL3.0-or-later | 18 | SPDX-License-Identifier: AGPL3.0-or-later |
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file vpn/gnunet-service-vpn.c | 22 | * @file vpn/gnunet-service-vpn.c |
@@ -65,9 +65,7 @@ struct DestinationEntry; | |||
65 | * List of channels we keep for each destination port for a given | 65 | * List of channels we keep for each destination port for a given |
66 | * destination entry. | 66 | * destination entry. |
67 | */ | 67 | */ |
68 | struct DestinationChannel | 68 | struct DestinationChannel { |
69 | { | ||
70 | |||
71 | /** | 69 | /** |
72 | * Kept in a DLL. | 70 | * Kept in a DLL. |
73 | */ | 71 | */ |
@@ -94,9 +92,7 @@ struct DestinationChannel | |||
94 | * Information we track for each IP address to determine which channel | 92 | * Information we track for each IP address to determine which channel |
95 | * to send the traffic over to the destination. | 93 | * to send the traffic over to the destination. |
96 | */ | 94 | */ |
97 | struct DestinationEntry | 95 | struct DestinationEntry { |
98 | { | ||
99 | |||
100 | /** | 96 | /** |
101 | * Key under which this entry is in the 'destination_map' (only valid | 97 | * Key under which this entry is in the 'destination_map' (only valid |
102 | * if 'heap_node != NULL'). | 98 | * if 'heap_node != NULL'). |
@@ -127,11 +123,8 @@ struct DestinationEntry | |||
127 | /** | 123 | /** |
128 | * Details about the connection (depending on is_service). | 124 | * Details about the connection (depending on is_service). |
129 | */ | 125 | */ |
130 | union | 126 | union { |
131 | { | 127 | struct { |
132 | |||
133 | struct | ||
134 | { | ||
135 | /** | 128 | /** |
136 | * The description of the service (only used for service channels). | 129 | * The description of the service (only used for service channels). |
137 | */ | 130 | */ |
@@ -141,12 +134,9 @@ struct DestinationEntry | |||
141 | * Peer offering the service. | 134 | * Peer offering the service. |
142 | */ | 135 | */ |
143 | struct GNUNET_PeerIdentity target; | 136 | struct GNUNET_PeerIdentity target; |
144 | |||
145 | } service_destination; | 137 | } service_destination; |
146 | 138 | ||
147 | struct | 139 | struct { |
148 | { | ||
149 | |||
150 | /** | 140 | /** |
151 | * Address family used (AF_INET or AF_INET6). | 141 | * Address family used (AF_INET or AF_INET6). |
152 | */ | 142 | */ |
@@ -155,21 +145,18 @@ struct DestinationEntry | |||
155 | /** | 145 | /** |
156 | * IP address of the ultimate destination (only used for exit channels). | 146 | * IP address of the ultimate destination (only used for exit channels). |
157 | */ | 147 | */ |
158 | union | 148 | union { |
159 | { | ||
160 | /** | 149 | /** |
161 | * Address if af is AF_INET. | 150 | * Address if af is AF_INET. |
162 | */ | 151 | */ |
163 | struct in_addr v4; | 152 | struct in_addr v4; |
164 | 153 | ||
165 | /** | 154 | /** |
166 | * Address if af is AF_INET6. | 155 | * Address if af is AF_INET6. |
167 | */ | 156 | */ |
168 | struct in6_addr v6; | 157 | struct in6_addr v6; |
169 | } ip; | 158 | } ip; |
170 | |||
171 | } exit_destination; | 159 | } exit_destination; |
172 | |||
173 | } details; | 160 | } details; |
174 | }; | 161 | }; |
175 | 162 | ||
@@ -177,8 +164,7 @@ struct DestinationEntry | |||
177 | /** | 164 | /** |
178 | * A messages we have in queue for a particular channel. | 165 | * A messages we have in queue for a particular channel. |
179 | */ | 166 | */ |
180 | struct ChannelMessageQueueEntry | 167 | struct ChannelMessageQueueEntry { |
181 | { | ||
182 | /** | 168 | /** |
183 | * This is a doubly-linked list. | 169 | * This is a doubly-linked list. |
184 | */ | 170 | */ |
@@ -204,9 +190,7 @@ struct ChannelMessageQueueEntry | |||
204 | /** | 190 | /** |
205 | * State we keep for each of our channels. | 191 | * State we keep for each of our channels. |
206 | */ | 192 | */ |
207 | struct ChannelState | 193 | struct ChannelState { |
208 | { | ||
209 | |||
210 | /** | 194 | /** |
211 | * Information about the channel to use, NULL if no channel | 195 | * Information about the channel to use, NULL if no channel |
212 | * is available right now. | 196 | * is available right now. |
@@ -266,8 +250,7 @@ struct ChannelState | |||
266 | /** | 250 | /** |
267 | * IP address of the source on our end, initially uninitialized. | 251 | * IP address of the source on our end, initially uninitialized. |
268 | */ | 252 | */ |
269 | union | 253 | union { |
270 | { | ||
271 | /** | 254 | /** |
272 | * Address if af is AF_INET. | 255 | * Address if af is AF_INET. |
273 | */ | 256 | */ |
@@ -277,15 +260,13 @@ struct ChannelState | |||
277 | * Address if af is AF_INET6. | 260 | * Address if af is AF_INET6. |
278 | */ | 261 | */ |
279 | struct in6_addr v6; | 262 | struct in6_addr v6; |
280 | |||
281 | } source_ip; | 263 | } source_ip; |
282 | 264 | ||
283 | /** | 265 | /** |
284 | * Destination IP address used by the source on our end (this is the IP | 266 | * Destination IP address used by the source on our end (this is the IP |
285 | * that we pick freely within the VPN's channel IP range). | 267 | * that we pick freely within the VPN's channel IP range). |
286 | */ | 268 | */ |
287 | union | 269 | union { |
288 | { | ||
289 | /** | 270 | /** |
290 | * Address if af is AF_INET. | 271 | * Address if af is AF_INET. |
291 | */ | 272 | */ |
@@ -295,7 +276,6 @@ struct ChannelState | |||
295 | * Address if af is AF_INET6. | 276 | * Address if af is AF_INET6. |
296 | */ | 277 | */ |
297 | struct in6_addr v6; | 278 | struct in6_addr v6; |
298 | |||
299 | } destination_ip; | 279 | } destination_ip; |
300 | 280 | ||
301 | /** | 281 | /** |
@@ -390,22 +370,24 @@ static unsigned long long max_channel_mappings; | |||
390 | * @param key where to store the key | 370 | * @param key where to store the key |
391 | */ | 371 | */ |
392 | static void | 372 | static void |
393 | get_destination_key_from_ip (int af, | 373 | get_destination_key_from_ip(int af, |
394 | const void *address, | 374 | const void *address, |
395 | struct GNUNET_HashCode *key) | 375 | struct GNUNET_HashCode *key) |
396 | { | 376 | { |
397 | switch (af) | 377 | switch (af) |
398 | { | 378 | { |
399 | case AF_INET: | 379 | case AF_INET: |
400 | GNUNET_CRYPTO_hash (address, sizeof (struct in_addr), key); | 380 | GNUNET_CRYPTO_hash(address, sizeof(struct in_addr), key); |
401 | break; | 381 | break; |
402 | case AF_INET6: | 382 | |
403 | GNUNET_CRYPTO_hash (address, sizeof (struct in6_addr), key); | 383 | case AF_INET6: |
404 | break; | 384 | GNUNET_CRYPTO_hash(address, sizeof(struct in6_addr), key); |
405 | default: | 385 | break; |
406 | GNUNET_assert (0); | 386 | |
407 | break; | 387 | default: |
408 | } | 388 | GNUNET_assert(0); |
389 | break; | ||
390 | } | ||
409 | } | 391 | } |
410 | 392 | ||
411 | 393 | ||
@@ -422,43 +404,45 @@ get_destination_key_from_ip (int af, | |||
422 | * @param key where to store the key | 404 | * @param key where to store the key |
423 | */ | 405 | */ |
424 | static void | 406 | static void |
425 | get_channel_key_from_ips (int af, | 407 | get_channel_key_from_ips(int af, |
426 | uint8_t protocol, | 408 | uint8_t protocol, |
427 | const void *source_ip, | 409 | const void *source_ip, |
428 | uint16_t source_port, | 410 | uint16_t source_port, |
429 | const void *destination_ip, | 411 | const void *destination_ip, |
430 | uint16_t destination_port, | 412 | uint16_t destination_port, |
431 | struct GNUNET_HashCode *key) | 413 | struct GNUNET_HashCode *key) |
432 | { | 414 | { |
433 | char *off; | 415 | char *off; |
434 | 416 | ||
435 | memset (key, 0, sizeof (struct GNUNET_HashCode)); | 417 | memset(key, 0, sizeof(struct GNUNET_HashCode)); |
436 | /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash, | 418 | /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash, |
437 | so we put the ports in there (and hope for few collisions) */ | 419 | so we put the ports in there (and hope for few collisions) */ |
438 | off = (char *) key; | 420 | off = (char *)key; |
439 | GNUNET_memcpy (off, &source_port, sizeof (uint16_t)); | 421 | GNUNET_memcpy(off, &source_port, sizeof(uint16_t)); |
440 | off += sizeof (uint16_t); | 422 | off += sizeof(uint16_t); |
441 | GNUNET_memcpy (off, &destination_port, sizeof (uint16_t)); | 423 | GNUNET_memcpy(off, &destination_port, sizeof(uint16_t)); |
442 | off += sizeof (uint16_t); | 424 | off += sizeof(uint16_t); |
443 | switch (af) | 425 | switch (af) |
444 | { | 426 | { |
445 | case AF_INET: | 427 | case AF_INET: |
446 | GNUNET_memcpy (off, source_ip, sizeof (struct in_addr)); | 428 | GNUNET_memcpy(off, source_ip, sizeof(struct in_addr)); |
447 | off += sizeof (struct in_addr); | 429 | off += sizeof(struct in_addr); |
448 | GNUNET_memcpy (off, destination_ip, sizeof (struct in_addr)); | 430 | GNUNET_memcpy(off, destination_ip, sizeof(struct in_addr)); |
449 | off += sizeof (struct in_addr); | 431 | off += sizeof(struct in_addr); |
450 | break; | 432 | break; |
451 | case AF_INET6: | 433 | |
452 | GNUNET_memcpy (off, source_ip, sizeof (struct in6_addr)); | 434 | case AF_INET6: |
453 | off += sizeof (struct in6_addr); | 435 | GNUNET_memcpy(off, source_ip, sizeof(struct in6_addr)); |
454 | GNUNET_memcpy (off, destination_ip, sizeof (struct in6_addr)); | 436 | off += sizeof(struct in6_addr); |
455 | off += sizeof (struct in6_addr); | 437 | GNUNET_memcpy(off, destination_ip, sizeof(struct in6_addr)); |
456 | break; | 438 | off += sizeof(struct in6_addr); |
457 | default: | 439 | break; |
458 | GNUNET_assert (0); | 440 | |
459 | break; | 441 | default: |
460 | } | 442 | GNUNET_assert(0); |
461 | GNUNET_memcpy (off, &protocol, sizeof (uint8_t)); | 443 | break; |
444 | } | ||
445 | GNUNET_memcpy(off, &protocol, sizeof(uint8_t)); | ||
462 | /* off += sizeof (uint8_t); */ | 446 | /* off += sizeof (uint8_t); */ |
463 | } | 447 | } |
464 | 448 | ||
@@ -472,35 +456,38 @@ get_channel_key_from_ips (int af, | |||
472 | * @param addr resulting IP address | 456 | * @param addr resulting IP address |
473 | */ | 457 | */ |
474 | static void | 458 | static void |
475 | send_client_reply (struct GNUNET_SERVICE_Client *client, | 459 | send_client_reply(struct GNUNET_SERVICE_Client *client, |
476 | uint64_t request_id, | 460 | uint64_t request_id, |
477 | int result_af, | 461 | int result_af, |
478 | const void *addr) | 462 | const void *addr) |
479 | { | 463 | { |
480 | struct GNUNET_MQ_Envelope *env; | 464 | struct GNUNET_MQ_Envelope *env; |
481 | struct RedirectToIpResponseMessage *res; | 465 | struct RedirectToIpResponseMessage *res; |
482 | size_t rlen; | 466 | size_t rlen; |
483 | 467 | ||
484 | switch (result_af) | 468 | switch (result_af) |
485 | { | 469 | { |
486 | case AF_INET: | 470 | case AF_INET: |
487 | rlen = sizeof (struct in_addr); | 471 | rlen = sizeof(struct in_addr); |
488 | break; | 472 | break; |
489 | case AF_INET6: | 473 | |
490 | rlen = sizeof (struct in6_addr); | 474 | case AF_INET6: |
491 | break; | 475 | rlen = sizeof(struct in6_addr); |
492 | case AF_UNSPEC: | 476 | break; |
493 | rlen = 0; | 477 | |
494 | break; | 478 | case AF_UNSPEC: |
495 | default: | 479 | rlen = 0; |
496 | GNUNET_assert (0); | 480 | break; |
497 | return; | 481 | |
498 | } | 482 | default: |
499 | env = GNUNET_MQ_msg_extra (res, rlen, GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP); | 483 | GNUNET_assert(0); |
500 | res->result_af = htonl (result_af); | 484 | return; |
485 | } | ||
486 | env = GNUNET_MQ_msg_extra(res, rlen, GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP); | ||
487 | res->result_af = htonl(result_af); | ||
501 | res->request_id = request_id; | 488 | res->request_id = request_id; |
502 | GNUNET_memcpy (&res[1], addr, rlen); | 489 | GNUNET_memcpy(&res[1], addr, rlen); |
503 | GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client), env); | 490 | GNUNET_MQ_send(GNUNET_SERVICE_client_get_mq(client), env); |
504 | } | 491 | } |
505 | 492 | ||
506 | 493 | ||
@@ -510,52 +497,52 @@ send_client_reply (struct GNUNET_SERVICE_Client *client, | |||
510 | * @param ts state to free | 497 | * @param ts state to free |
511 | */ | 498 | */ |
512 | static void | 499 | static void |
513 | free_channel_state (struct ChannelState *ts) | 500 | free_channel_state(struct ChannelState *ts) |
514 | { | 501 | { |
515 | struct GNUNET_HashCode key; | 502 | struct GNUNET_HashCode key; |
516 | struct ChannelMessageQueueEntry *tnq; | 503 | struct ChannelMessageQueueEntry *tnq; |
517 | struct GNUNET_CADET_Channel *channel; | 504 | struct GNUNET_CADET_Channel *channel; |
518 | 505 | ||
519 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up channel state\n"); | 506 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Cleaning up channel state\n"); |
520 | if (NULL != (channel = ts->channel)) | 507 | if (NULL != (channel = ts->channel)) |
521 | { | 508 | { |
522 | ts->channel = NULL; | 509 | ts->channel = NULL; |
523 | GNUNET_CADET_channel_destroy (channel); | 510 | GNUNET_CADET_channel_destroy(channel); |
524 | return; | 511 | return; |
525 | } | 512 | } |
526 | GNUNET_STATISTICS_update (stats, | 513 | GNUNET_STATISTICS_update(stats, |
527 | gettext_noop ("# Active channels"), | 514 | gettext_noop("# Active channels"), |
528 | -1, | 515 | -1, |
529 | GNUNET_NO); | 516 | GNUNET_NO); |
530 | while (NULL != (tnq = ts->tmq_head)) | 517 | while (NULL != (tnq = ts->tmq_head)) |
531 | { | 518 | { |
532 | GNUNET_CONTAINER_DLL_remove (ts->tmq_head, ts->tmq_tail, tnq); | 519 | GNUNET_CONTAINER_DLL_remove(ts->tmq_head, ts->tmq_tail, tnq); |
533 | ts->tmq_length--; | 520 | ts->tmq_length--; |
534 | GNUNET_free (tnq); | 521 | GNUNET_free(tnq); |
535 | } | 522 | } |
536 | GNUNET_assert (0 == ts->tmq_length); | 523 | GNUNET_assert(0 == ts->tmq_length); |
537 | GNUNET_assert (NULL == ts->destination.heap_node); | 524 | GNUNET_assert(NULL == ts->destination.heap_node); |
538 | if (NULL != ts->search) | 525 | if (NULL != ts->search) |
539 | { | 526 | { |
540 | GNUNET_REGEX_search_cancel (ts->search); | 527 | GNUNET_REGEX_search_cancel(ts->search); |
541 | ts->search = NULL; | 528 | ts->search = NULL; |
542 | } | 529 | } |
543 | if (NULL != ts->heap_node) | 530 | if (NULL != ts->heap_node) |
544 | { | 531 | { |
545 | GNUNET_CONTAINER_heap_remove_node (ts->heap_node); | 532 | GNUNET_CONTAINER_heap_remove_node(ts->heap_node); |
546 | ts->heap_node = NULL; | 533 | ts->heap_node = NULL; |
547 | get_channel_key_from_ips (ts->af, | 534 | get_channel_key_from_ips(ts->af, |
548 | ts->protocol, | 535 | ts->protocol, |
549 | &ts->source_ip, | 536 | &ts->source_ip, |
550 | ts->source_port, | 537 | ts->source_port, |
551 | &ts->destination_ip, | 538 | &ts->destination_ip, |
552 | ts->destination_port, | 539 | ts->destination_port, |
553 | &key); | 540 | &key); |
554 | GNUNET_assert ( | 541 | GNUNET_assert( |
555 | GNUNET_YES == | 542 | GNUNET_YES == |
556 | GNUNET_CONTAINER_multihashmap_remove (channel_map, &key, ts)); | 543 | GNUNET_CONTAINER_multihashmap_remove(channel_map, &key, ts)); |
557 | } | 544 | } |
558 | GNUNET_free (ts); | 545 | GNUNET_free(ts); |
559 | } | 546 | } |
560 | 547 | ||
561 | 548 | ||
@@ -567,27 +554,27 @@ free_channel_state (struct ChannelState *ts) | |||
567 | * @param env message to queue | 554 | * @param env message to queue |
568 | */ | 555 | */ |
569 | static void | 556 | static void |
570 | send_to_channel (struct ChannelState *ts, struct GNUNET_MQ_Envelope *env) | 557 | send_to_channel(struct ChannelState *ts, struct GNUNET_MQ_Envelope *env) |
571 | { | 558 | { |
572 | struct GNUNET_MQ_Handle *mq; | 559 | struct GNUNET_MQ_Handle *mq; |
573 | 560 | ||
574 | GNUNET_assert (NULL != ts->channel); | 561 | GNUNET_assert(NULL != ts->channel); |
575 | mq = GNUNET_CADET_get_mq (ts->channel); | 562 | mq = GNUNET_CADET_get_mq(ts->channel); |
576 | GNUNET_MQ_env_set_options (env, | 563 | GNUNET_MQ_env_set_options(env, |
577 | GNUNET_MQ_PRIO_BEST_EFFORT | | 564 | GNUNET_MQ_PRIO_BEST_EFFORT | |
578 | GNUNET_MQ_PREF_OUT_OF_ORDER); | 565 | GNUNET_MQ_PREF_OUT_OF_ORDER); |
579 | GNUNET_MQ_send (mq, env); | 566 | GNUNET_MQ_send(mq, env); |
580 | if (GNUNET_MQ_get_length (mq) > MAX_MESSAGE_QUEUE_SIZE) | 567 | if (GNUNET_MQ_get_length(mq) > MAX_MESSAGE_QUEUE_SIZE) |
581 | { | 568 | { |
582 | env = GNUNET_MQ_unsent_head (mq); | 569 | env = GNUNET_MQ_unsent_head(mq); |
583 | GNUNET_assert (NULL != env); | 570 | GNUNET_assert(NULL != env); |
584 | GNUNET_STATISTICS_update (stats, | 571 | GNUNET_STATISTICS_update(stats, |
585 | gettext_noop ( | 572 | gettext_noop( |
586 | "# Messages dropped in cadet queue (overflow)"), | 573 | "# Messages dropped in cadet queue (overflow)"), |
587 | 1, | 574 | 1, |
588 | GNUNET_NO); | 575 | GNUNET_NO); |
589 | GNUNET_MQ_discard (env); | 576 | GNUNET_MQ_discard(env); |
590 | } | 577 | } |
591 | } | 578 | } |
592 | 579 | ||
593 | 580 | ||
@@ -598,26 +585,26 @@ send_to_channel (struct ChannelState *ts, struct GNUNET_MQ_Envelope *env) | |||
598 | * @return diagnostic string describing destination | 585 | * @return diagnostic string describing destination |
599 | */ | 586 | */ |
600 | static const char * | 587 | static const char * |
601 | print_channel_destination (const struct DestinationEntry *de) | 588 | print_channel_destination(const struct DestinationEntry *de) |
602 | { | 589 | { |
603 | static char dest[256]; | 590 | static char dest[256]; |
604 | 591 | ||
605 | if (de->is_service) | 592 | if (de->is_service) |
606 | { | 593 | { |
607 | GNUNET_snprintf (dest, | 594 | GNUNET_snprintf(dest, |
608 | sizeof (dest), | 595 | sizeof(dest), |
609 | "HS: %s-%s", | 596 | "HS: %s-%s", |
610 | GNUNET_i2s (&de->details.service_destination.target), | 597 | GNUNET_i2s(&de->details.service_destination.target), |
611 | GNUNET_h2s ( | 598 | GNUNET_h2s( |
612 | &de->details.service_destination.service_descriptor)); | 599 | &de->details.service_destination.service_descriptor)); |
613 | } | 600 | } |
614 | else | 601 | else |
615 | { | 602 | { |
616 | inet_ntop (de->details.exit_destination.af, | 603 | inet_ntop(de->details.exit_destination.af, |
617 | &de->details.exit_destination.ip, | 604 | &de->details.exit_destination.ip, |
618 | dest, | 605 | dest, |
619 | sizeof (dest)); | 606 | sizeof(dest)); |
620 | } | 607 | } |
621 | return dest; | 608 | return dest; |
622 | } | 609 | } |
623 | 610 | ||
@@ -630,16 +617,16 @@ print_channel_destination (const struct DestinationEntry *de) | |||
630 | * @param channel connection to the other end (henceforth invalid) | 617 | * @param channel connection to the other end (henceforth invalid) |
631 | */ | 618 | */ |
632 | static void | 619 | static void |
633 | channel_cleaner (void *cls, const struct GNUNET_CADET_Channel *channel) | 620 | channel_cleaner(void *cls, const struct GNUNET_CADET_Channel *channel) |
634 | { | 621 | { |
635 | struct ChannelState *ts = cls; | 622 | struct ChannelState *ts = cls; |
636 | 623 | ||
637 | ts->channel = | 624 | ts->channel = |
638 | NULL; /* we must not call GNUNET_CADET_channel_destroy() anymore */ | 625 | NULL; /* we must not call GNUNET_CADET_channel_destroy() anymore */ |
639 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 626 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
640 | "CADET notified us about death of channel to `%s'\n", | 627 | "CADET notified us about death of channel to `%s'\n", |
641 | print_channel_destination (&ts->destination)); | 628 | print_channel_destination(&ts->destination)); |
642 | free_channel_state (ts); | 629 | free_channel_state(ts); |
643 | } | 630 | } |
644 | 631 | ||
645 | 632 | ||
@@ -653,19 +640,19 @@ channel_cleaner (void *cls, const struct GNUNET_CADET_Channel *channel) | |||
653 | * also be the first 8 bytes of the TCP header | 640 | * also be the first 8 bytes of the TCP header |
654 | */ | 641 | */ |
655 | static void | 642 | static void |
656 | make_up_icmpv4_payload (struct ChannelState *ts, | 643 | make_up_icmpv4_payload(struct ChannelState *ts, |
657 | struct GNUNET_TUN_IPv4Header *ipp, | 644 | struct GNUNET_TUN_IPv4Header *ipp, |
658 | struct GNUNET_TUN_UdpHeader *udp) | 645 | struct GNUNET_TUN_UdpHeader *udp) |
659 | { | 646 | { |
660 | GNUNET_TUN_initialize_ipv4_header (ipp, | 647 | GNUNET_TUN_initialize_ipv4_header(ipp, |
661 | ts->protocol, | 648 | ts->protocol, |
662 | sizeof (struct GNUNET_TUN_TcpHeader), | 649 | sizeof(struct GNUNET_TUN_TcpHeader), |
663 | &ts->source_ip.v4, | 650 | &ts->source_ip.v4, |
664 | &ts->destination_ip.v4); | 651 | &ts->destination_ip.v4); |
665 | udp->source_port = htons (ts->source_port); | 652 | udp->source_port = htons(ts->source_port); |
666 | udp->destination_port = htons (ts->destination_port); | 653 | udp->destination_port = htons(ts->destination_port); |
667 | udp->len = htons (0); | 654 | udp->len = htons(0); |
668 | udp->crc = htons (0); | 655 | udp->crc = htons(0); |
669 | } | 656 | } |
670 | 657 | ||
671 | 658 | ||
@@ -679,19 +666,19 @@ make_up_icmpv4_payload (struct ChannelState *ts, | |||
679 | * also be the first 8 bytes of the TCP header | 666 | * also be the first 8 bytes of the TCP header |
680 | */ | 667 | */ |
681 | static void | 668 | static void |
682 | make_up_icmpv6_payload (struct ChannelState *ts, | 669 | make_up_icmpv6_payload(struct ChannelState *ts, |
683 | struct GNUNET_TUN_IPv6Header *ipp, | 670 | struct GNUNET_TUN_IPv6Header *ipp, |
684 | struct GNUNET_TUN_UdpHeader *udp) | 671 | struct GNUNET_TUN_UdpHeader *udp) |
685 | { | 672 | { |
686 | GNUNET_TUN_initialize_ipv6_header (ipp, | 673 | GNUNET_TUN_initialize_ipv6_header(ipp, |
687 | ts->protocol, | 674 | ts->protocol, |
688 | sizeof (struct GNUNET_TUN_TcpHeader), | 675 | sizeof(struct GNUNET_TUN_TcpHeader), |
689 | &ts->source_ip.v6, | 676 | &ts->source_ip.v6, |
690 | &ts->destination_ip.v6); | 677 | &ts->destination_ip.v6); |
691 | udp->source_port = htons (ts->source_port); | 678 | udp->source_port = htons(ts->source_port); |
692 | udp->destination_port = htons (ts->destination_port); | 679 | udp->destination_port = htons(ts->destination_port); |
693 | udp->len = htons (0); | 680 | udp->len = htons(0); |
694 | udp->crc = htons (0); | 681 | udp->crc = htons(0); |
695 | } | 682 | } |
696 | 683 | ||
697 | 684 | ||
@@ -704,20 +691,20 @@ make_up_icmpv6_payload (struct ChannelState *ts, | |||
704 | * #GNUNET_SYSERR to close it (signal serious error) | 691 | * #GNUNET_SYSERR to close it (signal serious error) |
705 | */ | 692 | */ |
706 | static int | 693 | static int |
707 | check_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) | 694 | check_icmp_back(void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) |
708 | { | 695 | { |
709 | struct ChannelState *ts = cls; | 696 | struct ChannelState *ts = cls; |
710 | 697 | ||
711 | if (NULL == ts->heap_node) | 698 | if (NULL == ts->heap_node) |
712 | { | 699 | { |
713 | GNUNET_break_op (0); | 700 | GNUNET_break_op(0); |
714 | return GNUNET_SYSERR; | 701 | return GNUNET_SYSERR; |
715 | } | 702 | } |
716 | if (AF_UNSPEC == ts->af) | 703 | if (AF_UNSPEC == ts->af) |
717 | { | 704 | { |
718 | GNUNET_break_op (0); | 705 | GNUNET_break_op(0); |
719 | return GNUNET_SYSERR; | 706 | return GNUNET_SYSERR; |
720 | } | 707 | } |
721 | return GNUNET_OK; | 708 | return GNUNET_OK; |
722 | } | 709 | } |
723 | 710 | ||
@@ -730,324 +717,344 @@ check_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) | |||
730 | * @param message the actual message | 717 | * @param message the actual message |
731 | */ | 718 | */ |
732 | static void | 719 | static void |
733 | handle_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) | 720 | handle_icmp_back(void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) |
734 | { | 721 | { |
735 | struct ChannelState *ts = cls; | 722 | struct ChannelState *ts = cls; |
736 | size_t mlen; | 723 | size_t mlen; |
737 | 724 | ||
738 | GNUNET_STATISTICS_update (stats, | 725 | GNUNET_STATISTICS_update(stats, |
739 | gettext_noop ("# ICMP packets received from cadet"), | 726 | gettext_noop("# ICMP packets received from cadet"), |
740 | 1, | 727 | 1, |
741 | GNUNET_NO); | 728 | GNUNET_NO); |
742 | mlen = | 729 | mlen = |
743 | ntohs (i2v->header.size) - sizeof (struct GNUNET_EXIT_IcmpToVPNMessage); | 730 | ntohs(i2v->header.size) - sizeof(struct GNUNET_EXIT_IcmpToVPNMessage); |
744 | { | 731 | { |
745 | char sbuf[INET6_ADDRSTRLEN]; | 732 | char sbuf[INET6_ADDRSTRLEN]; |
746 | char dbuf[INET6_ADDRSTRLEN]; | 733 | char dbuf[INET6_ADDRSTRLEN]; |
747 | 734 | ||
748 | GNUNET_log ( | 735 | GNUNET_log( |
749 | GNUNET_ERROR_TYPE_DEBUG, | 736 | GNUNET_ERROR_TYPE_DEBUG, |
750 | "Received ICMP packet from cadet, sending %u bytes from %s -> %s via TUN\n", | 737 | "Received ICMP packet from cadet, sending %u bytes from %s -> %s via TUN\n", |
751 | (unsigned int) mlen, | 738 | (unsigned int)mlen, |
752 | inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)), | 739 | inet_ntop(ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), |
753 | inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf))); | 740 | inet_ntop(ts->af, &ts->source_ip, dbuf, sizeof(dbuf))); |
754 | } | 741 | } |
755 | switch (ts->af) | 742 | switch (ts->af) |
756 | { | ||
757 | case AF_INET: { | ||
758 | size_t size = sizeof (struct GNUNET_TUN_IPv4Header) + | ||
759 | sizeof (struct GNUNET_TUN_IcmpHeader) + | ||
760 | sizeof (struct GNUNET_MessageHeader) + | ||
761 | sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen; | ||
762 | { | 743 | { |
763 | /* reserve some extra space in case we have an ICMP type here where | 744 | case AF_INET: { |
764 | we will need to make up the payload ourselves */ | 745 | size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + |
765 | char buf[size + sizeof (struct GNUNET_TUN_IPv4Header) + 8] GNUNET_ALIGN; | 746 | sizeof(struct GNUNET_TUN_IcmpHeader) + |
766 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; | 747 | sizeof(struct GNUNET_MessageHeader) + |
767 | struct GNUNET_TUN_Layer2PacketHeader *tun = | 748 | sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; |
768 | (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; | ||
769 | struct GNUNET_TUN_IPv4Header *ipv4 = | ||
770 | (struct GNUNET_TUN_IPv4Header *) &tun[1]; | ||
771 | struct GNUNET_TUN_IcmpHeader *icmp = | ||
772 | (struct GNUNET_TUN_IcmpHeader *) &ipv4[1]; | ||
773 | msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); | ||
774 | tun->flags = htons (0); | ||
775 | tun->proto = htons (ETH_P_IPV4); | ||
776 | GNUNET_TUN_initialize_ipv4_header (ipv4, | ||
777 | IPPROTO_ICMP, | ||
778 | sizeof (struct GNUNET_TUN_IcmpHeader) + | ||
779 | mlen, | ||
780 | &ts->destination_ip.v4, | ||
781 | &ts->source_ip.v4); | ||
782 | *icmp = i2v->icmp_header; | ||
783 | GNUNET_memcpy (&icmp[1], &i2v[1], mlen); | ||
784 | /* For some ICMP types, we need to adjust (make up) the payload here. | ||
785 | Also, depending on the AF used on the other side, we have to | ||
786 | do ICMP PT (translate ICMP types) */ | ||
787 | switch (ntohl (i2v->af)) | ||
788 | { | 749 | { |
789 | case AF_INET: | 750 | /* reserve some extra space in case we have an ICMP type here where |
790 | switch (icmp->type) | 751 | we will need to make up the payload ourselves */ |
791 | { | 752 | char buf[size + sizeof(struct GNUNET_TUN_IPv4Header) + 8] GNUNET_ALIGN; |
792 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: | 753 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; |
793 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: | 754 | struct GNUNET_TUN_Layer2PacketHeader *tun = |
794 | break; | 755 | (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; |
795 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: | 756 | struct GNUNET_TUN_IPv4Header *ipv4 = |
796 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: | 757 | (struct GNUNET_TUN_IPv4Header *)&tun[1]; |
797 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: { | 758 | struct GNUNET_TUN_IcmpHeader *icmp = |
798 | struct GNUNET_TUN_IPv4Header *ipp = | 759 | (struct GNUNET_TUN_IcmpHeader *)&ipv4[1]; |
799 | (struct GNUNET_TUN_IPv4Header *) &icmp[1]; | 760 | msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); |
800 | struct GNUNET_TUN_UdpHeader *udp = | 761 | tun->flags = htons(0); |
801 | (struct GNUNET_TUN_UdpHeader *) &ipp[1]; | 762 | tun->proto = htons(ETH_P_IPV4); |
802 | 763 | GNUNET_TUN_initialize_ipv4_header(ipv4, | |
803 | if (mlen != 0) | 764 | IPPROTO_ICMP, |
765 | sizeof(struct GNUNET_TUN_IcmpHeader) + | ||
766 | mlen, | ||
767 | &ts->destination_ip.v4, | ||
768 | &ts->source_ip.v4); | ||
769 | *icmp = i2v->icmp_header; | ||
770 | GNUNET_memcpy(&icmp[1], &i2v[1], mlen); | ||
771 | /* For some ICMP types, we need to adjust (make up) the payload here. | ||
772 | Also, depending on the AF used on the other side, we have to | ||
773 | do ICMP PT (translate ICMP types) */ | ||
774 | switch (ntohl(i2v->af)) | ||
804 | { | 775 | { |
805 | /* sender did not strip ICMP payload? */ | 776 | case AF_INET: |
806 | GNUNET_break_op (0); | 777 | switch (icmp->type) |
778 | { | ||
779 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: | ||
780 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: | ||
781 | break; | ||
782 | |||
783 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: | ||
784 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: | ||
785 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: { | ||
786 | struct GNUNET_TUN_IPv4Header *ipp = | ||
787 | (struct GNUNET_TUN_IPv4Header *)&icmp[1]; | ||
788 | struct GNUNET_TUN_UdpHeader *udp = | ||
789 | (struct GNUNET_TUN_UdpHeader *)&ipp[1]; | ||
790 | |||
791 | if (mlen != 0) | ||
792 | { | ||
793 | /* sender did not strip ICMP payload? */ | ||
794 | GNUNET_break_op(0); | ||
795 | return; | ||
796 | } | ||
797 | size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; | ||
798 | GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); | ||
799 | make_up_icmpv4_payload(ts, ipp, udp); | ||
800 | } | ||
801 | break; | ||
802 | |||
803 | default: | ||
804 | GNUNET_break_op(0); | ||
805 | GNUNET_STATISTICS_update( | ||
806 | stats, | ||
807 | gettext_noop("# ICMPv4 packets dropped (type not allowed)"), | ||
808 | 1, | ||
809 | GNUNET_NO); | ||
810 | return; | ||
811 | } | ||
812 | /* end AF_INET */ | ||
813 | break; | ||
814 | |||
815 | case AF_INET6: | ||
816 | /* ICMP PT 6-to-4 and possibly making up payloads */ | ||
817 | switch (icmp->type) | ||
818 | { | ||
819 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | ||
820 | icmp->type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; | ||
821 | { | ||
822 | struct GNUNET_TUN_IPv4Header *ipp = | ||
823 | (struct GNUNET_TUN_IPv4Header *)&icmp[1]; | ||
824 | struct GNUNET_TUN_UdpHeader *udp = | ||
825 | (struct GNUNET_TUN_UdpHeader *)&ipp[1]; | ||
826 | |||
827 | if (mlen != 0) | ||
828 | { | ||
829 | /* sender did not strip ICMP payload? */ | ||
830 | GNUNET_break_op(0); | ||
831 | return; | ||
832 | } | ||
833 | size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; | ||
834 | GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); | ||
835 | make_up_icmpv4_payload(ts, ipp, udp); | ||
836 | } | ||
837 | break; | ||
838 | |||
839 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | ||
840 | icmp->type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; | ||
841 | { | ||
842 | struct GNUNET_TUN_IPv4Header *ipp = | ||
843 | (struct GNUNET_TUN_IPv4Header *)&icmp[1]; | ||
844 | struct GNUNET_TUN_UdpHeader *udp = | ||
845 | (struct GNUNET_TUN_UdpHeader *)&ipp[1]; | ||
846 | |||
847 | if (mlen != 0) | ||
848 | { | ||
849 | /* sender did not strip ICMP payload? */ | ||
850 | GNUNET_break_op(0); | ||
851 | return; | ||
852 | } | ||
853 | size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; | ||
854 | GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); | ||
855 | make_up_icmpv4_payload(ts, ipp, udp); | ||
856 | } | ||
857 | break; | ||
858 | |||
859 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | ||
860 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: | ||
861 | GNUNET_STATISTICS_update( | ||
862 | stats, | ||
863 | gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), | ||
864 | 1, | ||
865 | GNUNET_NO); | ||
866 | return; | ||
867 | |||
868 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | ||
869 | icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; | ||
870 | break; | ||
871 | |||
872 | case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: | ||
873 | icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; | ||
874 | break; | ||
875 | |||
876 | default: | ||
877 | GNUNET_break_op(0); | ||
878 | GNUNET_STATISTICS_update( | ||
879 | stats, | ||
880 | gettext_noop("# ICMPv6 packets dropped (type not allowed)"), | ||
881 | 1, | ||
882 | GNUNET_NO); | ||
883 | return; | ||
884 | } | ||
885 | /* end AF_INET6 */ | ||
886 | break; | ||
887 | |||
888 | default: | ||
889 | GNUNET_break_op(0); | ||
807 | return; | 890 | return; |
808 | } | 891 | } |
809 | size += sizeof (struct GNUNET_TUN_IPv4Header) + 8; | 892 | msg->size = htons(size); |
810 | GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); | 893 | GNUNET_TUN_calculate_icmp_checksum(icmp, &i2v[1], mlen); |
811 | make_up_icmpv4_payload (ts, ipp, udp); | 894 | (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); |
812 | } | ||
813 | break; | ||
814 | default: | ||
815 | GNUNET_break_op (0); | ||
816 | GNUNET_STATISTICS_update ( | ||
817 | stats, | ||
818 | gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), | ||
819 | 1, | ||
820 | GNUNET_NO); | ||
821 | return; | ||
822 | } | ||
823 | /* end AF_INET */ | ||
824 | break; | ||
825 | case AF_INET6: | ||
826 | /* ICMP PT 6-to-4 and possibly making up payloads */ | ||
827 | switch (icmp->type) | ||
828 | { | ||
829 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | ||
830 | icmp->type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; | ||
831 | { | ||
832 | struct GNUNET_TUN_IPv4Header *ipp = | ||
833 | (struct GNUNET_TUN_IPv4Header *) &icmp[1]; | ||
834 | struct GNUNET_TUN_UdpHeader *udp = | ||
835 | (struct GNUNET_TUN_UdpHeader *) &ipp[1]; | ||
836 | |||
837 | if (mlen != 0) | ||
838 | { | ||
839 | /* sender did not strip ICMP payload? */ | ||
840 | GNUNET_break_op (0); | ||
841 | return; | ||
842 | } | ||
843 | size += sizeof (struct GNUNET_TUN_IPv4Header) + 8; | ||
844 | GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); | ||
845 | make_up_icmpv4_payload (ts, ipp, udp); | ||
846 | } | ||
847 | break; | ||
848 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | ||
849 | icmp->type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; | ||
850 | { | ||
851 | struct GNUNET_TUN_IPv4Header *ipp = | ||
852 | (struct GNUNET_TUN_IPv4Header *) &icmp[1]; | ||
853 | struct GNUNET_TUN_UdpHeader *udp = | ||
854 | (struct GNUNET_TUN_UdpHeader *) &ipp[1]; | ||
855 | |||
856 | if (mlen != 0) | ||
857 | { | ||
858 | /* sender did not strip ICMP payload? */ | ||
859 | GNUNET_break_op (0); | ||
860 | return; | ||
861 | } | ||
862 | size += sizeof (struct GNUNET_TUN_IPv4Header) + 8; | ||
863 | GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); | ||
864 | make_up_icmpv4_payload (ts, ipp, udp); | ||
865 | } | ||
866 | break; | ||
867 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | ||
868 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: | ||
869 | GNUNET_STATISTICS_update ( | ||
870 | stats, | ||
871 | gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), | ||
872 | 1, | ||
873 | GNUNET_NO); | ||
874 | return; | ||
875 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | ||
876 | icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; | ||
877 | break; | ||
878 | case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: | ||
879 | icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; | ||
880 | break; | ||
881 | default: | ||
882 | GNUNET_break_op (0); | ||
883 | GNUNET_STATISTICS_update ( | ||
884 | stats, | ||
885 | gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), | ||
886 | 1, | ||
887 | GNUNET_NO); | ||
888 | return; | ||
889 | } | ||
890 | /* end AF_INET6 */ | ||
891 | break; | ||
892 | default: | ||
893 | GNUNET_break_op (0); | ||
894 | return; | ||
895 | } | 895 | } |
896 | msg->size = htons (size); | ||
897 | GNUNET_TUN_calculate_icmp_checksum (icmp, &i2v[1], mlen); | ||
898 | (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); | ||
899 | } | 896 | } |
900 | } | 897 | break; |
901 | break; | ||
902 | case AF_INET6: { | ||
903 | size_t size = sizeof (struct GNUNET_TUN_IPv6Header) + | ||
904 | sizeof (struct GNUNET_TUN_IcmpHeader) + | ||
905 | sizeof (struct GNUNET_MessageHeader) + | ||
906 | sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen; | ||
907 | { | ||
908 | char buf[size + sizeof (struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN; | ||
909 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; | ||
910 | struct GNUNET_TUN_Layer2PacketHeader *tun = | ||
911 | (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; | ||
912 | struct GNUNET_TUN_IPv6Header *ipv6 = | ||
913 | (struct GNUNET_TUN_IPv6Header *) &tun[1]; | ||
914 | struct GNUNET_TUN_IcmpHeader *icmp = | ||
915 | (struct GNUNET_TUN_IcmpHeader *) &ipv6[1]; | ||
916 | msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); | ||
917 | tun->flags = htons (0); | ||
918 | tun->proto = htons (ETH_P_IPV6); | ||
919 | GNUNET_TUN_initialize_ipv6_header (ipv6, | ||
920 | IPPROTO_ICMPV6, | ||
921 | sizeof (struct GNUNET_TUN_IcmpHeader) + | ||
922 | mlen, | ||
923 | &ts->destination_ip.v6, | ||
924 | &ts->source_ip.v6); | ||
925 | *icmp = i2v->icmp_header; | ||
926 | GNUNET_memcpy (&icmp[1], &i2v[1], mlen); | ||
927 | |||
928 | /* For some ICMP types, we need to adjust (make up) the payload here. | ||
929 | Also, depending on the AF used on the other side, we have to | ||
930 | do ICMP PT (translate ICMP types) */ | ||
931 | switch (ntohl (i2v->af)) | ||
932 | { | ||
933 | case AF_INET: | ||
934 | /* ICMP PT 4-to-6 and possibly making up payloads */ | ||
935 | switch (icmp->type) | ||
936 | { | ||
937 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: | ||
938 | icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; | ||
939 | break; | ||
940 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: | ||
941 | icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; | ||
942 | break; | ||
943 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: | ||
944 | icmp->type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; | ||
945 | { | ||
946 | struct GNUNET_TUN_IPv6Header *ipp = | ||
947 | (struct GNUNET_TUN_IPv6Header *) &icmp[1]; | ||
948 | struct GNUNET_TUN_UdpHeader *udp = | ||
949 | (struct GNUNET_TUN_UdpHeader *) &ipp[1]; | ||
950 | |||
951 | if (mlen != 0) | ||
952 | { | ||
953 | /* sender did not strip ICMP payload? */ | ||
954 | GNUNET_break_op (0); | ||
955 | return; | ||
956 | } | ||
957 | size += sizeof (struct GNUNET_TUN_IPv6Header) + 8; | ||
958 | GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); | ||
959 | make_up_icmpv6_payload (ts, ipp, udp); | ||
960 | } | ||
961 | break; | ||
962 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: | ||
963 | icmp->type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; | ||
964 | { | ||
965 | struct GNUNET_TUN_IPv6Header *ipp = | ||
966 | (struct GNUNET_TUN_IPv6Header *) &icmp[1]; | ||
967 | struct GNUNET_TUN_UdpHeader *udp = | ||
968 | (struct GNUNET_TUN_UdpHeader *) &ipp[1]; | ||
969 | 898 | ||
970 | if (mlen != 0) | 899 | case AF_INET6: { |
971 | { | 900 | size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + |
972 | /* sender did not strip ICMP payload? */ | 901 | sizeof(struct GNUNET_TUN_IcmpHeader) + |
973 | GNUNET_break_op (0); | 902 | sizeof(struct GNUNET_MessageHeader) + |
974 | return; | 903 | sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; |
975 | } | 904 | { |
976 | size += sizeof (struct GNUNET_TUN_IPv6Header) + 8; | 905 | char buf[size + sizeof(struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN; |
977 | GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); | 906 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; |
978 | make_up_icmpv6_payload (ts, ipp, udp); | 907 | struct GNUNET_TUN_Layer2PacketHeader *tun = |
979 | } | 908 | (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; |
980 | break; | 909 | struct GNUNET_TUN_IPv6Header *ipv6 = |
981 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: | 910 | (struct GNUNET_TUN_IPv6Header *)&tun[1]; |
982 | GNUNET_STATISTICS_update ( | 911 | struct GNUNET_TUN_IcmpHeader *icmp = |
983 | stats, | 912 | (struct GNUNET_TUN_IcmpHeader *)&ipv6[1]; |
984 | gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"), | 913 | msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); |
985 | 1, | 914 | tun->flags = htons(0); |
986 | GNUNET_NO); | 915 | tun->proto = htons(ETH_P_IPV6); |
987 | return; | 916 | GNUNET_TUN_initialize_ipv6_header(ipv6, |
988 | default: | 917 | IPPROTO_ICMPV6, |
989 | GNUNET_break_op (0); | 918 | sizeof(struct GNUNET_TUN_IcmpHeader) + |
990 | GNUNET_STATISTICS_update ( | 919 | mlen, |
991 | stats, | 920 | &ts->destination_ip.v6, |
992 | gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), | 921 | &ts->source_ip.v6); |
993 | 1, | 922 | *icmp = i2v->icmp_header; |
994 | GNUNET_NO); | 923 | GNUNET_memcpy(&icmp[1], &i2v[1], mlen); |
995 | return; | 924 | |
996 | } | 925 | /* For some ICMP types, we need to adjust (make up) the payload here. |
997 | /* end AF_INET */ | 926 | Also, depending on the AF used on the other side, we have to |
998 | break; | 927 | do ICMP PT (translate ICMP types) */ |
999 | case AF_INET6: | 928 | switch (ntohl(i2v->af)) |
1000 | switch (icmp->type) | ||
1001 | { | ||
1002 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | ||
1003 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | ||
1004 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | ||
1005 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: { | ||
1006 | struct GNUNET_TUN_IPv6Header *ipp = | ||
1007 | (struct GNUNET_TUN_IPv6Header *) &icmp[1]; | ||
1008 | struct GNUNET_TUN_UdpHeader *udp = | ||
1009 | (struct GNUNET_TUN_UdpHeader *) &ipp[1]; | ||
1010 | |||
1011 | if (mlen != 0) | ||
1012 | { | 929 | { |
1013 | /* sender did not strip ICMP payload? */ | 930 | case AF_INET: |
1014 | GNUNET_break_op (0); | 931 | /* ICMP PT 4-to-6 and possibly making up payloads */ |
932 | switch (icmp->type) | ||
933 | { | ||
934 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: | ||
935 | icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; | ||
936 | break; | ||
937 | |||
938 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: | ||
939 | icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; | ||
940 | break; | ||
941 | |||
942 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: | ||
943 | icmp->type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; | ||
944 | { | ||
945 | struct GNUNET_TUN_IPv6Header *ipp = | ||
946 | (struct GNUNET_TUN_IPv6Header *)&icmp[1]; | ||
947 | struct GNUNET_TUN_UdpHeader *udp = | ||
948 | (struct GNUNET_TUN_UdpHeader *)&ipp[1]; | ||
949 | |||
950 | if (mlen != 0) | ||
951 | { | ||
952 | /* sender did not strip ICMP payload? */ | ||
953 | GNUNET_break_op(0); | ||
954 | return; | ||
955 | } | ||
956 | size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; | ||
957 | GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); | ||
958 | make_up_icmpv6_payload(ts, ipp, udp); | ||
959 | } | ||
960 | break; | ||
961 | |||
962 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: | ||
963 | icmp->type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; | ||
964 | { | ||
965 | struct GNUNET_TUN_IPv6Header *ipp = | ||
966 | (struct GNUNET_TUN_IPv6Header *)&icmp[1]; | ||
967 | struct GNUNET_TUN_UdpHeader *udp = | ||
968 | (struct GNUNET_TUN_UdpHeader *)&ipp[1]; | ||
969 | |||
970 | if (mlen != 0) | ||
971 | { | ||
972 | /* sender did not strip ICMP payload? */ | ||
973 | GNUNET_break_op(0); | ||
974 | return; | ||
975 | } | ||
976 | size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; | ||
977 | GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); | ||
978 | make_up_icmpv6_payload(ts, ipp, udp); | ||
979 | } | ||
980 | break; | ||
981 | |||
982 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: | ||
983 | GNUNET_STATISTICS_update( | ||
984 | stats, | ||
985 | gettext_noop("# ICMPv4 packets dropped (impossible PT to v6)"), | ||
986 | 1, | ||
987 | GNUNET_NO); | ||
988 | return; | ||
989 | |||
990 | default: | ||
991 | GNUNET_break_op(0); | ||
992 | GNUNET_STATISTICS_update( | ||
993 | stats, | ||
994 | gettext_noop("# ICMPv4 packets dropped (type not allowed)"), | ||
995 | 1, | ||
996 | GNUNET_NO); | ||
997 | return; | ||
998 | } | ||
999 | /* end AF_INET */ | ||
1000 | break; | ||
1001 | |||
1002 | case AF_INET6: | ||
1003 | switch (icmp->type) | ||
1004 | { | ||
1005 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | ||
1006 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | ||
1007 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | ||
1008 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: { | ||
1009 | struct GNUNET_TUN_IPv6Header *ipp = | ||
1010 | (struct GNUNET_TUN_IPv6Header *)&icmp[1]; | ||
1011 | struct GNUNET_TUN_UdpHeader *udp = | ||
1012 | (struct GNUNET_TUN_UdpHeader *)&ipp[1]; | ||
1013 | |||
1014 | if (mlen != 0) | ||
1015 | { | ||
1016 | /* sender did not strip ICMP payload? */ | ||
1017 | GNUNET_break_op(0); | ||
1018 | return; | ||
1019 | } | ||
1020 | size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; | ||
1021 | GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); | ||
1022 | make_up_icmpv6_payload(ts, ipp, udp); | ||
1023 | } | ||
1024 | break; | ||
1025 | |||
1026 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | ||
1027 | break; | ||
1028 | |||
1029 | default: | ||
1030 | GNUNET_break_op(0); | ||
1031 | GNUNET_STATISTICS_update( | ||
1032 | stats, | ||
1033 | gettext_noop("# ICMPv6 packets dropped (type not allowed)"), | ||
1034 | 1, | ||
1035 | GNUNET_NO); | ||
1036 | return; | ||
1037 | } | ||
1038 | /* end AF_INET6 */ | ||
1039 | break; | ||
1040 | |||
1041 | default: | ||
1042 | GNUNET_break_op(0); | ||
1015 | return; | 1043 | return; |
1016 | } | 1044 | } |
1017 | size += sizeof (struct GNUNET_TUN_IPv6Header) + 8; | 1045 | msg->size = htons(size); |
1018 | GNUNET_assert (8 == sizeof (struct GNUNET_TUN_UdpHeader)); | 1046 | GNUNET_TUN_calculate_icmp_checksum(icmp, &i2v[1], mlen); |
1019 | make_up_icmpv6_payload (ts, ipp, udp); | 1047 | (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); |
1020 | } | ||
1021 | break; | ||
1022 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | ||
1023 | break; | ||
1024 | default: | ||
1025 | GNUNET_break_op (0); | ||
1026 | GNUNET_STATISTICS_update ( | ||
1027 | stats, | ||
1028 | gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), | ||
1029 | 1, | ||
1030 | GNUNET_NO); | ||
1031 | return; | ||
1032 | } | ||
1033 | /* end AF_INET6 */ | ||
1034 | break; | ||
1035 | default: | ||
1036 | GNUNET_break_op (0); | ||
1037 | return; | ||
1038 | } | 1048 | } |
1039 | msg->size = htons (size); | ||
1040 | GNUNET_TUN_calculate_icmp_checksum (icmp, &i2v[1], mlen); | ||
1041 | (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); | ||
1042 | } | 1049 | } |
1043 | } | 1050 | break; |
1044 | break; | 1051 | |
1045 | default: | 1052 | default: |
1046 | GNUNET_assert (0); | 1053 | GNUNET_assert(0); |
1047 | } | 1054 | } |
1048 | GNUNET_CONTAINER_heap_update_cost (ts->heap_node, | 1055 | GNUNET_CONTAINER_heap_update_cost(ts->heap_node, |
1049 | GNUNET_TIME_absolute_get ().abs_value_us); | 1056 | GNUNET_TIME_absolute_get().abs_value_us); |
1050 | GNUNET_CADET_receive_done (ts->channel); | 1057 | GNUNET_CADET_receive_done(ts->channel); |
1051 | } | 1058 | } |
1052 | 1059 | ||
1053 | 1060 | ||
@@ -1060,20 +1067,20 @@ handle_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) | |||
1060 | * #GNUNET_SYSERR to close it (signal serious error) | 1067 | * #GNUNET_SYSERR to close it (signal serious error) |
1061 | */ | 1068 | */ |
1062 | static int | 1069 | static int |
1063 | check_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) | 1070 | check_udp_back(void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) |
1064 | { | 1071 | { |
1065 | struct ChannelState *ts = cls; | 1072 | struct ChannelState *ts = cls; |
1066 | 1073 | ||
1067 | if (NULL == ts->heap_node) | 1074 | if (NULL == ts->heap_node) |
1068 | { | 1075 | { |
1069 | GNUNET_break_op (0); | 1076 | GNUNET_break_op(0); |
1070 | return GNUNET_SYSERR; | 1077 | return GNUNET_SYSERR; |
1071 | } | 1078 | } |
1072 | if (AF_UNSPEC == ts->af) | 1079 | if (AF_UNSPEC == ts->af) |
1073 | { | 1080 | { |
1074 | GNUNET_break_op (0); | 1081 | GNUNET_break_op(0); |
1075 | return GNUNET_SYSERR; | 1082 | return GNUNET_SYSERR; |
1076 | } | 1083 | } |
1077 | return GNUNET_OK; | 1084 | return GNUNET_OK; |
1078 | } | 1085 | } |
1079 | 1086 | ||
@@ -1086,116 +1093,118 @@ check_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) | |||
1086 | * @param reply the actual message | 1093 | * @param reply the actual message |
1087 | */ | 1094 | */ |
1088 | static void | 1095 | static void |
1089 | handle_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) | 1096 | handle_udp_back(void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) |
1090 | { | 1097 | { |
1091 | struct ChannelState *ts = cls; | 1098 | struct ChannelState *ts = cls; |
1092 | size_t mlen; | 1099 | size_t mlen; |
1093 | 1100 | ||
1094 | GNUNET_STATISTICS_update (stats, | 1101 | GNUNET_STATISTICS_update(stats, |
1095 | gettext_noop ("# UDP packets received from cadet"), | 1102 | gettext_noop("# UDP packets received from cadet"), |
1096 | 1, | 1103 | 1, |
1097 | GNUNET_NO); | 1104 | GNUNET_NO); |
1098 | mlen = | 1105 | mlen = |
1099 | ntohs (reply->header.size) - sizeof (struct GNUNET_EXIT_UdpReplyMessage); | 1106 | ntohs(reply->header.size) - sizeof(struct GNUNET_EXIT_UdpReplyMessage); |
1100 | { | 1107 | { |
1101 | char sbuf[INET6_ADDRSTRLEN]; | 1108 | char sbuf[INET6_ADDRSTRLEN]; |
1102 | char dbuf[INET6_ADDRSTRLEN]; | 1109 | char dbuf[INET6_ADDRSTRLEN]; |
1103 | 1110 | ||
1104 | GNUNET_log ( | 1111 | GNUNET_log( |
1105 | GNUNET_ERROR_TYPE_DEBUG, | 1112 | GNUNET_ERROR_TYPE_DEBUG, |
1106 | "Received UDP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", | 1113 | "Received UDP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", |
1107 | (unsigned int) mlen, | 1114 | (unsigned int)mlen, |
1108 | inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)), | 1115 | inet_ntop(ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), |
1109 | ts->destination_port, | 1116 | ts->destination_port, |
1110 | inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)), | 1117 | inet_ntop(ts->af, &ts->source_ip, dbuf, sizeof(dbuf)), |
1111 | ts->source_port); | 1118 | ts->source_port); |
1112 | } | 1119 | } |
1113 | switch (ts->af) | 1120 | switch (ts->af) |
1114 | { | ||
1115 | case AF_INET: { | ||
1116 | size_t size = sizeof (struct GNUNET_TUN_IPv4Header) + | ||
1117 | sizeof (struct GNUNET_TUN_UdpHeader) + | ||
1118 | sizeof (struct GNUNET_MessageHeader) + | ||
1119 | sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen; | ||
1120 | { | 1121 | { |
1121 | char buf[size] GNUNET_ALIGN; | 1122 | case AF_INET: { |
1122 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; | 1123 | size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + |
1123 | struct GNUNET_TUN_Layer2PacketHeader *tun = | 1124 | sizeof(struct GNUNET_TUN_UdpHeader) + |
1124 | (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; | 1125 | sizeof(struct GNUNET_MessageHeader) + |
1125 | struct GNUNET_TUN_IPv4Header *ipv4 = | 1126 | sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; |
1126 | (struct GNUNET_TUN_IPv4Header *) &tun[1]; | 1127 | { |
1127 | struct GNUNET_TUN_UdpHeader *udp = | 1128 | char buf[size] GNUNET_ALIGN; |
1128 | (struct GNUNET_TUN_UdpHeader *) &ipv4[1]; | 1129 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; |
1129 | msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); | 1130 | struct GNUNET_TUN_Layer2PacketHeader *tun = |
1130 | msg->size = htons (size); | 1131 | (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; |
1131 | tun->flags = htons (0); | 1132 | struct GNUNET_TUN_IPv4Header *ipv4 = |
1132 | tun->proto = htons (ETH_P_IPV4); | 1133 | (struct GNUNET_TUN_IPv4Header *)&tun[1]; |
1133 | GNUNET_TUN_initialize_ipv4_header (ipv4, | 1134 | struct GNUNET_TUN_UdpHeader *udp = |
1134 | IPPROTO_UDP, | 1135 | (struct GNUNET_TUN_UdpHeader *)&ipv4[1]; |
1135 | sizeof (struct GNUNET_TUN_UdpHeader) + | 1136 | msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); |
1136 | mlen, | 1137 | msg->size = htons(size); |
1137 | &ts->destination_ip.v4, | 1138 | tun->flags = htons(0); |
1138 | &ts->source_ip.v4); | 1139 | tun->proto = htons(ETH_P_IPV4); |
1139 | if (0 == ntohs (reply->source_port)) | 1140 | GNUNET_TUN_initialize_ipv4_header(ipv4, |
1140 | udp->source_port = htons (ts->destination_port); | 1141 | IPPROTO_UDP, |
1141 | else | 1142 | sizeof(struct GNUNET_TUN_UdpHeader) + |
1142 | udp->source_port = reply->source_port; | 1143 | mlen, |
1143 | if (0 == ntohs (reply->destination_port)) | 1144 | &ts->destination_ip.v4, |
1144 | udp->destination_port = htons (ts->source_port); | 1145 | &ts->source_ip.v4); |
1145 | else | 1146 | if (0 == ntohs(reply->source_port)) |
1146 | udp->destination_port = reply->destination_port; | 1147 | udp->source_port = htons(ts->destination_port); |
1147 | udp->len = htons (mlen + sizeof (struct GNUNET_TUN_UdpHeader)); | 1148 | else |
1148 | GNUNET_TUN_calculate_udp4_checksum (ipv4, udp, &reply[1], mlen); | 1149 | udp->source_port = reply->source_port; |
1149 | GNUNET_memcpy (&udp[1], &reply[1], mlen); | 1150 | if (0 == ntohs(reply->destination_port)) |
1150 | (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); | 1151 | udp->destination_port = htons(ts->source_port); |
1152 | else | ||
1153 | udp->destination_port = reply->destination_port; | ||
1154 | udp->len = htons(mlen + sizeof(struct GNUNET_TUN_UdpHeader)); | ||
1155 | GNUNET_TUN_calculate_udp4_checksum(ipv4, udp, &reply[1], mlen); | ||
1156 | GNUNET_memcpy(&udp[1], &reply[1], mlen); | ||
1157 | (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); | ||
1158 | } | ||
1151 | } | 1159 | } |
1152 | } | 1160 | break; |
1153 | break; | 1161 | |
1154 | case AF_INET6: { | 1162 | case AF_INET6: { |
1155 | size_t size = sizeof (struct GNUNET_TUN_IPv6Header) + | 1163 | size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + |
1156 | sizeof (struct GNUNET_TUN_UdpHeader) + | 1164 | sizeof(struct GNUNET_TUN_UdpHeader) + |
1157 | sizeof (struct GNUNET_MessageHeader) + | 1165 | sizeof(struct GNUNET_MessageHeader) + |
1158 | sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen; | 1166 | sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; |
1159 | { | 1167 | { |
1160 | char buf[size] GNUNET_ALIGN; | 1168 | char buf[size] GNUNET_ALIGN; |
1161 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; | 1169 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; |
1162 | struct GNUNET_TUN_Layer2PacketHeader *tun = | 1170 | struct GNUNET_TUN_Layer2PacketHeader *tun = |
1163 | (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; | 1171 | (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; |
1164 | struct GNUNET_TUN_IPv6Header *ipv6 = | 1172 | struct GNUNET_TUN_IPv6Header *ipv6 = |
1165 | (struct GNUNET_TUN_IPv6Header *) &tun[1]; | 1173 | (struct GNUNET_TUN_IPv6Header *)&tun[1]; |
1166 | struct GNUNET_TUN_UdpHeader *udp = | 1174 | struct GNUNET_TUN_UdpHeader *udp = |
1167 | (struct GNUNET_TUN_UdpHeader *) &ipv6[1]; | 1175 | (struct GNUNET_TUN_UdpHeader *)&ipv6[1]; |
1168 | msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); | 1176 | msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); |
1169 | msg->size = htons (size); | 1177 | msg->size = htons(size); |
1170 | tun->flags = htons (0); | 1178 | tun->flags = htons(0); |
1171 | tun->proto = htons (ETH_P_IPV6); | 1179 | tun->proto = htons(ETH_P_IPV6); |
1172 | GNUNET_TUN_initialize_ipv6_header (ipv6, | 1180 | GNUNET_TUN_initialize_ipv6_header(ipv6, |
1173 | IPPROTO_UDP, | 1181 | IPPROTO_UDP, |
1174 | sizeof (struct GNUNET_TUN_UdpHeader) + | 1182 | sizeof(struct GNUNET_TUN_UdpHeader) + |
1175 | mlen, | 1183 | mlen, |
1176 | &ts->destination_ip.v6, | 1184 | &ts->destination_ip.v6, |
1177 | &ts->source_ip.v6); | 1185 | &ts->source_ip.v6); |
1178 | if (0 == ntohs (reply->source_port)) | 1186 | if (0 == ntohs(reply->source_port)) |
1179 | udp->source_port = htons (ts->destination_port); | 1187 | udp->source_port = htons(ts->destination_port); |
1180 | else | 1188 | else |
1181 | udp->source_port = reply->source_port; | 1189 | udp->source_port = reply->source_port; |
1182 | if (0 == ntohs (reply->destination_port)) | 1190 | if (0 == ntohs(reply->destination_port)) |
1183 | udp->destination_port = htons (ts->source_port); | 1191 | udp->destination_port = htons(ts->source_port); |
1184 | else | 1192 | else |
1185 | udp->destination_port = reply->destination_port; | 1193 | udp->destination_port = reply->destination_port; |
1186 | udp->len = htons (mlen + sizeof (struct GNUNET_TUN_UdpHeader)); | 1194 | udp->len = htons(mlen + sizeof(struct GNUNET_TUN_UdpHeader)); |
1187 | GNUNET_TUN_calculate_udp6_checksum (ipv6, udp, &reply[1], mlen); | 1195 | GNUNET_TUN_calculate_udp6_checksum(ipv6, udp, &reply[1], mlen); |
1188 | GNUNET_memcpy (&udp[1], &reply[1], mlen); | 1196 | GNUNET_memcpy(&udp[1], &reply[1], mlen); |
1189 | (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); | 1197 | (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); |
1198 | } | ||
1190 | } | 1199 | } |
1191 | } | 1200 | break; |
1192 | break; | 1201 | |
1193 | default: | 1202 | default: |
1194 | GNUNET_assert (0); | 1203 | GNUNET_assert(0); |
1195 | } | 1204 | } |
1196 | GNUNET_CONTAINER_heap_update_cost (ts->heap_node, | 1205 | GNUNET_CONTAINER_heap_update_cost(ts->heap_node, |
1197 | GNUNET_TIME_absolute_get ().abs_value_us); | 1206 | GNUNET_TIME_absolute_get().abs_value_us); |
1198 | GNUNET_CADET_receive_done (ts->channel); | 1207 | GNUNET_CADET_receive_done(ts->channel); |
1199 | } | 1208 | } |
1200 | 1209 | ||
1201 | 1210 | ||
@@ -1208,20 +1217,20 @@ handle_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) | |||
1208 | * #GNUNET_SYSERR to close it (signal serious error) | 1217 | * #GNUNET_SYSERR to close it (signal serious error) |
1209 | */ | 1218 | */ |
1210 | static int | 1219 | static int |
1211 | check_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) | 1220 | check_tcp_back(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) |
1212 | { | 1221 | { |
1213 | struct ChannelState *ts = cls; | 1222 | struct ChannelState *ts = cls; |
1214 | 1223 | ||
1215 | if (NULL == ts->heap_node) | 1224 | if (NULL == ts->heap_node) |
1216 | { | 1225 | { |
1217 | GNUNET_break_op (0); | 1226 | GNUNET_break_op(0); |
1218 | return GNUNET_SYSERR; | 1227 | return GNUNET_SYSERR; |
1219 | } | 1228 | } |
1220 | if (data->tcp_header.off * 4 < sizeof (struct GNUNET_TUN_TcpHeader)) | 1229 | if (data->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) |
1221 | { | 1230 | { |
1222 | GNUNET_break_op (0); | 1231 | GNUNET_break_op(0); |
1223 | return GNUNET_SYSERR; | 1232 | return GNUNET_SYSERR; |
1224 | } | 1233 | } |
1225 | return GNUNET_OK; | 1234 | return GNUNET_OK; |
1226 | } | 1235 | } |
1227 | 1236 | ||
@@ -1234,101 +1243,102 @@ check_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) | |||
1234 | * @param data the actual message | 1243 | * @param data the actual message |
1235 | */ | 1244 | */ |
1236 | static void | 1245 | static void |
1237 | handle_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) | 1246 | handle_tcp_back(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) |
1238 | { | 1247 | { |
1239 | struct ChannelState *ts = cls; | 1248 | struct ChannelState *ts = cls; |
1240 | size_t mlen; | 1249 | size_t mlen; |
1241 | 1250 | ||
1242 | GNUNET_STATISTICS_update (stats, | 1251 | GNUNET_STATISTICS_update(stats, |
1243 | gettext_noop ("# TCP packets received from cadet"), | 1252 | gettext_noop("# TCP packets received from cadet"), |
1244 | 1, | 1253 | 1, |
1245 | GNUNET_NO); | 1254 | GNUNET_NO); |
1246 | mlen = ntohs (data->header.size) - sizeof (struct GNUNET_EXIT_TcpDataMessage); | 1255 | mlen = ntohs(data->header.size) - sizeof(struct GNUNET_EXIT_TcpDataMessage); |
1247 | { | 1256 | { |
1248 | char sbuf[INET6_ADDRSTRLEN]; | 1257 | char sbuf[INET6_ADDRSTRLEN]; |
1249 | char dbuf[INET6_ADDRSTRLEN]; | 1258 | char dbuf[INET6_ADDRSTRLEN]; |
1250 | 1259 | ||
1251 | GNUNET_log ( | 1260 | GNUNET_log( |
1252 | GNUNET_ERROR_TYPE_DEBUG, | 1261 | GNUNET_ERROR_TYPE_DEBUG, |
1253 | "Received TCP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", | 1262 | "Received TCP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", |
1254 | (unsigned int) mlen, | 1263 | (unsigned int)mlen, |
1255 | inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof (sbuf)), | 1264 | inet_ntop(ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), |
1256 | ts->destination_port, | 1265 | ts->destination_port, |
1257 | inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof (dbuf)), | 1266 | inet_ntop(ts->af, &ts->source_ip, dbuf, sizeof(dbuf)), |
1258 | ts->source_port); | 1267 | ts->source_port); |
1259 | } | 1268 | } |
1260 | switch (ts->af) | 1269 | switch (ts->af) |
1261 | { | ||
1262 | case AF_INET: { | ||
1263 | size_t size = sizeof (struct GNUNET_TUN_IPv4Header) + | ||
1264 | sizeof (struct GNUNET_TUN_TcpHeader) + | ||
1265 | sizeof (struct GNUNET_MessageHeader) + | ||
1266 | sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen; | ||
1267 | { | 1270 | { |
1268 | char buf[size] GNUNET_ALIGN; | 1271 | case AF_INET: { |
1269 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; | 1272 | size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + |
1270 | struct GNUNET_TUN_Layer2PacketHeader *tun = | 1273 | sizeof(struct GNUNET_TUN_TcpHeader) + |
1271 | (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; | 1274 | sizeof(struct GNUNET_MessageHeader) + |
1272 | struct GNUNET_TUN_IPv4Header *ipv4 = | 1275 | sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; |
1273 | (struct GNUNET_TUN_IPv4Header *) &tun[1]; | 1276 | { |
1274 | struct GNUNET_TUN_TcpHeader *tcp = | 1277 | char buf[size] GNUNET_ALIGN; |
1275 | (struct GNUNET_TUN_TcpHeader *) &ipv4[1]; | 1278 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; |
1276 | msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); | 1279 | struct GNUNET_TUN_Layer2PacketHeader *tun = |
1277 | msg->size = htons (size); | 1280 | (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; |
1278 | tun->flags = htons (0); | 1281 | struct GNUNET_TUN_IPv4Header *ipv4 = |
1279 | tun->proto = htons (ETH_P_IPV4); | 1282 | (struct GNUNET_TUN_IPv4Header *)&tun[1]; |
1280 | GNUNET_TUN_initialize_ipv4_header (ipv4, | 1283 | struct GNUNET_TUN_TcpHeader *tcp = |
1281 | IPPROTO_TCP, | 1284 | (struct GNUNET_TUN_TcpHeader *)&ipv4[1]; |
1282 | sizeof (struct GNUNET_TUN_TcpHeader) + | 1285 | msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); |
1283 | mlen, | 1286 | msg->size = htons(size); |
1284 | &ts->destination_ip.v4, | 1287 | tun->flags = htons(0); |
1285 | &ts->source_ip.v4); | 1288 | tun->proto = htons(ETH_P_IPV4); |
1286 | *tcp = data->tcp_header; | 1289 | GNUNET_TUN_initialize_ipv4_header(ipv4, |
1287 | tcp->source_port = htons (ts->destination_port); | 1290 | IPPROTO_TCP, |
1288 | tcp->destination_port = htons (ts->source_port); | 1291 | sizeof(struct GNUNET_TUN_TcpHeader) + |
1289 | GNUNET_TUN_calculate_tcp4_checksum (ipv4, tcp, &data[1], mlen); | 1292 | mlen, |
1290 | GNUNET_memcpy (&tcp[1], &data[1], mlen); | 1293 | &ts->destination_ip.v4, |
1291 | (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); | 1294 | &ts->source_ip.v4); |
1295 | *tcp = data->tcp_header; | ||
1296 | tcp->source_port = htons(ts->destination_port); | ||
1297 | tcp->destination_port = htons(ts->source_port); | ||
1298 | GNUNET_TUN_calculate_tcp4_checksum(ipv4, tcp, &data[1], mlen); | ||
1299 | GNUNET_memcpy(&tcp[1], &data[1], mlen); | ||
1300 | (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); | ||
1301 | } | ||
1292 | } | 1302 | } |
1293 | } | 1303 | break; |
1294 | break; | 1304 | |
1295 | case AF_INET6: { | 1305 | case AF_INET6: { |
1296 | size_t size = sizeof (struct GNUNET_TUN_IPv6Header) + | 1306 | size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + |
1297 | sizeof (struct GNUNET_TUN_TcpHeader) + | 1307 | sizeof(struct GNUNET_TUN_TcpHeader) + |
1298 | sizeof (struct GNUNET_MessageHeader) + | 1308 | sizeof(struct GNUNET_MessageHeader) + |
1299 | sizeof (struct GNUNET_TUN_Layer2PacketHeader) + mlen; | 1309 | sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; |
1300 | { | 1310 | { |
1301 | char buf[size] GNUNET_ALIGN; | 1311 | char buf[size] GNUNET_ALIGN; |
1302 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; | 1312 | struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; |
1303 | struct GNUNET_TUN_Layer2PacketHeader *tun = | 1313 | struct GNUNET_TUN_Layer2PacketHeader *tun = |
1304 | (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; | 1314 | (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; |
1305 | struct GNUNET_TUN_IPv6Header *ipv6 = | 1315 | struct GNUNET_TUN_IPv6Header *ipv6 = |
1306 | (struct GNUNET_TUN_IPv6Header *) &tun[1]; | 1316 | (struct GNUNET_TUN_IPv6Header *)&tun[1]; |
1307 | struct GNUNET_TUN_TcpHeader *tcp = | 1317 | struct GNUNET_TUN_TcpHeader *tcp = |
1308 | (struct GNUNET_TUN_TcpHeader *) &ipv6[1]; | 1318 | (struct GNUNET_TUN_TcpHeader *)&ipv6[1]; |
1309 | msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); | 1319 | msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); |
1310 | msg->size = htons (size); | 1320 | msg->size = htons(size); |
1311 | tun->flags = htons (0); | 1321 | tun->flags = htons(0); |
1312 | tun->proto = htons (ETH_P_IPV6); | 1322 | tun->proto = htons(ETH_P_IPV6); |
1313 | GNUNET_TUN_initialize_ipv6_header (ipv6, | 1323 | GNUNET_TUN_initialize_ipv6_header(ipv6, |
1314 | IPPROTO_TCP, | 1324 | IPPROTO_TCP, |
1315 | sizeof (struct GNUNET_TUN_TcpHeader) + | 1325 | sizeof(struct GNUNET_TUN_TcpHeader) + |
1316 | mlen, | 1326 | mlen, |
1317 | &ts->destination_ip.v6, | 1327 | &ts->destination_ip.v6, |
1318 | &ts->source_ip.v6); | 1328 | &ts->source_ip.v6); |
1319 | *tcp = data->tcp_header; | 1329 | *tcp = data->tcp_header; |
1320 | tcp->source_port = htons (ts->destination_port); | 1330 | tcp->source_port = htons(ts->destination_port); |
1321 | tcp->destination_port = htons (ts->source_port); | 1331 | tcp->destination_port = htons(ts->source_port); |
1322 | GNUNET_TUN_calculate_tcp6_checksum (ipv6, tcp, &data[1], mlen); | 1332 | GNUNET_TUN_calculate_tcp6_checksum(ipv6, tcp, &data[1], mlen); |
1323 | GNUNET_memcpy (&tcp[1], &data[1], mlen); | 1333 | GNUNET_memcpy(&tcp[1], &data[1], mlen); |
1324 | (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); | 1334 | (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); |
1335 | } | ||
1325 | } | 1336 | } |
1326 | } | 1337 | break; |
1327 | break; | 1338 | } |
1328 | } | 1339 | GNUNET_CONTAINER_heap_update_cost(ts->heap_node, |
1329 | GNUNET_CONTAINER_heap_update_cost (ts->heap_node, | 1340 | GNUNET_TIME_absolute_get().abs_value_us); |
1330 | GNUNET_TIME_absolute_get ().abs_value_us); | 1341 | GNUNET_CADET_receive_done(ts->channel); |
1331 | GNUNET_CADET_receive_done (ts->channel); | ||
1332 | } | 1342 | } |
1333 | 1343 | ||
1334 | 1344 | ||
@@ -1341,32 +1351,32 @@ handle_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) | |||
1341 | * @return the channel handle | 1351 | * @return the channel handle |
1342 | */ | 1352 | */ |
1343 | static struct GNUNET_CADET_Channel * | 1353 | static struct GNUNET_CADET_Channel * |
1344 | create_channel (struct ChannelState *ts, | 1354 | create_channel(struct ChannelState *ts, |
1345 | const struct GNUNET_PeerIdentity *target, | 1355 | const struct GNUNET_PeerIdentity *target, |
1346 | const struct GNUNET_HashCode *port) | 1356 | const struct GNUNET_HashCode *port) |
1347 | { | 1357 | { |
1348 | struct GNUNET_MQ_MessageHandler cadet_handlers[] = | 1358 | struct GNUNET_MQ_MessageHandler cadet_handlers[] = |
1349 | {GNUNET_MQ_hd_var_size (udp_back, | 1359 | { GNUNET_MQ_hd_var_size(udp_back, |
1350 | GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY, | 1360 | GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY, |
1351 | struct GNUNET_EXIT_UdpReplyMessage, | 1361 | struct GNUNET_EXIT_UdpReplyMessage, |
1352 | ts), | 1362 | ts), |
1353 | GNUNET_MQ_hd_var_size (tcp_back, | 1363 | GNUNET_MQ_hd_var_size(tcp_back, |
1354 | GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN, | 1364 | GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN, |
1355 | struct GNUNET_EXIT_TcpDataMessage, | 1365 | struct GNUNET_EXIT_TcpDataMessage, |
1356 | ts), | 1366 | ts), |
1357 | GNUNET_MQ_hd_var_size (icmp_back, | 1367 | GNUNET_MQ_hd_var_size(icmp_back, |
1358 | GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN, | 1368 | GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN, |
1359 | struct GNUNET_EXIT_IcmpToVPNMessage, | 1369 | struct GNUNET_EXIT_IcmpToVPNMessage, |
1360 | ts), | 1370 | ts), |
1361 | GNUNET_MQ_handler_end ()}; | 1371 | GNUNET_MQ_handler_end() }; |
1362 | 1372 | ||
1363 | return GNUNET_CADET_channel_create (cadet_handle, | 1373 | return GNUNET_CADET_channel_create(cadet_handle, |
1364 | ts, | 1374 | ts, |
1365 | target, | 1375 | target, |
1366 | port, | 1376 | port, |
1367 | NULL, | 1377 | NULL, |
1368 | &channel_cleaner, | 1378 | &channel_cleaner, |
1369 | cadet_handlers); | 1379 | cadet_handlers); |
1370 | } | 1380 | } |
1371 | 1381 | ||
1372 | 1382 | ||
@@ -1381,45 +1391,47 @@ create_channel (struct ChannelState *ts, | |||
1381 | * @param put_path_length Length of the @a put_path. | 1391 | * @param put_path_length Length of the @a put_path. |
1382 | */ | 1392 | */ |
1383 | static void | 1393 | static void |
1384 | handle_regex_result (void *cls, | 1394 | handle_regex_result(void *cls, |
1385 | const struct GNUNET_PeerIdentity *id, | 1395 | const struct GNUNET_PeerIdentity *id, |
1386 | const struct GNUNET_PeerIdentity *get_path, | 1396 | const struct GNUNET_PeerIdentity *get_path, |
1387 | unsigned int get_path_length, | 1397 | unsigned int get_path_length, |
1388 | const struct GNUNET_PeerIdentity *put_path, | 1398 | const struct GNUNET_PeerIdentity *put_path, |
1389 | unsigned int put_path_length) | 1399 | unsigned int put_path_length) |
1390 | { | 1400 | { |
1391 | struct ChannelState *ts = cls; | 1401 | struct ChannelState *ts = cls; |
1392 | struct GNUNET_HashCode port; | 1402 | struct GNUNET_HashCode port; |
1393 | 1403 | ||
1394 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 1404 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, |
1395 | "Exit %s found for destination %s!\n", | 1405 | "Exit %s found for destination %s!\n", |
1396 | GNUNET_i2s (id), | 1406 | GNUNET_i2s(id), |
1397 | print_channel_destination (&ts->destination)); | 1407 | print_channel_destination(&ts->destination)); |
1398 | GNUNET_REGEX_search_cancel (ts->search); | 1408 | GNUNET_REGEX_search_cancel(ts->search); |
1399 | ts->search = NULL; | 1409 | ts->search = NULL; |
1400 | switch (ts->af) | 1410 | switch (ts->af) |
1401 | { | 1411 | { |
1402 | case AF_INET: | 1412 | case AF_INET: |
1403 | /* these must match the strings used in gnunet-daemon-exit */ | 1413 | /* these must match the strings used in gnunet-daemon-exit */ |
1404 | GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV4_GATEWAY, | 1414 | GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_IPV4_GATEWAY, |
1405 | strlen (GNUNET_APPLICATION_PORT_IPV4_GATEWAY), | 1415 | strlen(GNUNET_APPLICATION_PORT_IPV4_GATEWAY), |
1406 | &port); | 1416 | &port); |
1407 | break; | 1417 | break; |
1408 | case AF_INET6: | 1418 | |
1409 | /* these must match the strings used in gnunet-daemon-exit */ | 1419 | case AF_INET6: |
1410 | GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV6_GATEWAY, | 1420 | /* these must match the strings used in gnunet-daemon-exit */ |
1411 | strlen (GNUNET_APPLICATION_PORT_IPV6_GATEWAY), | 1421 | GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_IPV6_GATEWAY, |
1412 | &port); | 1422 | strlen(GNUNET_APPLICATION_PORT_IPV6_GATEWAY), |
1413 | break; | 1423 | &port); |
1414 | default: | 1424 | break; |
1415 | GNUNET_break (0); | 1425 | |
1416 | return; | 1426 | default: |
1417 | } | 1427 | GNUNET_break(0); |
1418 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 1428 | return; |
1419 | "Creating tunnel to %s for destination %s!\n", | 1429 | } |
1420 | GNUNET_i2s (id), | 1430 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, |
1421 | print_channel_destination (&ts->destination)); | 1431 | "Creating tunnel to %s for destination %s!\n", |
1422 | ts->channel = create_channel (ts, id, &port); | 1432 | GNUNET_i2s(id), |
1433 | print_channel_destination(&ts->destination)); | ||
1434 | ts->channel = create_channel(ts, id, &port); | ||
1423 | } | 1435 | } |
1424 | 1436 | ||
1425 | 1437 | ||
@@ -1431,90 +1443,92 @@ handle_regex_result (void *cls, | |||
1431 | * @return channel state of the channel that was created | 1443 | * @return channel state of the channel that was created |
1432 | */ | 1444 | */ |
1433 | static struct ChannelState * | 1445 | static struct ChannelState * |
1434 | create_channel_to_destination (struct DestinationChannel *dt, int client_af) | 1446 | create_channel_to_destination(struct DestinationChannel *dt, int client_af) |
1435 | { | 1447 | { |
1436 | struct ChannelState *ts; | 1448 | struct ChannelState *ts; |
1437 | 1449 | ||
1438 | GNUNET_STATISTICS_update (stats, | 1450 | GNUNET_STATISTICS_update(stats, |
1439 | gettext_noop ("# Cadet channels created"), | 1451 | gettext_noop("# Cadet channels created"), |
1440 | 1, | 1452 | 1, |
1441 | GNUNET_NO); | 1453 | GNUNET_NO); |
1442 | ts = GNUNET_new (struct ChannelState); | 1454 | ts = GNUNET_new(struct ChannelState); |
1443 | ts->af = client_af; | 1455 | ts->af = client_af; |
1444 | ts->destination = *dt->destination; | 1456 | ts->destination = *dt->destination; |
1445 | ts->destination.heap_node = NULL; /* copy is NOT in destination heap */ | 1457 | ts->destination.heap_node = NULL; /* copy is NOT in destination heap */ |
1446 | ts->destination_port = dt->destination_port; | 1458 | ts->destination_port = dt->destination_port; |
1447 | if (dt->destination->is_service) | 1459 | if (dt->destination->is_service) |
1448 | { | ||
1449 | struct GNUNET_HashCode cadet_port; | ||
1450 | |||
1451 | GNUNET_TUN_compute_service_cadet_port (&ts->destination.details | ||
1452 | .service_destination | ||
1453 | .service_descriptor, | ||
1454 | ts->destination_port, | ||
1455 | &cadet_port); | ||
1456 | ts->channel = | ||
1457 | create_channel (ts, | ||
1458 | &dt->destination->details.service_destination.target, | ||
1459 | &cadet_port); | ||
1460 | |||
1461 | if (NULL == ts->channel) | ||
1462 | { | 1460 | { |
1463 | GNUNET_break (0); | 1461 | struct GNUNET_HashCode cadet_port; |
1464 | GNUNET_free (ts); | 1462 | |
1465 | return NULL; | 1463 | GNUNET_TUN_compute_service_cadet_port(&ts->destination.details |
1466 | } | 1464 | .service_destination |
1467 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1465 | .service_descriptor, |
1468 | "Creating channel to peer %s offering service %s on port %u\n", | 1466 | ts->destination_port, |
1469 | GNUNET_i2s ( | 1467 | &cadet_port); |
1470 | &dt->destination->details.service_destination.target), | 1468 | ts->channel = |
1471 | GNUNET_h2s (&ts->destination.details.service_destination | 1469 | create_channel(ts, |
1472 | .service_descriptor), | 1470 | &dt->destination->details.service_destination.target, |
1473 | (unsigned int) ts->destination_port); | 1471 | &cadet_port); |
1474 | } | 1472 | |
1473 | if (NULL == ts->channel) | ||
1474 | { | ||
1475 | GNUNET_break(0); | ||
1476 | GNUNET_free(ts); | ||
1477 | return NULL; | ||
1478 | } | ||
1479 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, | ||
1480 | "Creating channel to peer %s offering service %s on port %u\n", | ||
1481 | GNUNET_i2s( | ||
1482 | &dt->destination->details.service_destination.target), | ||
1483 | GNUNET_h2s(&ts->destination.details.service_destination | ||
1484 | .service_descriptor), | ||
1485 | (unsigned int)ts->destination_port); | ||
1486 | } | ||
1475 | else | 1487 | else |
1476 | { | ||
1477 | char *policy; | ||
1478 | |||
1479 | switch (dt->destination->details.exit_destination.af) | ||
1480 | { | 1488 | { |
1481 | case AF_INET: { | 1489 | char *policy; |
1482 | char address[GNUNET_TUN_IPV4_REGEXLEN]; | ||
1483 | 1490 | ||
1484 | GNUNET_TUN_ipv4toregexsearch (&dt->destination->details.exit_destination | 1491 | switch (dt->destination->details.exit_destination.af) |
1492 | { | ||
1493 | case AF_INET: { | ||
1494 | char address[GNUNET_TUN_IPV4_REGEXLEN]; | ||
1495 | |||
1496 | GNUNET_TUN_ipv4toregexsearch(&dt->destination->details.exit_destination | ||
1485 | .ip.v4, | 1497 | .ip.v4, |
1486 | dt->destination_port, | 1498 | dt->destination_port, |
1487 | address); | 1499 | address); |
1488 | GNUNET_asprintf (&policy, | 1500 | GNUNET_asprintf(&policy, |
1489 | "%s%s", | 1501 | "%s%s", |
1490 | GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, | 1502 | GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, |
1491 | address); | 1503 | address); |
1492 | break; | 1504 | break; |
1493 | } | 1505 | } |
1494 | case AF_INET6: { | 1506 | |
1495 | char address[GNUNET_TUN_IPV6_REGEXLEN]; | 1507 | case AF_INET6: { |
1508 | char address[GNUNET_TUN_IPV6_REGEXLEN]; | ||
1496 | 1509 | ||
1497 | GNUNET_TUN_ipv6toregexsearch (&dt->destination->details.exit_destination | 1510 | GNUNET_TUN_ipv6toregexsearch(&dt->destination->details.exit_destination |
1498 | .ip.v6, | 1511 | .ip.v6, |
1499 | dt->destination_port, | 1512 | dt->destination_port, |
1500 | address); | 1513 | address); |
1501 | GNUNET_asprintf (&policy, | 1514 | GNUNET_asprintf(&policy, |
1502 | "%s%s", | 1515 | "%s%s", |
1503 | GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, | 1516 | GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, |
1504 | address); | 1517 | address); |
1505 | break; | 1518 | break; |
1506 | } | 1519 | } |
1507 | default: | ||
1508 | GNUNET_assert (0); | ||
1509 | break; | ||
1510 | } | ||
1511 | 1520 | ||
1512 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1521 | default: |
1513 | "Requesting connect by string: %s\n", | 1522 | GNUNET_assert(0); |
1514 | policy); | 1523 | break; |
1515 | ts->search = GNUNET_REGEX_search (cfg, policy, &handle_regex_result, ts); | 1524 | } |
1516 | GNUNET_free (policy); | 1525 | |
1517 | } | 1526 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
1527 | "Requesting connect by string: %s\n", | ||
1528 | policy); | ||
1529 | ts->search = GNUNET_REGEX_search(cfg, policy, &handle_regex_result, ts); | ||
1530 | GNUNET_free(policy); | ||
1531 | } | ||
1518 | return ts; | 1532 | return ts; |
1519 | } | 1533 | } |
1520 | 1534 | ||
@@ -1525,18 +1539,18 @@ create_channel_to_destination (struct DestinationChannel *dt, int client_af) | |||
1525 | * @param except channel that must NOT be cleaned up, even if it is the oldest | 1539 | * @param except channel that must NOT be cleaned up, even if it is the oldest |
1526 | */ | 1540 | */ |
1527 | static void | 1541 | static void |
1528 | expire_channel (struct ChannelState *except) | 1542 | expire_channel(struct ChannelState *except) |
1529 | { | 1543 | { |
1530 | struct ChannelState *ts; | 1544 | struct ChannelState *ts; |
1531 | 1545 | ||
1532 | ts = GNUNET_CONTAINER_heap_peek (channel_heap); | 1546 | ts = GNUNET_CONTAINER_heap_peek(channel_heap); |
1533 | GNUNET_assert (NULL != ts); | 1547 | GNUNET_assert(NULL != ts); |
1534 | if (except == ts) | 1548 | if (except == ts) |
1535 | return; /* can't do this */ | 1549 | return; /* can't do this */ |
1536 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1550 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
1537 | "Tearing down expired channel to %s\n", | 1551 | "Tearing down expired channel to %s\n", |
1538 | print_channel_destination (&except->destination)); | 1552 | print_channel_destination(&except->destination)); |
1539 | free_channel_state (ts); | 1553 | free_channel_state(ts); |
1540 | } | 1554 | } |
1541 | 1555 | ||
1542 | 1556 | ||
@@ -1552,13 +1566,13 @@ expire_channel (struct ChannelState *except) | |||
1552 | * @param payload_length number of bytes in @a payload | 1566 | * @param payload_length number of bytes in @a payload |
1553 | */ | 1567 | */ |
1554 | static void | 1568 | static void |
1555 | route_packet (struct DestinationEntry *destination, | 1569 | route_packet(struct DestinationEntry *destination, |
1556 | int af, | 1570 | int af, |
1557 | uint8_t protocol, | 1571 | uint8_t protocol, |
1558 | const void *source_ip, | 1572 | const void *source_ip, |
1559 | const void *destination_ip, | 1573 | const void *destination_ip, |
1560 | const void *payload, | 1574 | const void *payload, |
1561 | size_t payload_length) | 1575 | size_t payload_length) |
1562 | { | 1576 | { |
1563 | struct GNUNET_HashCode key; | 1577 | struct GNUNET_HashCode key; |
1564 | struct ChannelState *ts; | 1578 | struct ChannelState *ts; |
@@ -1573,630 +1587,663 @@ route_packet (struct DestinationEntry *destination, | |||
1573 | uint16_t destination_port; | 1587 | uint16_t destination_port; |
1574 | 1588 | ||
1575 | switch (protocol) | 1589 | switch (protocol) |
1576 | { | ||
1577 | case IPPROTO_UDP: { | ||
1578 | if (payload_length < sizeof (struct GNUNET_TUN_UdpHeader)) | ||
1579 | { | ||
1580 | /* blame kernel? */ | ||
1581 | GNUNET_break (0); | ||
1582 | return; | ||
1583 | } | ||
1584 | tcp = NULL; /* make compiler happy */ | ||
1585 | icmp = NULL; /* make compiler happy */ | ||
1586 | udp = payload; | ||
1587 | if (udp->len < sizeof (struct GNUNET_TUN_UdpHeader)) | ||
1588 | { | 1590 | { |
1589 | GNUNET_break_op (0); | 1591 | case IPPROTO_UDP: { |
1590 | return; | 1592 | if (payload_length < sizeof(struct GNUNET_TUN_UdpHeader)) |
1591 | } | 1593 | { |
1592 | source_port = ntohs (udp->source_port); | 1594 | /* blame kernel? */ |
1593 | destination_port = ntohs (udp->destination_port); | 1595 | GNUNET_break(0); |
1594 | get_channel_key_from_ips (af, | 1596 | return; |
1595 | IPPROTO_UDP, | 1597 | } |
1596 | source_ip, | 1598 | tcp = NULL; /* make compiler happy */ |
1597 | source_port, | 1599 | icmp = NULL; /* make compiler happy */ |
1598 | destination_ip, | 1600 | udp = payload; |
1599 | destination_port, | 1601 | if (udp->len < sizeof(struct GNUNET_TUN_UdpHeader)) |
1600 | &key); | 1602 | { |
1601 | } | 1603 | GNUNET_break_op(0); |
1602 | break; | 1604 | return; |
1603 | case IPPROTO_TCP: { | 1605 | } |
1604 | if (payload_length < sizeof (struct GNUNET_TUN_TcpHeader)) | 1606 | source_port = ntohs(udp->source_port); |
1605 | { | 1607 | destination_port = ntohs(udp->destination_port); |
1606 | /* blame kernel? */ | 1608 | get_channel_key_from_ips(af, |
1607 | GNUNET_break (0); | 1609 | IPPROTO_UDP, |
1608 | return; | 1610 | source_ip, |
1611 | source_port, | ||
1612 | destination_ip, | ||
1613 | destination_port, | ||
1614 | &key); | ||
1609 | } | 1615 | } |
1610 | udp = NULL; /* make compiler happy */ | 1616 | break; |
1611 | icmp = NULL; /* make compiler happy */ | 1617 | |
1612 | tcp = payload; | 1618 | case IPPROTO_TCP: { |
1613 | if (tcp->off * 4 < sizeof (struct GNUNET_TUN_TcpHeader)) | 1619 | if (payload_length < sizeof(struct GNUNET_TUN_TcpHeader)) |
1614 | { | 1620 | { |
1615 | GNUNET_break_op (0); | 1621 | /* blame kernel? */ |
1616 | return; | 1622 | GNUNET_break(0); |
1623 | return; | ||
1624 | } | ||
1625 | udp = NULL; /* make compiler happy */ | ||
1626 | icmp = NULL; /* make compiler happy */ | ||
1627 | tcp = payload; | ||
1628 | if (tcp->off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) | ||
1629 | { | ||
1630 | GNUNET_break_op(0); | ||
1631 | return; | ||
1632 | } | ||
1633 | source_port = ntohs(tcp->source_port); | ||
1634 | destination_port = ntohs(tcp->destination_port); | ||
1635 | get_channel_key_from_ips(af, | ||
1636 | IPPROTO_TCP, | ||
1637 | source_ip, | ||
1638 | source_port, | ||
1639 | destination_ip, | ||
1640 | destination_port, | ||
1641 | &key); | ||
1617 | } | 1642 | } |
1618 | source_port = ntohs (tcp->source_port); | 1643 | break; |
1619 | destination_port = ntohs (tcp->destination_port); | 1644 | |
1620 | get_channel_key_from_ips (af, | 1645 | case IPPROTO_ICMP: |
1621 | IPPROTO_TCP, | 1646 | case IPPROTO_ICMPV6: { |
1622 | source_ip, | 1647 | if ((AF_INET == af) ^ (protocol == IPPROTO_ICMP)) |
1623 | source_port, | 1648 | { |
1624 | destination_ip, | 1649 | GNUNET_break(0); |
1625 | destination_port, | 1650 | return; |
1626 | &key); | 1651 | } |
1627 | } | 1652 | if (payload_length < sizeof(struct GNUNET_TUN_IcmpHeader)) |
1628 | break; | 1653 | { |
1629 | case IPPROTO_ICMP: | 1654 | /* blame kernel? */ |
1630 | case IPPROTO_ICMPV6: { | 1655 | GNUNET_break(0); |
1631 | if ((AF_INET == af) ^ (protocol == IPPROTO_ICMP)) | 1656 | return; |
1632 | { | 1657 | } |
1633 | GNUNET_break (0); | 1658 | tcp = NULL; /* make compiler happy */ |
1634 | return; | 1659 | udp = NULL; /* make compiler happy */ |
1660 | icmp = payload; | ||
1661 | source_port = 0; | ||
1662 | destination_port = 0; | ||
1663 | get_channel_key_from_ips(af, | ||
1664 | protocol, | ||
1665 | source_ip, | ||
1666 | 0, | ||
1667 | destination_ip, | ||
1668 | 0, | ||
1669 | &key); | ||
1635 | } | 1670 | } |
1636 | if (payload_length < sizeof (struct GNUNET_TUN_IcmpHeader)) | 1671 | break; |
1637 | { | 1672 | |
1638 | /* blame kernel? */ | 1673 | default: |
1639 | GNUNET_break (0); | 1674 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, |
1675 | _("Protocol %u not supported, dropping\n"), | ||
1676 | (unsigned int)protocol); | ||
1640 | return; | 1677 | return; |
1641 | } | 1678 | } |
1642 | tcp = NULL; /* make compiler happy */ | ||
1643 | udp = NULL; /* make compiler happy */ | ||
1644 | icmp = payload; | ||
1645 | source_port = 0; | ||
1646 | destination_port = 0; | ||
1647 | get_channel_key_from_ips (af, | ||
1648 | protocol, | ||
1649 | source_ip, | ||
1650 | 0, | ||
1651 | destination_ip, | ||
1652 | 0, | ||
1653 | &key); | ||
1654 | } | ||
1655 | break; | ||
1656 | default: | ||
1657 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1658 | _ ("Protocol %u not supported, dropping\n"), | ||
1659 | (unsigned int) protocol); | ||
1660 | return; | ||
1661 | } | ||
1662 | alen = 0; | 1679 | alen = 0; |
1663 | if (! destination->is_service) | 1680 | if (!destination->is_service) |
1664 | { | ||
1665 | switch (destination->details.exit_destination.af) | ||
1666 | { | 1681 | { |
1667 | case AF_INET: | 1682 | switch (destination->details.exit_destination.af) |
1668 | alen = sizeof (struct in_addr); | 1683 | { |
1669 | break; | 1684 | case AF_INET: |
1670 | case AF_INET6: | 1685 | alen = sizeof(struct in_addr); |
1671 | alen = sizeof (struct in6_addr); | 1686 | break; |
1672 | break; | ||
1673 | default: | ||
1674 | GNUNET_assert (0); | ||
1675 | } | ||
1676 | |||
1677 | { | ||
1678 | char sbuf[INET6_ADDRSTRLEN]; | ||
1679 | char dbuf[INET6_ADDRSTRLEN]; | ||
1680 | char xbuf[INET6_ADDRSTRLEN]; | ||
1681 | |||
1682 | GNUNET_log ( | ||
1683 | GNUNET_ERROR_TYPE_DEBUG, | ||
1684 | "Routing %s packet from [%s]:%u -> [%s]:%u to destination [%s]:%u\n", | ||
1685 | (protocol == IPPROTO_TCP) ? "TCP" : "UDP", | ||
1686 | inet_ntop (af, source_ip, sbuf, sizeof (sbuf)), | ||
1687 | source_port, | ||
1688 | inet_ntop (af, destination_ip, dbuf, sizeof (dbuf)), | ||
1689 | destination_port, | ||
1690 | inet_ntop (destination->details.exit_destination.af, | ||
1691 | &destination->details.exit_destination.ip, | ||
1692 | xbuf, | ||
1693 | sizeof (xbuf)), | ||
1694 | destination_port); | ||
1695 | } | ||
1696 | for (dt = destination->dt_head; NULL != dt; dt = dt->next) | ||
1697 | if (dt->destination_port == destination_port) | ||
1698 | break; | ||
1699 | } | ||
1700 | else | ||
1701 | { | ||
1702 | { | ||
1703 | char sbuf[INET6_ADDRSTRLEN]; | ||
1704 | char dbuf[INET6_ADDRSTRLEN]; | ||
1705 | |||
1706 | GNUNET_log ( | ||
1707 | GNUNET_ERROR_TYPE_DEBUG, | ||
1708 | "Routing %s packet from [%s]:%u -> [%s]:%u to service %s at peer %s\n", | ||
1709 | (protocol == IPPROTO_TCP) ? "TCP" : "UDP", | ||
1710 | inet_ntop (af, source_ip, sbuf, sizeof (sbuf)), | ||
1711 | source_port, | ||
1712 | inet_ntop (af, destination_ip, dbuf, sizeof (dbuf)), | ||
1713 | destination_port, | ||
1714 | GNUNET_h2s ( | ||
1715 | &destination->details.service_destination.service_descriptor), | ||
1716 | GNUNET_i2s (&destination->details.service_destination.target)); | ||
1717 | } | ||
1718 | for (dt = destination->dt_head; NULL != dt; dt = dt->next) | ||
1719 | if (dt->destination_port == destination_port) | ||
1720 | break; | ||
1721 | } | ||
1722 | if (NULL == dt) | ||
1723 | { | ||
1724 | dt = GNUNET_new (struct DestinationChannel); | ||
1725 | dt->destination = destination; | ||
1726 | GNUNET_CONTAINER_DLL_insert (destination->dt_head, | ||
1727 | destination->dt_tail, | ||
1728 | dt); | ||
1729 | dt->destination_port = destination_port; | ||
1730 | } | ||
1731 | 1687 | ||
1732 | /* see if we have an existing channel for this destination */ | 1688 | case AF_INET6: |
1733 | ts = GNUNET_CONTAINER_multihashmap_get (channel_map, &key); | 1689 | alen = sizeof(struct in6_addr); |
1734 | if (NULL == ts) | 1690 | break; |
1735 | { | ||
1736 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1737 | "Creating new channel for key %s\n", | ||
1738 | GNUNET_h2s (&key)); | ||
1739 | /* need to either use the existing channel from the destination (if still | ||
1740 | available) or create a fresh one */ | ||
1741 | ts = create_channel_to_destination (dt, af); | ||
1742 | if (NULL == ts) | ||
1743 | return; | ||
1744 | /* now bind existing "unbound" channel to our IP/port tuple */ | ||
1745 | ts->protocol = protocol; | ||
1746 | ts->af = af; | ||
1747 | if (AF_INET == af) | ||
1748 | { | ||
1749 | ts->source_ip.v4 = *(const struct in_addr *) source_ip; | ||
1750 | ts->destination_ip.v4 = *(const struct in_addr *) destination_ip; | ||
1751 | } | ||
1752 | else | ||
1753 | { | ||
1754 | ts->source_ip.v6 = *(const struct in6_addr *) source_ip; | ||
1755 | ts->destination_ip.v6 = *(const struct in6_addr *) destination_ip; | ||
1756 | } | ||
1757 | ts->source_port = source_port; | ||
1758 | ts->destination_port = destination_port; | ||
1759 | ts->heap_node = | ||
1760 | GNUNET_CONTAINER_heap_insert (channel_heap, | ||
1761 | ts, | ||
1762 | GNUNET_TIME_absolute_get ().abs_value_us); | ||
1763 | GNUNET_assert (GNUNET_YES == | ||
1764 | GNUNET_CONTAINER_multihashmap_put ( | ||
1765 | channel_map, | ||
1766 | &key, | ||
1767 | ts, | ||
1768 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); | ||
1769 | GNUNET_STATISTICS_update (stats, | ||
1770 | gettext_noop ("# Active channels"), | ||
1771 | 1, | ||
1772 | GNUNET_NO); | ||
1773 | while (GNUNET_CONTAINER_multihashmap_size (channel_map) > | ||
1774 | max_channel_mappings) | ||
1775 | expire_channel (ts); | ||
1776 | } | ||
1777 | else | ||
1778 | { | ||
1779 | GNUNET_CONTAINER_heap_update_cost (ts->heap_node, | ||
1780 | GNUNET_TIME_absolute_get () | ||
1781 | .abs_value_us); | ||
1782 | } | ||
1783 | if (NULL == ts->channel) | ||
1784 | { | ||
1785 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
1786 | "Packet dropped, channel to %s not yet ready (%s)\n", | ||
1787 | print_channel_destination (&ts->destination), | ||
1788 | (NULL == ts->search) ? "EXIT search failed" | ||
1789 | : "EXIT search active"); | ||
1790 | GNUNET_STATISTICS_update (stats, | ||
1791 | gettext_noop ( | ||
1792 | "# Packets dropped (channel not yet online)"), | ||
1793 | 1, | ||
1794 | GNUNET_NO); | ||
1795 | return; | ||
1796 | } | ||
1797 | 1691 | ||
1798 | /* send via channel */ | 1692 | default: |
1799 | switch (protocol) | 1693 | GNUNET_assert(0); |
1800 | { | 1694 | } |
1801 | case IPPROTO_UDP: | ||
1802 | if (destination->is_service) | ||
1803 | { | ||
1804 | struct GNUNET_EXIT_UdpServiceMessage *usm; | ||
1805 | 1695 | ||
1806 | mlen = sizeof (struct GNUNET_EXIT_UdpServiceMessage) + payload_length - | ||
1807 | sizeof (struct GNUNET_TUN_UdpHeader); | ||
1808 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
1809 | { | 1696 | { |
1810 | GNUNET_break (0); | 1697 | char sbuf[INET6_ADDRSTRLEN]; |
1811 | return; | 1698 | char dbuf[INET6_ADDRSTRLEN]; |
1699 | char xbuf[INET6_ADDRSTRLEN]; | ||
1700 | |||
1701 | GNUNET_log( | ||
1702 | GNUNET_ERROR_TYPE_DEBUG, | ||
1703 | "Routing %s packet from [%s]:%u -> [%s]:%u to destination [%s]:%u\n", | ||
1704 | (protocol == IPPROTO_TCP) ? "TCP" : "UDP", | ||
1705 | inet_ntop(af, source_ip, sbuf, sizeof(sbuf)), | ||
1706 | source_port, | ||
1707 | inet_ntop(af, destination_ip, dbuf, sizeof(dbuf)), | ||
1708 | destination_port, | ||
1709 | inet_ntop(destination->details.exit_destination.af, | ||
1710 | &destination->details.exit_destination.ip, | ||
1711 | xbuf, | ||
1712 | sizeof(xbuf)), | ||
1713 | destination_port); | ||
1812 | } | 1714 | } |
1813 | env = GNUNET_MQ_msg_extra (usm, | 1715 | for (dt = destination->dt_head; NULL != dt; dt = dt->next) |
1814 | payload_length - | 1716 | if (dt->destination_port == destination_port) |
1815 | sizeof (struct GNUNET_TUN_UdpHeader), | 1717 | break; |
1816 | GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE); | 1718 | } |
1817 | /* if the source port is below 32000, we assume it has a special | 1719 | else |
1818 | meaning; if not, we pick a random port (this is a heuristic) */ | ||
1819 | usm->source_port = | ||
1820 | (ntohs (udp->source_port) < 32000) ? udp->source_port : 0; | ||
1821 | usm->destination_port = udp->destination_port; | ||
1822 | GNUNET_memcpy (&usm[1], | ||
1823 | &udp[1], | ||
1824 | payload_length - sizeof (struct GNUNET_TUN_UdpHeader)); | ||
1825 | } | ||
1826 | else | ||
1827 | { | 1720 | { |
1828 | struct GNUNET_EXIT_UdpInternetMessage *uim; | ||
1829 | struct in_addr *ip4dst; | ||
1830 | struct in6_addr *ip6dst; | ||
1831 | void *payload; | ||
1832 | |||
1833 | mlen = sizeof (struct GNUNET_EXIT_UdpInternetMessage) + alen + | ||
1834 | payload_length - sizeof (struct GNUNET_TUN_UdpHeader); | ||
1835 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
1836 | { | 1721 | { |
1837 | GNUNET_break (0); | 1722 | char sbuf[INET6_ADDRSTRLEN]; |
1838 | return; | 1723 | char dbuf[INET6_ADDRSTRLEN]; |
1724 | |||
1725 | GNUNET_log( | ||
1726 | GNUNET_ERROR_TYPE_DEBUG, | ||
1727 | "Routing %s packet from [%s]:%u -> [%s]:%u to service %s at peer %s\n", | ||
1728 | (protocol == IPPROTO_TCP) ? "TCP" : "UDP", | ||
1729 | inet_ntop(af, source_ip, sbuf, sizeof(sbuf)), | ||
1730 | source_port, | ||
1731 | inet_ntop(af, destination_ip, dbuf, sizeof(dbuf)), | ||
1732 | destination_port, | ||
1733 | GNUNET_h2s( | ||
1734 | &destination->details.service_destination.service_descriptor), | ||
1735 | GNUNET_i2s(&destination->details.service_destination.target)); | ||
1839 | } | 1736 | } |
1840 | env = GNUNET_MQ_msg_extra (uim, | 1737 | for (dt = destination->dt_head; NULL != dt; dt = dt->next) |
1841 | payload_length + alen - | 1738 | if (dt->destination_port == destination_port) |
1842 | sizeof (struct GNUNET_TUN_UdpHeader), | 1739 | break; |
1843 | GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET); | ||
1844 | uim->af = htonl (destination->details.exit_destination.af); | ||
1845 | uim->source_port = | ||
1846 | (ntohs (udp->source_port) < 32000) ? udp->source_port : 0; | ||
1847 | uim->destination_port = udp->destination_port; | ||
1848 | switch (destination->details.exit_destination.af) | ||
1849 | { | ||
1850 | case AF_INET: | ||
1851 | ip4dst = (struct in_addr *) &uim[1]; | ||
1852 | *ip4dst = destination->details.exit_destination.ip.v4; | ||
1853 | payload = &ip4dst[1]; | ||
1854 | break; | ||
1855 | case AF_INET6: | ||
1856 | ip6dst = (struct in6_addr *) &uim[1]; | ||
1857 | *ip6dst = destination->details.exit_destination.ip.v6; | ||
1858 | payload = &ip6dst[1]; | ||
1859 | break; | ||
1860 | default: | ||
1861 | GNUNET_assert (0); | ||
1862 | } | ||
1863 | GNUNET_memcpy (payload, | ||
1864 | &udp[1], | ||
1865 | payload_length - sizeof (struct GNUNET_TUN_UdpHeader)); | ||
1866 | } | 1740 | } |
1867 | break; | 1741 | if (NULL == dt) |
1868 | case IPPROTO_TCP: | ||
1869 | if (GNUNET_NO == ts->is_established) | ||
1870 | { | 1742 | { |
1871 | if (destination->is_service) | 1743 | dt = GNUNET_new(struct DestinationChannel); |
1872 | { | 1744 | dt->destination = destination; |
1873 | struct GNUNET_EXIT_TcpServiceStartMessage *tsm; | 1745 | GNUNET_CONTAINER_DLL_insert(destination->dt_head, |
1746 | destination->dt_tail, | ||
1747 | dt); | ||
1748 | dt->destination_port = destination_port; | ||
1749 | } | ||
1874 | 1750 | ||
1875 | mlen = sizeof (struct GNUNET_EXIT_TcpServiceStartMessage) + | 1751 | /* see if we have an existing channel for this destination */ |
1876 | payload_length - sizeof (struct GNUNET_TUN_TcpHeader); | 1752 | ts = GNUNET_CONTAINER_multihashmap_get(channel_map, &key); |
1877 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | 1753 | if (NULL == ts) |
1754 | { | ||
1755 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, | ||
1756 | "Creating new channel for key %s\n", | ||
1757 | GNUNET_h2s(&key)); | ||
1758 | /* need to either use the existing channel from the destination (if still | ||
1759 | available) or create a fresh one */ | ||
1760 | ts = create_channel_to_destination(dt, af); | ||
1761 | if (NULL == ts) | ||
1762 | return; | ||
1763 | /* now bind existing "unbound" channel to our IP/port tuple */ | ||
1764 | ts->protocol = protocol; | ||
1765 | ts->af = af; | ||
1766 | if (AF_INET == af) | ||
1878 | { | 1767 | { |
1879 | GNUNET_break (0); | 1768 | ts->source_ip.v4 = *(const struct in_addr *)source_ip; |
1880 | return; | 1769 | ts->destination_ip.v4 = *(const struct in_addr *)destination_ip; |
1881 | } | 1770 | } |
1882 | env = | ||
1883 | GNUNET_MQ_msg_extra (tsm, | ||
1884 | payload_length - | ||
1885 | sizeof (struct GNUNET_TUN_TcpHeader), | ||
1886 | GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START); | ||
1887 | tsm->reserved = htonl (0); | ||
1888 | tsm->tcp_header = *tcp; | ||
1889 | GNUNET_memcpy (&tsm[1], | ||
1890 | &tcp[1], | ||
1891 | payload_length - sizeof (struct GNUNET_TUN_TcpHeader)); | ||
1892 | } | ||
1893 | else | 1771 | else |
1894 | { | ||
1895 | struct GNUNET_EXIT_TcpInternetStartMessage *tim; | ||
1896 | struct in_addr *ip4dst; | ||
1897 | struct in6_addr *ip6dst; | ||
1898 | void *payload; | ||
1899 | |||
1900 | mlen = sizeof (struct GNUNET_EXIT_TcpInternetStartMessage) + alen + | ||
1901 | payload_length - sizeof (struct GNUNET_TUN_TcpHeader); | ||
1902 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
1903 | { | 1772 | { |
1904 | GNUNET_break (0); | 1773 | ts->source_ip.v6 = *(const struct in6_addr *)source_ip; |
1905 | return; | 1774 | ts->destination_ip.v6 = *(const struct in6_addr *)destination_ip; |
1906 | } | ||
1907 | env = | ||
1908 | GNUNET_MQ_msg_extra (tim, | ||
1909 | payload_length + alen - | ||
1910 | sizeof (struct GNUNET_TUN_TcpHeader), | ||
1911 | GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START); | ||
1912 | tim->af = htonl (destination->details.exit_destination.af); | ||
1913 | tim->tcp_header = *tcp; | ||
1914 | switch (destination->details.exit_destination.af) | ||
1915 | { | ||
1916 | case AF_INET: | ||
1917 | ip4dst = (struct in_addr *) &tim[1]; | ||
1918 | *ip4dst = destination->details.exit_destination.ip.v4; | ||
1919 | payload = &ip4dst[1]; | ||
1920 | break; | ||
1921 | case AF_INET6: | ||
1922 | ip6dst = (struct in6_addr *) &tim[1]; | ||
1923 | *ip6dst = destination->details.exit_destination.ip.v6; | ||
1924 | payload = &ip6dst[1]; | ||
1925 | break; | ||
1926 | default: | ||
1927 | GNUNET_assert (0); | ||
1928 | } | 1775 | } |
1929 | GNUNET_memcpy (payload, | 1776 | ts->source_port = source_port; |
1930 | &tcp[1], | 1777 | ts->destination_port = destination_port; |
1931 | payload_length - sizeof (struct GNUNET_TUN_TcpHeader)); | 1778 | ts->heap_node = |
1932 | } | 1779 | GNUNET_CONTAINER_heap_insert(channel_heap, |
1780 | ts, | ||
1781 | GNUNET_TIME_absolute_get().abs_value_us); | ||
1782 | GNUNET_assert(GNUNET_YES == | ||
1783 | GNUNET_CONTAINER_multihashmap_put( | ||
1784 | channel_map, | ||
1785 | &key, | ||
1786 | ts, | ||
1787 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); | ||
1788 | GNUNET_STATISTICS_update(stats, | ||
1789 | gettext_noop("# Active channels"), | ||
1790 | 1, | ||
1791 | GNUNET_NO); | ||
1792 | while (GNUNET_CONTAINER_multihashmap_size(channel_map) > | ||
1793 | max_channel_mappings) | ||
1794 | expire_channel(ts); | ||
1933 | } | 1795 | } |
1934 | else | 1796 | else |
1935 | { | 1797 | { |
1936 | struct GNUNET_EXIT_TcpDataMessage *tdm; | 1798 | GNUNET_CONTAINER_heap_update_cost(ts->heap_node, |
1937 | 1799 | GNUNET_TIME_absolute_get() | |
1938 | mlen = sizeof (struct GNUNET_EXIT_TcpDataMessage) + payload_length - | 1800 | .abs_value_us); |
1939 | sizeof (struct GNUNET_TUN_TcpHeader); | ||
1940 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
1941 | { | ||
1942 | GNUNET_break (0); | ||
1943 | return; | ||
1944 | } | ||
1945 | env = GNUNET_MQ_msg_extra (tdm, | ||
1946 | payload_length - | ||
1947 | sizeof (struct GNUNET_TUN_TcpHeader), | ||
1948 | GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT); | ||
1949 | tdm->reserved = htonl (0); | ||
1950 | tdm->tcp_header = *tcp; | ||
1951 | GNUNET_memcpy (&tdm[1], | ||
1952 | &tcp[1], | ||
1953 | payload_length - sizeof (struct GNUNET_TUN_TcpHeader)); | ||
1954 | } | 1801 | } |
1955 | break; | 1802 | if (NULL == ts->channel) |
1956 | case IPPROTO_ICMP: | ||
1957 | case IPPROTO_ICMPV6: | ||
1958 | if (destination->is_service) | ||
1959 | { | 1803 | { |
1960 | struct GNUNET_EXIT_IcmpServiceMessage *ism; | 1804 | GNUNET_log(GNUNET_ERROR_TYPE_WARNING, |
1805 | "Packet dropped, channel to %s not yet ready (%s)\n", | ||
1806 | print_channel_destination(&ts->destination), | ||
1807 | (NULL == ts->search) ? "EXIT search failed" | ||
1808 | : "EXIT search active"); | ||
1809 | GNUNET_STATISTICS_update(stats, | ||
1810 | gettext_noop( | ||
1811 | "# Packets dropped (channel not yet online)"), | ||
1812 | 1, | ||
1813 | GNUNET_NO); | ||
1814 | return; | ||
1815 | } | ||
1961 | 1816 | ||
1962 | /* ICMP protocol translation will be done by the receiver (as we don't know | 1817 | /* send via channel */ |
1963 | the target AF); however, we still need to possibly discard the payload | 1818 | switch (protocol) |
1964 | depending on the ICMP type */ | 1819 | { |
1965 | switch (af) | 1820 | case IPPROTO_UDP: |
1966 | { | 1821 | if (destination->is_service) |
1967 | case AF_INET: | ||
1968 | switch (icmp->type) | ||
1969 | { | 1822 | { |
1970 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: | 1823 | struct GNUNET_EXIT_UdpServiceMessage *usm; |
1971 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: | 1824 | |
1972 | break; | 1825 | mlen = sizeof(struct GNUNET_EXIT_UdpServiceMessage) + payload_length - |
1973 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: | 1826 | sizeof(struct GNUNET_TUN_UdpHeader); |
1974 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: | 1827 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) |
1975 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: | 1828 | { |
1976 | /* throw away ICMP payload, won't be useful for the other side anyway */ | 1829 | GNUNET_break(0); |
1977 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 1830 | return; |
1978 | break; | 1831 | } |
1979 | default: | 1832 | env = GNUNET_MQ_msg_extra(usm, |
1980 | GNUNET_STATISTICS_update (stats, | 1833 | payload_length - |
1981 | gettext_noop ( | 1834 | sizeof(struct GNUNET_TUN_UdpHeader), |
1982 | "# ICMPv4 packets dropped (not allowed)"), | 1835 | GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE); |
1983 | 1, | 1836 | /* if the source port is below 32000, we assume it has a special |
1984 | GNUNET_NO); | 1837 | meaning; if not, we pick a random port (this is a heuristic) */ |
1985 | return; | 1838 | usm->source_port = |
1839 | (ntohs(udp->source_port) < 32000) ? udp->source_port : 0; | ||
1840 | usm->destination_port = udp->destination_port; | ||
1841 | GNUNET_memcpy(&usm[1], | ||
1842 | &udp[1], | ||
1843 | payload_length - sizeof(struct GNUNET_TUN_UdpHeader)); | ||
1986 | } | 1844 | } |
1987 | /* end of AF_INET */ | 1845 | else |
1988 | break; | ||
1989 | case AF_INET6: | ||
1990 | switch (icmp->type) | ||
1991 | { | 1846 | { |
1992 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | 1847 | struct GNUNET_EXIT_UdpInternetMessage *uim; |
1993 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | 1848 | struct in_addr *ip4dst; |
1994 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | 1849 | struct in6_addr *ip6dst; |
1995 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: | 1850 | void *payload; |
1996 | /* throw away ICMP payload, won't be useful for the other side anyway */ | 1851 | |
1997 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 1852 | mlen = sizeof(struct GNUNET_EXIT_UdpInternetMessage) + alen + |
1998 | break; | 1853 | payload_length - sizeof(struct GNUNET_TUN_UdpHeader); |
1999 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | 1854 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) |
2000 | case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: | 1855 | { |
2001 | break; | 1856 | GNUNET_break(0); |
2002 | default: | 1857 | return; |
2003 | GNUNET_STATISTICS_update (stats, | 1858 | } |
2004 | gettext_noop ( | 1859 | env = GNUNET_MQ_msg_extra(uim, |
2005 | "# ICMPv6 packets dropped (not allowed)"), | 1860 | payload_length + alen - |
2006 | 1, | 1861 | sizeof(struct GNUNET_TUN_UdpHeader), |
2007 | GNUNET_NO); | 1862 | GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET); |
2008 | return; | 1863 | uim->af = htonl(destination->details.exit_destination.af); |
1864 | uim->source_port = | ||
1865 | (ntohs(udp->source_port) < 32000) ? udp->source_port : 0; | ||
1866 | uim->destination_port = udp->destination_port; | ||
1867 | switch (destination->details.exit_destination.af) | ||
1868 | { | ||
1869 | case AF_INET: | ||
1870 | ip4dst = (struct in_addr *)&uim[1]; | ||
1871 | *ip4dst = destination->details.exit_destination.ip.v4; | ||
1872 | payload = &ip4dst[1]; | ||
1873 | break; | ||
1874 | |||
1875 | case AF_INET6: | ||
1876 | ip6dst = (struct in6_addr *)&uim[1]; | ||
1877 | *ip6dst = destination->details.exit_destination.ip.v6; | ||
1878 | payload = &ip6dst[1]; | ||
1879 | break; | ||
1880 | |||
1881 | default: | ||
1882 | GNUNET_assert(0); | ||
1883 | } | ||
1884 | GNUNET_memcpy(payload, | ||
1885 | &udp[1], | ||
1886 | payload_length - sizeof(struct GNUNET_TUN_UdpHeader)); | ||
2009 | } | 1887 | } |
2010 | /* end of AF_INET6 */ | 1888 | break; |
2011 | break; | ||
2012 | default: | ||
2013 | GNUNET_assert (0); | ||
2014 | break; | ||
2015 | } | ||
2016 | 1889 | ||
2017 | /* update length calculations, as payload_length may have changed */ | 1890 | case IPPROTO_TCP: |
2018 | mlen = sizeof (struct GNUNET_EXIT_IcmpServiceMessage) + alen + | 1891 | if (GNUNET_NO == ts->is_established) |
2019 | payload_length - sizeof (struct GNUNET_TUN_IcmpHeader); | 1892 | { |
2020 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | 1893 | if (destination->is_service) |
2021 | { | 1894 | { |
2022 | GNUNET_break (0); | 1895 | struct GNUNET_EXIT_TcpServiceStartMessage *tsm; |
2023 | return; | 1896 | |
2024 | } | 1897 | mlen = sizeof(struct GNUNET_EXIT_TcpServiceStartMessage) + |
1898 | payload_length - sizeof(struct GNUNET_TUN_TcpHeader); | ||
1899 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
1900 | { | ||
1901 | GNUNET_break(0); | ||
1902 | return; | ||
1903 | } | ||
1904 | env = | ||
1905 | GNUNET_MQ_msg_extra(tsm, | ||
1906 | payload_length - | ||
1907 | sizeof(struct GNUNET_TUN_TcpHeader), | ||
1908 | GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START); | ||
1909 | tsm->reserved = htonl(0); | ||
1910 | tsm->tcp_header = *tcp; | ||
1911 | GNUNET_memcpy(&tsm[1], | ||
1912 | &tcp[1], | ||
1913 | payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); | ||
1914 | } | ||
1915 | else | ||
1916 | { | ||
1917 | struct GNUNET_EXIT_TcpInternetStartMessage *tim; | ||
1918 | struct in_addr *ip4dst; | ||
1919 | struct in6_addr *ip6dst; | ||
1920 | void *payload; | ||
1921 | |||
1922 | mlen = sizeof(struct GNUNET_EXIT_TcpInternetStartMessage) + alen + | ||
1923 | payload_length - sizeof(struct GNUNET_TUN_TcpHeader); | ||
1924 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
1925 | { | ||
1926 | GNUNET_break(0); | ||
1927 | return; | ||
1928 | } | ||
1929 | env = | ||
1930 | GNUNET_MQ_msg_extra(tim, | ||
1931 | payload_length + alen - | ||
1932 | sizeof(struct GNUNET_TUN_TcpHeader), | ||
1933 | GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START); | ||
1934 | tim->af = htonl(destination->details.exit_destination.af); | ||
1935 | tim->tcp_header = *tcp; | ||
1936 | switch (destination->details.exit_destination.af) | ||
1937 | { | ||
1938 | case AF_INET: | ||
1939 | ip4dst = (struct in_addr *)&tim[1]; | ||
1940 | *ip4dst = destination->details.exit_destination.ip.v4; | ||
1941 | payload = &ip4dst[1]; | ||
1942 | break; | ||
1943 | |||
1944 | case AF_INET6: | ||
1945 | ip6dst = (struct in6_addr *)&tim[1]; | ||
1946 | *ip6dst = destination->details.exit_destination.ip.v6; | ||
1947 | payload = &ip6dst[1]; | ||
1948 | break; | ||
1949 | |||
1950 | default: | ||
1951 | GNUNET_assert(0); | ||
1952 | } | ||
1953 | GNUNET_memcpy(payload, | ||
1954 | &tcp[1], | ||
1955 | payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); | ||
1956 | } | ||
1957 | } | ||
1958 | else | ||
1959 | { | ||
1960 | struct GNUNET_EXIT_TcpDataMessage *tdm; | ||
2025 | 1961 | ||
2026 | env = GNUNET_MQ_msg_extra (ism, | 1962 | mlen = sizeof(struct GNUNET_EXIT_TcpDataMessage) + payload_length - |
2027 | payload_length - | 1963 | sizeof(struct GNUNET_TUN_TcpHeader); |
2028 | sizeof (struct GNUNET_TUN_IcmpHeader), | 1964 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) |
2029 | GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE); | 1965 | { |
2030 | ism->af = htonl (af); /* need to tell destination ICMP protocol family! */ | 1966 | GNUNET_break(0); |
2031 | ism->icmp_header = *icmp; | 1967 | return; |
2032 | GNUNET_memcpy (&ism[1], | 1968 | } |
2033 | &icmp[1], | 1969 | env = GNUNET_MQ_msg_extra(tdm, |
2034 | payload_length - sizeof (struct GNUNET_TUN_IcmpHeader)); | 1970 | payload_length - |
2035 | } | 1971 | sizeof(struct GNUNET_TUN_TcpHeader), |
2036 | else | 1972 | GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT); |
2037 | { | 1973 | tdm->reserved = htonl(0); |
2038 | struct GNUNET_EXIT_IcmpInternetMessage *iim; | 1974 | tdm->tcp_header = *tcp; |
2039 | struct in_addr *ip4dst; | 1975 | GNUNET_memcpy(&tdm[1], |
2040 | struct in6_addr *ip6dst; | 1976 | &tcp[1], |
2041 | void *payload; | 1977 | payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); |
2042 | uint8_t new_type; | 1978 | } |
2043 | 1979 | break; | |
2044 | new_type = icmp->type; | 1980 | |
2045 | /* Perform ICMP protocol-translation (depending on destination AF and source AF) | 1981 | case IPPROTO_ICMP: |
2046 | and throw away ICMP payload depending on ICMP message type */ | 1982 | case IPPROTO_ICMPV6: |
2047 | switch (af) | 1983 | if (destination->is_service) |
2048 | { | ||
2049 | case AF_INET: | ||
2050 | switch (icmp->type) | ||
2051 | { | 1984 | { |
2052 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: | 1985 | struct GNUNET_EXIT_IcmpServiceMessage *ism; |
2053 | if (destination->details.exit_destination.af == AF_INET6) | 1986 | |
2054 | new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; | 1987 | /* ICMP protocol translation will be done by the receiver (as we don't know |
2055 | break; | 1988 | the target AF); however, we still need to possibly discard the payload |
2056 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: | 1989 | depending on the ICMP type */ |
2057 | if (destination->details.exit_destination.af == AF_INET6) | 1990 | switch (af) |
2058 | new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; | 1991 | { |
2059 | break; | 1992 | case AF_INET: |
2060 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: | 1993 | switch (icmp->type) |
2061 | if (destination->details.exit_destination.af == AF_INET6) | 1994 | { |
2062 | new_type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; | 1995 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: |
2063 | /* throw away IP-payload, exit will have to make it up anyway */ | 1996 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: |
2064 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 1997 | break; |
2065 | break; | 1998 | |
2066 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: | 1999 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: |
2067 | if (destination->details.exit_destination.af == AF_INET6) | 2000 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: |
2068 | new_type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; | 2001 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: |
2069 | /* throw away IP-payload, exit will have to make it up anyway */ | 2002 | /* throw away ICMP payload, won't be useful for the other side anyway */ |
2070 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 2003 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); |
2071 | break; | 2004 | break; |
2072 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: | 2005 | |
2073 | if (destination->details.exit_destination.af == AF_INET6) | 2006 | default: |
2074 | { | 2007 | GNUNET_STATISTICS_update(stats, |
2075 | GNUNET_STATISTICS_update ( | 2008 | gettext_noop( |
2076 | stats, | 2009 | "# ICMPv4 packets dropped (not allowed)"), |
2077 | gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"), | 2010 | 1, |
2078 | 1, | 2011 | GNUNET_NO); |
2079 | GNUNET_NO); | 2012 | return; |
2080 | return; | 2013 | } |
2081 | } | 2014 | /* end of AF_INET */ |
2082 | /* throw away IP-payload, exit will have to make it up anyway */ | 2015 | break; |
2083 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 2016 | |
2084 | break; | 2017 | case AF_INET6: |
2085 | default: | 2018 | switch (icmp->type) |
2086 | GNUNET_STATISTICS_update ( | 2019 | { |
2087 | stats, | 2020 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: |
2088 | gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), | 2021 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: |
2089 | 1, | 2022 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: |
2090 | GNUNET_NO); | 2023 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: |
2091 | return; | 2024 | /* throw away ICMP payload, won't be useful for the other side anyway */ |
2025 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2026 | break; | ||
2027 | |||
2028 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | ||
2029 | case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: | ||
2030 | break; | ||
2031 | |||
2032 | default: | ||
2033 | GNUNET_STATISTICS_update(stats, | ||
2034 | gettext_noop( | ||
2035 | "# ICMPv6 packets dropped (not allowed)"), | ||
2036 | 1, | ||
2037 | GNUNET_NO); | ||
2038 | return; | ||
2039 | } | ||
2040 | /* end of AF_INET6 */ | ||
2041 | break; | ||
2042 | |||
2043 | default: | ||
2044 | GNUNET_assert(0); | ||
2045 | break; | ||
2046 | } | ||
2047 | |||
2048 | /* update length calculations, as payload_length may have changed */ | ||
2049 | mlen = sizeof(struct GNUNET_EXIT_IcmpServiceMessage) + alen + | ||
2050 | payload_length - sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2051 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
2052 | { | ||
2053 | GNUNET_break(0); | ||
2054 | return; | ||
2055 | } | ||
2056 | |||
2057 | env = GNUNET_MQ_msg_extra(ism, | ||
2058 | payload_length - | ||
2059 | sizeof(struct GNUNET_TUN_IcmpHeader), | ||
2060 | GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE); | ||
2061 | ism->af = htonl(af); /* need to tell destination ICMP protocol family! */ | ||
2062 | ism->icmp_header = *icmp; | ||
2063 | GNUNET_memcpy(&ism[1], | ||
2064 | &icmp[1], | ||
2065 | payload_length - sizeof(struct GNUNET_TUN_IcmpHeader)); | ||
2092 | } | 2066 | } |
2093 | /* end of AF_INET */ | 2067 | else |
2094 | break; | ||
2095 | case AF_INET6: | ||
2096 | switch (icmp->type) | ||
2097 | { | 2068 | { |
2098 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | 2069 | struct GNUNET_EXIT_IcmpInternetMessage *iim; |
2099 | if (destination->details.exit_destination.af == AF_INET) | 2070 | struct in_addr *ip4dst; |
2100 | new_type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; | 2071 | struct in6_addr *ip6dst; |
2101 | /* throw away IP-payload, exit will have to make it up anyway */ | 2072 | void *payload; |
2102 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 2073 | uint8_t new_type; |
2103 | break; | 2074 | |
2104 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | 2075 | new_type = icmp->type; |
2105 | if (destination->details.exit_destination.af == AF_INET) | 2076 | /* Perform ICMP protocol-translation (depending on destination AF and source AF) |
2106 | new_type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; | 2077 | and throw away ICMP payload depending on ICMP message type */ |
2107 | /* throw away IP-payload, exit will have to make it up anyway */ | 2078 | switch (af) |
2108 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 2079 | { |
2109 | break; | 2080 | case AF_INET: |
2110 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | 2081 | switch (icmp->type) |
2111 | if (destination->details.exit_destination.af == AF_INET) | 2082 | { |
2112 | { | 2083 | case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: |
2113 | GNUNET_STATISTICS_update ( | 2084 | if (destination->details.exit_destination.af == AF_INET6) |
2114 | stats, | 2085 | new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; |
2115 | gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), | 2086 | break; |
2116 | 1, | 2087 | |
2117 | GNUNET_NO); | 2088 | case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: |
2118 | return; | 2089 | if (destination->details.exit_destination.af == AF_INET6) |
2119 | } | 2090 | new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; |
2120 | /* throw away IP-payload, exit will have to make it up anyway */ | 2091 | break; |
2121 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 2092 | |
2122 | break; | 2093 | case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: |
2123 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: | 2094 | if (destination->details.exit_destination.af == AF_INET6) |
2124 | if (destination->details.exit_destination.af == AF_INET) | 2095 | new_type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; |
2125 | { | 2096 | /* throw away IP-payload, exit will have to make it up anyway */ |
2126 | GNUNET_STATISTICS_update ( | 2097 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); |
2127 | stats, | 2098 | break; |
2128 | gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), | 2099 | |
2129 | 1, | 2100 | case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: |
2130 | GNUNET_NO); | 2101 | if (destination->details.exit_destination.af == AF_INET6) |
2131 | return; | 2102 | new_type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; |
2132 | } | 2103 | /* throw away IP-payload, exit will have to make it up anyway */ |
2133 | /* throw away IP-payload, exit will have to make it up anyway */ | 2104 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); |
2134 | payload_length = sizeof (struct GNUNET_TUN_IcmpHeader); | 2105 | break; |
2135 | break; | 2106 | |
2136 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | 2107 | case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: |
2137 | if (destination->details.exit_destination.af == AF_INET) | 2108 | if (destination->details.exit_destination.af == AF_INET6) |
2138 | new_type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; | 2109 | { |
2139 | break; | 2110 | GNUNET_STATISTICS_update( |
2140 | case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: | 2111 | stats, |
2141 | if (destination->details.exit_destination.af == AF_INET) | 2112 | gettext_noop("# ICMPv4 packets dropped (impossible PT to v6)"), |
2142 | new_type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; | 2113 | 1, |
2143 | break; | 2114 | GNUNET_NO); |
2144 | default: | 2115 | return; |
2145 | GNUNET_STATISTICS_update ( | 2116 | } |
2146 | stats, | 2117 | /* throw away IP-payload, exit will have to make it up anyway */ |
2147 | gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), | 2118 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); |
2148 | 1, | 2119 | break; |
2149 | GNUNET_NO); | 2120 | |
2150 | return; | 2121 | default: |
2122 | GNUNET_STATISTICS_update( | ||
2123 | stats, | ||
2124 | gettext_noop("# ICMPv4 packets dropped (type not allowed)"), | ||
2125 | 1, | ||
2126 | GNUNET_NO); | ||
2127 | return; | ||
2128 | } | ||
2129 | /* end of AF_INET */ | ||
2130 | break; | ||
2131 | |||
2132 | case AF_INET6: | ||
2133 | switch (icmp->type) | ||
2134 | { | ||
2135 | case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: | ||
2136 | if (destination->details.exit_destination.af == AF_INET) | ||
2137 | new_type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; | ||
2138 | /* throw away IP-payload, exit will have to make it up anyway */ | ||
2139 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2140 | break; | ||
2141 | |||
2142 | case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: | ||
2143 | if (destination->details.exit_destination.af == AF_INET) | ||
2144 | new_type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; | ||
2145 | /* throw away IP-payload, exit will have to make it up anyway */ | ||
2146 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2147 | break; | ||
2148 | |||
2149 | case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: | ||
2150 | if (destination->details.exit_destination.af == AF_INET) | ||
2151 | { | ||
2152 | GNUNET_STATISTICS_update( | ||
2153 | stats, | ||
2154 | gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), | ||
2155 | 1, | ||
2156 | GNUNET_NO); | ||
2157 | return; | ||
2158 | } | ||
2159 | /* throw away IP-payload, exit will have to make it up anyway */ | ||
2160 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2161 | break; | ||
2162 | |||
2163 | case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: | ||
2164 | if (destination->details.exit_destination.af == AF_INET) | ||
2165 | { | ||
2166 | GNUNET_STATISTICS_update( | ||
2167 | stats, | ||
2168 | gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), | ||
2169 | 1, | ||
2170 | GNUNET_NO); | ||
2171 | return; | ||
2172 | } | ||
2173 | /* throw away IP-payload, exit will have to make it up anyway */ | ||
2174 | payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2175 | break; | ||
2176 | |||
2177 | case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: | ||
2178 | if (destination->details.exit_destination.af == AF_INET) | ||
2179 | new_type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; | ||
2180 | break; | ||
2181 | |||
2182 | case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: | ||
2183 | if (destination->details.exit_destination.af == AF_INET) | ||
2184 | new_type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; | ||
2185 | break; | ||
2186 | |||
2187 | default: | ||
2188 | GNUNET_STATISTICS_update( | ||
2189 | stats, | ||
2190 | gettext_noop("# ICMPv6 packets dropped (type not allowed)"), | ||
2191 | 1, | ||
2192 | GNUNET_NO); | ||
2193 | return; | ||
2194 | } | ||
2195 | /* end of AF_INET6 */ | ||
2196 | break; | ||
2197 | |||
2198 | default: | ||
2199 | GNUNET_assert(0); | ||
2200 | } | ||
2201 | |||
2202 | /* update length calculations, as payload_length may have changed */ | ||
2203 | mlen = sizeof(struct GNUNET_EXIT_IcmpInternetMessage) + alen + | ||
2204 | payload_length - sizeof(struct GNUNET_TUN_IcmpHeader); | ||
2205 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | ||
2206 | { | ||
2207 | GNUNET_break(0); | ||
2208 | return; | ||
2209 | } | ||
2210 | env = GNUNET_MQ_msg_extra(iim, | ||
2211 | alen + payload_length - | ||
2212 | sizeof(struct GNUNET_TUN_IcmpHeader), | ||
2213 | GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET); | ||
2214 | iim->icmp_header = *icmp; | ||
2215 | iim->icmp_header.type = new_type; | ||
2216 | iim->af = htonl(destination->details.exit_destination.af); | ||
2217 | switch (destination->details.exit_destination.af) | ||
2218 | { | ||
2219 | case AF_INET: | ||
2220 | ip4dst = (struct in_addr *)&iim[1]; | ||
2221 | *ip4dst = destination->details.exit_destination.ip.v4; | ||
2222 | payload = &ip4dst[1]; | ||
2223 | break; | ||
2224 | |||
2225 | case AF_INET6: | ||
2226 | ip6dst = (struct in6_addr *)&iim[1]; | ||
2227 | *ip6dst = destination->details.exit_destination.ip.v6; | ||
2228 | payload = &ip6dst[1]; | ||
2229 | break; | ||
2230 | |||
2231 | default: | ||
2232 | GNUNET_assert(0); | ||
2233 | } | ||
2234 | GNUNET_memcpy(payload, | ||
2235 | &icmp[1], | ||
2236 | payload_length - sizeof(struct GNUNET_TUN_IcmpHeader)); | ||
2151 | } | 2237 | } |
2152 | /* end of AF_INET6 */ | 2238 | break; |
2153 | break; | ||
2154 | default: | ||
2155 | GNUNET_assert (0); | ||
2156 | } | ||
2157 | 2239 | ||
2158 | /* update length calculations, as payload_length may have changed */ | 2240 | default: |
2159 | mlen = sizeof (struct GNUNET_EXIT_IcmpInternetMessage) + alen + | 2241 | /* not supported above, how can we get here !? */ |
2160 | payload_length - sizeof (struct GNUNET_TUN_IcmpHeader); | 2242 | GNUNET_assert(0); |
2161 | if (mlen >= GNUNET_MAX_MESSAGE_SIZE) | 2243 | break; |
2162 | { | ||
2163 | GNUNET_break (0); | ||
2164 | return; | ||
2165 | } | ||
2166 | env = GNUNET_MQ_msg_extra (iim, | ||
2167 | alen + payload_length - | ||
2168 | sizeof (struct GNUNET_TUN_IcmpHeader), | ||
2169 | GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET); | ||
2170 | iim->icmp_header = *icmp; | ||
2171 | iim->icmp_header.type = new_type; | ||
2172 | iim->af = htonl (destination->details.exit_destination.af); | ||
2173 | switch (destination->details.exit_destination.af) | ||
2174 | { | ||
2175 | case AF_INET: | ||
2176 | ip4dst = (struct in_addr *) &iim[1]; | ||
2177 | *ip4dst = destination->details.exit_destination.ip.v4; | ||
2178 | payload = &ip4dst[1]; | ||
2179 | break; | ||
2180 | case AF_INET6: | ||
2181 | ip6dst = (struct in6_addr *) &iim[1]; | ||
2182 | *ip6dst = destination->details.exit_destination.ip.v6; | ||
2183 | payload = &ip6dst[1]; | ||
2184 | break; | ||
2185 | default: | ||
2186 | GNUNET_assert (0); | ||
2187 | } | ||
2188 | GNUNET_memcpy (payload, | ||
2189 | &icmp[1], | ||
2190 | payload_length - sizeof (struct GNUNET_TUN_IcmpHeader)); | ||
2191 | } | 2244 | } |
2192 | break; | ||
2193 | default: | ||
2194 | /* not supported above, how can we get here !? */ | ||
2195 | GNUNET_assert (0); | ||
2196 | break; | ||
2197 | } | ||
2198 | ts->is_established = GNUNET_YES; | 2245 | ts->is_established = GNUNET_YES; |
2199 | send_to_channel (ts, env); | 2246 | send_to_channel(ts, env); |
2200 | } | 2247 | } |
2201 | 2248 | ||
2202 | 2249 | ||
@@ -2213,106 +2260,108 @@ route_packet (struct DestinationEntry *destination, | |||
2213 | * #GNUNET_SYSERR to stop further processing with error | 2260 | * #GNUNET_SYSERR to stop further processing with error |
2214 | */ | 2261 | */ |
2215 | static int | 2262 | static int |
2216 | message_token (void *cls, const struct GNUNET_MessageHeader *message) | 2263 | message_token(void *cls, const struct GNUNET_MessageHeader *message) |
2217 | { | 2264 | { |
2218 | const struct GNUNET_TUN_Layer2PacketHeader *tun; | 2265 | const struct GNUNET_TUN_Layer2PacketHeader *tun; |
2219 | size_t mlen; | 2266 | size_t mlen; |
2220 | struct GNUNET_HashCode key; | 2267 | struct GNUNET_HashCode key; |
2221 | struct DestinationEntry *de; | 2268 | struct DestinationEntry *de; |
2222 | 2269 | ||
2223 | GNUNET_STATISTICS_update (stats, | 2270 | GNUNET_STATISTICS_update(stats, |
2224 | gettext_noop ( | 2271 | gettext_noop( |
2225 | "# Packets received from TUN interface"), | 2272 | "# Packets received from TUN interface"), |
2226 | 1, | 2273 | 1, |
2227 | GNUNET_NO); | 2274 | GNUNET_NO); |
2228 | mlen = ntohs (message->size); | 2275 | mlen = ntohs(message->size); |
2229 | if ((ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) || | 2276 | if ((ntohs(message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) || |
2230 | (mlen < sizeof (struct GNUNET_MessageHeader) + | 2277 | (mlen < sizeof(struct GNUNET_MessageHeader) + |
2231 | sizeof (struct GNUNET_TUN_Layer2PacketHeader))) | 2278 | sizeof(struct GNUNET_TUN_Layer2PacketHeader))) |
2232 | { | ||
2233 | GNUNET_break (0); | ||
2234 | return GNUNET_OK; | ||
2235 | } | ||
2236 | tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1]; | ||
2237 | mlen -= (sizeof (struct GNUNET_MessageHeader) + | ||
2238 | sizeof (struct GNUNET_TUN_Layer2PacketHeader)); | ||
2239 | switch (ntohs (tun->proto)) | ||
2240 | { | ||
2241 | case ETH_P_IPV6: { | ||
2242 | const struct GNUNET_TUN_IPv6Header *pkt6; | ||
2243 | |||
2244 | if (mlen < sizeof (struct GNUNET_TUN_IPv6Header)) | ||
2245 | { | 2279 | { |
2246 | /* blame kernel */ | 2280 | GNUNET_break(0); |
2247 | GNUNET_break (0); | ||
2248 | return GNUNET_OK; | 2281 | return GNUNET_OK; |
2249 | } | 2282 | } |
2250 | pkt6 = (const struct GNUNET_TUN_IPv6Header *) &tun[1]; | 2283 | tun = (const struct GNUNET_TUN_Layer2PacketHeader *)&message[1]; |
2251 | get_destination_key_from_ip (AF_INET6, &pkt6->destination_address, &key); | 2284 | mlen -= (sizeof(struct GNUNET_MessageHeader) + |
2252 | de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key); | 2285 | sizeof(struct GNUNET_TUN_Layer2PacketHeader)); |
2253 | if (NULL == de) | 2286 | switch (ntohs(tun->proto)) |
2254 | { | 2287 | { |
2255 | char buf[INET6_ADDRSTRLEN]; | 2288 | case ETH_P_IPV6: { |
2289 | const struct GNUNET_TUN_IPv6Header *pkt6; | ||
2256 | 2290 | ||
2257 | GNUNET_log ( | 2291 | if (mlen < sizeof(struct GNUNET_TUN_IPv6Header)) |
2258 | GNUNET_ERROR_TYPE_INFO, | 2292 | { |
2259 | _ ("Packet received for unmapped destination `%s' (dropping it)\n"), | 2293 | /* blame kernel */ |
2260 | inet_ntop (AF_INET6, &pkt6->destination_address, buf, sizeof (buf))); | 2294 | GNUNET_break(0); |
2261 | return GNUNET_OK; | 2295 | return GNUNET_OK; |
2296 | } | ||
2297 | pkt6 = (const struct GNUNET_TUN_IPv6Header *)&tun[1]; | ||
2298 | get_destination_key_from_ip(AF_INET6, &pkt6->destination_address, &key); | ||
2299 | de = GNUNET_CONTAINER_multihashmap_get(destination_map, &key); | ||
2300 | if (NULL == de) | ||
2301 | { | ||
2302 | char buf[INET6_ADDRSTRLEN]; | ||
2303 | |||
2304 | GNUNET_log( | ||
2305 | GNUNET_ERROR_TYPE_INFO, | ||
2306 | _("Packet received for unmapped destination `%s' (dropping it)\n"), | ||
2307 | inet_ntop(AF_INET6, &pkt6->destination_address, buf, sizeof(buf))); | ||
2308 | return GNUNET_OK; | ||
2309 | } | ||
2310 | route_packet(de, | ||
2311 | AF_INET6, | ||
2312 | pkt6->next_header, | ||
2313 | &pkt6->source_address, | ||
2314 | &pkt6->destination_address, | ||
2315 | &pkt6[1], | ||
2316 | mlen - sizeof(struct GNUNET_TUN_IPv6Header)); | ||
2262 | } | 2317 | } |
2263 | route_packet (de, | 2318 | break; |
2264 | AF_INET6, | ||
2265 | pkt6->next_header, | ||
2266 | &pkt6->source_address, | ||
2267 | &pkt6->destination_address, | ||
2268 | &pkt6[1], | ||
2269 | mlen - sizeof (struct GNUNET_TUN_IPv6Header)); | ||
2270 | } | ||
2271 | break; | ||
2272 | case ETH_P_IPV4: { | ||
2273 | struct GNUNET_TUN_IPv4Header *pkt4; | ||
2274 | 2319 | ||
2275 | if (mlen < sizeof (struct GNUNET_TUN_IPv4Header)) | 2320 | case ETH_P_IPV4: { |
2276 | { | 2321 | struct GNUNET_TUN_IPv4Header *pkt4; |
2277 | /* blame kernel */ | 2322 | |
2278 | GNUNET_break (0); | 2323 | if (mlen < sizeof(struct GNUNET_TUN_IPv4Header)) |
2279 | return GNUNET_OK; | 2324 | { |
2325 | /* blame kernel */ | ||
2326 | GNUNET_break(0); | ||
2327 | return GNUNET_OK; | ||
2328 | } | ||
2329 | pkt4 = (struct GNUNET_TUN_IPv4Header *)&tun[1]; | ||
2330 | get_destination_key_from_ip(AF_INET, &pkt4->destination_address, &key); | ||
2331 | de = GNUNET_CONTAINER_multihashmap_get(destination_map, &key); | ||
2332 | if (NULL == de) | ||
2333 | { | ||
2334 | char buf[INET_ADDRSTRLEN]; | ||
2335 | |||
2336 | GNUNET_log( | ||
2337 | GNUNET_ERROR_TYPE_INFO, | ||
2338 | _("Packet received for unmapped destination `%s' (dropping it)\n"), | ||
2339 | inet_ntop(AF_INET, &pkt4->destination_address, buf, sizeof(buf))); | ||
2340 | return GNUNET_OK; | ||
2341 | } | ||
2342 | if (pkt4->header_length * 4 != sizeof(struct GNUNET_TUN_IPv4Header)) | ||
2343 | { | ||
2344 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, | ||
2345 | _("Received IPv4 packet with options (dropping it)\n")); | ||
2346 | return GNUNET_OK; | ||
2347 | } | ||
2348 | route_packet(de, | ||
2349 | AF_INET, | ||
2350 | pkt4->protocol, | ||
2351 | &pkt4->source_address, | ||
2352 | &pkt4->destination_address, | ||
2353 | &pkt4[1], | ||
2354 | mlen - sizeof(struct GNUNET_TUN_IPv4Header)); | ||
2280 | } | 2355 | } |
2281 | pkt4 = (struct GNUNET_TUN_IPv4Header *) &tun[1]; | 2356 | break; |
2282 | get_destination_key_from_ip (AF_INET, &pkt4->destination_address, &key); | ||
2283 | de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key); | ||
2284 | if (NULL == de) | ||
2285 | { | ||
2286 | char buf[INET_ADDRSTRLEN]; | ||
2287 | 2357 | ||
2288 | GNUNET_log ( | 2358 | default: |
2359 | GNUNET_log( | ||
2289 | GNUNET_ERROR_TYPE_INFO, | 2360 | GNUNET_ERROR_TYPE_INFO, |
2290 | _ ("Packet received for unmapped destination `%s' (dropping it)\n"), | 2361 | _("Received packet of unknown protocol %d from TUN (dropping it)\n"), |
2291 | inet_ntop (AF_INET, &pkt4->destination_address, buf, sizeof (buf))); | 2362 | (unsigned int)ntohs(tun->proto)); |
2292 | return GNUNET_OK; | 2363 | break; |
2293 | } | ||
2294 | if (pkt4->header_length * 4 != sizeof (struct GNUNET_TUN_IPv4Header)) | ||
2295 | { | ||
2296 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
2297 | _ ("Received IPv4 packet with options (dropping it)\n")); | ||
2298 | return GNUNET_OK; | ||
2299 | } | 2364 | } |
2300 | route_packet (de, | ||
2301 | AF_INET, | ||
2302 | pkt4->protocol, | ||
2303 | &pkt4->source_address, | ||
2304 | &pkt4->destination_address, | ||
2305 | &pkt4[1], | ||
2306 | mlen - sizeof (struct GNUNET_TUN_IPv4Header)); | ||
2307 | } | ||
2308 | break; | ||
2309 | default: | ||
2310 | GNUNET_log ( | ||
2311 | GNUNET_ERROR_TYPE_INFO, | ||
2312 | _ ("Received packet of unknown protocol %d from TUN (dropping it)\n"), | ||
2313 | (unsigned int) ntohs (tun->proto)); | ||
2314 | break; | ||
2315 | } | ||
2316 | return GNUNET_OK; | 2365 | return GNUNET_OK; |
2317 | } | 2366 | } |
2318 | 2367 | ||
@@ -2326,7 +2375,7 @@ message_token (void *cls, const struct GNUNET_MessageHeader *message) | |||
2326 | * #GNUNET_SYSERR on error | 2375 | * #GNUNET_SYSERR on error |
2327 | */ | 2376 | */ |
2328 | static int | 2377 | static int |
2329 | allocate_v4_address (struct in_addr *v4) | 2378 | allocate_v4_address(struct in_addr *v4) |
2330 | { | 2379 | { |
2331 | const char *ipv4addr = vpn_argv[4]; | 2380 | const char *ipv4addr = vpn_argv[4]; |
2332 | const char *ipv4mask = vpn_argv[5]; | 2381 | const char *ipv4mask = vpn_argv[5]; |
@@ -2336,30 +2385,31 @@ allocate_v4_address (struct in_addr *v4) | |||
2336 | struct GNUNET_HashCode key; | 2385 | struct GNUNET_HashCode key; |
2337 | unsigned int tries; | 2386 | unsigned int tries; |
2338 | 2387 | ||
2339 | GNUNET_assert (1 == inet_pton (AF_INET, ipv4addr, &addr)); | 2388 | GNUNET_assert(1 == inet_pton(AF_INET, ipv4addr, &addr)); |
2340 | GNUNET_assert (1 == inet_pton (AF_INET, ipv4mask, &mask)); | 2389 | GNUNET_assert(1 == inet_pton(AF_INET, ipv4mask, &mask)); |
2341 | /* Given 192.168.0.1/255.255.0.0, we want a mask | 2390 | /* Given 192.168.0.1/255.255.0.0, we want a mask |
2342 | of '192.168.255.255', thus: */ | 2391 | of '192.168.255.255', thus: */ |
2343 | mask.s_addr = addr.s_addr | ~mask.s_addr; | 2392 | mask.s_addr = addr.s_addr | ~mask.s_addr; |
2344 | tries = 0; | 2393 | tries = 0; |
2345 | do | 2394 | do |
2346 | { | ||
2347 | tries++; | ||
2348 | if (tries > 16) | ||
2349 | { | 2395 | { |
2350 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 2396 | tries++; |
2351 | _ ( | 2397 | if (tries > 16) |
2352 | "Failed to find unallocated IPv4 address in VPN's range\n")); | 2398 | { |
2353 | return GNUNET_SYSERR; | 2399 | GNUNET_log(GNUNET_ERROR_TYPE_WARNING, |
2400 | _( | ||
2401 | "Failed to find unallocated IPv4 address in VPN's range\n")); | ||
2402 | return GNUNET_SYSERR; | ||
2403 | } | ||
2404 | /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */ | ||
2405 | rnd.s_addr = | ||
2406 | GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX); | ||
2407 | v4->s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr; | ||
2408 | get_destination_key_from_ip(AF_INET, v4, &key); | ||
2354 | } | 2409 | } |
2355 | /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */ | 2410 | while ((GNUNET_YES == |
2356 | rnd.s_addr = | 2411 | GNUNET_CONTAINER_multihashmap_contains(destination_map, &key)) || |
2357 | GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX); | 2412 | (v4->s_addr == addr.s_addr) || (v4->s_addr == mask.s_addr)); |
2358 | v4->s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr; | ||
2359 | get_destination_key_from_ip (AF_INET, v4, &key); | ||
2360 | } while ((GNUNET_YES == | ||
2361 | GNUNET_CONTAINER_multihashmap_contains (destination_map, &key)) || | ||
2362 | (v4->s_addr == addr.s_addr) || (v4->s_addr == mask.s_addr)); | ||
2363 | return GNUNET_OK; | 2413 | return GNUNET_OK; |
2364 | } | 2414 | } |
2365 | 2415 | ||
@@ -2373,7 +2423,7 @@ allocate_v4_address (struct in_addr *v4) | |||
2373 | * #GNUNET_SYSERR on error | 2423 | * #GNUNET_SYSERR on error |
2374 | */ | 2424 | */ |
2375 | static int | 2425 | static int |
2376 | allocate_v6_address (struct in6_addr *v6) | 2426 | allocate_v6_address(struct in6_addr *v6) |
2377 | { | 2427 | { |
2378 | const char *ipv6addr = vpn_argv[2]; | 2428 | const char *ipv6addr = vpn_argv[2]; |
2379 | struct in6_addr addr; | 2429 | struct in6_addr addr; |
@@ -2383,8 +2433,8 @@ allocate_v6_address (struct in6_addr *v6) | |||
2383 | struct GNUNET_HashCode key; | 2433 | struct GNUNET_HashCode key; |
2384 | unsigned int tries; | 2434 | unsigned int tries; |
2385 | 2435 | ||
2386 | GNUNET_assert (1 == inet_pton (AF_INET6, ipv6addr, &addr)); | 2436 | GNUNET_assert(1 == inet_pton(AF_INET6, ipv6addr, &addr)); |
2387 | GNUNET_assert (ipv6prefix < 128); | 2437 | GNUNET_assert(ipv6prefix < 128); |
2388 | /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF, | 2438 | /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF, |
2389 | thus: */ | 2439 | thus: */ |
2390 | mask = addr; | 2440 | mask = addr; |
@@ -2394,27 +2444,28 @@ allocate_v6_address (struct in6_addr *v6) | |||
2394 | /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */ | 2444 | /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */ |
2395 | tries = 0; | 2445 | tries = 0; |
2396 | do | 2446 | do |
2397 | { | ||
2398 | tries++; | ||
2399 | if (tries > 16) | ||
2400 | { | 2447 | { |
2401 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 2448 | tries++; |
2402 | _ ( | 2449 | if (tries > 16) |
2403 | "Failed to find unallocated IPv6 address in VPN's range\n")); | 2450 | { |
2404 | return GNUNET_SYSERR; | 2451 | GNUNET_log(GNUNET_ERROR_TYPE_WARNING, |
2452 | _( | ||
2453 | "Failed to find unallocated IPv6 address in VPN's range\n")); | ||
2454 | return GNUNET_SYSERR; | ||
2455 | } | ||
2456 | for (i = 0; i < 16; i++) | ||
2457 | { | ||
2458 | rnd.s6_addr[i] = | ||
2459 | (unsigned char)GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, | ||
2460 | 256); | ||
2461 | v6->s6_addr[i] = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i]; | ||
2462 | } | ||
2463 | get_destination_key_from_ip(AF_INET6, v6, &key); | ||
2405 | } | 2464 | } |
2406 | for (i = 0; i < 16; i++) | 2465 | while ((GNUNET_YES == |
2407 | { | 2466 | GNUNET_CONTAINER_multihashmap_contains(destination_map, &key)) || |
2408 | rnd.s6_addr[i] = | 2467 | (0 == GNUNET_memcmp(v6, &addr)) || |
2409 | (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, | 2468 | (0 == GNUNET_memcmp(v6, &mask))); |
2410 | 256); | ||
2411 | v6->s6_addr[i] = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i]; | ||
2412 | } | ||
2413 | get_destination_key_from_ip (AF_INET6, v6, &key); | ||
2414 | } while ((GNUNET_YES == | ||
2415 | GNUNET_CONTAINER_multihashmap_contains (destination_map, &key)) || | ||
2416 | (0 == GNUNET_memcmp (v6, &addr)) || | ||
2417 | (0 == GNUNET_memcmp (v6, &mask))); | ||
2418 | return GNUNET_OK; | 2469 | return GNUNET_OK; |
2419 | } | 2470 | } |
2420 | 2471 | ||
@@ -2425,31 +2476,31 @@ allocate_v6_address (struct in6_addr *v6) | |||
2425 | * @param de entry to free | 2476 | * @param de entry to free |
2426 | */ | 2477 | */ |
2427 | static void | 2478 | static void |
2428 | free_destination_entry (struct DestinationEntry *de) | 2479 | free_destination_entry(struct DestinationEntry *de) |
2429 | { | 2480 | { |
2430 | struct DestinationChannel *dt; | 2481 | struct DestinationChannel *dt; |
2431 | 2482 | ||
2432 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2483 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
2433 | "Cleaning up destination entry `%s'\n", | 2484 | "Cleaning up destination entry `%s'\n", |
2434 | print_channel_destination (de)); | 2485 | print_channel_destination(de)); |
2435 | GNUNET_STATISTICS_update (stats, | 2486 | GNUNET_STATISTICS_update(stats, |
2436 | gettext_noop ("# Active destinations"), | 2487 | gettext_noop("# Active destinations"), |
2437 | -1, | 2488 | -1, |
2438 | GNUNET_NO); | 2489 | GNUNET_NO); |
2439 | while (NULL != (dt = de->dt_head)) | 2490 | while (NULL != (dt = de->dt_head)) |
2440 | { | 2491 | { |
2441 | GNUNET_CONTAINER_DLL_remove (de->dt_head, de->dt_tail, dt); | 2492 | GNUNET_CONTAINER_DLL_remove(de->dt_head, de->dt_tail, dt); |
2442 | GNUNET_free (dt); | 2493 | GNUNET_free(dt); |
2443 | } | 2494 | } |
2444 | if (NULL != de->heap_node) | 2495 | if (NULL != de->heap_node) |
2445 | { | 2496 | { |
2446 | GNUNET_CONTAINER_heap_remove_node (de->heap_node); | 2497 | GNUNET_CONTAINER_heap_remove_node(de->heap_node); |
2447 | de->heap_node = NULL; | 2498 | de->heap_node = NULL; |
2448 | GNUNET_assert ( | 2499 | GNUNET_assert( |
2449 | GNUNET_YES == | 2500 | GNUNET_YES == |
2450 | GNUNET_CONTAINER_multihashmap_remove (destination_map, &de->key, de)); | 2501 | GNUNET_CONTAINER_multihashmap_remove(destination_map, &de->key, de)); |
2451 | } | 2502 | } |
2452 | GNUNET_free (de); | 2503 | GNUNET_free(de); |
2453 | } | 2504 | } |
2454 | 2505 | ||
2455 | 2506 | ||
@@ -2459,15 +2510,15 @@ free_destination_entry (struct DestinationEntry *de) | |||
2459 | * @param except destination that must NOT be cleaned up, even if it is the oldest | 2510 | * @param except destination that must NOT be cleaned up, even if it is the oldest |
2460 | */ | 2511 | */ |
2461 | static void | 2512 | static void |
2462 | expire_destination (struct DestinationEntry *except) | 2513 | expire_destination(struct DestinationEntry *except) |
2463 | { | 2514 | { |
2464 | struct DestinationEntry *de; | 2515 | struct DestinationEntry *de; |
2465 | 2516 | ||
2466 | de = GNUNET_CONTAINER_heap_peek (destination_heap); | 2517 | de = GNUNET_CONTAINER_heap_peek(destination_heap); |
2467 | GNUNET_assert (NULL != de); | 2518 | GNUNET_assert(NULL != de); |
2468 | if (except == de) | 2519 | if (except == de) |
2469 | return; /* can't do this */ | 2520 | return; /* can't do this */ |
2470 | free_destination_entry (de); | 2521 | free_destination_entry(de); |
2471 | } | 2522 | } |
2472 | 2523 | ||
2473 | 2524 | ||
@@ -2486,42 +2537,45 @@ expire_destination (struct DestinationEntry *except) | |||
2486 | * an unsupported address family (not AF_INET, AF_INET6 or AF_UNSPEC) | 2537 | * an unsupported address family (not AF_INET, AF_INET6 or AF_UNSPEC) |
2487 | */ | 2538 | */ |
2488 | static int | 2539 | static int |
2489 | allocate_response_ip (int *result_af, | 2540 | allocate_response_ip(int *result_af, |
2490 | void **addr, | 2541 | void **addr, |
2491 | struct in_addr *v4, | 2542 | struct in_addr *v4, |
2492 | struct in6_addr *v6) | 2543 | struct in6_addr *v6) |
2493 | { | 2544 | { |
2494 | *addr = NULL; | 2545 | *addr = NULL; |
2495 | switch (*result_af) | 2546 | switch (*result_af) |
2496 | { | ||
2497 | case AF_INET: | ||
2498 | if (GNUNET_OK != allocate_v4_address (v4)) | ||
2499 | *result_af = AF_UNSPEC; | ||
2500 | else | ||
2501 | *addr = v4; | ||
2502 | break; | ||
2503 | case AF_INET6: | ||
2504 | if (GNUNET_OK != allocate_v6_address (v6)) | ||
2505 | *result_af = AF_UNSPEC; | ||
2506 | else | ||
2507 | *addr = v6; | ||
2508 | break; | ||
2509 | case AF_UNSPEC: | ||
2510 | if (GNUNET_OK == allocate_v4_address (v4)) | ||
2511 | { | ||
2512 | *addr = v4; | ||
2513 | *result_af = AF_INET; | ||
2514 | } | ||
2515 | else if (GNUNET_OK == allocate_v6_address (v6)) | ||
2516 | { | 2547 | { |
2517 | *addr = v6; | 2548 | case AF_INET: |
2518 | *result_af = AF_INET6; | 2549 | if (GNUNET_OK != allocate_v4_address(v4)) |
2550 | *result_af = AF_UNSPEC; | ||
2551 | else | ||
2552 | *addr = v4; | ||
2553 | break; | ||
2554 | |||
2555 | case AF_INET6: | ||
2556 | if (GNUNET_OK != allocate_v6_address(v6)) | ||
2557 | *result_af = AF_UNSPEC; | ||
2558 | else | ||
2559 | *addr = v6; | ||
2560 | break; | ||
2561 | |||
2562 | case AF_UNSPEC: | ||
2563 | if (GNUNET_OK == allocate_v4_address(v4)) | ||
2564 | { | ||
2565 | *addr = v4; | ||
2566 | *result_af = AF_INET; | ||
2567 | } | ||
2568 | else if (GNUNET_OK == allocate_v6_address(v6)) | ||
2569 | { | ||
2570 | *addr = v6; | ||
2571 | *result_af = AF_INET6; | ||
2572 | } | ||
2573 | break; | ||
2574 | |||
2575 | default: | ||
2576 | GNUNET_break(0); | ||
2577 | return GNUNET_SYSERR; | ||
2519 | } | 2578 | } |
2520 | break; | ||
2521 | default: | ||
2522 | GNUNET_break (0); | ||
2523 | return GNUNET_SYSERR; | ||
2524 | } | ||
2525 | return GNUNET_OK; | 2579 | return GNUNET_OK; |
2526 | } | 2580 | } |
2527 | 2581 | ||
@@ -2536,34 +2590,36 @@ allocate_response_ip (int *result_af, | |||
2536 | * @return #GNUNET_OK if @a msg is well-formed | 2590 | * @return #GNUNET_OK if @a msg is well-formed |
2537 | */ | 2591 | */ |
2538 | static int | 2592 | static int |
2539 | check_client_redirect_to_ip (void *cls, | 2593 | check_client_redirect_to_ip(void *cls, |
2540 | const struct RedirectToIpRequestMessage *msg) | 2594 | const struct RedirectToIpRequestMessage *msg) |
2541 | { | 2595 | { |
2542 | size_t alen; | 2596 | size_t alen; |
2543 | int addr_af; | 2597 | int addr_af; |
2544 | 2598 | ||
2545 | alen = ntohs (msg->header.size) - sizeof (struct RedirectToIpRequestMessage); | 2599 | alen = ntohs(msg->header.size) - sizeof(struct RedirectToIpRequestMessage); |
2546 | addr_af = (int) htonl (msg->addr_af); | 2600 | addr_af = (int)htonl(msg->addr_af); |
2547 | switch (addr_af) | 2601 | switch (addr_af) |
2548 | { | ||
2549 | case AF_INET: | ||
2550 | if (alen != sizeof (struct in_addr)) | ||
2551 | { | ||
2552 | GNUNET_break (0); | ||
2553 | return GNUNET_SYSERR; | ||
2554 | } | ||
2555 | break; | ||
2556 | case AF_INET6: | ||
2557 | if (alen != sizeof (struct in6_addr)) | ||
2558 | { | 2602 | { |
2559 | GNUNET_break (0); | 2603 | case AF_INET: |
2604 | if (alen != sizeof(struct in_addr)) | ||
2605 | { | ||
2606 | GNUNET_break(0); | ||
2607 | return GNUNET_SYSERR; | ||
2608 | } | ||
2609 | break; | ||
2610 | |||
2611 | case AF_INET6: | ||
2612 | if (alen != sizeof(struct in6_addr)) | ||
2613 | { | ||
2614 | GNUNET_break(0); | ||
2615 | return GNUNET_SYSERR; | ||
2616 | } | ||
2617 | break; | ||
2618 | |||
2619 | default: | ||
2620 | GNUNET_break(0); | ||
2560 | return GNUNET_SYSERR; | 2621 | return GNUNET_SYSERR; |
2561 | } | 2622 | } |
2562 | break; | ||
2563 | default: | ||
2564 | GNUNET_break (0); | ||
2565 | return GNUNET_SYSERR; | ||
2566 | } | ||
2567 | return GNUNET_OK; | 2623 | return GNUNET_OK; |
2568 | } | 2624 | } |
2569 | 2625 | ||
@@ -2577,8 +2633,8 @@ check_client_redirect_to_ip (void *cls, | |||
2577 | * @param msg redirection request | 2633 | * @param msg redirection request |
2578 | */ | 2634 | */ |
2579 | static void | 2635 | static void |
2580 | handle_client_redirect_to_ip (void *cls, | 2636 | handle_client_redirect_to_ip(void *cls, |
2581 | const struct RedirectToIpRequestMessage *msg) | 2637 | const struct RedirectToIpRequestMessage *msg) |
2582 | { | 2638 | { |
2583 | struct GNUNET_SERVICE_Client *client = cls; | 2639 | struct GNUNET_SERVICE_Client *client = cls; |
2584 | size_t alen; | 2640 | size_t alen; |
@@ -2590,59 +2646,59 @@ handle_client_redirect_to_ip (void *cls, | |||
2590 | struct DestinationEntry *de; | 2646 | struct DestinationEntry *de; |
2591 | struct GNUNET_HashCode key; | 2647 | struct GNUNET_HashCode key; |
2592 | 2648 | ||
2593 | alen = ntohs (msg->header.size) - sizeof (struct RedirectToIpRequestMessage); | 2649 | alen = ntohs(msg->header.size) - sizeof(struct RedirectToIpRequestMessage); |
2594 | addr_af = (int) htonl (msg->addr_af); | 2650 | addr_af = (int)htonl(msg->addr_af); |
2595 | /* allocate response IP */ | 2651 | /* allocate response IP */ |
2596 | result_af = (int) htonl (msg->result_af); | 2652 | result_af = (int)htonl(msg->result_af); |
2597 | if (GNUNET_OK != allocate_response_ip (&result_af, &addr, &v4, &v6)) | 2653 | if (GNUNET_OK != allocate_response_ip(&result_af, &addr, &v4, &v6)) |
2598 | { | 2654 | { |
2599 | GNUNET_SERVICE_client_drop (client); | 2655 | GNUNET_SERVICE_client_drop(client); |
2600 | return; | 2656 | return; |
2601 | } | 2657 | } |
2602 | /* send reply with our IP address */ | 2658 | /* send reply with our IP address */ |
2603 | send_client_reply (client, msg->request_id, result_af, addr); | 2659 | send_client_reply(client, msg->request_id, result_af, addr); |
2604 | if (result_af == AF_UNSPEC) | 2660 | if (result_af == AF_UNSPEC) |
2605 | { | 2661 | { |
2606 | /* failure, we're done */ | 2662 | /* failure, we're done */ |
2607 | GNUNET_SERVICE_client_continue (client); | 2663 | GNUNET_SERVICE_client_continue(client); |
2608 | return; | 2664 | return; |
2609 | } | 2665 | } |
2610 | 2666 | ||
2611 | { | 2667 | { |
2612 | char sbuf[INET6_ADDRSTRLEN]; | 2668 | char sbuf[INET6_ADDRSTRLEN]; |
2613 | char dbuf[INET6_ADDRSTRLEN]; | 2669 | char dbuf[INET6_ADDRSTRLEN]; |
2614 | 2670 | ||
2615 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2671 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
2616 | "Allocated address %s for redirection via exit to %s\n", | 2672 | "Allocated address %s for redirection via exit to %s\n", |
2617 | inet_ntop (result_af, addr, sbuf, sizeof (sbuf)), | 2673 | inet_ntop(result_af, addr, sbuf, sizeof(sbuf)), |
2618 | inet_ntop (addr_af, &msg[1], dbuf, sizeof (dbuf))); | 2674 | inet_ntop(addr_af, &msg[1], dbuf, sizeof(dbuf))); |
2619 | } | 2675 | } |
2620 | 2676 | ||
2621 | /* setup destination record */ | 2677 | /* setup destination record */ |
2622 | de = GNUNET_new (struct DestinationEntry); | 2678 | de = GNUNET_new(struct DestinationEntry); |
2623 | de->is_service = GNUNET_NO; | 2679 | de->is_service = GNUNET_NO; |
2624 | de->details.exit_destination.af = addr_af; | 2680 | de->details.exit_destination.af = addr_af; |
2625 | GNUNET_memcpy (&de->details.exit_destination.ip, &msg[1], alen); | 2681 | GNUNET_memcpy(&de->details.exit_destination.ip, &msg[1], alen); |
2626 | get_destination_key_from_ip (result_af, addr, &key); | 2682 | get_destination_key_from_ip(result_af, addr, &key); |
2627 | de->key = key; | 2683 | de->key = key; |
2628 | GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put ( | 2684 | GNUNET_assert(GNUNET_OK == GNUNET_CONTAINER_multihashmap_put( |
2629 | destination_map, | 2685 | destination_map, |
2630 | &key, | 2686 | &key, |
2631 | de, | 2687 | de, |
2632 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); | 2688 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); |
2633 | de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap, | 2689 | de->heap_node = GNUNET_CONTAINER_heap_insert(destination_heap, |
2634 | de, | 2690 | de, |
2635 | GNUNET_TIME_absolute_ntoh ( | 2691 | GNUNET_TIME_absolute_ntoh( |
2636 | msg->expiration_time) | 2692 | msg->expiration_time) |
2637 | .abs_value_us); | 2693 | .abs_value_us); |
2638 | GNUNET_STATISTICS_update (stats, | 2694 | GNUNET_STATISTICS_update(stats, |
2639 | gettext_noop ("# Active destinations"), | 2695 | gettext_noop("# Active destinations"), |
2640 | 1, | 2696 | 1, |
2641 | GNUNET_NO); | 2697 | GNUNET_NO); |
2642 | while (GNUNET_CONTAINER_multihashmap_size (destination_map) > | 2698 | while (GNUNET_CONTAINER_multihashmap_size(destination_map) > |
2643 | max_destination_mappings) | 2699 | max_destination_mappings) |
2644 | expire_destination (de); | 2700 | expire_destination(de); |
2645 | GNUNET_SERVICE_client_continue (client); | 2701 | GNUNET_SERVICE_client_continue(client); |
2646 | } | 2702 | } |
2647 | 2703 | ||
2648 | 2704 | ||
@@ -2655,7 +2711,7 @@ handle_client_redirect_to_ip (void *cls, | |||
2655 | * @param msg redirection request | 2711 | * @param msg redirection request |
2656 | */ | 2712 | */ |
2657 | static void | 2713 | static void |
2658 | handle_client_redirect_to_service ( | 2714 | handle_client_redirect_to_service( |
2659 | void *cls, | 2715 | void *cls, |
2660 | const struct RedirectToServiceRequestMessage *msg) | 2716 | const struct RedirectToServiceRequestMessage *msg) |
2661 | { | 2717 | { |
@@ -2669,59 +2725,59 @@ handle_client_redirect_to_service ( | |||
2669 | struct DestinationChannel *dt; | 2725 | struct DestinationChannel *dt; |
2670 | 2726 | ||
2671 | /* allocate response IP */ | 2727 | /* allocate response IP */ |
2672 | result_af = (int) htonl (msg->result_af); | 2728 | result_af = (int)htonl(msg->result_af); |
2673 | if (GNUNET_OK != allocate_response_ip (&result_af, &addr, &v4, &v6)) | 2729 | if (GNUNET_OK != allocate_response_ip(&result_af, &addr, &v4, &v6)) |
2674 | { | 2730 | { |
2675 | GNUNET_break (0); | 2731 | GNUNET_break(0); |
2676 | GNUNET_SERVICE_client_drop (client); | 2732 | GNUNET_SERVICE_client_drop(client); |
2677 | return; | 2733 | return; |
2678 | } | 2734 | } |
2679 | send_client_reply (client, msg->request_id, result_af, addr); | 2735 | send_client_reply(client, msg->request_id, result_af, addr); |
2680 | if (result_af == AF_UNSPEC) | 2736 | if (result_af == AF_UNSPEC) |
2681 | { | 2737 | { |
2682 | /* failure, we're done */ | 2738 | /* failure, we're done */ |
2683 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2739 | GNUNET_log(GNUNET_ERROR_TYPE_ERROR, |
2684 | _ ("Failed to allocate IP address for new destination\n")); | 2740 | _("Failed to allocate IP address for new destination\n")); |
2685 | GNUNET_SERVICE_client_continue (client); | 2741 | GNUNET_SERVICE_client_continue(client); |
2686 | return; | 2742 | return; |
2687 | } | 2743 | } |
2688 | 2744 | ||
2689 | { | 2745 | { |
2690 | char sbuf[INET6_ADDRSTRLEN]; | 2746 | char sbuf[INET6_ADDRSTRLEN]; |
2691 | 2747 | ||
2692 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2748 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
2693 | "Allocated address %s for redirection to service %s on peer %s\n", | 2749 | "Allocated address %s for redirection to service %s on peer %s\n", |
2694 | inet_ntop (result_af, addr, sbuf, sizeof (sbuf)), | 2750 | inet_ntop(result_af, addr, sbuf, sizeof(sbuf)), |
2695 | GNUNET_h2s (&msg->service_descriptor), | 2751 | GNUNET_h2s(&msg->service_descriptor), |
2696 | GNUNET_i2s (&msg->target)); | 2752 | GNUNET_i2s(&msg->target)); |
2697 | } | 2753 | } |
2698 | 2754 | ||
2699 | /* setup destination record */ | 2755 | /* setup destination record */ |
2700 | de = GNUNET_new (struct DestinationEntry); | 2756 | de = GNUNET_new(struct DestinationEntry); |
2701 | de->is_service = GNUNET_YES; | 2757 | de->is_service = GNUNET_YES; |
2702 | de->details.service_destination.target = msg->target; | 2758 | de->details.service_destination.target = msg->target; |
2703 | de->details.service_destination.service_descriptor = msg->service_descriptor; | 2759 | de->details.service_destination.service_descriptor = msg->service_descriptor; |
2704 | get_destination_key_from_ip (result_af, addr, &key); | 2760 | get_destination_key_from_ip(result_af, addr, &key); |
2705 | de->key = key; | 2761 | de->key = key; |
2706 | GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put ( | 2762 | GNUNET_assert(GNUNET_OK == GNUNET_CONTAINER_multihashmap_put( |
2707 | destination_map, | 2763 | destination_map, |
2708 | &key, | 2764 | &key, |
2709 | de, | 2765 | de, |
2710 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); | 2766 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); |
2711 | de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap, | 2767 | de->heap_node = GNUNET_CONTAINER_heap_insert(destination_heap, |
2712 | de, | 2768 | de, |
2713 | GNUNET_TIME_absolute_ntoh ( | 2769 | GNUNET_TIME_absolute_ntoh( |
2714 | msg->expiration_time) | 2770 | msg->expiration_time) |
2715 | .abs_value_us); | 2771 | .abs_value_us); |
2716 | while (GNUNET_CONTAINER_multihashmap_size (destination_map) > | 2772 | while (GNUNET_CONTAINER_multihashmap_size(destination_map) > |
2717 | max_destination_mappings) | 2773 | max_destination_mappings) |
2718 | expire_destination (de); | 2774 | expire_destination(de); |
2719 | 2775 | ||
2720 | dt = GNUNET_new (struct DestinationChannel); | 2776 | dt = GNUNET_new(struct DestinationChannel); |
2721 | dt->destination = de; | 2777 | dt->destination = de; |
2722 | GNUNET_CONTAINER_DLL_insert (de->dt_head, de->dt_tail, dt); | 2778 | GNUNET_CONTAINER_DLL_insert(de->dt_head, de->dt_tail, dt); |
2723 | /* we're done */ | 2779 | /* we're done */ |
2724 | GNUNET_SERVICE_client_continue (client); | 2780 | GNUNET_SERVICE_client_continue(client); |
2725 | } | 2781 | } |
2726 | 2782 | ||
2727 | 2783 | ||
@@ -2734,11 +2790,11 @@ handle_client_redirect_to_service ( | |||
2734 | * @return #GNUNET_OK (continue to iterate) | 2790 | * @return #GNUNET_OK (continue to iterate) |
2735 | */ | 2791 | */ |
2736 | static int | 2792 | static int |
2737 | cleanup_destination (void *cls, const struct GNUNET_HashCode *key, void *value) | 2793 | cleanup_destination(void *cls, const struct GNUNET_HashCode *key, void *value) |
2738 | { | 2794 | { |
2739 | struct DestinationEntry *de = value; | 2795 | struct DestinationEntry *de = value; |
2740 | 2796 | ||
2741 | free_destination_entry (de); | 2797 | free_destination_entry(de); |
2742 | return GNUNET_OK; | 2798 | return GNUNET_OK; |
2743 | } | 2799 | } |
2744 | 2800 | ||
@@ -2752,14 +2808,14 @@ cleanup_destination (void *cls, const struct GNUNET_HashCode *key, void *value) | |||
2752 | * @return #GNUNET_OK (continue to iterate) | 2808 | * @return #GNUNET_OK (continue to iterate) |
2753 | */ | 2809 | */ |
2754 | static int | 2810 | static int |
2755 | cleanup_channel (void *cls, const struct GNUNET_HashCode *key, void *value) | 2811 | cleanup_channel(void *cls, const struct GNUNET_HashCode *key, void *value) |
2756 | { | 2812 | { |
2757 | struct ChannelState *ts = value; | 2813 | struct ChannelState *ts = value; |
2758 | 2814 | ||
2759 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2815 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, |
2760 | "Tearing down channel to `%s' during cleanup\n", | 2816 | "Tearing down channel to `%s' during cleanup\n", |
2761 | print_channel_destination (&ts->destination)); | 2817 | print_channel_destination(&ts->destination)); |
2762 | free_channel_state (ts); | 2818 | free_channel_state(ts); |
2763 | return GNUNET_OK; | 2819 | return GNUNET_OK; |
2764 | } | 2820 | } |
2765 | 2821 | ||
@@ -2770,53 +2826,53 @@ cleanup_channel (void *cls, const struct GNUNET_HashCode *key, void *value) | |||
2770 | * @param cls unused | 2826 | * @param cls unused |
2771 | */ | 2827 | */ |
2772 | static void | 2828 | static void |
2773 | cleanup (void *cls) | 2829 | cleanup(void *cls) |
2774 | { | 2830 | { |
2775 | unsigned int i; | 2831 | unsigned int i; |
2776 | 2832 | ||
2777 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "VPN is shutting down\n"); | 2833 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "VPN is shutting down\n"); |
2778 | if (NULL != destination_map) | 2834 | if (NULL != destination_map) |
2779 | { | 2835 | { |
2780 | GNUNET_CONTAINER_multihashmap_iterate (destination_map, | 2836 | GNUNET_CONTAINER_multihashmap_iterate(destination_map, |
2781 | &cleanup_destination, | 2837 | &cleanup_destination, |
2782 | NULL); | 2838 | NULL); |
2783 | GNUNET_CONTAINER_multihashmap_destroy (destination_map); | 2839 | GNUNET_CONTAINER_multihashmap_destroy(destination_map); |
2784 | destination_map = NULL; | 2840 | destination_map = NULL; |
2785 | } | 2841 | } |
2786 | if (NULL != destination_heap) | 2842 | if (NULL != destination_heap) |
2787 | { | 2843 | { |
2788 | GNUNET_CONTAINER_heap_destroy (destination_heap); | 2844 | GNUNET_CONTAINER_heap_destroy(destination_heap); |
2789 | destination_heap = NULL; | 2845 | destination_heap = NULL; |
2790 | } | 2846 | } |
2791 | if (NULL != channel_map) | 2847 | if (NULL != channel_map) |
2792 | { | 2848 | { |
2793 | GNUNET_CONTAINER_multihashmap_iterate (channel_map, &cleanup_channel, NULL); | 2849 | GNUNET_CONTAINER_multihashmap_iterate(channel_map, &cleanup_channel, NULL); |
2794 | GNUNET_CONTAINER_multihashmap_destroy (channel_map); | 2850 | GNUNET_CONTAINER_multihashmap_destroy(channel_map); |
2795 | channel_map = NULL; | 2851 | channel_map = NULL; |
2796 | } | 2852 | } |
2797 | if (NULL != channel_heap) | 2853 | if (NULL != channel_heap) |
2798 | { | 2854 | { |
2799 | GNUNET_CONTAINER_heap_destroy (channel_heap); | 2855 | GNUNET_CONTAINER_heap_destroy(channel_heap); |
2800 | channel_heap = NULL; | 2856 | channel_heap = NULL; |
2801 | } | 2857 | } |
2802 | if (NULL != cadet_handle) | 2858 | if (NULL != cadet_handle) |
2803 | { | 2859 | { |
2804 | GNUNET_CADET_disconnect (cadet_handle); | 2860 | GNUNET_CADET_disconnect(cadet_handle); |
2805 | cadet_handle = NULL; | 2861 | cadet_handle = NULL; |
2806 | } | 2862 | } |
2807 | if (NULL != helper_handle) | 2863 | if (NULL != helper_handle) |
2808 | { | 2864 | { |
2809 | GNUNET_HELPER_kill (helper_handle, GNUNET_NO); | 2865 | GNUNET_HELPER_kill(helper_handle, GNUNET_NO); |
2810 | GNUNET_HELPER_wait (helper_handle); | 2866 | GNUNET_HELPER_wait(helper_handle); |
2811 | helper_handle = NULL; | 2867 | helper_handle = NULL; |
2812 | } | 2868 | } |
2813 | if (NULL != stats) | 2869 | if (NULL != stats) |
2814 | { | 2870 | { |
2815 | GNUNET_STATISTICS_destroy (stats, GNUNET_NO); | 2871 | GNUNET_STATISTICS_destroy(stats, GNUNET_NO); |
2816 | stats = NULL; | 2872 | stats = NULL; |
2817 | } | 2873 | } |
2818 | for (i = 0; i < 5; i++) | 2874 | for (i = 0; i < 5; i++) |
2819 | GNUNET_free_non_null (vpn_argv[i]); | 2875 | GNUNET_free_non_null(vpn_argv[i]); |
2820 | } | 2876 | } |
2821 | 2877 | ||
2822 | 2878 | ||
@@ -2829,9 +2885,9 @@ cleanup (void *cls) | |||
2829 | * @return @a c | 2885 | * @return @a c |
2830 | */ | 2886 | */ |
2831 | static void * | 2887 | static void * |
2832 | client_connect_cb (void *cls, | 2888 | client_connect_cb(void *cls, |
2833 | struct GNUNET_SERVICE_Client *c, | 2889 | struct GNUNET_SERVICE_Client *c, |
2834 | struct GNUNET_MQ_Handle *mq) | 2890 | struct GNUNET_MQ_Handle *mq) |
2835 | { | 2891 | { |
2836 | return c; | 2892 | return c; |
2837 | } | 2893 | } |
@@ -2845,11 +2901,11 @@ client_connect_cb (void *cls, | |||
2845 | * @param internal_cls should be equal to @a c | 2901 | * @param internal_cls should be equal to @a c |
2846 | */ | 2902 | */ |
2847 | static void | 2903 | static void |
2848 | client_disconnect_cb (void *cls, | 2904 | client_disconnect_cb(void *cls, |
2849 | struct GNUNET_SERVICE_Client *c, | 2905 | struct GNUNET_SERVICE_Client *c, |
2850 | void *internal_cls) | 2906 | void *internal_cls) |
2851 | { | 2907 | { |
2852 | GNUNET_assert (c == internal_cls); | 2908 | GNUNET_assert(c == internal_cls); |
2853 | } | 2909 | } |
2854 | 2910 | ||
2855 | 2911 | ||
@@ -2861,9 +2917,9 @@ client_disconnect_cb (void *cls, | |||
2861 | * @param service the initialized service | 2917 | * @param service the initialized service |
2862 | */ | 2918 | */ |
2863 | static void | 2919 | static void |
2864 | run (void *cls, | 2920 | run(void *cls, |
2865 | const struct GNUNET_CONFIGURATION_Handle *cfg_, | 2921 | const struct GNUNET_CONFIGURATION_Handle *cfg_, |
2866 | struct GNUNET_SERVICE_Handle *service) | 2922 | struct GNUNET_SERVICE_Handle *service) |
2867 | { | 2923 | { |
2868 | char *ifname; | 2924 | char *ifname; |
2869 | char *ipv6addr; | 2925 | char *ipv6addr; |
@@ -2874,187 +2930,187 @@ run (void *cls, | |||
2874 | struct in6_addr v6; | 2930 | struct in6_addr v6; |
2875 | char *binary; | 2931 | char *binary; |
2876 | 2932 | ||
2877 | binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn"); | 2933 | binary = GNUNET_OS_get_libexec_binary_path("gnunet-helper-vpn"); |
2878 | 2934 | ||
2879 | if (GNUNET_YES != | 2935 | if (GNUNET_YES != |
2880 | GNUNET_OS_check_helper_binary ( | 2936 | GNUNET_OS_check_helper_binary( |
2881 | binary, | 2937 | binary, |
2882 | GNUNET_YES, | 2938 | GNUNET_YES, |
2883 | "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please! | 2939 | "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please! |
2884 | { | 2940 | { |
2885 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2941 | GNUNET_log(GNUNET_ERROR_TYPE_ERROR, |
2886 | "`%s' is not SUID, refusing to run.\n", | 2942 | "`%s' is not SUID, refusing to run.\n", |
2887 | "gnunet-helper-vpn"); | 2943 | "gnunet-helper-vpn"); |
2888 | GNUNET_free (binary); | 2944 | GNUNET_free(binary); |
2889 | global_ret = 1; | 2945 | global_ret = 1; |
2890 | /* we won't "really" exit here, as the 'service' is still running; | 2946 | /* we won't "really" exit here, as the 'service' is still running; |
2891 | however, as no handlers are registered, the service won't do | 2947 | however, as no handlers are registered, the service won't do |
2892 | anything either */ | 2948 | anything either */ |
2893 | return; | 2949 | return; |
2894 | } | 2950 | } |
2895 | GNUNET_free (binary); | 2951 | GNUNET_free(binary); |
2896 | cfg = cfg_; | 2952 | cfg = cfg_; |
2897 | stats = GNUNET_STATISTICS_create ("vpn", cfg); | 2953 | stats = GNUNET_STATISTICS_create("vpn", cfg); |
2898 | if (GNUNET_OK != | 2954 | if (GNUNET_OK != |
2899 | GNUNET_CONFIGURATION_get_value_number (cfg, | 2955 | GNUNET_CONFIGURATION_get_value_number(cfg, |
2900 | "VPN", | 2956 | "VPN", |
2901 | "MAX_MAPPING", | 2957 | "MAX_MAPPING", |
2902 | &max_destination_mappings)) | 2958 | &max_destination_mappings)) |
2903 | max_destination_mappings = 200; | 2959 | max_destination_mappings = 200; |
2904 | if (GNUNET_OK != | 2960 | if (GNUNET_OK != |
2905 | GNUNET_CONFIGURATION_get_value_number (cfg, | 2961 | GNUNET_CONFIGURATION_get_value_number(cfg, |
2906 | "VPN", | 2962 | "VPN", |
2907 | "MAX_TUNNELS", | 2963 | "MAX_TUNNELS", |
2908 | &max_channel_mappings)) | 2964 | &max_channel_mappings)) |
2909 | max_channel_mappings = 200; | 2965 | max_channel_mappings = 200; |
2910 | 2966 | ||
2911 | destination_map = | 2967 | destination_map = |
2912 | GNUNET_CONTAINER_multihashmap_create (max_destination_mappings * 2, | 2968 | GNUNET_CONTAINER_multihashmap_create(max_destination_mappings * 2, |
2913 | GNUNET_NO); | 2969 | GNUNET_NO); |
2914 | destination_heap = | 2970 | destination_heap = |
2915 | GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); | 2971 | GNUNET_CONTAINER_heap_create(GNUNET_CONTAINER_HEAP_ORDER_MIN); |
2916 | channel_map = | 2972 | channel_map = |
2917 | GNUNET_CONTAINER_multihashmap_create (max_channel_mappings * 2, GNUNET_NO); | 2973 | GNUNET_CONTAINER_multihashmap_create(max_channel_mappings * 2, GNUNET_NO); |
2918 | channel_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); | 2974 | channel_heap = GNUNET_CONTAINER_heap_create(GNUNET_CONTAINER_HEAP_ORDER_MIN); |
2919 | 2975 | ||
2920 | 2976 | ||
2921 | vpn_argv[0] = GNUNET_strdup ("vpn-gnunet"); | 2977 | vpn_argv[0] = GNUNET_strdup("vpn-gnunet"); |
2922 | if (GNUNET_SYSERR == | 2978 | if (GNUNET_SYSERR == |
2923 | GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IFNAME", &ifname)) | 2979 | GNUNET_CONFIGURATION_get_value_string(cfg, "VPN", "IFNAME", &ifname)) |
2924 | { | ||
2925 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); | ||
2926 | GNUNET_SCHEDULER_shutdown (); | ||
2927 | return; | ||
2928 | } | ||
2929 | vpn_argv[1] = ifname; | ||
2930 | ipv6addr = NULL; | ||
2931 | if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6)) | ||
2932 | { | ||
2933 | if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, | ||
2934 | "VPN", | ||
2935 | "IPV6ADDR", | ||
2936 | &ipv6addr) || | ||
2937 | (1 != inet_pton (AF_INET6, ipv6addr, &v6)))) | ||
2938 | { | ||
2939 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | ||
2940 | "VPN", | ||
2941 | "IPV6ADDR", | ||
2942 | _ ("Must specify valid IPv6 address")); | ||
2943 | GNUNET_SCHEDULER_shutdown (); | ||
2944 | GNUNET_free_non_null (ipv6addr); | ||
2945 | return; | ||
2946 | } | ||
2947 | vpn_argv[2] = ipv6addr; | ||
2948 | ipv6prefix_s = NULL; | ||
2949 | if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, | ||
2950 | "VPN", | ||
2951 | "IPV6PREFIX", | ||
2952 | &ipv6prefix_s)) | ||
2953 | { | 2980 | { |
2954 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); | 2981 | GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); |
2955 | GNUNET_SCHEDULER_shutdown (); | 2982 | GNUNET_SCHEDULER_shutdown(); |
2956 | GNUNET_free_non_null (ipv6prefix_s); | ||
2957 | return; | 2983 | return; |
2958 | } | 2984 | } |
2959 | vpn_argv[3] = ipv6prefix_s; | 2985 | vpn_argv[1] = ifname; |
2960 | if ((GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (cfg, | 2986 | ipv6addr = NULL; |
2961 | "VPN", | 2987 | if (GNUNET_OK == GNUNET_NETWORK_test_pf(PF_INET6)) |
2962 | "IPV6PREFIX", | ||
2963 | &ipv6prefix)) || | ||
2964 | (ipv6prefix >= 127)) | ||
2965 | { | 2988 | { |
2966 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | 2989 | if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, |
2967 | "VPN", | 2990 | "VPN", |
2968 | "IPV4MASK", | 2991 | "IPV6ADDR", |
2969 | _ ("Must specify valid IPv6 mask")); | 2992 | &ipv6addr) || |
2970 | GNUNET_SCHEDULER_shutdown (); | 2993 | (1 != inet_pton(AF_INET6, ipv6addr, &v6)))) |
2971 | return; | 2994 | { |
2995 | GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, | ||
2996 | "VPN", | ||
2997 | "IPV6ADDR", | ||
2998 | _("Must specify valid IPv6 address")); | ||
2999 | GNUNET_SCHEDULER_shutdown(); | ||
3000 | GNUNET_free_non_null(ipv6addr); | ||
3001 | return; | ||
3002 | } | ||
3003 | vpn_argv[2] = ipv6addr; | ||
3004 | ipv6prefix_s = NULL; | ||
3005 | if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, | ||
3006 | "VPN", | ||
3007 | "IPV6PREFIX", | ||
3008 | &ipv6prefix_s)) | ||
3009 | { | ||
3010 | GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); | ||
3011 | GNUNET_SCHEDULER_shutdown(); | ||
3012 | GNUNET_free_non_null(ipv6prefix_s); | ||
3013 | return; | ||
3014 | } | ||
3015 | vpn_argv[3] = ipv6prefix_s; | ||
3016 | if ((GNUNET_OK != GNUNET_CONFIGURATION_get_value_number(cfg, | ||
3017 | "VPN", | ||
3018 | "IPV6PREFIX", | ||
3019 | &ipv6prefix)) || | ||
3020 | (ipv6prefix >= 127)) | ||
3021 | { | ||
3022 | GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, | ||
3023 | "VPN", | ||
3024 | "IPV4MASK", | ||
3025 | _("Must specify valid IPv6 mask")); | ||
3026 | GNUNET_SCHEDULER_shutdown(); | ||
3027 | return; | ||
3028 | } | ||
2972 | } | 3029 | } |
2973 | } | ||
2974 | else | 3030 | else |
2975 | { | ||
2976 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
2977 | _ ( | ||
2978 | "IPv6 support disabled as this system does not support IPv6\n")); | ||
2979 | vpn_argv[2] = GNUNET_strdup ("-"); | ||
2980 | vpn_argv[3] = GNUNET_strdup ("-"); | ||
2981 | } | ||
2982 | if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET)) | ||
2983 | { | ||
2984 | ipv4addr = NULL; | ||
2985 | if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, | ||
2986 | "vpn", | ||
2987 | "IPV4ADDR", | ||
2988 | &ipv4addr) || | ||
2989 | (1 != inet_pton (AF_INET, ipv4addr, &v4)))) | ||
2990 | { | 3031 | { |
2991 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | 3032 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, |
2992 | "VPN", | 3033 | _( |
2993 | "IPV4ADDR", | 3034 | "IPv6 support disabled as this system does not support IPv6\n")); |
2994 | _ ("Must specify valid IPv4 address")); | 3035 | vpn_argv[2] = GNUNET_strdup("-"); |
2995 | GNUNET_SCHEDULER_shutdown (); | 3036 | vpn_argv[3] = GNUNET_strdup("-"); |
2996 | GNUNET_free_non_null (ipv4addr); | ||
2997 | return; | ||
2998 | } | 3037 | } |
2999 | vpn_argv[4] = ipv4addr; | 3038 | if (GNUNET_OK == GNUNET_NETWORK_test_pf(PF_INET)) |
3000 | ipv4mask = NULL; | ||
3001 | if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, | ||
3002 | "vpn", | ||
3003 | "IPV4MASK", | ||
3004 | &ipv4mask) || | ||
3005 | (1 != inet_pton (AF_INET, ipv4mask, &v4)))) | ||
3006 | { | 3039 | { |
3007 | GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, | 3040 | ipv4addr = NULL; |
3008 | "VPN", | 3041 | if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, |
3009 | "IPV4MASK", | 3042 | "vpn", |
3010 | _ ("Must specify valid IPv4 mask")); | 3043 | "IPV4ADDR", |
3011 | GNUNET_SCHEDULER_shutdown (); | 3044 | &ipv4addr) || |
3012 | GNUNET_free_non_null (ipv4mask); | 3045 | (1 != inet_pton(AF_INET, ipv4addr, &v4)))) |
3013 | return; | 3046 | { |
3047 | GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, | ||
3048 | "VPN", | ||
3049 | "IPV4ADDR", | ||
3050 | _("Must specify valid IPv4 address")); | ||
3051 | GNUNET_SCHEDULER_shutdown(); | ||
3052 | GNUNET_free_non_null(ipv4addr); | ||
3053 | return; | ||
3054 | } | ||
3055 | vpn_argv[4] = ipv4addr; | ||
3056 | ipv4mask = NULL; | ||
3057 | if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, | ||
3058 | "vpn", | ||
3059 | "IPV4MASK", | ||
3060 | &ipv4mask) || | ||
3061 | (1 != inet_pton(AF_INET, ipv4mask, &v4)))) | ||
3062 | { | ||
3063 | GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, | ||
3064 | "VPN", | ||
3065 | "IPV4MASK", | ||
3066 | _("Must specify valid IPv4 mask")); | ||
3067 | GNUNET_SCHEDULER_shutdown(); | ||
3068 | GNUNET_free_non_null(ipv4mask); | ||
3069 | return; | ||
3070 | } | ||
3071 | vpn_argv[5] = ipv4mask; | ||
3014 | } | 3072 | } |
3015 | vpn_argv[5] = ipv4mask; | ||
3016 | } | ||
3017 | else | 3073 | else |
3018 | { | 3074 | { |
3019 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | 3075 | GNUNET_log(GNUNET_ERROR_TYPE_INFO, |
3020 | _ ( | 3076 | _( |
3021 | "IPv4 support disabled as this system does not support IPv4\n")); | 3077 | "IPv4 support disabled as this system does not support IPv4\n")); |
3022 | vpn_argv[4] = GNUNET_strdup ("-"); | 3078 | vpn_argv[4] = GNUNET_strdup("-"); |
3023 | vpn_argv[5] = GNUNET_strdup ("-"); | 3079 | vpn_argv[5] = GNUNET_strdup("-"); |
3024 | } | 3080 | } |
3025 | vpn_argv[6] = NULL; | 3081 | vpn_argv[6] = NULL; |
3026 | 3082 | ||
3027 | cadet_handle = GNUNET_CADET_connect (cfg_); | 3083 | cadet_handle = GNUNET_CADET_connect(cfg_); |
3028 | // FIXME never opens ports??? | 3084 | // FIXME never opens ports??? |
3029 | helper_handle = GNUNET_HELPER_start (GNUNET_NO, | 3085 | helper_handle = GNUNET_HELPER_start(GNUNET_NO, |
3030 | "gnunet-helper-vpn", | 3086 | "gnunet-helper-vpn", |
3031 | vpn_argv, | 3087 | vpn_argv, |
3032 | &message_token, | 3088 | &message_token, |
3033 | NULL, | 3089 | NULL, |
3034 | NULL); | 3090 | NULL); |
3035 | GNUNET_SCHEDULER_add_shutdown (&cleanup, NULL); | 3091 | GNUNET_SCHEDULER_add_shutdown(&cleanup, NULL); |
3036 | } | 3092 | } |
3037 | 3093 | ||
3038 | 3094 | ||
3039 | /** | 3095 | /** |
3040 | * Define "main" method using service macro. | 3096 | * Define "main" method using service macro. |
3041 | */ | 3097 | */ |
3042 | GNUNET_SERVICE_MAIN ( | 3098 | GNUNET_SERVICE_MAIN( |
3043 | "vpn", | 3099 | "vpn", |
3044 | GNUNET_SERVICE_OPTION_NONE, | 3100 | GNUNET_SERVICE_OPTION_NONE, |
3045 | &run, | 3101 | &run, |
3046 | &client_connect_cb, | 3102 | &client_connect_cb, |
3047 | &client_disconnect_cb, | 3103 | &client_disconnect_cb, |
3048 | NULL, | 3104 | NULL, |
3049 | GNUNET_MQ_hd_var_size (client_redirect_to_ip, | 3105 | GNUNET_MQ_hd_var_size(client_redirect_to_ip, |
3050 | GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP, | 3106 | GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP, |
3051 | struct RedirectToIpRequestMessage, | 3107 | struct RedirectToIpRequestMessage, |
3052 | NULL), | 3108 | NULL), |
3053 | GNUNET_MQ_hd_fixed_size (client_redirect_to_service, | 3109 | GNUNET_MQ_hd_fixed_size(client_redirect_to_service, |
3054 | GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE, | 3110 | GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE, |
3055 | struct RedirectToServiceRequestMessage, | 3111 | struct RedirectToServiceRequestMessage, |
3056 | NULL), | 3112 | NULL), |
3057 | GNUNET_MQ_handler_end ()); | 3113 | GNUNET_MQ_handler_end()); |
3058 | 3114 | ||
3059 | 3115 | ||
3060 | /* end of gnunet-service-vpn.c */ | 3116 | /* end of gnunet-service-vpn.c */ |