From c4e9ba925ffd758aaa3feee2ccfc0b76f26fe207 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 5 Oct 2019 15:09:28 +0200 Subject: global reindent, now with uncrustify hook enabled --- src/exit/exit.h | 27 +- src/exit/gnunet-daemon-exit.c | 4600 +++++++++++++++++++++-------------------- src/exit/gnunet-helper-exit.c | 957 +++++---- 3 files changed, 2844 insertions(+), 2740 deletions(-) (limited to 'src/exit') diff --git a/src/exit/exit.h b/src/exit/exit.h index be4f042b6..41dad6246 100644 --- a/src/exit/exit.h +++ b/src/exit/exit.h @@ -34,7 +34,8 @@ GNUNET_NETWORK_STRUCT_BEGIN * Message send via cadet to an exit daemon to initiate forwarding of * TCP data to a local service. */ -struct GNUNET_EXIT_TcpServiceStartMessage { +struct GNUNET_EXIT_TcpServiceStartMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START */ @@ -59,7 +60,8 @@ struct GNUNET_EXIT_TcpServiceStartMessage { * Message send via cadet to an exit daemon to initiate forwarding of * TCP data to the Internet. */ -struct GNUNET_EXIT_TcpInternetStartMessage { +struct GNUNET_EXIT_TcpInternetStartMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START */ @@ -89,7 +91,8 @@ struct GNUNET_EXIT_TcpInternetStartMessage { * format is used for both Internet-exits and service-exits and * in both directions (VPN to exit and exit to VPN). */ -struct GNUNET_EXIT_TcpDataMessage { +struct GNUNET_EXIT_TcpDataMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_TCP_DATA */ @@ -114,7 +117,8 @@ struct GNUNET_EXIT_TcpDataMessage { * Message send via cadet to an exit daemon to send * UDP data to a local service. */ -struct GNUNET_EXIT_UdpServiceMessage { +struct GNUNET_EXIT_UdpServiceMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE */ @@ -138,7 +142,8 @@ struct GNUNET_EXIT_UdpServiceMessage { * Message send via cadet to an exit daemon to forward * UDP data to the Internet. */ -struct GNUNET_EXIT_UdpInternetMessage { +struct GNUNET_EXIT_UdpInternetMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET */ @@ -170,7 +175,8 @@ struct GNUNET_EXIT_UdpInternetMessage { * Message send from exit daemon back to the UDP entry point * (used for both Internet and Service exit replies). */ -struct GNUNET_EXIT_UdpReplyMessage { +struct GNUNET_EXIT_UdpReplyMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY */ @@ -196,7 +202,8 @@ struct GNUNET_EXIT_UdpReplyMessage { * Message send via cadet to an exit daemon to send * ICMP data to a local service. */ -struct GNUNET_EXIT_IcmpServiceMessage { +struct GNUNET_EXIT_IcmpServiceMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE */ @@ -226,7 +233,8 @@ struct GNUNET_EXIT_IcmpServiceMessage { * Message send via cadet to an exit daemon to forward * ICMP data to the Internet. */ -struct GNUNET_EXIT_IcmpInternetMessage { +struct GNUNET_EXIT_IcmpInternetMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET */ @@ -260,7 +268,8 @@ struct GNUNET_EXIT_IcmpInternetMessage { * Message send via cadet to the vpn service to send * ICMP data to the VPN's TUN interface. */ -struct GNUNET_EXIT_IcmpToVPNMessage { +struct GNUNET_EXIT_IcmpToVPNMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN */ diff --git a/src/exit/gnunet-daemon-exit.c b/src/exit/gnunet-daemon-exit.c index f7cadbace..578997f4a 100644 --- a/src/exit/gnunet-daemon-exit.c +++ b/src/exit/gnunet-daemon-exit.c @@ -66,30 +66,34 @@ /** * How frequently do we re-announce the regex for the exit? */ -#define REGEX_REFRESH_FREQUENCY GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES, 30) +#define REGEX_REFRESH_FREQUENCY GNUNET_TIME_relative_multiply ( \ + GNUNET_TIME_UNIT_MINUTES, 30) /** * How frequently do we re-announce the DNS exit in the DHT? */ -#define DHT_PUT_FREQUENCY GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES, 15) +#define DHT_PUT_FREQUENCY GNUNET_TIME_relative_multiply ( \ + GNUNET_TIME_UNIT_MINUTES, 15) /** * How long do we typically sign the DNS exit advertisement for? */ -#define DNS_ADVERTISEMENT_TIMEOUT GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_HOURS, 3) +#define DNS_ADVERTISEMENT_TIMEOUT GNUNET_TIME_relative_multiply ( \ + GNUNET_TIME_UNIT_HOURS, 3) /** * Generic logging shorthand */ #define LOG(kind, ...) \ - GNUNET_log_from(kind, "exit", __VA_ARGS__); + GNUNET_log_from (kind, "exit", __VA_ARGS__); /** * Information about an address. */ -struct SocketAddress { +struct SocketAddress +{ /** * AF_INET or AF_INET6. */ @@ -98,7 +102,8 @@ struct SocketAddress { /** * Remote address information. */ - union { + union + { /** * Address, if af is AF_INET. */ @@ -127,7 +132,8 @@ struct SocketAddress { * a service this peer is specifically offering an exit for * (for a specific domain name). */ -struct LocalService { +struct LocalService +{ /** * Remote address to use for the service. */ @@ -160,7 +166,8 @@ struct LocalService { * IP-version, protocol, source-IP, destination-IP, source-port and * destinatin-port. */ -struct RedirectInformation { +struct RedirectInformation +{ /** * Address information for the other party (equivalent of the * arguments one would give to "connect"). @@ -192,7 +199,8 @@ struct RedirectInformation { * with the channel's closure so we can find it again for the next * message from the channel. */ -struct ChannelState { +struct ChannelState +{ /** * Cadet channel that is used for this connection. */ @@ -211,8 +219,10 @@ struct ChannelState { */ int is_dns; - union { - struct { + union + { + struct + { /** * Heap node for this state in the connections_heap. */ @@ -234,7 +244,8 @@ struct ChannelState { struct RedirectInformation ri; } tcp_udp; - struct { + struct + { /** * Socket we are using to transmit this request (must match if we receive * a response). @@ -418,7 +429,8 @@ GNUNET_NETWORK_STRUCT_BEGIN /** * Message with a DNS response. */ -struct DnsResponseMessage { +struct DnsResponseMessage +{ /** * GNUnet header, of type #GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET */ @@ -444,35 +456,35 @@ GNUNET_NETWORK_STRUCT_END * @param r number of bytes in @a dns */ static void -process_dns_result(void *cls, - const struct GNUNET_TUN_DnsHeader *dns, - size_t r) +process_dns_result (void *cls, + const struct GNUNET_TUN_DnsHeader *dns, + size_t r) { struct ChannelState *ts; struct GNUNET_MQ_Envelope *env; struct DnsResponseMessage *resp; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Processing DNS result from stub resolver\n"); - GNUNET_assert(NULL == cls); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Processing DNS result from stub resolver\n"); + GNUNET_assert (NULL == cls); if (NULL == dns) return; /* Handle case that this is a reply to a request from a CADET DNS channel */ ts = channels[dns->id]; if (NULL == ts) return; - LOG(GNUNET_ERROR_TYPE_DEBUG, - "Got a response from the stub resolver for DNS request received via CADET!\n"); + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Got a response from the stub resolver for DNS request received via CADET!\n"); channels[dns->id] = NULL; - env = GNUNET_MQ_msg_extra(resp, - r - sizeof(struct GNUNET_TUN_DnsHeader), - GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET); - GNUNET_memcpy(&resp->dns, - dns, - r); + env = GNUNET_MQ_msg_extra (resp, + r - sizeof(struct GNUNET_TUN_DnsHeader), + GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET); + GNUNET_memcpy (&resp->dns, + dns, + r); resp->dns.id = ts->specifics.dns.original_id; - GNUNET_MQ_send(GNUNET_CADET_get_mq(ts->channel), - env); + GNUNET_MQ_send (GNUNET_CADET_get_mq (ts->channel), + env); } @@ -485,21 +497,21 @@ process_dns_result(void *cls, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_dns_request(void *cls, - const struct DnsResponseMessage *msg) +check_dns_request (void *cls, + const struct DnsResponseMessage *msg) { struct ChannelState *ts = cls; if (NULL == dnsstub) - { - GNUNET_break(0); - return GNUNET_SYSERR; - } + { + GNUNET_break (0); + return GNUNET_SYSERR; + } if (GNUNET_NO == ts->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -511,42 +523,44 @@ check_dns_request(void *cls, * @param msg the actual message */ static void -handle_dns_request(void *cls, - const struct DnsResponseMessage *msg) +handle_dns_request (void *cls, + const struct DnsResponseMessage *msg) { struct ChannelState *ts = cls; - size_t mlen = ntohs(msg->header.size); + size_t mlen = ntohs (msg->header.size); size_t dlen = mlen - sizeof(struct GNUNET_MessageHeader); char buf[dlen] GNUNET_ALIGN; struct GNUNET_TUN_DnsHeader *dout; if (GNUNET_SYSERR == ts->is_dns) - { - /* channel is DNS from now on */ - ts->is_dns = GNUNET_YES; - } + { + /* channel is DNS from now on */ + ts->is_dns = GNUNET_YES; + } ts->specifics.dns.original_id = msg->dns.id; if (channels[ts->specifics.dns.my_id] == ts) channels[ts->specifics.dns.my_id] = NULL; - ts->specifics.dns.my_id = (uint16_t)GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, - UINT16_MAX + 1); + ts->specifics.dns.my_id = (uint16_t) GNUNET_CRYPTO_random_u32 ( + GNUNET_CRYPTO_QUALITY_WEAK, + UINT16_MAX + + 1); channels[ts->specifics.dns.my_id] = ts; - GNUNET_memcpy(buf, - &msg->dns, - dlen); - dout = (struct GNUNET_TUN_DnsHeader *)buf; + GNUNET_memcpy (buf, + &msg->dns, + dlen); + dout = (struct GNUNET_TUN_DnsHeader *) buf; dout->id = ts->specifics.dns.my_id; - ts->specifics.dns.rs = GNUNET_DNSSTUB_resolve(dnsstub, - buf, - dlen, - &process_dns_result, - NULL); + ts->specifics.dns.rs = GNUNET_DNSSTUB_resolve (dnsstub, + buf, + dlen, + &process_dns_result, + NULL); if (NULL == ts->specifics.dns.rs) - { - GNUNET_break_op(0); - return; - } - GNUNET_CADET_receive_done(ts->channel); + { + GNUNET_break_op (0); + return; + } + GNUNET_CADET_receive_done (ts->channel); } @@ -558,66 +572,66 @@ handle_dns_request(void *cls, * @param ri information about the connection */ static void -hash_redirect_info(struct GNUNET_HashCode *hash, - const struct RedirectInformation *ri) +hash_redirect_info (struct GNUNET_HashCode *hash, + const struct RedirectInformation *ri) { char *off; - memset(hash, - 0, - sizeof(struct GNUNET_HashCode)); + memset (hash, + 0, + sizeof(struct GNUNET_HashCode)); /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash, so we put the IP address in there (and hope for few collisions) */ - off = (char*)hash; + off = (char*) hash; switch (ri->remote_address.af) - { - case AF_INET: - GNUNET_memcpy(off, - &ri->remote_address.address.ipv4, - sizeof(struct in_addr)); - off += sizeof(struct in_addr); - break; + { + case AF_INET: + GNUNET_memcpy (off, + &ri->remote_address.address.ipv4, + sizeof(struct in_addr)); + off += sizeof(struct in_addr); + break; - case AF_INET6: - GNUNET_memcpy(off, - &ri->remote_address.address.ipv6, - sizeof(struct in6_addr)); - off += sizeof(struct in_addr); - break; + case AF_INET6: + GNUNET_memcpy (off, + &ri->remote_address.address.ipv6, + sizeof(struct in6_addr)); + off += sizeof(struct in_addr); + break; - default: - GNUNET_assert(0); - } - GNUNET_memcpy(off, - &ri->remote_address.port, - sizeof(uint16_t)); + default: + GNUNET_assert (0); + } + GNUNET_memcpy (off, + &ri->remote_address.port, + sizeof(uint16_t)); off += sizeof(uint16_t); switch (ri->local_address.af) - { - case AF_INET: - GNUNET_memcpy(off, - &ri->local_address.address.ipv4, - sizeof(struct in_addr)); - off += sizeof(struct in_addr); - break; + { + case AF_INET: + GNUNET_memcpy (off, + &ri->local_address.address.ipv4, + sizeof(struct in_addr)); + off += sizeof(struct in_addr); + break; - case AF_INET6: - GNUNET_memcpy(off, - &ri->local_address.address.ipv6, - sizeof(struct in6_addr)); - off += sizeof(struct in_addr); - break; + case AF_INET6: + GNUNET_memcpy (off, + &ri->local_address.address.ipv6, + sizeof(struct in6_addr)); + off += sizeof(struct in_addr); + break; - default: - GNUNET_assert(0); - } - GNUNET_memcpy(off, - &ri->local_address.port, - sizeof(uint16_t)); + default: + GNUNET_assert (0); + } + GNUNET_memcpy (off, + &ri->local_address.port, + sizeof(uint16_t)); off += sizeof(uint16_t); - GNUNET_memcpy(off, - &ri->remote_address.proto, - sizeof(uint8_t)); + GNUNET_memcpy (off, + &ri->remote_address.proto, + sizeof(uint8_t)); /* off += sizeof (uint8_t); */ } @@ -636,13 +650,13 @@ hash_redirect_info(struct GNUNET_HashCode *hash, * @return NULL if we have no tracking information for this tuple */ static struct ChannelState * -get_redirect_state(int af, - int protocol, - const void *destination_ip, - uint16_t destination_port, - const void *local_ip, - uint16_t local_port, - struct GNUNET_HashCode *state_key) +get_redirect_state (int af, + int protocol, + const void *destination_ip, + uint16_t destination_port, + const void *local_ip, + uint16_t local_port, + struct GNUNET_HashCode *state_key) { struct RedirectInformation ri; struct GNUNET_HashCode key; @@ -650,37 +664,37 @@ get_redirect_state(int af, if (((af == AF_INET) && (protocol == IPPROTO_ICMP)) || ((af == AF_INET6) && (protocol == IPPROTO_ICMPV6))) - { - /* ignore ports */ - destination_port = 0; - local_port = 0; - } + { + /* ignore ports */ + destination_port = 0; + local_port = 0; + } ri.remote_address.af = af; if (af == AF_INET) - ri.remote_address.address.ipv4 = *((struct in_addr*)destination_ip); + ri.remote_address.address.ipv4 = *((struct in_addr*) destination_ip); else - ri.remote_address.address.ipv6 = *((struct in6_addr*)destination_ip); + ri.remote_address.address.ipv6 = *((struct in6_addr*) destination_ip); ri.remote_address.port = destination_port; ri.remote_address.proto = protocol; ri.local_address.af = af; if (af == AF_INET) - ri.local_address.address.ipv4 = *((struct in_addr*)local_ip); + ri.local_address.address.ipv4 = *((struct in_addr*) local_ip); else - ri.local_address.address.ipv6 = *((struct in6_addr*)local_ip); + ri.local_address.address.ipv6 = *((struct in6_addr*) local_ip); ri.local_address.port = local_port; ri.local_address.proto = protocol; - hash_redirect_info(&key, - &ri); + hash_redirect_info (&key, + &ri); if (NULL != state_key) *state_key = key; - state = GNUNET_CONTAINER_multihashmap_get(connections_map, - &key); + state = GNUNET_CONTAINER_multihashmap_get (connections_map, + &key); if (NULL == state) return NULL; /* Mark this connection as freshly used */ if (NULL == state_key) - GNUNET_CONTAINER_heap_update_cost(state->specifics.tcp_udp.heap_node, - GNUNET_TIME_absolute_get().abs_value_us); + GNUNET_CONTAINER_heap_update_cost (state->specifics.tcp_udp.heap_node, + GNUNET_TIME_absolute_get ().abs_value_us); return state; } @@ -696,36 +710,36 @@ get_redirect_state(int af, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_tcp_service(void *cls, - const struct GNUNET_EXIT_TcpServiceStartMessage *start) +check_tcp_service (void *cls, + const struct GNUNET_EXIT_TcpServiceStartMessage *start) { struct ChannelState *state = cls; if (NULL == state) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (GNUNET_YES == state->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (NULL == state->specifics.tcp_udp.serv) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (NULL != state->specifics.tcp_udp.heap_node) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (start->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -749,86 +763,88 @@ check_tcp_service(void *cls, * AND the payload */ static void -prepare_ipv4_packet(const void *payload, - size_t payload_length, - int protocol, - const struct GNUNET_TUN_TcpHeader *tcp_header, - const struct SocketAddress *src_address, - const struct SocketAddress *dst_address, - struct GNUNET_TUN_IPv4Header *pkt4) +prepare_ipv4_packet (const void *payload, + size_t payload_length, + int protocol, + const struct GNUNET_TUN_TcpHeader *tcp_header, + const struct SocketAddress *src_address, + const struct SocketAddress *dst_address, + struct GNUNET_TUN_IPv4Header *pkt4) { size_t len; len = payload_length; switch (protocol) - { - case IPPROTO_UDP: - len += sizeof(struct GNUNET_TUN_UdpHeader); - break; + { + case IPPROTO_UDP: + len += sizeof(struct GNUNET_TUN_UdpHeader); + break; - case IPPROTO_TCP: - len += sizeof(struct GNUNET_TUN_TcpHeader); - GNUNET_assert(NULL != tcp_header); - break; + case IPPROTO_TCP: + len += sizeof(struct GNUNET_TUN_TcpHeader); + GNUNET_assert (NULL != tcp_header); + break; - default: - GNUNET_break(0); - return; - } + default: + GNUNET_break (0); + return; + } if (len + sizeof(struct GNUNET_TUN_IPv4Header) > UINT16_MAX) - { - GNUNET_break(0); - return; - } + { + GNUNET_break (0); + return; + } - GNUNET_TUN_initialize_ipv4_header(pkt4, - protocol, - len, - &src_address->address.ipv4, - &dst_address->address.ipv4); + GNUNET_TUN_initialize_ipv4_header (pkt4, + protocol, + len, + &src_address->address.ipv4, + &dst_address->address.ipv4); switch (protocol) + { + case IPPROTO_UDP: { - case IPPROTO_UDP: - { - struct GNUNET_TUN_UdpHeader *pkt4_udp = (struct GNUNET_TUN_UdpHeader *)&pkt4[1]; - - pkt4_udp->source_port = htons(src_address->port); - pkt4_udp->destination_port = htons(dst_address->port); - pkt4_udp->len = htons((uint16_t)payload_length); - GNUNET_TUN_calculate_udp4_checksum(pkt4, - pkt4_udp, - payload, - payload_length); - GNUNET_memcpy(&pkt4_udp[1], - payload, - payload_length); + struct GNUNET_TUN_UdpHeader *pkt4_udp = (struct + GNUNET_TUN_UdpHeader *) &pkt4[1]; + + pkt4_udp->source_port = htons (src_address->port); + pkt4_udp->destination_port = htons (dst_address->port); + pkt4_udp->len = htons ((uint16_t) payload_length); + GNUNET_TUN_calculate_udp4_checksum (pkt4, + pkt4_udp, + payload, + payload_length); + GNUNET_memcpy (&pkt4_udp[1], + payload, + payload_length); } break; - case IPPROTO_TCP: + case IPPROTO_TCP: { - struct GNUNET_TUN_TcpHeader *pkt4_tcp = (struct GNUNET_TUN_TcpHeader *)&pkt4[1]; + struct GNUNET_TUN_TcpHeader *pkt4_tcp = (struct + GNUNET_TUN_TcpHeader *) &pkt4[1]; *pkt4_tcp = *tcp_header; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Sending TCP packet from port %u to port %u\n", - src_address->port, - dst_address->port); - pkt4_tcp->source_port = htons(src_address->port); - pkt4_tcp->destination_port = htons(dst_address->port); - GNUNET_TUN_calculate_tcp4_checksum(pkt4, - pkt4_tcp, - payload, - payload_length); - GNUNET_memcpy(&pkt4_tcp[1], - payload, - payload_length); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Sending TCP packet from port %u to port %u\n", + src_address->port, + dst_address->port); + pkt4_tcp->source_port = htons (src_address->port); + pkt4_tcp->destination_port = htons (dst_address->port); + GNUNET_TUN_calculate_tcp4_checksum (pkt4, + pkt4_tcp, + payload, + payload_length); + GNUNET_memcpy (&pkt4_tcp[1], + payload, + payload_length); } break; - default: - GNUNET_assert(0); - } + default: + GNUNET_assert (0); + } } @@ -851,84 +867,86 @@ prepare_ipv4_packet(const void *payload, * AND the payload */ static void -prepare_ipv6_packet(const void *payload, - size_t payload_length, - int protocol, - const struct GNUNET_TUN_TcpHeader *tcp_header, - const struct SocketAddress *src_address, - const struct SocketAddress *dst_address, - struct GNUNET_TUN_IPv6Header *pkt6) +prepare_ipv6_packet (const void *payload, + size_t payload_length, + int protocol, + const struct GNUNET_TUN_TcpHeader *tcp_header, + const struct SocketAddress *src_address, + const struct SocketAddress *dst_address, + struct GNUNET_TUN_IPv6Header *pkt6) { size_t len; len = payload_length; switch (protocol) - { - case IPPROTO_UDP: - len += sizeof(struct GNUNET_TUN_UdpHeader); - break; + { + case IPPROTO_UDP: + len += sizeof(struct GNUNET_TUN_UdpHeader); + break; - case IPPROTO_TCP: - len += sizeof(struct GNUNET_TUN_TcpHeader); - break; + case IPPROTO_TCP: + len += sizeof(struct GNUNET_TUN_TcpHeader); + break; - default: - GNUNET_break(0); - return; - } + default: + GNUNET_break (0); + return; + } if (len > UINT16_MAX) - { - GNUNET_break(0); - return; - } + { + GNUNET_break (0); + return; + } - GNUNET_TUN_initialize_ipv6_header(pkt6, - protocol, - len, - &src_address->address.ipv6, - &dst_address->address.ipv6); + GNUNET_TUN_initialize_ipv6_header (pkt6, + protocol, + len, + &src_address->address.ipv6, + &dst_address->address.ipv6); switch (protocol) + { + case IPPROTO_UDP: { - case IPPROTO_UDP: - { - struct GNUNET_TUN_UdpHeader *pkt6_udp = (struct GNUNET_TUN_UdpHeader *)&pkt6[1]; - - pkt6_udp->source_port = htons(src_address->port); - pkt6_udp->destination_port = htons(dst_address->port); - pkt6_udp->len = htons((uint16_t)payload_length); - GNUNET_TUN_calculate_udp6_checksum(pkt6, - pkt6_udp, - payload, - payload_length); - GNUNET_memcpy(&pkt6_udp[1], - payload, - payload_length); + struct GNUNET_TUN_UdpHeader *pkt6_udp = (struct + GNUNET_TUN_UdpHeader *) &pkt6[1]; + + pkt6_udp->source_port = htons (src_address->port); + pkt6_udp->destination_port = htons (dst_address->port); + pkt6_udp->len = htons ((uint16_t) payload_length); + GNUNET_TUN_calculate_udp6_checksum (pkt6, + pkt6_udp, + payload, + payload_length); + GNUNET_memcpy (&pkt6_udp[1], + payload, + payload_length); } break; - case IPPROTO_TCP: + case IPPROTO_TCP: { - struct GNUNET_TUN_TcpHeader *pkt6_tcp = (struct GNUNET_TUN_TcpHeader *)&pkt6[1]; + struct GNUNET_TUN_TcpHeader *pkt6_tcp = (struct + GNUNET_TUN_TcpHeader *) &pkt6[1]; /* GNUNET_memcpy first here as some TCP header fields are initialized this way! */ *pkt6_tcp = *tcp_header; - pkt6_tcp->source_port = htons(src_address->port); - pkt6_tcp->destination_port = htons(dst_address->port); - GNUNET_TUN_calculate_tcp6_checksum(pkt6, - pkt6_tcp, - payload, - payload_length); - GNUNET_memcpy(&pkt6_tcp[1], - payload, - payload_length); + pkt6_tcp->source_port = htons (src_address->port); + pkt6_tcp->destination_port = htons (dst_address->port); + GNUNET_TUN_calculate_tcp6_checksum (pkt6, + pkt6_tcp, + payload, + payload_length); + GNUNET_memcpy (&pkt6_tcp[1], + payload, + payload_length); } break; - default: - GNUNET_assert(0); - break; - } + default: + GNUNET_assert (0); + break; + } } @@ -942,97 +960,98 @@ prepare_ipv6_packet(const void *payload, * @param payload_length number of bytes in @a payload */ static void -send_tcp_packet_via_tun(const struct SocketAddress *destination_address, - const struct SocketAddress *source_address, - const struct GNUNET_TUN_TcpHeader *tcp_header, - const void *payload, - size_t payload_length) +send_tcp_packet_via_tun (const struct SocketAddress *destination_address, + const struct SocketAddress *source_address, + const struct GNUNET_TUN_TcpHeader *tcp_header, + const void *payload, + size_t payload_length) { size_t len; - GNUNET_STATISTICS_update(stats, - gettext_noop("# TCP packets sent via TUN"), - 1, - GNUNET_NO); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Sending packet with %u bytes TCP payload via TUN\n", - (unsigned int)payload_length); - len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct GNUNET_TUN_Layer2PacketHeader); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# TCP packets sent via TUN"), + 1, + GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Sending packet with %u bytes TCP payload via TUN\n", + (unsigned int) payload_length); + len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct + GNUNET_TUN_Layer2PacketHeader); switch (source_address->af) - { - case AF_INET: - len += sizeof(struct GNUNET_TUN_IPv4Header); - break; + { + case AF_INET: + len += sizeof(struct GNUNET_TUN_IPv4Header); + break; - case AF_INET6: - len += sizeof(struct GNUNET_TUN_IPv6Header); - break; + case AF_INET6: + len += sizeof(struct GNUNET_TUN_IPv6Header); + break; - default: - GNUNET_break(0); - return; - } + default: + GNUNET_break (0); + return; + } len += sizeof(struct GNUNET_TUN_TcpHeader); len += payload_length; if (len >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } + { + GNUNET_break (0); + return; + } { char buf[len] GNUNET_ALIGN; struct GNUNET_MessageHeader *hdr; struct GNUNET_TUN_Layer2PacketHeader *tun; - hdr = (struct GNUNET_MessageHeader *)buf; - hdr->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - hdr->size = htons(len); - tun = (struct GNUNET_TUN_Layer2PacketHeader*)&hdr[1]; - tun->flags = htons(0); + hdr = (struct GNUNET_MessageHeader *) buf; + hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + hdr->size = htons (len); + tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1]; + tun->flags = htons (0); switch (source_address->af) - { - case AF_INET: + { + case AF_INET: { struct GNUNET_TUN_IPv4Header *ipv4 - = (struct GNUNET_TUN_IPv4Header*)&tun[1]; - - tun->proto = htons(ETH_P_IPV4); - prepare_ipv4_packet(payload, - payload_length, - IPPROTO_TCP, - tcp_header, - source_address, - destination_address, - ipv4); + = (struct GNUNET_TUN_IPv4Header*) &tun[1]; + + tun->proto = htons (ETH_P_IPV4); + prepare_ipv4_packet (payload, + payload_length, + IPPROTO_TCP, + tcp_header, + source_address, + destination_address, + ipv4); } break; - case AF_INET6: + case AF_INET6: { struct GNUNET_TUN_IPv6Header *ipv6 - = (struct GNUNET_TUN_IPv6Header*)&tun[1]; - - tun->proto = htons(ETH_P_IPV6); - prepare_ipv6_packet(payload, - payload_length, - IPPROTO_TCP, - tcp_header, - source_address, - destination_address, - ipv6); + = (struct GNUNET_TUN_IPv6Header*) &tun[1]; + + tun->proto = htons (ETH_P_IPV6); + prepare_ipv6_packet (payload, + payload_length, + IPPROTO_TCP, + tcp_header, + source_address, + destination_address, + ipv6); } break; - default: - GNUNET_assert(0); - break; - } + default: + GNUNET_assert (0); + break; + } if (NULL != helper_handle) - (void)GNUNET_HELPER_send(helper_handle, - (const struct GNUNET_MessageHeader*)buf, - GNUNET_YES, - NULL, - NULL); + (void) GNUNET_HELPER_send (helper_handle, + (const struct GNUNET_MessageHeader*) buf, + GNUNET_YES, + NULL, + NULL); } } @@ -1047,98 +1066,105 @@ send_tcp_packet_via_tun(const struct SocketAddress *destination_address, * @param payload_length number of bytes of data in @a payload */ static void -send_icmp_packet_via_tun(const struct SocketAddress *destination_address, - const struct SocketAddress *source_address, - const struct GNUNET_TUN_IcmpHeader *icmp_header, - const void *payload, size_t payload_length) +send_icmp_packet_via_tun (const struct SocketAddress *destination_address, + const struct SocketAddress *source_address, + const struct GNUNET_TUN_IcmpHeader *icmp_header, + const void *payload, size_t payload_length) { size_t len; struct GNUNET_TUN_IcmpHeader *icmp; - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMP packets sent via TUN"), - 1, GNUNET_NO); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Sending packet with %u bytes ICMP payload via TUN\n", - (unsigned int)payload_length); - len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct GNUNET_TUN_Layer2PacketHeader); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# ICMP packets sent via TUN"), + 1, GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Sending packet with %u bytes ICMP payload via TUN\n", + (unsigned int) payload_length); + len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct + GNUNET_TUN_Layer2PacketHeader); switch (destination_address->af) - { - case AF_INET: - len += sizeof(struct GNUNET_TUN_IPv4Header); - break; + { + case AF_INET: + len += sizeof(struct GNUNET_TUN_IPv4Header); + break; - case AF_INET6: - len += sizeof(struct GNUNET_TUN_IPv6Header); - break; + case AF_INET6: + len += sizeof(struct GNUNET_TUN_IPv6Header); + break; - default: - GNUNET_break(0); - return; - } + default: + GNUNET_break (0); + return; + } len += sizeof(struct GNUNET_TUN_IcmpHeader); len += payload_length; if (len >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } + { + GNUNET_break (0); + return; + } { char buf[len] GNUNET_ALIGN; struct GNUNET_MessageHeader *hdr; struct GNUNET_TUN_Layer2PacketHeader *tun; - hdr = (struct GNUNET_MessageHeader *)buf; - hdr->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - hdr->size = htons(len); - tun = (struct GNUNET_TUN_Layer2PacketHeader*)&hdr[1]; - tun->flags = htons(0); + hdr = (struct GNUNET_MessageHeader *) buf; + hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + hdr->size = htons (len); + tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1]; + tun->flags = htons (0); switch (source_address->af) + { + case AF_INET: { - case AF_INET: - { - struct GNUNET_TUN_IPv4Header * ipv4 = (struct GNUNET_TUN_IPv4Header*)&tun[1]; - - tun->proto = htons(ETH_P_IPV4); - GNUNET_TUN_initialize_ipv4_header(ipv4, - IPPROTO_ICMP, - sizeof(struct GNUNET_TUN_IcmpHeader) + payload_length, - &source_address->address.ipv4, - &destination_address->address.ipv4); - icmp = (struct GNUNET_TUN_IcmpHeader*)&ipv4[1]; + struct GNUNET_TUN_IPv4Header *ipv4 = (struct + GNUNET_TUN_IPv4Header*) &tun[1]; + + tun->proto = htons (ETH_P_IPV4); + GNUNET_TUN_initialize_ipv4_header (ipv4, + IPPROTO_ICMP, + sizeof(struct + GNUNET_TUN_IcmpHeader) + + payload_length, + &source_address->address.ipv4, + &destination_address->address.ipv4); + icmp = (struct GNUNET_TUN_IcmpHeader*) &ipv4[1]; } break; - case AF_INET6: + case AF_INET6: { - struct GNUNET_TUN_IPv6Header * ipv6 = (struct GNUNET_TUN_IPv6Header*)&tun[1]; - - tun->proto = htons(ETH_P_IPV6); - GNUNET_TUN_initialize_ipv6_header(ipv6, - IPPROTO_ICMPV6, - sizeof(struct GNUNET_TUN_IcmpHeader) + payload_length, - &source_address->address.ipv6, - &destination_address->address.ipv6); - icmp = (struct GNUNET_TUN_IcmpHeader*)&ipv6[1]; + struct GNUNET_TUN_IPv6Header *ipv6 = (struct + GNUNET_TUN_IPv6Header*) &tun[1]; + + tun->proto = htons (ETH_P_IPV6); + GNUNET_TUN_initialize_ipv6_header (ipv6, + IPPROTO_ICMPV6, + sizeof(struct + GNUNET_TUN_IcmpHeader) + + payload_length, + &source_address->address.ipv6, + &destination_address->address.ipv6); + icmp = (struct GNUNET_TUN_IcmpHeader*) &ipv6[1]; } break; - default: - GNUNET_assert(0); - break; - } + default: + GNUNET_assert (0); + break; + } *icmp = *icmp_header; - GNUNET_memcpy(&icmp[1], - payload, - payload_length); - GNUNET_TUN_calculate_icmp_checksum(icmp, - payload, - payload_length); + GNUNET_memcpy (&icmp[1], + payload, + payload_length); + GNUNET_TUN_calculate_icmp_checksum (icmp, + payload, + payload_length); if (NULL != helper_handle) - (void)GNUNET_HELPER_send(helper_handle, - (const struct GNUNET_MessageHeader*)buf, - GNUNET_YES, - NULL, NULL); + (void) GNUNET_HELPER_send (helper_handle, + (const struct GNUNET_MessageHeader*) buf, + GNUNET_YES, + NULL, NULL); } } @@ -1152,12 +1178,12 @@ send_icmp_packet_via_tun(const struct SocketAddress *destination_address, * @param local_address address to initialize */ static void -setup_fresh_address(int af, - uint8_t proto, - struct SocketAddress *local_address) +setup_fresh_address (int af, + uint8_t proto, + struct SocketAddress *local_address) { local_address->af = af; - local_address->proto = (uint8_t)proto; + local_address->proto = (uint8_t) proto; /* default "local" port range is often 32768--61000, so we pick a random value in that range */ if (((af == AF_INET) && (proto == IPPROTO_ICMP)) || @@ -1165,11 +1191,11 @@ setup_fresh_address(int af, local_address->port = 0; else local_address->port - = (uint16_t)32768 + GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, - 28232); + = (uint16_t) 32768 + GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, + 28232); switch (af) - { - case AF_INET: + { + case AF_INET: { struct in_addr addr; struct in_addr mask; @@ -1178,27 +1204,28 @@ setup_fresh_address(int af, addr = exit_ipv4addr; mask = exit_ipv4mask; if (0 == ~mask.s_addr) - { - /* only one valid IP anyway */ - local_address->address.ipv4 = addr; - return; - } + { + /* only one valid IP anyway */ + local_address->address.ipv4 = addr; + return; + } /* Given 192.168.0.1/255.255.0.0, we want a mask of '192.168.255.255', thus: */ mask.s_addr = addr.s_addr | ~mask.s_addr; /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */ do - { - rnd.s_addr = GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, - UINT32_MAX); - local_address->address.ipv4.s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr; - } + { + rnd.s_addr = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, + UINT32_MAX); + local_address->address.ipv4.s_addr = (addr.s_addr | rnd.s_addr) + & mask.s_addr; + } while ((local_address->address.ipv4.s_addr == addr.s_addr) || (local_address->address.ipv4.s_addr == mask.s_addr)); } break; - case AF_INET6: + case AF_INET6: { struct in6_addr addr; struct in6_addr mask; @@ -1206,13 +1233,13 @@ setup_fresh_address(int af, int i; addr = exit_ipv6addr; - GNUNET_assert(ipv6prefix < 128); + GNUNET_assert (ipv6prefix < 128); if (ipv6prefix == 127) - { - /* only one valid IP anyway */ - local_address->address.ipv6 = addr; - return; - } + { + /* only one valid IP anyway */ + local_address->address.ipv6 = addr; + return; + } /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF, thus: */ mask = addr; @@ -1221,25 +1248,26 @@ setup_fresh_address(int af, /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */ do + { + for (i = 0; i < 16; i++) { - for (i = 0; i < 16; i++) - { - rnd.s6_addr[i] = (unsigned char)GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, - 256); - local_address->address.ipv6.s6_addr[i] - = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i]; - } + rnd.s6_addr[i] = (unsigned char) GNUNET_CRYPTO_random_u32 ( + GNUNET_CRYPTO_QUALITY_WEAK, + 256); + local_address->address.ipv6.s6_addr[i] + = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i]; } - while ((0 == GNUNET_memcmp(&local_address->address.ipv6, - &addr)) || - (0 == GNUNET_memcmp(&local_address->address.ipv6, - &mask))); + } + while ((0 == GNUNET_memcmp (&local_address->address.ipv6, + &addr)) || + (0 == GNUNET_memcmp (&local_address->address.ipv6, + &mask))); } break; - default: - GNUNET_assert(0); - } + default: + GNUNET_assert (0); + } } @@ -1265,62 +1293,63 @@ setup_fresh_address(int af, * used to test if a state has been fully setup). */ static void -setup_state_record(struct ChannelState *state) +setup_state_record (struct ChannelState *state) { struct GNUNET_HashCode key; struct ChannelState *s; /* generate fresh, unique address */ do - { - if (NULL == state->specifics.tcp_udp.serv) - setup_fresh_address(state->specifics.tcp_udp.ri.remote_address.af, - state->specifics.tcp_udp.ri.remote_address.proto, - &state->specifics.tcp_udp.ri.local_address); - else - setup_fresh_address(state->specifics.tcp_udp.serv->address.af, - state->specifics.tcp_udp.serv->address.proto, - &state->specifics.tcp_udp.ri.local_address); - } + { + if (NULL == state->specifics.tcp_udp.serv) + setup_fresh_address (state->specifics.tcp_udp.ri.remote_address.af, + state->specifics.tcp_udp.ri.remote_address.proto, + &state->specifics.tcp_udp.ri.local_address); + else + setup_fresh_address (state->specifics.tcp_udp.serv->address.af, + state->specifics.tcp_udp.serv->address.proto, + &state->specifics.tcp_udp.ri.local_address); + } while (NULL != - get_redirect_state(state->specifics.tcp_udp.ri.remote_address.af, - state->specifics.tcp_udp.ri.remote_address.proto, - &state->specifics.tcp_udp.ri.remote_address.address, - state->specifics.tcp_udp.ri.remote_address.port, - &state->specifics.tcp_udp.ri.local_address.address, - state->specifics.tcp_udp.ri.local_address.port, - &key)); + get_redirect_state (state->specifics.tcp_udp.ri.remote_address.af, + state->specifics.tcp_udp.ri.remote_address.proto, + &state->specifics.tcp_udp.ri.remote_address.address, + state->specifics.tcp_udp.ri.remote_address.port, + &state->specifics.tcp_udp.ri.local_address.address, + state->specifics.tcp_udp.ri.local_address.port, + &key)); { char buf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Picked local address %s:%u for new connection\n", - inet_ntop(state->specifics.tcp_udp.ri.local_address.af, - &state->specifics.tcp_udp.ri.local_address.address, - buf, - sizeof(buf)), - (unsigned int)state->specifics.tcp_udp.ri.local_address.port); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Picked local address %s:%u for new connection\n", + inet_ntop (state->specifics.tcp_udp.ri.local_address.af, + &state->specifics.tcp_udp.ri.local_address.address, + buf, + sizeof(buf)), + (unsigned int) state->specifics.tcp_udp.ri.local_address.port); } state->specifics.tcp_udp.state_key = key; - GNUNET_assert(GNUNET_OK == - GNUNET_CONTAINER_multihashmap_put(connections_map, - &key, state, - GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); + GNUNET_assert (GNUNET_OK == + GNUNET_CONTAINER_multihashmap_put (connections_map, + &key, state, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); state->specifics.tcp_udp.heap_node - = GNUNET_CONTAINER_heap_insert(connections_heap, - state, - GNUNET_TIME_absolute_get().abs_value_us); - while (GNUNET_CONTAINER_heap_get_size(connections_heap) > max_connections) - { - s = GNUNET_CONTAINER_heap_remove_root(connections_heap); - GNUNET_assert(state != s); - s->specifics.tcp_udp.heap_node = NULL; - GNUNET_CADET_channel_destroy(s->channel); - GNUNET_assert(GNUNET_OK == - GNUNET_CONTAINER_multihashmap_remove(connections_map, - &s->specifics.tcp_udp.state_key, + = GNUNET_CONTAINER_heap_insert (connections_heap, + state, + GNUNET_TIME_absolute_get ().abs_value_us); + while (GNUNET_CONTAINER_heap_get_size (connections_heap) > max_connections) + { + s = GNUNET_CONTAINER_heap_remove_root (connections_heap); + GNUNET_assert (state != s); + s->specifics.tcp_udp.heap_node = NULL; + GNUNET_CADET_channel_destroy (s->channel); + GNUNET_assert (GNUNET_OK == + GNUNET_CONTAINER_multihashmap_remove (connections_map, + &s->specifics.tcp_udp. + state_key, s)); - GNUNET_free(s); - } + GNUNET_free (s); + } } @@ -1333,91 +1362,94 @@ setup_state_record(struct ChannelState *state) * @param payload_length number of bytes of data in @a payload */ static void -send_udp_packet_via_tun(const struct SocketAddress *destination_address, - const struct SocketAddress *source_address, - const void *payload, size_t payload_length) +send_udp_packet_via_tun (const struct SocketAddress *destination_address, + const struct SocketAddress *source_address, + const void *payload, size_t payload_length) { size_t len; - GNUNET_STATISTICS_update(stats, - gettext_noop("# UDP packets sent via TUN"), - 1, GNUNET_NO); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Sending packet with %u bytes UDP payload via TUN\n", - (unsigned int)payload_length); - len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct GNUNET_TUN_Layer2PacketHeader); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# UDP packets sent via TUN"), + 1, GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Sending packet with %u bytes UDP payload via TUN\n", + (unsigned int) payload_length); + len = sizeof(struct GNUNET_MessageHeader) + sizeof(struct + GNUNET_TUN_Layer2PacketHeader); switch (source_address->af) - { - case AF_INET: - len += sizeof(struct GNUNET_TUN_IPv4Header); - break; + { + case AF_INET: + len += sizeof(struct GNUNET_TUN_IPv4Header); + break; - case AF_INET6: - len += sizeof(struct GNUNET_TUN_IPv6Header); - break; + case AF_INET6: + len += sizeof(struct GNUNET_TUN_IPv6Header); + break; - default: - GNUNET_break(0); - return; - } + default: + GNUNET_break (0); + return; + } len += sizeof(struct GNUNET_TUN_UdpHeader); len += payload_length; if (len >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } + { + GNUNET_break (0); + return; + } { char buf[len] GNUNET_ALIGN; struct GNUNET_MessageHeader *hdr; struct GNUNET_TUN_Layer2PacketHeader *tun; - hdr = (struct GNUNET_MessageHeader *)buf; - hdr->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - hdr->size = htons(len); - tun = (struct GNUNET_TUN_Layer2PacketHeader*)&hdr[1]; - tun->flags = htons(0); + hdr = (struct GNUNET_MessageHeader *) buf; + hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + hdr->size = htons (len); + tun = (struct GNUNET_TUN_Layer2PacketHeader*) &hdr[1]; + tun->flags = htons (0); switch (source_address->af) + { + case AF_INET: { - case AF_INET: - { - struct GNUNET_TUN_IPv4Header * ipv4 = (struct GNUNET_TUN_IPv4Header*)&tun[1]; - - tun->proto = htons(ETH_P_IPV4); - prepare_ipv4_packet(payload, - payload_length, - IPPROTO_UDP, - NULL, - source_address, - destination_address, - ipv4); + struct GNUNET_TUN_IPv4Header *ipv4 = (struct + GNUNET_TUN_IPv4Header*) &tun[1]; + + tun->proto = htons (ETH_P_IPV4); + prepare_ipv4_packet (payload, + payload_length, + IPPROTO_UDP, + NULL, + source_address, + destination_address, + ipv4); } break; - case AF_INET6: + case AF_INET6: { - struct GNUNET_TUN_IPv6Header * ipv6 = (struct GNUNET_TUN_IPv6Header*)&tun[1]; - - tun->proto = htons(ETH_P_IPV6); - prepare_ipv6_packet(payload, - payload_length, - IPPROTO_UDP, - NULL, - source_address, - destination_address, - ipv6); + struct GNUNET_TUN_IPv6Header *ipv6 = (struct + GNUNET_TUN_IPv6Header*) &tun[1]; + + tun->proto = htons (ETH_P_IPV6); + prepare_ipv6_packet (payload, + payload_length, + IPPROTO_UDP, + NULL, + source_address, + destination_address, + ipv6); } break; - default: - GNUNET_assert(0); - break; - } + default: + GNUNET_assert (0); + break; + } if (NULL != helper_handle) - (void)GNUNET_HELPER_send(helper_handle, - (const struct GNUNET_MessageHeader*)buf, - GNUNET_YES, - NULL, NULL); + (void) GNUNET_HELPER_send (helper_handle, + (const struct GNUNET_MessageHeader*) buf, + GNUNET_YES, + NULL, NULL); } } @@ -1431,16 +1463,16 @@ send_udp_packet_via_tun(const struct SocketAddress *destination_address, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_udp_remote(void *cls, - const struct GNUNET_EXIT_UdpInternetMessage *msg) +check_udp_remote (void *cls, + const struct GNUNET_EXIT_UdpInternetMessage *msg) { struct ChannelState *state = cls; if (GNUNET_YES == state->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1452,90 +1484,92 @@ check_udp_remote(void *cls, * @param msg the actual message */ static void -handle_udp_remote(void *cls, - const struct GNUNET_EXIT_UdpInternetMessage *msg) +handle_udp_remote (void *cls, + const struct GNUNET_EXIT_UdpInternetMessage *msg) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(msg->header.size) - sizeof(struct GNUNET_EXIT_UdpInternetMessage); + uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct + GNUNET_EXIT_UdpInternetMessage); const struct in_addr *v4; const struct in6_addr *v6; const void *payload; int af; if (GNUNET_SYSERR == state->is_dns) - { - /* channel is UDP/TCP from now on */ - state->is_dns = GNUNET_NO; - } - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# UDP IP-exit requests received via cadet"), - 1, GNUNET_NO); - af = (int)ntohl(msg->af); + { + /* channel is UDP/TCP from now on */ + state->is_dns = GNUNET_NO; + } + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# UDP IP-exit requests received via cadet"), + 1, GNUNET_NO); + af = (int) ntohl (msg->af); state->specifics.tcp_udp.ri.remote_address.af = af; switch (af) + { + case AF_INET: + if (pkt_len < sizeof(struct in_addr)) { - case AF_INET: - if (pkt_len < sizeof(struct in_addr)) - { - GNUNET_break_op(0); - return; - } - if (!ipv4_exit) - { - GNUNET_break_op(0); - return; - } - v4 = (const struct in_addr*)&msg[1]; - payload = &v4[1]; - pkt_len -= sizeof(struct in_addr); - state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4; - break; - - case AF_INET6: - if (pkt_len < sizeof(struct in6_addr)) - { - GNUNET_break_op(0); - return; - } - if (!ipv6_exit) - { - GNUNET_break_op(0); - return; - } - v6 = (const struct in6_addr*)&msg[1]; - payload = &v6[1]; - pkt_len -= sizeof(struct in6_addr); - state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6; - break; + GNUNET_break_op (0); + return; + } + if (! ipv4_exit) + { + GNUNET_break_op (0); + return; + } + v4 = (const struct in_addr*) &msg[1]; + payload = &v4[1]; + pkt_len -= sizeof(struct in_addr); + state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4; + break; - default: - GNUNET_break_op(0); + case AF_INET6: + if (pkt_len < sizeof(struct in6_addr)) + { + GNUNET_break_op (0); + return; + } + if (! ipv6_exit) + { + GNUNET_break_op (0); return; } + v6 = (const struct in6_addr*) &msg[1]; + payload = &v6[1]; + pkt_len -= sizeof(struct in6_addr); + state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6; + break; + + default: + GNUNET_break_op (0); + return; + } { char buf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received data from %s for forwarding to UDP %s:%u\n", - GNUNET_i2s(&state->peer), - inet_ntop(af, - &state->specifics.tcp_udp.ri.remote_address.address, - buf, sizeof(buf)), - (unsigned int)ntohs(msg->destination_port)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received data from %s for forwarding to UDP %s:%u\n", + GNUNET_i2s (&state->peer), + inet_ntop (af, + &state->specifics.tcp_udp.ri.remote_address.address, + buf, sizeof(buf)), + (unsigned int) ntohs (msg->destination_port)); } state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_UDP; state->specifics.tcp_udp.ri.remote_address.port = msg->destination_port; if (NULL == state->specifics.tcp_udp.heap_node) - setup_state_record(state); - if (0 != ntohs(msg->source_port)) + setup_state_record (state); + if (0 != ntohs (msg->source_port)) state->specifics.tcp_udp.ri.local_address.port = msg->source_port; - send_udp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - payload, - pkt_len); - GNUNET_CADET_receive_done(state->channel); + send_udp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + payload, + pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -1549,16 +1583,16 @@ handle_udp_remote(void *cls, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_udp_service(void *cls, - const struct GNUNET_EXIT_UdpServiceMessage *msg) +check_udp_service (void *cls, + const struct GNUNET_EXIT_UdpServiceMessage *msg) { struct ChannelState *state = cls; if (NULL == state->specifics.tcp_udp.serv) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1571,31 +1605,33 @@ check_udp_service(void *cls, * @param msg the actual message */ static void -handle_udp_service(void *cls, - const struct GNUNET_EXIT_UdpServiceMessage *msg) +handle_udp_service (void *cls, + const struct GNUNET_EXIT_UdpServiceMessage *msg) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(msg->header.size) - sizeof(struct GNUNET_EXIT_UdpServiceMessage); - - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# UDP service requests received via cadet"), - 1, GNUNET_NO); - LOG(GNUNET_ERROR_TYPE_DEBUG, - "Received data from %s for forwarding to UDP service %s on port %u\n", - GNUNET_i2s(&state->peer), - GNUNET_h2s(&state->specifics.tcp_udp.serv->descriptor), - (unsigned int)ntohs(msg->destination_port)); - setup_state_record(state); - if (0 != ntohs(msg->source_port)) + uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct + GNUNET_EXIT_UdpServiceMessage); + + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# UDP service requests received via cadet"), + 1, GNUNET_NO); + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Received data from %s for forwarding to UDP service %s on port %u\n", + GNUNET_i2s (&state->peer), + GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor), + (unsigned int) ntohs (msg->destination_port)); + setup_state_record (state); + if (0 != ntohs (msg->source_port)) state->specifics.tcp_udp.ri.local_address.port = msg->source_port; - send_udp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - &msg[1], - pkt_len); - GNUNET_CADET_receive_done(state->channel); + send_udp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + &msg[1], + pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -1609,39 +1645,41 @@ handle_udp_service(void *cls, * #GNUNET_SYSERR to close it (signal serious error) */ static void -handle_tcp_service(void *cls, - const struct GNUNET_EXIT_TcpServiceStartMessage *start) +handle_tcp_service (void *cls, + const struct GNUNET_EXIT_TcpServiceStartMessage *start) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(start->header.size) - sizeof(struct GNUNET_EXIT_TcpServiceStartMessage); + uint16_t pkt_len = ntohs (start->header.size) - sizeof(struct + GNUNET_EXIT_TcpServiceStartMessage); if (GNUNET_SYSERR == state->is_dns) - { - /* channel is UDP/TCP from now on */ - state->is_dns = GNUNET_NO; - } - GNUNET_STATISTICS_update(stats, - gettext_noop("# TCP service creation requests received via cadet"), - 1, - GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, - GNUNET_NO); - GNUNET_break_op(ntohl(start->reserved) == 0); + { + /* channel is UDP/TCP from now on */ + state->is_dns = GNUNET_NO; + } + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# TCP service creation requests received via cadet"), + 1, + GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, + GNUNET_NO); + GNUNET_break_op (ntohl (start->reserved) == 0); /* setup fresh connection */ - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received data from %s for forwarding to TCP service %s on port %u\n", - GNUNET_i2s(&state->peer), - GNUNET_h2s(&state->specifics.tcp_udp.serv->descriptor), - (unsigned int)ntohs(start->tcp_header.destination_port)); - setup_state_record(state); - send_tcp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - &start->tcp_header, - &start[1], - pkt_len); - GNUNET_CADET_receive_done(state->channel); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received data from %s for forwarding to TCP service %s on port %u\n", + GNUNET_i2s (&state->peer), + GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor), + (unsigned int) ntohs (start->tcp_header.destination_port)); + setup_state_record (state); + send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + &start->tcp_header, + &start[1], + pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -1654,32 +1692,32 @@ handle_tcp_service(void *cls, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_tcp_remote(void *cls, - const struct GNUNET_EXIT_TcpInternetStartMessage *start) +check_tcp_remote (void *cls, + const struct GNUNET_EXIT_TcpInternetStartMessage *start) { struct ChannelState *state = cls; if (NULL == state) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (GNUNET_YES == state->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if ((NULL != state->specifics.tcp_udp.serv) || (NULL != state->specifics.tcp_udp.heap_node)) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (start->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1691,88 +1729,91 @@ check_tcp_remote(void *cls, * @param start the actual message */ static void -handle_tcp_remote(void *cls, - const struct GNUNET_EXIT_TcpInternetStartMessage *start) +handle_tcp_remote (void *cls, + const struct GNUNET_EXIT_TcpInternetStartMessage *start) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(start->header.size) - sizeof(struct GNUNET_EXIT_TcpInternetStartMessage); + uint16_t pkt_len = ntohs (start->header.size) - sizeof(struct + GNUNET_EXIT_TcpInternetStartMessage); const struct in_addr *v4; const struct in6_addr *v6; const void *payload; int af; if (GNUNET_SYSERR == state->is_dns) - { - /* channel is UDP/TCP from now on */ - state->is_dns = GNUNET_NO; - } - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# TCP IP-exit creation requests received via cadet"), - 1, GNUNET_NO); - af = (int)ntohl(start->af); + { + /* channel is UDP/TCP from now on */ + state->is_dns = GNUNET_NO; + } + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# TCP IP-exit creation requests received via cadet"), + 1, GNUNET_NO); + af = (int) ntohl (start->af); state->specifics.tcp_udp.ri.remote_address.af = af; switch (af) + { + case AF_INET: + if (pkt_len < sizeof(struct in_addr)) { - case AF_INET: - if (pkt_len < sizeof(struct in_addr)) - { - GNUNET_break_op(0); - return; - } - if (!ipv4_exit) - { - GNUNET_break_op(0); - return; - } - v4 = (const struct in_addr*)&start[1]; - payload = &v4[1]; - pkt_len -= sizeof(struct in_addr); - state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4; - break; - - case AF_INET6: - if (pkt_len < sizeof(struct in6_addr)) - { - GNUNET_break_op(0); - return; - } - if (!ipv6_exit) - { - GNUNET_break_op(0); - return; - } - v6 = (const struct in6_addr*)&start[1]; - payload = &v6[1]; - pkt_len -= sizeof(struct in6_addr); - state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6; - break; + GNUNET_break_op (0); + return; + } + if (! ipv4_exit) + { + GNUNET_break_op (0); + return; + } + v4 = (const struct in_addr*) &start[1]; + payload = &v4[1]; + pkt_len -= sizeof(struct in_addr); + state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4; + break; - default: - GNUNET_break_op(0); + case AF_INET6: + if (pkt_len < sizeof(struct in6_addr)) + { + GNUNET_break_op (0); return; } + if (! ipv6_exit) + { + GNUNET_break_op (0); + return; + } + v6 = (const struct in6_addr*) &start[1]; + payload = &v6[1]; + pkt_len -= sizeof(struct in6_addr); + state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6; + break; + + default: + GNUNET_break_op (0); + return; + } { char buf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received payload from %s for existing TCP stream to %s:%u\n", - GNUNET_i2s(&state->peer), - inet_ntop(af, - &state->specifics.tcp_udp.ri.remote_address.address, - buf, sizeof(buf)), - (unsigned int)ntohs(start->tcp_header.destination_port)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received payload from %s for existing TCP stream to %s:%u\n", + GNUNET_i2s (&state->peer), + inet_ntop (af, + &state->specifics.tcp_udp.ri.remote_address.address, + buf, sizeof(buf)), + (unsigned int) ntohs (start->tcp_header.destination_port)); } state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_TCP; - state->specifics.tcp_udp.ri.remote_address.port = ntohs(start->tcp_header.destination_port); - setup_state_record(state); - send_tcp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - &start->tcp_header, - payload, - pkt_len); - GNUNET_CADET_receive_done(state->channel); + state->specifics.tcp_udp.ri.remote_address.port = ntohs ( + start->tcp_header.destination_port); + setup_state_record (state); + send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + &start->tcp_header, + payload, + pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -1786,31 +1827,32 @@ handle_tcp_remote(void *cls, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_tcp_data(void *cls, - const struct GNUNET_EXIT_TcpDataMessage *data) +check_tcp_data (void *cls, + const struct GNUNET_EXIT_TcpDataMessage *data) { struct ChannelState *state = cls; if ((NULL == state) || (NULL == state->specifics.tcp_udp.heap_node)) - { - /* connection should have been up! */ - GNUNET_STATISTICS_update(stats, - gettext_noop("# TCP DATA requests dropped (no session)"), - 1, GNUNET_NO); - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + /* connection should have been up! */ + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# TCP DATA requests dropped (no session)"), + 1, GNUNET_NO); + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (data->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (GNUNET_YES == state->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1823,42 +1865,44 @@ check_tcp_data(void *cls, * @param message the actual message */ static void -handle_tcp_data(void *cls, - const struct GNUNET_EXIT_TcpDataMessage *data) +handle_tcp_data (void *cls, + const struct GNUNET_EXIT_TcpDataMessage *data) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(data->header.size) - sizeof(struct GNUNET_EXIT_TcpDataMessage); - - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# TCP data requests received via cadet"), - 1, GNUNET_NO); + uint16_t pkt_len = ntohs (data->header.size) - sizeof(struct + GNUNET_EXIT_TcpDataMessage); + + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# TCP data requests received via cadet"), + 1, GNUNET_NO); if (GNUNET_SYSERR == state->is_dns) - { - /* channel is UDP/TCP from now on */ - state->is_dns = GNUNET_NO; - } + { + /* channel is UDP/TCP from now on */ + state->is_dns = GNUNET_NO; + } - GNUNET_break_op(ntohl(data->reserved) == 0); + GNUNET_break_op (ntohl (data->reserved) == 0); { char buf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received additional %u bytes of data from %s for TCP stream to %s:%u\n", - pkt_len, - GNUNET_i2s(&state->peer), - inet_ntop(state->specifics.tcp_udp.ri.remote_address.af, - &state->specifics.tcp_udp.ri.remote_address.address, - buf, sizeof(buf)), - (unsigned int)state->specifics.tcp_udp.ri.remote_address.port); - } - - send_tcp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - &data->tcp_header, - &data[1], pkt_len); - GNUNET_CADET_receive_done(state->channel); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received additional %u bytes of data from %s for TCP stream to %s:%u\n", + pkt_len, + GNUNET_i2s (&state->peer), + inet_ntop (state->specifics.tcp_udp.ri.remote_address.af, + &state->specifics.tcp_udp.ri.remote_address.address, + buf, sizeof(buf)), + (unsigned int) state->specifics.tcp_udp.ri.remote_address.port); + } + + send_tcp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + &data->tcp_header, + &data[1], pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -1872,19 +1916,23 @@ handle_tcp_data(void *cls, * also be the first 8 bytes of the TCP header */ static void -make_up_icmpv4_payload(struct ChannelState *state, - struct GNUNET_TUN_IPv4Header *ipp, - struct GNUNET_TUN_UdpHeader *udp) +make_up_icmpv4_payload (struct ChannelState *state, + struct GNUNET_TUN_IPv4Header *ipp, + struct GNUNET_TUN_UdpHeader *udp) { - GNUNET_TUN_initialize_ipv4_header(ipp, - state->specifics.tcp_udp.ri.remote_address.proto, - sizeof(struct GNUNET_TUN_TcpHeader), - &state->specifics.tcp_udp.ri.remote_address.address.ipv4, - &state->specifics.tcp_udp.ri.local_address.address.ipv4); - udp->source_port = htons(state->specifics.tcp_udp.ri.remote_address.port); - udp->destination_port = htons(state->specifics.tcp_udp.ri.local_address.port); - udp->len = htons(0); - udp->crc = htons(0); + GNUNET_TUN_initialize_ipv4_header (ipp, + state->specifics.tcp_udp.ri.remote_address. + proto, + sizeof(struct GNUNET_TUN_TcpHeader), + &state->specifics.tcp_udp.ri.remote_address + .address.ipv4, + &state->specifics.tcp_udp.ri.local_address. + address.ipv4); + udp->source_port = htons (state->specifics.tcp_udp.ri.remote_address.port); + udp->destination_port = htons ( + state->specifics.tcp_udp.ri.local_address.port); + udp->len = htons (0); + udp->crc = htons (0); } @@ -1898,19 +1946,23 @@ make_up_icmpv4_payload(struct ChannelState *state, * also be the first 8 bytes of the TCP header */ static void -make_up_icmpv6_payload(struct ChannelState *state, - struct GNUNET_TUN_IPv6Header *ipp, - struct GNUNET_TUN_UdpHeader *udp) +make_up_icmpv6_payload (struct ChannelState *state, + struct GNUNET_TUN_IPv6Header *ipp, + struct GNUNET_TUN_UdpHeader *udp) { - GNUNET_TUN_initialize_ipv6_header(ipp, - state->specifics.tcp_udp.ri.remote_address.proto, - sizeof(struct GNUNET_TUN_TcpHeader), - &state->specifics.tcp_udp.ri.remote_address.address.ipv6, - &state->specifics.tcp_udp.ri.local_address.address.ipv6); - udp->source_port = htons(state->specifics.tcp_udp.ri.remote_address.port); - udp->destination_port = htons(state->specifics.tcp_udp.ri.local_address.port); - udp->len = htons(0); - udp->crc = htons(0); + GNUNET_TUN_initialize_ipv6_header (ipp, + state->specifics.tcp_udp.ri.remote_address. + proto, + sizeof(struct GNUNET_TUN_TcpHeader), + &state->specifics.tcp_udp.ri.remote_address + .address.ipv6, + &state->specifics.tcp_udp.ri.local_address. + address.ipv6); + udp->source_port = htons (state->specifics.tcp_udp.ri.remote_address.port); + udp->destination_port = htons ( + state->specifics.tcp_udp.ri.local_address.port); + udp->len = htons (0); + udp->crc = htons (0); } @@ -1923,16 +1975,16 @@ make_up_icmpv6_payload(struct ChannelState *state, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_icmp_remote(void *cls, - const struct GNUNET_EXIT_IcmpInternetMessage *msg) +check_icmp_remote (void *cls, + const struct GNUNET_EXIT_IcmpInternetMessage *msg) { struct ChannelState *state = cls; if (GNUNET_YES == state->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1944,11 +1996,12 @@ check_icmp_remote(void *cls, * @param msg the actual message */ static void -handle_icmp_remote(void *cls, - const struct GNUNET_EXIT_IcmpInternetMessage *msg) +handle_icmp_remote (void *cls, + const struct GNUNET_EXIT_IcmpInternetMessage *msg) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(msg->header.size) - sizeof(struct GNUNET_EXIT_IcmpInternetMessage); + uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct + GNUNET_EXIT_IcmpInternetMessage); const struct in_addr *v4; const struct in6_addr *v6; const void *payload; @@ -1956,171 +2009,178 @@ handle_icmp_remote(void *cls, int af; if (GNUNET_SYSERR == state->is_dns) - { - /* channel is UDP/TCP from now on */ - state->is_dns = GNUNET_NO; - } - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMP IP-exit requests received via cadet"), - 1, GNUNET_NO); - - af = (int)ntohl(msg->af); + { + /* channel is UDP/TCP from now on */ + state->is_dns = GNUNET_NO; + } + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMP IP-exit requests received via cadet"), + 1, GNUNET_NO); + + af = (int) ntohl (msg->af); if ((NULL != state->specifics.tcp_udp.heap_node) && (af != state->specifics.tcp_udp.ri.remote_address.af)) + { + /* other peer switched AF on this channel; not allowed */ + GNUNET_break_op (0); + return; + } + + switch (af) + { + case AF_INET: + if (pkt_len < sizeof(struct in_addr)) + { + GNUNET_break_op (0); + return; + } + if (! ipv4_exit) + { + GNUNET_break_op (0); + return; + } + v4 = (const struct in_addr*) &msg[1]; + payload = &v4[1]; + pkt_len -= sizeof(struct in_addr); + state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4; + if (NULL == state->specifics.tcp_udp.heap_node) + { + state->specifics.tcp_udp.ri.remote_address.af = af; + state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMP; + setup_state_record (state); + } + /* check that ICMP type is something we want to support + and possibly make up payload! */ + switch (msg->icmp_header.type) { - /* other peer switched AF on this channel; not allowed */ - GNUNET_break_op(0); + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: + break; + + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + /* make up payload */ + { + struct GNUNET_TUN_IPv4Header *ipp = (struct + GNUNET_TUN_IPv4Header *) buf; + struct GNUNET_TUN_UdpHeader *udp = (struct + GNUNET_TUN_UdpHeader *) &ipp[1]; + + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + pkt_len = sizeof(struct GNUNET_TUN_IPv4Header) + 8; + make_up_icmpv4_payload (state, + ipp, + udp); + payload = ipp; + } + break; + + default: + GNUNET_break_op (0); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv4 packets dropped (type not allowed)"), + 1, GNUNET_NO); return; } + /* end AF_INET */ + break; - switch (af) + case AF_INET6: + if (pkt_len < sizeof(struct in6_addr)) { - case AF_INET: - if (pkt_len < sizeof(struct in_addr)) - { - GNUNET_break_op(0); - return; - } - if (!ipv4_exit) - { - GNUNET_break_op(0); - return; - } - v4 = (const struct in_addr*)&msg[1]; - payload = &v4[1]; - pkt_len -= sizeof(struct in_addr); - state->specifics.tcp_udp.ri.remote_address.address.ipv4 = *v4; - if (NULL == state->specifics.tcp_udp.heap_node) - { - state->specifics.tcp_udp.ri.remote_address.af = af; - state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMP; - setup_state_record(state); - } - /* check that ICMP type is something we want to support - and possibly make up payload! */ - switch (msg->icmp_header.type) - { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - /* make up payload */ - { - struct GNUNET_TUN_IPv4Header *ipp = (struct GNUNET_TUN_IPv4Header *)buf; - struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - pkt_len = sizeof(struct GNUNET_TUN_IPv4Header) + 8; - make_up_icmpv4_payload(state, - ipp, - udp); - payload = ipp; - } - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv4 packets dropped (type not allowed)"), - 1, GNUNET_NO); - return; - } - /* end AF_INET */ + GNUNET_break_op (0); + return; + } + if (! ipv6_exit) + { + GNUNET_break_op (0); + return; + } + v6 = (const struct in6_addr*) &msg[1]; + payload = &v6[1]; + pkt_len -= sizeof(struct in6_addr); + state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6; + if (NULL == state->specifics.tcp_udp.heap_node) + { + state->specifics.tcp_udp.ri.remote_address.af = af; + state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMPV6; + setup_state_record (state); + } + /* check that ICMP type is something we want to support + and possibly make up payload! */ + switch (msg->icmp_header.type) + { + case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: break; - case AF_INET6: - if (pkt_len < sizeof(struct in6_addr)) - { - GNUNET_break_op(0); - return; - } - if (!ipv6_exit) - { - GNUNET_break_op(0); - return; - } - v6 = (const struct in6_addr*)&msg[1]; - payload = &v6[1]; - pkt_len -= sizeof(struct in6_addr); - state->specifics.tcp_udp.ri.remote_address.address.ipv6 = *v6; - if (NULL == state->specifics.tcp_udp.heap_node) - { - state->specifics.tcp_udp.ri.remote_address.af = af; - state->specifics.tcp_udp.ri.remote_address.proto = IPPROTO_ICMPV6; - setup_state_record(state); - } - /* check that ICMP type is something we want to support - and possibly make up payload! */ - switch (msg->icmp_header.type) - { - case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - break; - - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - /* make up payload */ - { - struct GNUNET_TUN_IPv6Header *ipp = (struct GNUNET_TUN_IPv6Header *)buf; - struct GNUNET_TUN_UdpHeader *udp = (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - pkt_len = sizeof(struct GNUNET_TUN_IPv6Header) + 8; - make_up_icmpv6_payload(state, - ipp, - udp); - payload = ipp; - } - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv6 packets dropped (type not allowed)"), - 1, GNUNET_NO); - return; - } - /* end AF_INET6 */ + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + /* make up payload */ + { + struct GNUNET_TUN_IPv6Header *ipp = (struct + GNUNET_TUN_IPv6Header *) buf; + struct GNUNET_TUN_UdpHeader *udp = (struct + GNUNET_TUN_UdpHeader *) &ipp[1]; + + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + pkt_len = sizeof(struct GNUNET_TUN_IPv6Header) + 8; + make_up_icmpv6_payload (state, + ipp, + udp); + payload = ipp; + } break; default: - /* bad AF */ - GNUNET_break_op(0); + GNUNET_break_op (0); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv6 packets dropped (type not allowed)"), + 1, GNUNET_NO); return; } + /* end AF_INET6 */ + break; + + default: + /* bad AF */ + GNUNET_break_op (0); + return; + } { char buf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received ICMP data from %s for forwarding to %s\n", - GNUNET_i2s(&state->peer), - inet_ntop(af, - &state->specifics.tcp_udp.ri.remote_address.address, - buf, sizeof(buf))); - } - send_icmp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - &msg->icmp_header, - payload, pkt_len); - GNUNET_CADET_receive_done(state->channel); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received ICMP data from %s for forwarding to %s\n", + GNUNET_i2s (&state->peer), + inet_ntop (af, + &state->specifics.tcp_udp.ri.remote_address.address, + buf, sizeof(buf))); + } + send_icmp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + &msg->icmp_header, + payload, pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -2134,44 +2194,44 @@ handle_icmp_remote(void *cls, * @return number of bytes of payload we created in buf */ static uint16_t -make_up_icmp_service_payload(struct ChannelState *state, - char *buf) +make_up_icmp_service_payload (struct ChannelState *state, + char *buf) { switch (state->specifics.tcp_udp.serv->address.af) - { - case AF_INET: + { + case AF_INET: { struct GNUNET_TUN_IPv4Header *ipv4; struct GNUNET_TUN_UdpHeader *udp; - ipv4 = (struct GNUNET_TUN_IPv4Header *)buf; - udp = (struct GNUNET_TUN_UdpHeader *)&ipv4[1]; - make_up_icmpv4_payload(state, - ipv4, - udp); - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); + ipv4 = (struct GNUNET_TUN_IPv4Header *) buf; + udp = (struct GNUNET_TUN_UdpHeader *) &ipv4[1]; + make_up_icmpv4_payload (state, + ipv4, + udp); + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); return sizeof(struct GNUNET_TUN_IPv4Header) + 8; } break; - case AF_INET6: + case AF_INET6: { struct GNUNET_TUN_IPv6Header *ipv6; struct GNUNET_TUN_UdpHeader *udp; - ipv6 = (struct GNUNET_TUN_IPv6Header *)buf; - udp = (struct GNUNET_TUN_UdpHeader *)&ipv6[1]; - make_up_icmpv6_payload(state, - ipv6, - udp); - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); + ipv6 = (struct GNUNET_TUN_IPv6Header *) buf; + udp = (struct GNUNET_TUN_UdpHeader *) &ipv6[1]; + make_up_icmpv6_payload (state, + ipv6, + udp); + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); return sizeof(struct GNUNET_TUN_IPv6Header) + 8; } break; - default: - GNUNET_break(0); - } + default: + GNUNET_break (0); + } return 0; } @@ -2186,21 +2246,21 @@ make_up_icmp_service_payload(struct ChannelState *state, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_icmp_service(void *cls, - const struct GNUNET_EXIT_IcmpServiceMessage *msg) +check_icmp_service (void *cls, + const struct GNUNET_EXIT_IcmpServiceMessage *msg) { struct ChannelState *state = cls; if (GNUNET_YES == state->is_dns) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (NULL == state->specifics.tcp_udp.serv) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -2213,176 +2273,182 @@ check_icmp_service(void *cls, * @param msg the actual message */ static void -handle_icmp_service(void *cls, - const struct GNUNET_EXIT_IcmpServiceMessage *msg) +handle_icmp_service (void *cls, + const struct GNUNET_EXIT_IcmpServiceMessage *msg) { struct ChannelState *state = cls; - uint16_t pkt_len = ntohs(msg->header.size) - sizeof(struct GNUNET_EXIT_IcmpServiceMessage); + uint16_t pkt_len = ntohs (msg->header.size) - sizeof(struct + GNUNET_EXIT_IcmpServiceMessage); struct GNUNET_TUN_IcmpHeader icmp; char buf[sizeof(struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN; const void *payload; - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from CADET"), - pkt_len, GNUNET_NO); - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMP service requests received via cadet"), - 1, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from CADET"), + pkt_len, GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMP service requests received via cadet"), + 1, GNUNET_NO); /* check that we got at least a valid header */ - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received data from %s for forwarding to ICMP service %s\n", - GNUNET_i2s(&state->peer), - GNUNET_h2s(&state->specifics.tcp_udp.serv->descriptor)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received data from %s for forwarding to ICMP service %s\n", + GNUNET_i2s (&state->peer), + GNUNET_h2s (&state->specifics.tcp_udp.serv->descriptor)); icmp = msg->icmp_header; payload = &msg[1]; state->specifics.tcp_udp.ri.remote_address = state->specifics.tcp_udp.serv->address; - setup_state_record(state); + setup_state_record (state); /* check that ICMP type is something we want to support, perform ICMP PT if needed ans possibly make up payload */ switch (msg->af) + { + case AF_INET: + switch (msg->icmp_header.type) { - case AF_INET: - switch (msg->icmp_header.type) - { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - if (state->specifics.tcp_udp.serv->address.af == AF_INET6) - icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; - break; - - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - if (state->specifics.tcp_udp.serv->address.af == AF_INET6) - icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - if (state->specifics.tcp_udp.serv->address.af == AF_INET6) - icmp.type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - payload = buf; - pkt_len = make_up_icmp_service_payload(state, buf); - break; - - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: - if (state->specifics.tcp_udp.serv->address.af == AF_INET6) - icmp.type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - payload = buf; - pkt_len = make_up_icmp_service_payload(state, buf); - break; - - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - if (state->specifics.tcp_udp.serv->address.af == AF_INET6) - { - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv4 packets dropped (impossible PT to v6)"), - 1, GNUNET_NO); - return; - } - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - payload = buf; - pkt_len = make_up_icmp_service_payload(state, buf); - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv4 packets dropped (type not allowed)"), - 1, GNUNET_NO); - return; - } - /* end of AF_INET */ + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + if (state->specifics.tcp_udp.serv->address.af == AF_INET6) + icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; break; - case AF_INET6: - switch (msg->icmp_header.type) - { - case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: - if (state->specifics.tcp_udp.serv->address.af == AF_INET) - icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - if (state->specifics.tcp_udp.serv->address.af == AF_INET) - icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; - break; - - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - if (state->specifics.tcp_udp.serv->address.af == AF_INET) - icmp.type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - payload = buf; - pkt_len = make_up_icmp_service_payload(state, buf); - break; - - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - if (state->specifics.tcp_udp.serv->address.af == AF_INET) - icmp.type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - payload = buf; - pkt_len = make_up_icmp_service_payload(state, buf); - break; - - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: - if (state->specifics.tcp_udp.serv->address.af == AF_INET) - { - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), - 1, GNUNET_NO); - return; - } - if (0 != pkt_len) - { - GNUNET_break_op(0); - return; - } - payload = buf; - pkt_len = make_up_icmp_service_payload(state, buf); - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv6 packets dropped (type not allowed)"), - 1, GNUNET_NO); - return; - } - /* end of AF_INET6 */ + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: + if (state->specifics.tcp_udp.serv->address.af == AF_INET6) + icmp.type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; break; - default: - GNUNET_break_op(0); - return; - } - - send_icmp_packet_via_tun(&state->specifics.tcp_udp.ri.remote_address, - &state->specifics.tcp_udp.ri.local_address, - &icmp, - payload, - pkt_len); - GNUNET_CADET_receive_done(state->channel); + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + if (state->specifics.tcp_udp.serv->address.af == AF_INET6) + icmp.type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + payload = buf; + pkt_len = make_up_icmp_service_payload (state, buf); + break; + + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: + if (state->specifics.tcp_udp.serv->address.af == AF_INET6) + icmp.type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + payload = buf; + pkt_len = make_up_icmp_service_payload (state, buf); + break; + + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + if (state->specifics.tcp_udp.serv->address.af == AF_INET6) + { + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv4 packets dropped (impossible PT to v6)"), + 1, GNUNET_NO); + return; + } + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + payload = buf; + pkt_len = make_up_icmp_service_payload (state, buf); + break; + + default: + GNUNET_break_op (0); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv4 packets dropped (type not allowed)"), + 1, GNUNET_NO); + return; + } + /* end of AF_INET */ + break; + + case AF_INET6: + switch (msg->icmp_header.type) + { + case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: + if (state->specifics.tcp_udp.serv->address.af == AF_INET) + icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; + break; + + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: + if (state->specifics.tcp_udp.serv->address.af == AF_INET) + icmp.type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; + break; + + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + if (state->specifics.tcp_udp.serv->address.af == AF_INET) + icmp.type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + payload = buf; + pkt_len = make_up_icmp_service_payload (state, buf); + break; + + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + if (state->specifics.tcp_udp.serv->address.af == AF_INET) + icmp.type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + payload = buf; + pkt_len = make_up_icmp_service_payload (state, buf); + break; + + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: + if (state->specifics.tcp_udp.serv->address.af == AF_INET) + { + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv6 packets dropped (impossible PT to v4)"), + 1, GNUNET_NO); + return; + } + if (0 != pkt_len) + { + GNUNET_break_op (0); + return; + } + payload = buf; + pkt_len = make_up_icmp_service_payload (state, buf); + break; + + default: + GNUNET_break_op (0); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv6 packets dropped (type not allowed)"), + 1, GNUNET_NO); + return; + } + /* end of AF_INET6 */ + break; + + default: + GNUNET_break_op (0); + return; + } + + send_icmp_packet_via_tun (&state->specifics.tcp_udp.ri.remote_address, + &state->specifics.tcp_udp.ri.local_address, + &icmp, + payload, + pkt_len); + GNUNET_CADET_receive_done (state->channel); } @@ -2395,19 +2461,19 @@ handle_icmp_service(void *cls, * @return #GNUNET_OK */ static int -free_service_record(void *cls, - const struct GNUNET_HashCode *key, - void *value) +free_service_record (void *cls, + const struct GNUNET_HashCode *key, + void *value) { struct LocalService *service = value; - GNUNET_assert(GNUNET_YES == - GNUNET_CONTAINER_multihashmap_remove(services, - key, - service)); - GNUNET_CADET_close_port(service->port); - GNUNET_free_non_null(service->name); - GNUNET_free(service); + GNUNET_assert (GNUNET_YES == + GNUNET_CONTAINER_multihashmap_remove (services, + key, + service)); + GNUNET_CADET_close_port (service->port); + GNUNET_free_non_null (service->name); + GNUNET_free (service); return GNUNET_OK; } @@ -2421,21 +2487,21 @@ free_service_record(void *cls, * @return initial channel context for the channel */ static void * -new_service_channel(void *cls, - struct GNUNET_CADET_Channel *channel, - const struct GNUNET_PeerIdentity *initiator) +new_service_channel (void *cls, + struct GNUNET_CADET_Channel *channel, + const struct GNUNET_PeerIdentity *initiator) { struct LocalService *ls = cls; - struct ChannelState *s = GNUNET_new(struct ChannelState); + struct ChannelState *s = GNUNET_new (struct ChannelState); s->peer = *initiator; - GNUNET_STATISTICS_update(stats, - gettext_noop("# Inbound CADET channels created"), - 1, - GNUNET_NO); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received inbound channel from `%s'\n", - GNUNET_i2s(initiator)); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Inbound CADET channels created"), + 1, + GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received inbound channel from `%s'\n", + GNUNET_i2s (initiator)); s->channel = channel; s->specifics.tcp_udp.serv = ls; s->specifics.tcp_udp.ri.remote_address = ls->address; @@ -2451,36 +2517,37 @@ new_service_channel(void *cls, * @param channel connection to the other end (henceforth invalid) */ static void -clean_channel(void *cls, - const struct GNUNET_CADET_Channel *channel) +clean_channel (void *cls, + const struct GNUNET_CADET_Channel *channel) { struct ChannelState *s = cls; - LOG(GNUNET_ERROR_TYPE_DEBUG, - "Channel destroyed\n"); + LOG (GNUNET_ERROR_TYPE_DEBUG, + "Channel destroyed\n"); if (GNUNET_SYSERR == s->is_dns) - { - GNUNET_free(s); - return; - } + { + GNUNET_free (s); + return; + } if (GNUNET_YES == s->is_dns) - { - if (channels[s->specifics.dns.my_id] == s) - channels[s->specifics.dns.my_id] = NULL; - } + { + if (channels[s->specifics.dns.my_id] == s) + channels[s->specifics.dns.my_id] = NULL; + } else + { + if (NULL != s->specifics.tcp_udp.heap_node) { - if (NULL != s->specifics.tcp_udp.heap_node) - { - GNUNET_assert(GNUNET_YES == - GNUNET_CONTAINER_multihashmap_remove(connections_map, - &s->specifics.tcp_udp.state_key, - s)); - GNUNET_CONTAINER_heap_remove_node(s->specifics.tcp_udp.heap_node); - s->specifics.tcp_udp.heap_node = NULL; - } + GNUNET_assert (GNUNET_YES == + GNUNET_CONTAINER_multihashmap_remove (connections_map, + &s->specifics.tcp_udp + .state_key, + s)); + GNUNET_CONTAINER_heap_remove_node (s->specifics.tcp_udp.heap_node); + s->specifics.tcp_udp.heap_node = NULL; } - GNUNET_free(s); + } + GNUNET_free (s); } @@ -2494,66 +2561,66 @@ clean_channel(void *cls, * @param service service information record to store (service->name will be set). */ static void -store_service(int proto, - const char *name, - uint16_t destination_port, - struct LocalService *service) +store_service (int proto, + const char *name, + uint16_t destination_port, + struct LocalService *service) { struct GNUNET_MQ_MessageHandler handlers[] = { - GNUNET_MQ_hd_var_size(icmp_service, - GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE, - struct GNUNET_EXIT_IcmpServiceMessage, - service), - GNUNET_MQ_hd_var_size(udp_service, - GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, - struct GNUNET_EXIT_UdpServiceMessage, - service), - GNUNET_MQ_hd_var_size(tcp_service, - GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, - struct GNUNET_EXIT_TcpServiceStartMessage, - service), - GNUNET_MQ_hd_var_size(tcp_data, - GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, - struct GNUNET_EXIT_TcpDataMessage, - service), - GNUNET_MQ_handler_end() + GNUNET_MQ_hd_var_size (icmp_service, + GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE, + struct GNUNET_EXIT_IcmpServiceMessage, + service), + GNUNET_MQ_hd_var_size (udp_service, + GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, + struct GNUNET_EXIT_UdpServiceMessage, + service), + GNUNET_MQ_hd_var_size (tcp_service, + GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, + struct GNUNET_EXIT_TcpServiceStartMessage, + service), + GNUNET_MQ_hd_var_size (tcp_data, + GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, + struct GNUNET_EXIT_TcpDataMessage, + service), + GNUNET_MQ_handler_end () }; struct GNUNET_HashCode cadet_port; - service->name = GNUNET_strdup(name); - GNUNET_TUN_service_name_to_hash(name, - &service->descriptor); - GNUNET_TUN_compute_service_cadet_port(&service->descriptor, - destination_port, - &cadet_port); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Opening CADET port %s for SERVICE exit %s on port %u\n", - GNUNET_h2s(&cadet_port), - name, - (unsigned int)destination_port); - service->port = GNUNET_CADET_open_port(cadet_handle, - &cadet_port, - &new_service_channel, - service, - NULL, - &clean_channel, - handlers); + service->name = GNUNET_strdup (name); + GNUNET_TUN_service_name_to_hash (name, + &service->descriptor); + GNUNET_TUN_compute_service_cadet_port (&service->descriptor, + destination_port, + &cadet_port); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Opening CADET port %s for SERVICE exit %s on port %u\n", + GNUNET_h2s (&cadet_port), + name, + (unsigned int) destination_port); + service->port = GNUNET_CADET_open_port (cadet_handle, + &cadet_port, + &new_service_channel, + service, + NULL, + &clean_channel, + handlers); service->is_udp = (IPPROTO_UDP == proto); if (GNUNET_OK != - GNUNET_CONTAINER_multihashmap_put(services, - &cadet_port, - service, - GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)) - { - GNUNET_CADET_close_port(service->port); - GNUNET_free_non_null(service->name); - GNUNET_free(service); - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("Got duplicate service records for `%s:%u'\n"), - name, - (unsigned int)destination_port); - } + GNUNET_CONTAINER_multihashmap_put (services, + &cadet_port, + service, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)) + { + GNUNET_CADET_close_port (service->port); + GNUNET_free_non_null (service->name); + GNUNET_free (service); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ("Got duplicate service records for `%s:%u'\n"), + name, + (unsigned int) destination_port); + } } @@ -2564,16 +2631,17 @@ store_service(int proto, * @param env message to queue */ static void -send_packet_to_cadet_channel(struct ChannelState *s, - struct GNUNET_MQ_Envelope *env) +send_packet_to_cadet_channel (struct ChannelState *s, + struct GNUNET_MQ_Envelope *env) { - GNUNET_assert(NULL != s); - GNUNET_STATISTICS_update(stats, - gettext_noop("# Messages transmitted via cadet channels"), - 1, - GNUNET_NO); - GNUNET_MQ_send(GNUNET_CADET_get_mq(s->channel), - env); + GNUNET_assert (NULL != s); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# Messages transmitted via cadet channels"), + 1, + GNUNET_NO); + GNUNET_MQ_send (GNUNET_CADET_get_mq (s->channel), + env); } @@ -2589,11 +2657,11 @@ send_packet_to_cadet_channel(struct ChannelState *s, * be the original destination address) */ static void -icmp_from_helper(const struct GNUNET_TUN_IcmpHeader *icmp, - size_t pktlen, - int af, - const void *destination_ip, - const void *source_ip) +icmp_from_helper (const struct GNUNET_TUN_IcmpHeader *icmp, + size_t pktlen, + int af, + const void *destination_ip, + const void *source_ip) { struct ChannelState *state; struct GNUNET_MQ_Envelope *env; @@ -2608,22 +2676,22 @@ icmp_from_helper(const struct GNUNET_TUN_IcmpHeader *icmp, { char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received ICMP packet going from %s to %s\n", - inet_ntop(af, - source_ip, - sbuf, sizeof(sbuf)), - inet_ntop(af, - destination_ip, - dbuf, sizeof(dbuf))); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received ICMP packet going from %s to %s\n", + inet_ntop (af, + source_ip, + sbuf, sizeof(sbuf)), + inet_ntop (af, + destination_ip, + dbuf, sizeof(dbuf))); } if (pktlen < sizeof(struct GNUNET_TUN_IcmpHeader)) - { - /* blame kernel */ - GNUNET_break(0); - return; - } + { + /* blame kernel */ + GNUNET_break (0); + return; + } /* Find out if this is an ICMP packet in response to an existing TCP/UDP packet and if so, figure out ports / protocol of the @@ -2631,153 +2699,157 @@ icmp_from_helper(const struct GNUNET_TUN_IcmpHeader *icmp, source_port = 0; destination_port = 0; switch (af) + { + case AF_INET: + protocol = IPPROTO_ICMP; + switch (icmp->type) { - case AF_INET: - protocol = IPPROTO_ICMP; - switch (icmp->type) - { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: - if (pktlen < - sizeof(struct GNUNET_TUN_IcmpHeader) + - sizeof(struct GNUNET_TUN_IPv4Header) + 8) - { - /* blame kernel */ - GNUNET_break(0); - return; - } - ipv4 = (const struct GNUNET_TUN_IPv4Header *)&icmp[1]; - protocol = ipv4->protocol; - /* could be TCP or UDP, but both have the ports in the right - place, so that doesn't matter here */ - udp = (const struct GNUNET_TUN_UdpHeader *)&ipv4[1]; - /* swap ports, as they are from the original message */ - destination_port = ntohs(udp->source_port); - source_port = ntohs(udp->destination_port); - /* throw away ICMP payload, won't be useful for the other side anyway */ - pktlen = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - default: - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv4 packets dropped (type not allowed)"), - 1, GNUNET_NO); - return; - } + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: break; - case AF_INET6: - protocol = IPPROTO_ICMPV6; - switch (icmp->type) - { - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: - if (pktlen < - sizeof(struct GNUNET_TUN_IcmpHeader) + - sizeof(struct GNUNET_TUN_IPv6Header) + 8) - { - /* blame kernel */ - GNUNET_break(0); - return; - } - ipv6 = (const struct GNUNET_TUN_IPv6Header *)&icmp[1]; - protocol = ipv6->next_header; - /* could be TCP or UDP, but both have the ports in the right - place, so that doesn't matter here */ - udp = (const struct GNUNET_TUN_UdpHeader *)&ipv6[1]; - /* swap ports, as they are from the original message */ - destination_port = ntohs(udp->source_port); - source_port = ntohs(udp->destination_port); - /* throw away ICMP payload, won't be useful for the other side anyway */ - pktlen = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: - break; - - default: - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMPv6 packets dropped (type not allowed)"), - 1, GNUNET_NO); - return; - } + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: + if (pktlen < + sizeof(struct GNUNET_TUN_IcmpHeader) + + sizeof(struct GNUNET_TUN_IPv4Header) + 8) + { + /* blame kernel */ + GNUNET_break (0); + return; + } + ipv4 = (const struct GNUNET_TUN_IPv4Header *) &icmp[1]; + protocol = ipv4->protocol; + /* could be TCP or UDP, but both have the ports in the right + place, so that doesn't matter here */ + udp = (const struct GNUNET_TUN_UdpHeader *) &ipv4[1]; + /* swap ports, as they are from the original message */ + destination_port = ntohs (udp->source_port); + source_port = ntohs (udp->destination_port); + /* throw away ICMP payload, won't be useful for the other side anyway */ + pktlen = sizeof(struct GNUNET_TUN_IcmpHeader); break; default: - GNUNET_assert(0); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv4 packets dropped (type not allowed)"), + 1, GNUNET_NO); + return; } - switch (protocol) - { - case IPPROTO_ICMP: - state = get_redirect_state(af, - IPPROTO_ICMP, - source_ip, - 0, - destination_ip, - 0, - NULL); - break; + break; - case IPPROTO_ICMPV6: - state = get_redirect_state(af, - IPPROTO_ICMPV6, - source_ip, - 0, - destination_ip, - 0, - NULL); + case AF_INET6: + protocol = IPPROTO_ICMPV6; + switch (icmp->type) + { + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: + if (pktlen < + sizeof(struct GNUNET_TUN_IcmpHeader) + + sizeof(struct GNUNET_TUN_IPv6Header) + 8) + { + /* blame kernel */ + GNUNET_break (0); + return; + } + ipv6 = (const struct GNUNET_TUN_IPv6Header *) &icmp[1]; + protocol = ipv6->next_header; + /* could be TCP or UDP, but both have the ports in the right + place, so that doesn't matter here */ + udp = (const struct GNUNET_TUN_UdpHeader *) &ipv6[1]; + /* swap ports, as they are from the original message */ + destination_port = ntohs (udp->source_port); + source_port = ntohs (udp->destination_port); + /* throw away ICMP payload, won't be useful for the other side anyway */ + pktlen = sizeof(struct GNUNET_TUN_IcmpHeader); break; - case IPPROTO_UDP: - state = get_redirect_state(af, - IPPROTO_UDP, - source_ip, - source_port, - destination_ip, - destination_port, - NULL); - break; - - case IPPROTO_TCP: - state = get_redirect_state(af, - IPPROTO_TCP, - source_ip, - source_port, - destination_ip, - destination_port, - NULL); + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: + case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: break; default: - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMP packets dropped (not allowed)"), - 1, - GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv6 packets dropped (type not allowed)"), + 1, GNUNET_NO); return; } + break; + + default: + GNUNET_assert (0); + } + switch (protocol) + { + case IPPROTO_ICMP: + state = get_redirect_state (af, + IPPROTO_ICMP, + source_ip, + 0, + destination_ip, + 0, + NULL); + break; + + case IPPROTO_ICMPV6: + state = get_redirect_state (af, + IPPROTO_ICMPV6, + source_ip, + 0, + destination_ip, + 0, + NULL); + break; + + case IPPROTO_UDP: + state = get_redirect_state (af, + IPPROTO_UDP, + source_ip, + source_port, + destination_ip, + destination_port, + NULL); + break; + + case IPPROTO_TCP: + state = get_redirect_state (af, + IPPROTO_TCP, + source_ip, + source_port, + destination_ip, + destination_port, + NULL); + break; + + default: + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMP packets dropped (not allowed)"), + 1, + GNUNET_NO); + return; + } if (NULL == state) - { - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _("ICMP Packet dropped, have no matching connection information\n")); - return; - } - env = GNUNET_MQ_msg_extra(i2v, - pktlen - sizeof(struct GNUNET_TUN_IcmpHeader), - GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN); - i2v->af = htonl(af); - GNUNET_memcpy(&i2v->icmp_header, - icmp, - pktlen); - send_packet_to_cadet_channel(state, - env); + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ( + "ICMP Packet dropped, have no matching connection information\n")); + return; + } + env = GNUNET_MQ_msg_extra (i2v, + pktlen - sizeof(struct GNUNET_TUN_IcmpHeader), + GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN); + i2v->af = htonl (af); + GNUNET_memcpy (&i2v->icmp_header, + icmp, + pktlen); + send_packet_to_cadet_channel (state, + env); } @@ -2793,11 +2865,11 @@ icmp_from_helper(const struct GNUNET_TUN_IcmpHeader *icmp, * be the original destination address) */ static void -udp_from_helper(const struct GNUNET_TUN_UdpHeader *udp, - size_t pktlen, - int af, - const void *destination_ip, - const void *source_ip) +udp_from_helper (const struct GNUNET_TUN_UdpHeader *udp, + size_t pktlen, + int af, + const void *destination_ip, + const void *source_ip) { struct ChannelState *state; struct GNUNET_MQ_Envelope *env; @@ -2807,53 +2879,54 @@ udp_from_helper(const struct GNUNET_TUN_UdpHeader *udp, char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received UDP packet going from %s:%u to %s:%u\n", - inet_ntop(af, - source_ip, - sbuf, sizeof(sbuf)), - (unsigned int)ntohs(udp->source_port), - inet_ntop(af, - destination_ip, - dbuf, sizeof(dbuf)), - (unsigned int)ntohs(udp->destination_port)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received UDP packet going from %s:%u to %s:%u\n", + inet_ntop (af, + source_ip, + sbuf, sizeof(sbuf)), + (unsigned int) ntohs (udp->source_port), + inet_ntop (af, + destination_ip, + dbuf, sizeof(dbuf)), + (unsigned int) ntohs (udp->destination_port)); } if (pktlen < sizeof(struct GNUNET_TUN_UdpHeader)) - { - /* blame kernel */ - GNUNET_break(0); - return; - } - if (pktlen != ntohs(udp->len)) - { - /* blame kernel */ - GNUNET_break(0); - return; - } - state = get_redirect_state(af, - IPPROTO_UDP, - source_ip, - ntohs(udp->source_port), - destination_ip, - ntohs(udp->destination_port), - NULL); + { + /* blame kernel */ + GNUNET_break (0); + return; + } + if (pktlen != ntohs (udp->len)) + { + /* blame kernel */ + GNUNET_break (0); + return; + } + state = get_redirect_state (af, + IPPROTO_UDP, + source_ip, + ntohs (udp->source_port), + destination_ip, + ntohs (udp->destination_port), + NULL); if (NULL == state) - { - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _("UDP Packet dropped, have no matching connection information\n")); - return; - } - env = GNUNET_MQ_msg_extra(urm, - pktlen - sizeof(struct GNUNET_TUN_UdpHeader), - GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY); - urm->source_port = htons(0); - urm->destination_port = htons(0); - GNUNET_memcpy(&urm[1], - &udp[1], - pktlen - sizeof(struct GNUNET_TUN_UdpHeader)); - send_packet_to_cadet_channel(state, - env); + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ( + "UDP Packet dropped, have no matching connection information\n")); + return; + } + env = GNUNET_MQ_msg_extra (urm, + pktlen - sizeof(struct GNUNET_TUN_UdpHeader), + GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY); + urm->source_port = htons (0); + urm->destination_port = htons (0); + GNUNET_memcpy (&urm[1], + &udp[1], + pktlen - sizeof(struct GNUNET_TUN_UdpHeader)); + send_packet_to_cadet_channel (state, + env); } @@ -2869,11 +2942,11 @@ udp_from_helper(const struct GNUNET_TUN_UdpHeader *udp, * be the original destination address) */ static void -tcp_from_helper(const struct GNUNET_TUN_TcpHeader *tcp, - size_t pktlen, - int af, - const void *destination_ip, - const void *source_ip) +tcp_from_helper (const struct GNUNET_TUN_TcpHeader *tcp, + size_t pktlen, + int af, + const void *destination_ip, + const void *source_ip) { struct ChannelState *state; char buf[pktlen] GNUNET_ALIGN; @@ -2885,62 +2958,64 @@ tcp_from_helper(const struct GNUNET_TUN_TcpHeader *tcp, { char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received TCP packet with %u bytes going from %s:%u to %s:%u\n", - (unsigned int)(pktlen - sizeof(struct GNUNET_TUN_TcpHeader)), - inet_ntop(af, - source_ip, - sbuf, sizeof(sbuf)), - (unsigned int)ntohs(tcp->source_port), - inet_ntop(af, - destination_ip, - dbuf, sizeof(dbuf)), - (unsigned int)ntohs(tcp->destination_port)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received TCP packet with %u bytes going from %s:%u to %s:%u\n", + (unsigned int) (pktlen - sizeof(struct GNUNET_TUN_TcpHeader)), + inet_ntop (af, + source_ip, + sbuf, sizeof(sbuf)), + (unsigned int) ntohs (tcp->source_port), + inet_ntop (af, + destination_ip, + dbuf, sizeof(dbuf)), + (unsigned int) ntohs (tcp->destination_port)); } if (pktlen < sizeof(struct GNUNET_TUN_TcpHeader)) - { - /* blame kernel */ - GNUNET_break(0); - return; - } - state = get_redirect_state(af, - IPPROTO_TCP, - source_ip, - ntohs(tcp->source_port), - destination_ip, - ntohs(tcp->destination_port), - NULL); + { + /* blame kernel */ + GNUNET_break (0); + return; + } + state = get_redirect_state (af, + IPPROTO_TCP, + source_ip, + ntohs (tcp->source_port), + destination_ip, + ntohs (tcp->destination_port), + NULL); if (NULL == state) - { - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _("TCP Packet dropped, have no matching connection information\n")); + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ( + "TCP Packet dropped, have no matching connection information\n")); - return; - } + return; + } /* mug port numbers and crc to avoid information leakage; sender will need to lookup the correct values anyway */ - GNUNET_memcpy(buf, tcp, pktlen); - mtcp = (struct GNUNET_TUN_TcpHeader *)buf; + GNUNET_memcpy (buf, tcp, pktlen); + mtcp = (struct GNUNET_TUN_TcpHeader *) buf; mtcp->source_port = 0; mtcp->destination_port = 0; mtcp->crc = 0; - mlen = sizeof(struct GNUNET_EXIT_TcpDataMessage) + (pktlen - sizeof(struct GNUNET_TUN_TcpHeader)); + mlen = sizeof(struct GNUNET_EXIT_TcpDataMessage) + (pktlen - sizeof(struct + GNUNET_TUN_TcpHeader)); if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = GNUNET_MQ_msg_extra(tdm, - pktlen - sizeof(struct GNUNET_TUN_TcpHeader), - GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN); - tdm->reserved = htonl(0); - GNUNET_memcpy(&tdm->tcp_header, - buf, - pktlen); - send_packet_to_cadet_channel(state, - env); + { + GNUNET_break (0); + return; + } + env = GNUNET_MQ_msg_extra (tdm, + pktlen - sizeof(struct GNUNET_TUN_TcpHeader), + GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN); + tdm->reserved = htonl (0); + GNUNET_memcpy (&tdm->tcp_header, + buf, + pktlen); + send_packet_to_cadet_channel (state, + env); } @@ -2951,150 +3026,155 @@ tcp_from_helper(const struct GNUNET_TUN_TcpHeader *tcp, * @param message message received from helper */ static int -message_token(void *cls GNUNET_UNUSED, - const struct GNUNET_MessageHeader *message) +message_token (void *cls GNUNET_UNUSED, + const struct GNUNET_MessageHeader *message) { const struct GNUNET_TUN_Layer2PacketHeader *pkt_tun; size_t size; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Got %u-byte message of type %u from gnunet-helper-exit\n", - ntohs(message->size), - ntohs(message->type)); - GNUNET_STATISTICS_update(stats, - gettext_noop("# Packets received from TUN"), - 1, GNUNET_NO); - if (ntohs(message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) - { - GNUNET_break(0); - return GNUNET_OK; - } - size = ntohs(message->size); - if (size < sizeof(struct GNUNET_TUN_Layer2PacketHeader) + sizeof(struct GNUNET_MessageHeader)) - { - GNUNET_break(0); - return GNUNET_OK; - } - GNUNET_STATISTICS_update(stats, - gettext_noop("# Bytes received from TUN"), - size, GNUNET_NO); - pkt_tun = (const struct GNUNET_TUN_Layer2PacketHeader *)&message[1]; - size -= sizeof(struct GNUNET_TUN_Layer2PacketHeader) + sizeof(struct GNUNET_MessageHeader); - switch (ntohs(pkt_tun->proto)) - { - case ETH_P_IPV4: + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Got %u-byte message of type %u from gnunet-helper-exit\n", + ntohs (message->size), + ntohs (message->type)); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Packets received from TUN"), + 1, GNUNET_NO); + if (ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) + { + GNUNET_break (0); + return GNUNET_OK; + } + size = ntohs (message->size); + if (size < sizeof(struct GNUNET_TUN_Layer2PacketHeader) + sizeof(struct + GNUNET_MessageHeader)) + { + GNUNET_break (0); + return GNUNET_OK; + } + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Bytes received from TUN"), + size, GNUNET_NO); + pkt_tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1]; + size -= sizeof(struct GNUNET_TUN_Layer2PacketHeader) + sizeof(struct + GNUNET_MessageHeader); + switch (ntohs (pkt_tun->proto)) + { + case ETH_P_IPV4: { const struct GNUNET_TUN_IPv4Header *pkt4; if (size < sizeof(struct GNUNET_TUN_IPv4Header)) - { - /* Kernel to blame? */ - GNUNET_break(0); - return GNUNET_OK; - } - pkt4 = (const struct GNUNET_TUN_IPv4Header *)&pkt_tun[1]; - if (size != ntohs(pkt4->total_length)) - { - /* Kernel to blame? */ - GNUNET_break(0); - return GNUNET_OK; - } + { + /* Kernel to blame? */ + GNUNET_break (0); + return GNUNET_OK; + } + pkt4 = (const struct GNUNET_TUN_IPv4Header *) &pkt_tun[1]; + if (size != ntohs (pkt4->total_length)) + { + /* Kernel to blame? */ + GNUNET_break (0); + return GNUNET_OK; + } if (pkt4->header_length * 4 != sizeof(struct GNUNET_TUN_IPv4Header)) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("IPv4 packet options received. Ignored.\n")); - return GNUNET_OK; - } + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ("IPv4 packet options received. Ignored.\n")); + return GNUNET_OK; + } size -= sizeof(struct GNUNET_TUN_IPv4Header); switch (pkt4->protocol) - { - case IPPROTO_UDP: - udp_from_helper((const struct GNUNET_TUN_UdpHeader *)&pkt4[1], size, - AF_INET, - &pkt4->destination_address, - &pkt4->source_address); - break; + { + case IPPROTO_UDP: + udp_from_helper ((const struct GNUNET_TUN_UdpHeader *) &pkt4[1], size, + AF_INET, + &pkt4->destination_address, + &pkt4->source_address); + break; + + case IPPROTO_TCP: + tcp_from_helper ((const struct GNUNET_TUN_TcpHeader *) &pkt4[1], size, + AF_INET, + &pkt4->destination_address, + &pkt4->source_address); + break; - case IPPROTO_TCP: - tcp_from_helper((const struct GNUNET_TUN_TcpHeader *)&pkt4[1], size, + case IPPROTO_ICMP: + icmp_from_helper ((const struct GNUNET_TUN_IcmpHeader *) &pkt4[1], size, AF_INET, &pkt4->destination_address, &pkt4->source_address); - break; - - case IPPROTO_ICMP: - icmp_from_helper((const struct GNUNET_TUN_IcmpHeader *)&pkt4[1], size, - AF_INET, - &pkt4->destination_address, - &pkt4->source_address); - break; - - default: - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("IPv4 packet with unsupported next header %u received. Ignored.\n"), - (int)pkt4->protocol); - return GNUNET_OK; - } + break; + + default: + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "IPv4 packet with unsupported next header %u received. Ignored.\n"), + (int) pkt4->protocol); + return GNUNET_OK; + } } break; - case ETH_P_IPV6: + case ETH_P_IPV6: { const struct GNUNET_TUN_IPv6Header *pkt6; if (size < sizeof(struct GNUNET_TUN_IPv6Header)) - { - /* Kernel to blame? */ - GNUNET_break(0); - return GNUNET_OK; - } - pkt6 = (struct GNUNET_TUN_IPv6Header *)&pkt_tun[1]; - if (size != ntohs(pkt6->payload_length) + sizeof(struct GNUNET_TUN_IPv6Header)) - { - /* Kernel to blame? */ - GNUNET_break(0); - return GNUNET_OK; - } + { + /* Kernel to blame? */ + GNUNET_break (0); + return GNUNET_OK; + } + pkt6 = (struct GNUNET_TUN_IPv6Header *) &pkt_tun[1]; + if (size != ntohs (pkt6->payload_length) + sizeof(struct + GNUNET_TUN_IPv6Header)) + { + /* Kernel to blame? */ + GNUNET_break (0); + return GNUNET_OK; + } size -= sizeof(struct GNUNET_TUN_IPv6Header); switch (pkt6->next_header) - { - case IPPROTO_UDP: - udp_from_helper((const struct GNUNET_TUN_UdpHeader *)&pkt6[1], size, - AF_INET6, - &pkt6->destination_address, - &pkt6->source_address); - break; + { + case IPPROTO_UDP: + udp_from_helper ((const struct GNUNET_TUN_UdpHeader *) &pkt6[1], size, + AF_INET6, + &pkt6->destination_address, + &pkt6->source_address); + break; - case IPPROTO_TCP: - tcp_from_helper((const struct GNUNET_TUN_TcpHeader *)&pkt6[1], size, + case IPPROTO_TCP: + tcp_from_helper ((const struct GNUNET_TUN_TcpHeader *) &pkt6[1], size, + AF_INET6, + &pkt6->destination_address, + &pkt6->source_address); + break; + + case IPPROTO_ICMPV6: + icmp_from_helper ((const struct GNUNET_TUN_IcmpHeader *) &pkt6[1], size, AF_INET6, &pkt6->destination_address, &pkt6->source_address); - break; - - case IPPROTO_ICMPV6: - icmp_from_helper((const struct GNUNET_TUN_IcmpHeader *)&pkt6[1], size, - AF_INET6, - &pkt6->destination_address, - &pkt6->source_address); - break; - - default: - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("IPv6 packet with unsupported next header %d received. Ignored.\n"), - pkt6->next_header); - return GNUNET_OK; - } + break; + + default: + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "IPv6 packet with unsupported next header %d received. Ignored.\n"), + pkt6->next_header); + return GNUNET_OK; + } } break; - default: - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("Packet from unknown protocol %u received. Ignored.\n"), - ntohs(pkt_tun->proto)); - break; - } + default: + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ("Packet from unknown protocol %u received. Ignored.\n"), + ntohs (pkt_tun->proto)); + break; + } return GNUNET_OK; } @@ -3108,21 +3188,21 @@ message_token(void *cls GNUNET_UNUSED, * @return initial channel context for the channel */ static void * -new_channel(void *cls, - struct GNUNET_CADET_Channel *channel, - const struct GNUNET_PeerIdentity *initiator) +new_channel (void *cls, + struct GNUNET_CADET_Channel *channel, + const struct GNUNET_PeerIdentity *initiator) { - struct ChannelState *s = GNUNET_new(struct ChannelState); + struct ChannelState *s = GNUNET_new (struct ChannelState); s->is_dns = GNUNET_SYSERR; s->peer = *initiator; - GNUNET_STATISTICS_update(stats, - gettext_noop("# Inbound CADET channels created"), - 1, - GNUNET_NO); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Received inbound channel from `%s'\n", - GNUNET_i2s(initiator)); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Inbound CADET channels created"), + 1, + GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Received inbound channel from `%s'\n", + GNUNET_i2s (initiator)); s->channel = channel; return s; } @@ -3136,11 +3216,11 @@ new_channel(void *cls, * @param value value to free */ static int -free_iterate(void *cls, - const struct GNUNET_HashCode * hash, - void *value) +free_iterate (void *cls, + const struct GNUNET_HashCode *hash, + void *value) { - GNUNET_free(value); + GNUNET_free (value); return GNUNET_YES; } @@ -3155,7 +3235,7 @@ free_iterate(void *cls, * @param tc scheduler context */ static void -dummy_task(void *cls) +dummy_task (void *cls) { /* just terminate */ } @@ -3167,101 +3247,101 @@ dummy_task(void *cls) * @param cls NULL */ static void -cleanup(void *cls) +cleanup (void *cls) { unsigned int i; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Exit service is shutting down now\n"); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Exit service is shutting down now\n"); if (NULL != helper_handle) - { - GNUNET_HELPER_stop(helper_handle, GNUNET_NO); - helper_handle = NULL; - } + { + GNUNET_HELPER_stop (helper_handle, GNUNET_NO); + helper_handle = NULL; + } if (NULL != regex4) - { - GNUNET_REGEX_announce_cancel(regex4); - regex4 = NULL; - } + { + GNUNET_REGEX_announce_cancel (regex4); + regex4 = NULL; + } if (NULL != regex6) - { - GNUNET_REGEX_announce_cancel(regex6); - regex6 = NULL; - } + { + GNUNET_REGEX_announce_cancel (regex6); + regex6 = NULL; + } if (NULL != services) - { - GNUNET_CONTAINER_multihashmap_iterate(services, - &free_service_record, - NULL); - GNUNET_CONTAINER_multihashmap_destroy(services); - } + { + GNUNET_CONTAINER_multihashmap_iterate (services, + &free_service_record, + NULL); + GNUNET_CONTAINER_multihashmap_destroy (services); + } if (NULL != dns_port) - { - GNUNET_CADET_close_port(dns_port); - dns_port = NULL; - } + { + GNUNET_CADET_close_port (dns_port); + dns_port = NULL; + } if (NULL != cadet_port4) - { - GNUNET_CADET_close_port(cadet_port4); - cadet_port4 = NULL; - } + { + GNUNET_CADET_close_port (cadet_port4); + cadet_port4 = NULL; + } if (NULL != cadet_port6) - { - GNUNET_CADET_close_port(cadet_port6); - cadet_port6 = NULL; - } + { + GNUNET_CADET_close_port (cadet_port6); + cadet_port6 = NULL; + } if (NULL != cadet_handle) - { - GNUNET_CADET_disconnect(cadet_handle); - cadet_handle = NULL; - } + { + GNUNET_CADET_disconnect (cadet_handle); + cadet_handle = NULL; + } if (NULL != connections_map) - { - GNUNET_CONTAINER_multihashmap_iterate(connections_map, - &free_iterate, - NULL); - GNUNET_CONTAINER_multihashmap_destroy(connections_map); - connections_map = NULL; - } + { + GNUNET_CONTAINER_multihashmap_iterate (connections_map, + &free_iterate, + NULL); + GNUNET_CONTAINER_multihashmap_destroy (connections_map); + connections_map = NULL; + } if (NULL != connections_heap) - { - GNUNET_CONTAINER_heap_destroy(connections_heap); - connections_heap = NULL; - } + { + GNUNET_CONTAINER_heap_destroy (connections_heap); + connections_heap = NULL; + } if (NULL != dnsstub) - { - GNUNET_DNSSTUB_stop(dnsstub); - dnsstub = NULL; - } + { + GNUNET_DNSSTUB_stop (dnsstub); + dnsstub = NULL; + } if (NULL != peer_key) - { - GNUNET_free(peer_key); - peer_key = NULL; - } + { + GNUNET_free (peer_key); + peer_key = NULL; + } if (NULL != dht_task) - { - GNUNET_SCHEDULER_cancel(dht_task); - dht_task = NULL; - } + { + GNUNET_SCHEDULER_cancel (dht_task); + dht_task = NULL; + } if (NULL != dht_put) - { - GNUNET_DHT_put_cancel(dht_put); - dht_put = NULL; - } + { + GNUNET_DHT_put_cancel (dht_put); + dht_put = NULL; + } if (NULL != dht) - { - GNUNET_DHT_disconnect(dht); - dht = NULL; - } + { + GNUNET_DHT_disconnect (dht); + dht = NULL; + } if (NULL != stats) - { - GNUNET_STATISTICS_destroy(stats, - GNUNET_NO); - stats = NULL; - } + { + GNUNET_STATISTICS_destroy (stats, + GNUNET_NO); + stats = NULL; + } for (i = 0; i < 8; i++) - GNUNET_free_non_null(exit_argv[i]); + GNUNET_free_non_null (exit_argv[i]); } @@ -3273,9 +3353,9 @@ cleanup(void *cls) * @param name DNS name of the service */ static void -add_services(int proto, - char *cpy, - const char *name) +add_services (int proto, + char *cpy, + const char *name) { char *redirect; char *hostname; @@ -3284,144 +3364,150 @@ add_services(int proto, char *n; size_t slen; - slen = strlen(name); - GNUNET_assert(slen >= 8); - n = GNUNET_strndup(name, slen - 8 /* remove .gnunet. */); + slen = strlen (name); + GNUNET_assert (slen >= 8); + n = GNUNET_strndup (name, slen - 8 /* remove .gnunet. */); - for (redirect = strtok(cpy, " ;"); redirect != NULL; - redirect = strtok(NULL, " ;")) + for (redirect = strtok (cpy, " ;"); redirect != NULL; + redirect = strtok (NULL, " ;")) + { + if (NULL == (hostname = strstr (redirect, ":"))) { - if (NULL == (hostname = strstr(redirect, ":"))) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("Option `%s' for domain `%s' is not formatted correctly!\n"), - redirect, - name); - continue; - } - hostname[0] = '\0'; - hostname++; - if (NULL == (hostport = strstr(hostname, ":"))) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("Option `%s' for domain `%s' is not formatted correctly!\n"), - redirect, - name); - continue; - } - hostport[0] = '\0'; - hostport++; + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "Option `%s' for domain `%s' is not formatted correctly!\n"), + redirect, + name); + continue; + } + hostname[0] = '\0'; + hostname++; + if (NULL == (hostport = strstr (hostname, ":"))) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "Option `%s' for domain `%s' is not formatted correctly!\n"), + redirect, + name); + continue; + } + hostport[0] = '\0'; + hostport++; - int local_port = atoi(redirect); - int remote_port = atoi(hostport); + int local_port = atoi (redirect); + int remote_port = atoi (hostport); - if (!((local_port > 0) && (local_port < 65536))) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("`%s' is not a valid port number (for domain `%s')!"), - redirect, - name); - continue; - } - if (!((remote_port > 0) && (remote_port < 65536))) + if (! ((local_port > 0) && (local_port < 65536))) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ("`%s' is not a valid port number (for domain `%s')!"), + redirect, + name); + continue; + } + if (! ((remote_port > 0) && (remote_port < 65536))) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ("`%s' is not a valid port number (for domain `%s')!"), + hostport, + name); + continue; + } + + serv = GNUNET_new (struct LocalService); + serv->address.proto = proto; + serv->address.port = remote_port; + if (0 == strcmp ("localhost4", + hostname)) + { + const char *ip4addr = exit_argv[5]; + + serv->address.af = AF_INET; + GNUNET_assert (1 == inet_pton (AF_INET, + ip4addr, + &serv->address.address.ipv4)); + } + else if (0 == strcmp ("localhost6", + hostname)) + { + const char *ip6addr = exit_argv[3]; + + serv->address.af = AF_INET6; + GNUNET_assert (1 == inet_pton (AF_INET6, + ip6addr, + &serv->address.address.ipv6)); + } + else + { + struct addrinfo *res; + int ret; + + ret = getaddrinfo (hostname, + NULL, + NULL, + &res); + if ((0 != ret) || (NULL == res)) + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "No addresses found for hostname `%s' of service `%s'!\n"), + hostname, + n); + GNUNET_free (serv); + continue; + } + + serv->address.af = res->ai_family; + switch (res->ai_family) + { + case AF_INET: + if (! ipv4_enabled) { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("`%s' is not a valid port number (for domain `%s')!"), - hostport, - name); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "Service `%s' configured for IPv4, but IPv4 is disabled!\n"), + n); + freeaddrinfo (res); + GNUNET_free (serv); continue; } + serv->address.address.ipv4 + = ((struct sockaddr_in *) res->ai_addr)->sin_addr; + break; - serv = GNUNET_new(struct LocalService); - serv->address.proto = proto; - serv->address.port = remote_port; - if (0 == strcmp("localhost4", - hostname)) + case AF_INET6: + if (! ipv6_enabled) { - const char *ip4addr = exit_argv[5]; - - serv->address.af = AF_INET; - GNUNET_assert(1 == inet_pton(AF_INET, - ip4addr, - &serv->address.address.ipv4)); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "Service `%s' configured for IPv4, but IPv4 is disabled!\n"), + n); + freeaddrinfo (res); + GNUNET_free (serv); + continue; } - else if (0 == strcmp("localhost6", - hostname)) - { - const char *ip6addr = exit_argv[3]; + serv->address.address.ipv6 + = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr; + break; - serv->address.af = AF_INET6; - GNUNET_assert(1 == inet_pton(AF_INET6, - ip6addr, - &serv->address.address.ipv6)); - } - else - { - struct addrinfo *res; - int ret; - - ret = getaddrinfo(hostname, - NULL, - NULL, - &res); - if ((0 != ret) || (NULL == res)) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("No addresses found for hostname `%s' of service `%s'!\n"), - hostname, - n); - GNUNET_free(serv); - continue; - } - - serv->address.af = res->ai_family; - switch (res->ai_family) - { - case AF_INET: - if (!ipv4_enabled) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("Service `%s' configured for IPv4, but IPv4 is disabled!\n"), - n); - freeaddrinfo(res); - GNUNET_free(serv); - continue; - } - serv->address.address.ipv4 - = ((struct sockaddr_in *)res->ai_addr)->sin_addr; - break; - - case AF_INET6: - if (!ipv6_enabled) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("Service `%s' configured for IPv4, but IPv4 is disabled!\n"), - n); - freeaddrinfo(res); - GNUNET_free(serv); - continue; - } - serv->address.address.ipv6 - = ((struct sockaddr_in6 *)res->ai_addr)->sin6_addr; - break; - - default: - freeaddrinfo(res); - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _("No IP addresses found for hostname `%s' of service `%s'!\n"), - hostname, - n); - GNUNET_free(serv); - continue; - } - freeaddrinfo(res); - } - store_service(proto, - n, - local_port, - serv); + default: + freeaddrinfo (res); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "No IP addresses found for hostname `%s' of service `%s'!\n"), + hostname, + n); + GNUNET_free (serv); + continue; + } + freeaddrinfo (res); } - GNUNET_free(n); + store_service (proto, + n, + local_port, + serv); + } + GNUNET_free (n); } @@ -3432,36 +3518,36 @@ add_services(int proto, * @param section name of section in config */ static void -read_service_conf(void *cls, - const char *section) +read_service_conf (void *cls, + const char *section) { char *cpy; - if ((strlen(section) < 8) || - (0 != strcmp(".gnunet.", section + (strlen(section) - 8)))) + if ((strlen (section) < 8) || + (0 != strcmp (".gnunet.", section + (strlen (section) - 8)))) return; if (GNUNET_OK == - GNUNET_CONFIGURATION_get_value_string(cfg, - section, - "UDP_REDIRECTS", - &cpy)) - { - add_services(IPPROTO_UDP, - cpy, - section); - GNUNET_free(cpy); - } + GNUNET_CONFIGURATION_get_value_string (cfg, + section, + "UDP_REDIRECTS", + &cpy)) + { + add_services (IPPROTO_UDP, + cpy, + section); + GNUNET_free (cpy); + } if (GNUNET_OK == - GNUNET_CONFIGURATION_get_value_string(cfg, - section, - "TCP_REDIRECTS", - &cpy)) - { - add_services(IPPROTO_TCP, - cpy, - section); - GNUNET_free(cpy); - } + GNUNET_CONFIGURATION_get_value_string (cfg, + section, + "TCP_REDIRECTS", + &cpy)) + { + add_services (IPPROTO_TCP, + cpy, + section); + GNUNET_free (cpy); + } } @@ -3472,7 +3558,7 @@ read_service_conf(void *cls, * @param cls closure */ static void -do_dht_put(void *cls); +do_dht_put (void *cls); /** @@ -3482,7 +3568,7 @@ do_dht_put(void *cls); * @param cls closure, NULL */ static void -dht_put_cont(void *cls) +dht_put_cont (void *cls) { dht_put = NULL; } @@ -3495,37 +3581,37 @@ dht_put_cont(void *cls) * @param cls closure */ static void -do_dht_put(void *cls) +do_dht_put (void *cls) { struct GNUNET_TIME_Absolute expiration; - dht_task = GNUNET_SCHEDULER_add_delayed(DHT_PUT_FREQUENCY, - &do_dht_put, - NULL); - expiration = GNUNET_TIME_absolute_ntoh(dns_advertisement.expiration_time); - if (GNUNET_TIME_absolute_get_remaining(expiration).rel_value_us < + dht_task = GNUNET_SCHEDULER_add_delayed (DHT_PUT_FREQUENCY, + &do_dht_put, + NULL); + expiration = GNUNET_TIME_absolute_ntoh (dns_advertisement.expiration_time); + if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value_us < GNUNET_TIME_UNIT_HOURS.rel_value_us) - { - /* refresh advertisement */ - expiration = GNUNET_TIME_relative_to_absolute(DNS_ADVERTISEMENT_TIMEOUT); - dns_advertisement.expiration_time = GNUNET_TIME_absolute_hton(expiration); - GNUNET_assert(GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign(peer_key, + { + /* refresh advertisement */ + expiration = GNUNET_TIME_relative_to_absolute (DNS_ADVERTISEMENT_TIMEOUT); + dns_advertisement.expiration_time = GNUNET_TIME_absolute_hton (expiration); + GNUNET_assert (GNUNET_OK == + GNUNET_CRYPTO_eddsa_sign (peer_key, &dns_advertisement.purpose, &dns_advertisement.signature)); - } + } if (NULL != dht_put) - GNUNET_DHT_put_cancel(dht_put); - dht_put = GNUNET_DHT_put(dht, - &dht_put_key, - 1 /* replication */, - GNUNET_DHT_RO_NONE, - GNUNET_BLOCK_TYPE_DNS, - sizeof(struct GNUNET_DNS_Advertisement), - &dns_advertisement, - expiration, - &dht_put_cont, - NULL); + GNUNET_DHT_put_cancel (dht_put); + dht_put = GNUNET_DHT_put (dht, + &dht_put_key, + 1 /* replication */, + GNUNET_DHT_RO_NONE, + GNUNET_BLOCK_TYPE_DNS, + sizeof(struct GNUNET_DNS_Advertisement), + &dns_advertisement, + expiration, + &dht_put_cont, + NULL); } @@ -3534,48 +3620,52 @@ do_dht_put(void *cls) * are supported by the OS) according to our configuration. */ static void -parse_ip_options() +parse_ip_options () { - ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno(cfg, - "exit", - "EXIT_IPV4"); - ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno(cfg, - "exit", - "EXIT_IPV6"); - ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno(cfg, - "exit", - "ENABLE_IPV4"); - ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno(cfg, - "exit", - "ENABLE_IPV6"); + ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, + "exit", + "EXIT_IPV4"); + ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, + "exit", + "EXIT_IPV6"); + ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, + "exit", + "ENABLE_IPV4"); + ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, + "exit", + "ENABLE_IPV6"); if ((ipv4_exit || ipv4_enabled) && - GNUNET_OK != GNUNET_NETWORK_test_pf(PF_INET)) - { - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("This system does not support IPv4, will disable IPv4 functions despite them being enabled in the configuration\n")); - ipv4_exit = GNUNET_NO; - ipv4_enabled = GNUNET_NO; - } + (GNUNET_OK != GNUNET_NETWORK_test_pf (PF_INET)) ) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ( + "This system does not support IPv4, will disable IPv4 functions despite them being enabled in the configuration\n")); + ipv4_exit = GNUNET_NO; + ipv4_enabled = GNUNET_NO; + } if ((ipv6_exit || ipv6_enabled) && - GNUNET_OK != GNUNET_NETWORK_test_pf(PF_INET6)) - { - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("This system does not support IPv6, will disable IPv6 functions despite them being enabled in the configuration\n")); - ipv6_exit = GNUNET_NO; - ipv6_enabled = GNUNET_NO; - } - if (ipv4_exit && (!ipv4_enabled)) - { - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("Cannot enable IPv4 exit but disable IPv4 on TUN interface, will use ENABLE_IPv4=YES\n")); - ipv4_enabled = GNUNET_YES; - } - if (ipv6_exit && (!ipv6_enabled)) - { - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n")); - ipv6_enabled = GNUNET_YES; - } + (GNUNET_OK != GNUNET_NETWORK_test_pf (PF_INET6)) ) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ( + "This system does not support IPv6, will disable IPv6 functions despite them being enabled in the configuration\n")); + ipv6_exit = GNUNET_NO; + ipv6_enabled = GNUNET_NO; + } + if (ipv4_exit && (! ipv4_enabled)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ( + "Cannot enable IPv4 exit but disable IPv4 on TUN interface, will use ENABLE_IPv4=YES\n")); + ipv4_enabled = GNUNET_YES; + } + if (ipv6_exit && (! ipv6_enabled)) + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ( + "Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n")); + ipv6_enabled = GNUNET_YES; + } } @@ -3584,71 +3674,74 @@ parse_ip_options() * advertise the DNS exit (if applicable). */ static void -advertise_dns_exit() +advertise_dns_exit () { struct GNUNET_MQ_MessageHandler handlers[] = { - GNUNET_MQ_hd_var_size(dns_request, - GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET, - struct DnsResponseMessage, - NULL), - GNUNET_MQ_handler_end() + GNUNET_MQ_hd_var_size (dns_request, + GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET, + struct DnsResponseMessage, + NULL), + GNUNET_MQ_handler_end () }; char *dns_exit; struct GNUNET_HashCode port; if (GNUNET_YES != - GNUNET_CONFIGURATION_get_value_yesno(cfg, - "exit", - "EXIT_DNS")) + GNUNET_CONFIGURATION_get_value_yesno (cfg, + "exit", + "EXIT_DNS")) return; - GNUNET_assert(NULL != (dnsstub = GNUNET_DNSSTUB_start(128))); + GNUNET_assert (NULL != (dnsstub = GNUNET_DNSSTUB_start (128))); dns_exit = NULL; /* TODO: support using multiple DNS resolvers */ if ((GNUNET_OK != - GNUNET_CONFIGURATION_get_value_string(cfg, - "exit", - "DNS_RESOLVER", - &dns_exit)) || + GNUNET_CONFIGURATION_get_value_string (cfg, + "exit", + "DNS_RESOLVER", + &dns_exit)) || (GNUNET_OK != - GNUNET_DNSSTUB_add_dns_ip(dnsstub, - dns_exit))) - { - GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, - "dns", - "DNS_RESOLVER", - _("need a valid IPv4 or IPv6 address\n")); - GNUNET_free_non_null(dns_exit); - return; - } + GNUNET_DNSSTUB_add_dns_ip (dnsstub, + dns_exit))) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "dns", + "DNS_RESOLVER", + _ ("need a valid IPv4 or IPv6 address\n")); + GNUNET_free_non_null (dns_exit); + return; + } /* open port */ - GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_INTERNET_RESOLVER, - strlen(GNUNET_APPLICATION_PORT_INTERNET_RESOLVER), - &port); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Opening CADET port %s for DNS exit service\n", - GNUNET_h2s(&port)); - dns_port = GNUNET_CADET_open_port(cadet_handle, - &port, - &new_channel, - NULL, - NULL, - &clean_channel, - handlers); + GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER, + strlen (GNUNET_APPLICATION_PORT_INTERNET_RESOLVER), + &port); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Opening CADET port %s for DNS exit service\n", + GNUNET_h2s (&port)); + dns_port = GNUNET_CADET_open_port (cadet_handle, + &port, + &new_channel, + NULL, + NULL, + &clean_channel, + handlers); /* advertise exit */ - dht = GNUNET_DHT_connect(cfg, - 1); - peer_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration(cfg); - GNUNET_CRYPTO_eddsa_key_get_public(peer_key, - &dns_advertisement.peer.public_key); - dns_advertisement.purpose.size = htonl(sizeof(struct GNUNET_DNS_Advertisement) - - sizeof(struct GNUNET_CRYPTO_EddsaSignature)); - dns_advertisement.purpose.purpose = htonl(GNUNET_SIGNATURE_PURPOSE_DNS_RECORD); - GNUNET_CRYPTO_hash("dns", - strlen("dns"), - &dht_put_key); - dht_task = GNUNET_SCHEDULER_add_now(&do_dht_put, - NULL); - GNUNET_free(dns_exit); + dht = GNUNET_DHT_connect (cfg, + 1); + peer_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg); + GNUNET_CRYPTO_eddsa_key_get_public (peer_key, + &dns_advertisement.peer.public_key); + dns_advertisement.purpose.size = htonl (sizeof(struct + GNUNET_DNS_Advertisement) + - sizeof(struct + GNUNET_CRYPTO_EddsaSignature)); + dns_advertisement.purpose.purpose = htonl ( + GNUNET_SIGNATURE_PURPOSE_DNS_RECORD); + GNUNET_CRYPTO_hash ("dns", + strlen ("dns"), + &dht_put_key); + dht_task = GNUNET_SCHEDULER_add_now (&do_dht_put, + NULL); + GNUNET_free (dns_exit); } @@ -3658,7 +3751,7 @@ advertise_dns_exit() * @return #GNUNET_OK on success, #GNUNET_SYSERR if we should shutdown */ static int -setup_exit_helper_args() +setup_exit_helper_args () { char *exit_ifname; char *tun_ifname; @@ -3667,133 +3760,133 @@ setup_exit_helper_args() char *ipv4addr; char *ipv4mask; - exit_argv[0] = GNUNET_strdup("exit-gnunet"); + exit_argv[0] = GNUNET_strdup ("exit-gnunet"); if (GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, - "exit", - "TUN_IFNAME", - &tun_ifname)) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "TUN_IFNAME"); - return GNUNET_SYSERR; - } + GNUNET_CONFIGURATION_get_value_string (cfg, + "exit", + "TUN_IFNAME", + &tun_ifname)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "TUN_IFNAME"); + return GNUNET_SYSERR; + } exit_argv[1] = tun_ifname; if (ipv4_enabled) + { + if (GNUNET_SYSERR == + GNUNET_CONFIGURATION_get_value_string (cfg, + "exit", + "EXIT_IFNAME", + &exit_ifname)) { - if (GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, - "exit", - "EXIT_IFNAME", - &exit_ifname)) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "EXIT_IFNAME"); - return GNUNET_SYSERR; - } - exit_argv[2] = exit_ifname; + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "EXIT_IFNAME"); + return GNUNET_SYSERR; } + exit_argv[2] = exit_ifname; + } else - { - exit_argv[2] = GNUNET_strdup("-"); - } + { + exit_argv[2] = GNUNET_strdup ("-"); + } if (GNUNET_YES == ipv6_enabled) - { - ipv6addr = NULL; - if ((GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, + { + ipv6addr = NULL; + if (((GNUNET_SYSERR == + GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6ADDR", - &ipv6addr) || - (1 != inet_pton(AF_INET6, - ipv6addr, - &exit_ipv6addr)))) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "IPV6ADDR"); - GNUNET_free_non_null(ipv6addr); - return GNUNET_SYSERR; - } - exit_argv[3] = ipv6addr; - if (GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, + &ipv6addr))|| + (1 != inet_pton (AF_INET6, + ipv6addr, + &exit_ipv6addr)))) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "IPV6ADDR"); + GNUNET_free_non_null (ipv6addr); + return GNUNET_SYSERR; + } + exit_argv[3] = ipv6addr; + if (GNUNET_SYSERR == + GNUNET_CONFIGURATION_get_value_string (cfg, + "exit", + "IPV6PREFIX", + &ipv6prefix_s)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "IPV6PREFIX"); + return GNUNET_SYSERR; + } + exit_argv[4] = ipv6prefix_s; + if ((GNUNET_OK != + GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "IPV6PREFIX", - &ipv6prefix_s)) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "IPV6PREFIX"); - return GNUNET_SYSERR; - } - exit_argv[4] = ipv6prefix_s; - if ((GNUNET_OK != - GNUNET_CONFIGURATION_get_value_number(cfg, - "exit", - "IPV6PREFIX", - &ipv6prefix)) || - (ipv6prefix >= 127)) - { - GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "IPV6PREFIX", - _("Must be a number")); - return GNUNET_SYSERR; - } - } - else + &ipv6prefix)) || + (ipv6prefix >= 127)) { - /* IPv6 explicitly disabled */ - exit_argv[3] = GNUNET_strdup("-"); - exit_argv[4] = GNUNET_strdup("-"); + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "IPV6PREFIX", + _ ("Must be a number")); + return GNUNET_SYSERR; } + } + else + { + /* IPv6 explicitly disabled */ + exit_argv[3] = GNUNET_strdup ("-"); + exit_argv[4] = GNUNET_strdup ("-"); + } if (GNUNET_YES == ipv4_enabled) - { - ipv4addr = NULL; - if ((GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, + { + ipv4addr = NULL; + if (((GNUNET_SYSERR == + GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4ADDR", - &ipv4addr) || - (1 != inet_pton(AF_INET, - ipv4addr, - &exit_ipv4addr)))) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "IPV4ADDR"); - GNUNET_free_non_null(ipv4addr); - return GNUNET_SYSERR; - } - exit_argv[5] = ipv4addr; - ipv4mask = NULL; - if ((GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, + &ipv4addr))|| + (1 != inet_pton (AF_INET, + ipv4addr, + &exit_ipv4addr)))) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "IPV4ADDR"); + GNUNET_free_non_null (ipv4addr); + return GNUNET_SYSERR; + } + exit_argv[5] = ipv4addr; + ipv4mask = NULL; + if (((GNUNET_SYSERR == + GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4MASK", - &ipv4mask) || - (1 != inet_pton(AF_INET, - ipv4mask, - &exit_ipv4mask)))) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, - "EXIT", - "IPV4MASK"); - GNUNET_free_non_null(ipv4mask); - return GNUNET_SYSERR; - } - exit_argv[6] = ipv4mask; - } - else + &ipv4mask))|| + (1 != inet_pton (AF_INET, + ipv4mask, + &exit_ipv4mask)))) { - /* IPv4 explicitly disabled */ - exit_argv[5] = GNUNET_strdup("-"); - exit_argv[6] = GNUNET_strdup("-"); + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, + "EXIT", + "IPV4MASK"); + GNUNET_free_non_null (ipv4mask); + return GNUNET_SYSERR; } + exit_argv[6] = ipv4mask; + } + else + { + /* IPv4 explicitly disabled */ + exit_argv[5] = GNUNET_strdup ("-"); + exit_argv[6] = GNUNET_strdup ("-"); + } exit_argv[7] = NULL; return GNUNET_OK; } @@ -3808,29 +3901,29 @@ setup_exit_helper_args() * @param cfg_ configuration */ static void -run(void *cls, - char *const *args, - const char *cfgfile, - const struct GNUNET_CONFIGURATION_Handle *cfg_) +run (void *cls, + char *const *args, + const char *cfgfile, + const struct GNUNET_CONFIGURATION_Handle *cfg_) { struct GNUNET_MQ_MessageHandler handlers[] = { - GNUNET_MQ_hd_var_size(icmp_remote, - GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET, - struct GNUNET_EXIT_IcmpInternetMessage, - NULL), - GNUNET_MQ_hd_var_size(udp_remote, - GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET, - struct GNUNET_EXIT_UdpInternetMessage, - NULL), - GNUNET_MQ_hd_var_size(tcp_remote, - GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START, - struct GNUNET_EXIT_TcpInternetStartMessage, - NULL), - GNUNET_MQ_hd_var_size(tcp_data, - GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, - struct GNUNET_EXIT_TcpDataMessage, - NULL), - GNUNET_MQ_handler_end() + GNUNET_MQ_hd_var_size (icmp_remote, + GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET, + struct GNUNET_EXIT_IcmpInternetMessage, + NULL), + GNUNET_MQ_hd_var_size (udp_remote, + GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET, + struct GNUNET_EXIT_UdpInternetMessage, + NULL), + GNUNET_MQ_hd_var_size (tcp_remote, + GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START, + struct GNUNET_EXIT_TcpInternetStartMessage, + NULL), + GNUNET_MQ_hd_var_size (tcp_data, + GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT, + struct GNUNET_EXIT_TcpDataMessage, + NULL), + GNUNET_MQ_handler_end () }; struct GNUNET_HashCode port; char *policy; @@ -3840,157 +3933,159 @@ run(void *cls, cfg = cfg_; if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_number(cfg, - "exit", - "MAX_CONNECTIONS", - &max_connections)) + GNUNET_CONFIGURATION_get_value_number (cfg, + "exit", + "MAX_CONNECTIONS", + &max_connections)) max_connections = 1024; - parse_ip_options(); - binary = GNUNET_OS_get_suid_binary_path(cfg, "gnunet-helper-exit"); + parse_ip_options (); + binary = GNUNET_OS_get_suid_binary_path (cfg, "gnunet-helper-exit"); if ((ipv4_exit) || (ipv6_exit)) + { + if (GNUNET_YES != + GNUNET_OS_check_helper_binary (binary, + GNUNET_YES, + "gnunet-vpn - - - 169.1.3.7 255.255.255.0")) // no nat, ipv4 only { - if (GNUNET_YES != - GNUNET_OS_check_helper_binary(binary, - GNUNET_YES, - "gnunet-vpn - - - 169.1.3.7 255.255.255.0")) //no nat, ipv4 only - { - GNUNET_free(binary); - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("`%s' is not SUID or the path is invalid, EXIT will not work\n"), - "gnunet-helper-exit"); - GNUNET_SCHEDULER_add_shutdown(&dummy_task, - NULL); - global_ret = 1; - return; - } - } - if (!(ipv4_enabled || ipv6_enabled)) - { - GNUNET_free(binary); - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("No useful service enabled. Exiting.\n")); - GNUNET_SCHEDULER_shutdown(); + GNUNET_free (binary); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ( + "`%s' is not SUID or the path is invalid, EXIT will not work\n"), + "gnunet-helper-exit"); + GNUNET_SCHEDULER_add_shutdown (&dummy_task, + NULL); + global_ret = 1; return; } + } + if (! (ipv4_enabled || ipv6_enabled)) + { + GNUNET_free (binary); + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ("No useful service enabled. Exiting.\n")); + GNUNET_SCHEDULER_shutdown (); + return; + } - GNUNET_SCHEDULER_add_shutdown(&cleanup, - NULL); - stats = GNUNET_STATISTICS_create("exit", - cfg); - cadet_handle = GNUNET_CADET_connect(cfg); + GNUNET_SCHEDULER_add_shutdown (&cleanup, + NULL); + stats = GNUNET_STATISTICS_create ("exit", + cfg); + cadet_handle = GNUNET_CADET_connect (cfg); if (NULL == cadet_handle) - { - GNUNET_free(binary); - GNUNET_SCHEDULER_shutdown(); - return; - } - advertise_dns_exit(); + { + GNUNET_free (binary); + GNUNET_SCHEDULER_shutdown (); + return; + } + advertise_dns_exit (); if (GNUNET_OK != - setup_exit_helper_args()) - { - GNUNET_free(binary); - GNUNET_SCHEDULER_shutdown(); - return; - } + setup_exit_helper_args ()) + { + GNUNET_free (binary); + GNUNET_SCHEDULER_shutdown (); + return; + } - services = GNUNET_CONTAINER_multihashmap_create(65536, - GNUNET_NO); - connections_map = GNUNET_CONTAINER_multihashmap_create(65536, - GNUNET_NO); - connections_heap = GNUNET_CONTAINER_heap_create(GNUNET_CONTAINER_HEAP_ORDER_MIN); - GNUNET_CONFIGURATION_iterate_sections(cfg, - &read_service_conf, - NULL); + services = GNUNET_CONTAINER_multihashmap_create (65536, + GNUNET_NO); + connections_map = GNUNET_CONTAINER_multihashmap_create (65536, + GNUNET_NO); + connections_heap = GNUNET_CONTAINER_heap_create ( + GNUNET_CONTAINER_HEAP_ORDER_MIN); + GNUNET_CONFIGURATION_iterate_sections (cfg, + &read_service_conf, + NULL); /* Cadet handle acquired, now open ports and announce regular expressions matching our exit */ if ((GNUNET_YES == ipv4_enabled) && (GNUNET_YES == ipv4_exit)) + { + GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV4_GATEWAY, + strlen (GNUNET_APPLICATION_PORT_IPV4_GATEWAY), + &port); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Opening CADET port %s for IPv4 gateway service\n", + GNUNET_h2s (&port)); + cadet_port4 = GNUNET_CADET_open_port (cadet_handle, + &port, + &new_channel, + NULL, + NULL, + &clean_channel, + handlers); + policy = NULL; + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (cfg, + "exit", + "EXIT_RANGE_IPV4_POLICY", + &policy)) + regex = NULL; + else + regex = GNUNET_TUN_ipv4policy2regex (policy); + GNUNET_free_non_null (policy); + if (NULL != regex) { - GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_IPV4_GATEWAY, - strlen(GNUNET_APPLICATION_PORT_IPV4_GATEWAY), - &port); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Opening CADET port %s for IPv4 gateway service\n", - GNUNET_h2s(&port)); - cadet_port4 = GNUNET_CADET_open_port(cadet_handle, - &port, - &new_channel, - NULL, - NULL, - &clean_channel, - handlers); - policy = NULL; - if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_string(cfg, - "exit", - "EXIT_RANGE_IPV4_POLICY", - &policy)) - regex = NULL; - else - regex = GNUNET_TUN_ipv4policy2regex(policy); - GNUNET_free_non_null(policy); - if (NULL != regex) - { - (void)GNUNET_asprintf(&prefixed_regex, - "%s%s", - GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, - regex); - regex4 = GNUNET_REGEX_announce(cfg, - prefixed_regex, - REGEX_REFRESH_FREQUENCY, - REGEX_MAX_PATH_LEN_IPV4); - GNUNET_free(regex); - GNUNET_free(prefixed_regex); - } + (void) GNUNET_asprintf (&prefixed_regex, + "%s%s", + GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, + regex); + regex4 = GNUNET_REGEX_announce (cfg, + prefixed_regex, + REGEX_REFRESH_FREQUENCY, + REGEX_MAX_PATH_LEN_IPV4); + GNUNET_free (regex); + GNUNET_free (prefixed_regex); } + } if ((GNUNET_YES == ipv6_enabled) && (GNUNET_YES == ipv6_exit)) + { + GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV6_GATEWAY, + strlen (GNUNET_APPLICATION_PORT_IPV6_GATEWAY), + &port); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Opening CADET port %s for IPv6 gateway service\n", + GNUNET_h2s (&port)); + cadet_port6 = GNUNET_CADET_open_port (cadet_handle, + &port, + &new_channel, + NULL, + NULL, + &clean_channel, + handlers); + policy = NULL; + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_string (cfg, + "exit", + "EXIT_RANGE_IPV6_POLICY", + &policy)) + regex = NULL; + else + regex = GNUNET_TUN_ipv6policy2regex (policy); + GNUNET_free_non_null (policy); + if (NULL != regex) { - GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_IPV6_GATEWAY, - strlen(GNUNET_APPLICATION_PORT_IPV6_GATEWAY), - &port); - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Opening CADET port %s for IPv6 gateway service\n", - GNUNET_h2s(&port)); - cadet_port6 = GNUNET_CADET_open_port(cadet_handle, - &port, - &new_channel, - NULL, - NULL, - &clean_channel, - handlers); - policy = NULL; - if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_string(cfg, - "exit", - "EXIT_RANGE_IPV6_POLICY", - &policy)) - regex = NULL; - else - regex = GNUNET_TUN_ipv6policy2regex(policy); - GNUNET_free_non_null(policy); - if (NULL != regex) - { - (void)GNUNET_asprintf(&prefixed_regex, - "%s%s", - GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, - regex); - regex6 = GNUNET_REGEX_announce(cfg, - prefixed_regex, - REGEX_REFRESH_FREQUENCY, - REGEX_MAX_PATH_LEN_IPV6); - GNUNET_free(regex); - GNUNET_free(prefixed_regex); - } + (void) GNUNET_asprintf (&prefixed_regex, + "%s%s", + GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, + regex); + regex6 = GNUNET_REGEX_announce (cfg, + prefixed_regex, + REGEX_REFRESH_FREQUENCY, + REGEX_MAX_PATH_LEN_IPV6); + GNUNET_free (regex); + GNUNET_free (prefixed_regex); } - helper_handle = GNUNET_HELPER_start(GNUNET_NO, - binary, - exit_argv, - &message_token, - NULL, - NULL); - GNUNET_free(binary); + } + helper_handle = GNUNET_HELPER_start (GNUNET_NO, + binary, + exit_argv, + &message_token, + NULL, + NULL); + GNUNET_free (binary); } @@ -4002,28 +4097,29 @@ run(void *cls, * @return 0 ok, 1 on error */ int -main(int argc, - char *const *argv) +main (int argc, + char *const *argv) { static const struct GNUNET_GETOPT_CommandLineOption options[] = { GNUNET_GETOPT_OPTION_END }; if (GNUNET_OK != - GNUNET_STRINGS_get_utf8_args(argc, - argv, - &argc, - &argv)) + GNUNET_STRINGS_get_utf8_args (argc, + argv, + &argc, + &argv)) return 2; return (GNUNET_OK == - GNUNET_PROGRAM_run(argc, - argv, - "gnunet-daemon-exit", - gettext_noop("Daemon to run to provide an IP exit node for the VPN"), - options, - &run, - NULL)) ? global_ret : 1; + GNUNET_PROGRAM_run (argc, + argv, + "gnunet-daemon-exit", + gettext_noop ( + "Daemon to run to provide an IP exit node for the VPN"), + options, + &run, + NULL)) ? global_ret : 1; } diff --git a/src/exit/gnunet-helper-exit.c b/src/exit/gnunet-helper-exit.c index 297a17813..ca187afa6 100644 --- a/src/exit/gnunet-helper-exit.c +++ b/src/exit/gnunet-helper-exit.c @@ -81,7 +81,8 @@ static const char *sbin_iptables; /** * This is in linux/include/net/ipv6.h, but not always exported... */ -struct in6_ifreq { +struct in6_ifreq +{ struct in6_addr ifr6_addr; uint32_t ifr6_prefixlen; /* __u32 in the original */ int ifr6_ifindex; @@ -97,22 +98,22 @@ struct in6_ifreq { * @param flags open flags (O_RDONLY, O_WRONLY) */ static void -open_dev_null(int target_fd, - int flags) +open_dev_null (int target_fd, + int flags) { int fd; - fd = open("/dev/null", flags); + fd = open ("/dev/null", flags); if (-1 == fd) - abort(); + abort (); if (fd == target_fd) return; - if (-1 == dup2(fd, target_fd)) - { - (void)close(fd); - abort(); - } - (void)close(fd); + if (-1 == dup2 (fd, target_fd)) + { + (void) close (fd); + abort (); + } + (void) close (fd); } @@ -124,50 +125,50 @@ open_dev_null(int target_fd, * @return 0 on success, 1 on any error */ static int -fork_and_exec(const char *file, - char *const cmd[]) +fork_and_exec (const char *file, + char *const cmd[]) { int status; pid_t pid; pid_t ret; - pid = fork(); + pid = fork (); if (-1 == pid) - { - fprintf(stderr, - "fork failed: %s\n", - strerror(errno)); - return 1; - } + { + fprintf (stderr, + "fork failed: %s\n", + strerror (errno)); + return 1; + } if (0 == pid) - { - /* we are the child process */ - /* close stdin/stdout to not cause interference - with the helper's main protocol! */ - (void)close(0); - open_dev_null(0, O_RDONLY); - (void)close(1); - open_dev_null(1, O_WRONLY); - (void)execv(file, cmd); - /* can only get here on error */ - fprintf(stderr, - "exec `%s' failed: %s\n", - file, - strerror(errno)); - _exit(1); - } + { + /* we are the child process */ + /* close stdin/stdout to not cause interference + with the helper's main protocol! */ + (void) close (0); + open_dev_null (0, O_RDONLY); + (void) close (1); + open_dev_null (1, O_WRONLY); + (void) execv (file, cmd); + /* can only get here on error */ + fprintf (stderr, + "exec `%s' failed: %s\n", + file, + strerror (errno)); + _exit (1); + } /* keep running waitpid as long as the only error we get is 'EINTR' */ - while ((-1 == (ret = waitpid(pid, &status, 0))) && + while ((-1 == (ret = waitpid (pid, &status, 0))) && (errno == EINTR)) ; if (-1 == ret) - { - fprintf(stderr, - "waitpid failed: %s\n", - strerror(errno)); - return 1; - } - if (!(WIFEXITED(status) && (0 == WEXITSTATUS(status)))) + { + fprintf (stderr, + "waitpid failed: %s\n", + strerror (errno)); + return 1; + } + if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status)))) return 1; /* child process completed and returned success, we're happy */ return 0; @@ -182,46 +183,46 @@ fork_and_exec(const char *file, * @return the fd to the tun or -1 on error */ static int -init_tun(char *dev) +init_tun (char *dev) { struct ifreq ifr; int fd; if (NULL == dev) - { - errno = EINVAL; - return -1; - } - - if (-1 == (fd = open("/dev/net/tun", O_RDWR))) - { - fprintf(stderr, "Error opening `%s': %s\n", "/dev/net/tun", - strerror(errno)); - return -1; - } + { + errno = EINVAL; + return -1; + } + + if (-1 == (fd = open ("/dev/net/tun", O_RDWR))) + { + fprintf (stderr, "Error opening `%s': %s\n", "/dev/net/tun", + strerror (errno)); + return -1; + } if (fd >= FD_SETSIZE) - { - fprintf(stderr, "File descriptor to large: %d", fd); - (void)close(fd); - return -1; - } + { + fprintf (stderr, "File descriptor to large: %d", fd); + (void) close (fd); + return -1; + } - memset(&ifr, 0, sizeof(ifr)); + memset (&ifr, 0, sizeof(ifr)); ifr.ifr_flags = IFF_TUN; if ('\0' != *dev) - strncpy(ifr.ifr_name, dev, IFNAMSIZ); - - if (-1 == ioctl(fd, TUNSETIFF, (void *)&ifr)) - { - fprintf(stderr, - "Error with ioctl on `%s': %s\n", "/dev/net/tun", - strerror(errno)); - (void)close(fd); - return -1; - } - strcpy(dev, ifr.ifr_name); + strncpy (ifr.ifr_name, dev, IFNAMSIZ); + + if (-1 == ioctl (fd, TUNSETIFF, (void *) &ifr)) + { + fprintf (stderr, + "Error with ioctl on `%s': %s\n", "/dev/net/tun", + strerror (errno)); + (void) close (fd); + return -1; + } + strcpy (dev, ifr.ifr_name); return fd; } @@ -234,7 +235,7 @@ init_tun(char *dev) * @param prefix_len the length of the network-prefix */ static void -set_address6(const char *dev, const char *address, unsigned long prefix_len) +set_address6 (const char *dev, const char *address, unsigned long prefix_len) { struct ifreq ifr; struct sockaddr_in6 sa6; @@ -244,34 +245,34 @@ set_address6(const char *dev, const char *address, unsigned long prefix_len) /* * parse the new address */ - memset(&sa6, 0, sizeof(struct sockaddr_in6)); + memset (&sa6, 0, sizeof(struct sockaddr_in6)); sa6.sin6_family = AF_INET6; - if (1 != inet_pton(AF_INET6, address, &sa6.sin6_addr)) - { - fprintf(stderr, "Failed to parse address `%s': %s\n", address, - strerror(errno)); - exit(1); - } - - if (-1 == (fd = socket(PF_INET6, SOCK_DGRAM, 0))) - { - fprintf(stderr, "Error creating socket: %s\n", strerror(errno)); - exit(1); - } - - memset(&ifr, 0, sizeof(struct ifreq)); + if (1 != inet_pton (AF_INET6, address, &sa6.sin6_addr)) + { + fprintf (stderr, "Failed to parse address `%s': %s\n", address, + strerror (errno)); + exit (1); + } + + if (-1 == (fd = socket (PF_INET6, SOCK_DGRAM, 0))) + { + fprintf (stderr, "Error creating socket: %s\n", strerror (errno)); + exit (1); + } + + memset (&ifr, 0, sizeof(struct ifreq)); /* * Get the index of the if */ - strncpy(ifr.ifr_name, dev, IFNAMSIZ); - if (-1 == ioctl(fd, SIOGIFINDEX, &ifr)) - { - fprintf(stderr, "ioctl failed at %d: %s\n", __LINE__, strerror(errno)); - (void)close(fd); - exit(1); - } - - memset(&ifr6, 0, sizeof(struct in6_ifreq)); + strncpy (ifr.ifr_name, dev, IFNAMSIZ); + if (-1 == ioctl (fd, SIOGIFINDEX, &ifr)) + { + fprintf (stderr, "ioctl failed at %d: %s\n", __LINE__, strerror (errno)); + (void) close (fd); + exit (1); + } + + memset (&ifr6, 0, sizeof(struct in6_ifreq)); ifr6.ifr6_addr = sa6.sin6_addr; ifr6.ifr6_ifindex = ifr.ifr_ifindex; ifr6.ifr6_prefixlen = prefix_len; @@ -279,42 +280,42 @@ set_address6(const char *dev, const char *address, unsigned long prefix_len) /* * Set the address */ - if (-1 == ioctl(fd, SIOCSIFADDR, &ifr6)) - { - fprintf(stderr, "ioctl failed at line %d: %s\n", __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFADDR, &ifr6)) + { + fprintf (stderr, "ioctl failed at line %d: %s\n", __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Get the flags */ - if (-1 == ioctl(fd, SIOCGIFFLAGS, &ifr)) - { - fprintf(stderr, "ioctl failed at line %d: %s\n", __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCGIFFLAGS, &ifr)) + { + fprintf (stderr, "ioctl failed at line %d: %s\n", __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Add the UP and RUNNING flags */ ifr.ifr_flags |= IFF_UP | IFF_RUNNING; - if (-1 == ioctl(fd, SIOCSIFFLAGS, &ifr)) - { - fprintf(stderr, "ioctl failed at line %d: %s\n", __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } - - if (0 != close(fd)) - { - fprintf(stderr, "close failed: %s\n", strerror(errno)); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFFLAGS, &ifr)) + { + fprintf (stderr, "ioctl failed at line %d: %s\n", __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } + + if (0 != close (fd)) + { + fprintf (stderr, "close failed: %s\n", strerror (errno)); + exit (1); + } } @@ -326,96 +327,96 @@ set_address6(const char *dev, const char *address, unsigned long prefix_len) * @param mask the netmask */ static void -set_address4(const char *dev, const char *address, const char *mask) +set_address4 (const char *dev, const char *address, const char *mask) { int fd; struct sockaddr_in *addr; struct ifreq ifr; - memset(&ifr, 0, sizeof(struct ifreq)); - addr = (struct sockaddr_in *)&(ifr.ifr_addr); + memset (&ifr, 0, sizeof(struct ifreq)); + addr = (struct sockaddr_in *) &(ifr.ifr_addr); addr->sin_family = AF_INET; /* * Parse the address */ - if (1 != inet_pton(AF_INET, address, &addr->sin_addr.s_addr)) - { - fprintf(stderr, "Failed to parse address `%s': %s\n", address, - strerror(errno)); - exit(1); - } + if (1 != inet_pton (AF_INET, address, &addr->sin_addr.s_addr)) + { + fprintf (stderr, "Failed to parse address `%s': %s\n", address, + strerror (errno)); + exit (1); + } - if (-1 == (fd = socket(PF_INET, SOCK_DGRAM, 0))) - { - fprintf(stderr, "Error creating socket: %s\n", strerror(errno)); - exit(1); - } + if (-1 == (fd = socket (PF_INET, SOCK_DGRAM, 0))) + { + fprintf (stderr, "Error creating socket: %s\n", strerror (errno)); + exit (1); + } - strncpy(ifr.ifr_name, dev, IFNAMSIZ); + strncpy (ifr.ifr_name, dev, IFNAMSIZ); /* * Set the address */ - if (-1 == ioctl(fd, SIOCSIFADDR, &ifr)) - { - fprintf(stderr, "ioctl failed at %d: %s\n", __LINE__, strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFADDR, &ifr)) + { + fprintf (stderr, "ioctl failed at %d: %s\n", __LINE__, strerror (errno)); + (void) close (fd); + exit (1); + } /* * Parse the netmask */ - addr = (struct sockaddr_in *)&(ifr.ifr_netmask); - if (1 != inet_pton(AF_INET, mask, &addr->sin_addr.s_addr)) - { - fprintf(stderr, "Failed to parse address `%s': %s\n", mask, - strerror(errno)); - (void)close(fd); - exit(1); - } + addr = (struct sockaddr_in *) &(ifr.ifr_netmask); + if (1 != inet_pton (AF_INET, mask, &addr->sin_addr.s_addr)) + { + fprintf (stderr, "Failed to parse address `%s': %s\n", mask, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Set the netmask */ - if (-1 == ioctl(fd, SIOCSIFNETMASK, &ifr)) - { - fprintf(stderr, "ioctl failed at line %d: %s\n", __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFNETMASK, &ifr)) + { + fprintf (stderr, "ioctl failed at line %d: %s\n", __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Get the flags */ - if (-1 == ioctl(fd, SIOCGIFFLAGS, &ifr)) - { - fprintf(stderr, "ioctl failed at line %d: %s\n", __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCGIFFLAGS, &ifr)) + { + fprintf (stderr, "ioctl failed at line %d: %s\n", __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Add the UP and RUNNING flags */ ifr.ifr_flags |= IFF_UP | IFF_RUNNING; - if (-1 == ioctl(fd, SIOCSIFFLAGS, &ifr)) - { - fprintf(stderr, "ioctl failed at line %d: %s\n", __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } - - if (0 != close(fd)) - { - fprintf(stderr, "close failed: %s\n", strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFFLAGS, &ifr)) + { + fprintf (stderr, "ioctl failed at line %d: %s\n", __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } + + if (0 != close (fd)) + { + fprintf (stderr, "close failed: %s\n", strerror (errno)); + (void) close (fd); + exit (1); + } } @@ -425,7 +426,7 @@ set_address4(const char *dev, const char *address, const char *mask) * @param fd_tun tunnel FD */ static void -run(int fd_tun) +run (int fd_tun) { /* * The buffer filled by reading from fd_tun @@ -452,188 +453,188 @@ run(int fd_tun) int write_open = 1; while ((1 == read_open) && (1 == write_open)) - { - FD_ZERO(&fds_w); - FD_ZERO(&fds_r); - - /* - * We are supposed to read and the buffer is empty - * -> select on read from tun - */ - if (read_open && (0 == buftun_size)) - FD_SET(fd_tun, &fds_r); - - /* - * We are supposed to read and the buffer is not empty - * -> select on write to stdout - */ - if (read_open && (0 != buftun_size)) - FD_SET(1, &fds_w); - - /* - * We are supposed to write and the buffer is empty - * -> select on read from stdin - */ - if (write_open && (NULL == bufin_read)) - FD_SET(0, &fds_r); - - /* - * We are supposed to write and the buffer is not empty - * -> select on write to tun - */ - if (write_open && (NULL != bufin_read)) - FD_SET(fd_tun, &fds_w); - - int r = select(fd_tun + 1, &fds_r, &fds_w, NULL, NULL); - - if (-1 == r) + { + FD_ZERO (&fds_w); + FD_ZERO (&fds_r); + + /* + * We are supposed to read and the buffer is empty + * -> select on read from tun + */ + if (read_open && (0 == buftun_size)) + FD_SET (fd_tun, &fds_r); + + /* + * We are supposed to read and the buffer is not empty + * -> select on write to stdout + */ + if (read_open && (0 != buftun_size)) + FD_SET (1, &fds_w); + + /* + * We are supposed to write and the buffer is empty + * -> select on read from stdin + */ + if (write_open && (NULL == bufin_read)) + FD_SET (0, &fds_r); + + /* + * We are supposed to write and the buffer is not empty + * -> select on write to tun + */ + if (write_open && (NULL != bufin_read)) + FD_SET (fd_tun, &fds_w); + + int r = select (fd_tun + 1, &fds_r, &fds_w, NULL, NULL); + + if (-1 == r) + { + if (EINTR == errno) + continue; + fprintf (stderr, "select failed: %s\n", strerror (errno)); + exit (1); + } + + if (r > 0) + { + if (FD_ISSET (fd_tun, &fds_r)) + { + buftun_size = + read (fd_tun, buftun + sizeof(struct GNUNET_MessageHeader), + MAX_SIZE - sizeof(struct GNUNET_MessageHeader)); + if (-1 == buftun_size) { - if (EINTR == errno) - continue; - fprintf(stderr, "select failed: %s\n", strerror(errno)); - exit(1); + fprintf (stderr, + "read-error: %s\n", + strerror (errno)); + shutdown (fd_tun, SHUT_RD); + shutdown (1, SHUT_WR); + read_open = 0; + buftun_size = 0; } - - if (r > 0) + else if (0 == buftun_size) { - if (FD_ISSET(fd_tun, &fds_r)) - { - buftun_size = - read(fd_tun, buftun + sizeof(struct GNUNET_MessageHeader), - MAX_SIZE - sizeof(struct GNUNET_MessageHeader)); - if (-1 == buftun_size) - { - fprintf(stderr, - "read-error: %s\n", - strerror(errno)); - shutdown(fd_tun, SHUT_RD); - shutdown(1, SHUT_WR); - read_open = 0; - buftun_size = 0; - } - else if (0 == buftun_size) - { #if DEBUG - fprintf(stderr, "EOF on tun\n"); + fprintf (stderr, "EOF on tun\n"); #endif - shutdown(fd_tun, SHUT_RD); - shutdown(1, SHUT_WR); - read_open = 0; - buftun_size = 0; - } - else - { - buftun_read = buftun; - struct GNUNET_MessageHeader *hdr = - (struct GNUNET_MessageHeader *)buftun; - buftun_size += sizeof(struct GNUNET_MessageHeader); - hdr->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - hdr->size = htons(buftun_size); - } - } - else if (FD_ISSET(1, &fds_w)) - { - ssize_t written = write(1, buftun_read, buftun_size); - - if (-1 == written) - { -#if !DEBUG - if (errno != EPIPE) + shutdown (fd_tun, SHUT_RD); + shutdown (1, SHUT_WR); + read_open = 0; + buftun_size = 0; + } + else + { + buftun_read = buftun; + struct GNUNET_MessageHeader *hdr = + (struct GNUNET_MessageHeader *) buftun; + buftun_size += sizeof(struct GNUNET_MessageHeader); + hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + hdr->size = htons (buftun_size); + } + } + else if (FD_ISSET (1, &fds_w)) + { + ssize_t written = write (1, buftun_read, buftun_size); + + if (-1 == written) + { +#if ! DEBUG + if (errno != EPIPE) #endif - fprintf(stderr, - "write-error to stdout: %s\n", - strerror(errno)); - shutdown(fd_tun, SHUT_RD); - shutdown(1, SHUT_WR); - read_open = 0; - buftun_size = 0; - } - else if (0 == written) - { - fprintf(stderr, "write returned 0!?\n"); - exit(1); - } - else - { - buftun_size -= written; - buftun_read += written; - } - } - - if (FD_ISSET(0, &fds_r)) - { - bufin_size = read(0, bufin + bufin_rpos, MAX_SIZE - bufin_rpos); - if (-1 == bufin_size) - { - fprintf(stderr, "read-error: %s\n", strerror(errno)); - shutdown(0, SHUT_RD); - shutdown(fd_tun, SHUT_WR); - write_open = 0; - bufin_size = 0; - } - else if (0 == bufin_size) - { + fprintf (stderr, + "write-error to stdout: %s\n", + strerror (errno)); + shutdown (fd_tun, SHUT_RD); + shutdown (1, SHUT_WR); + read_open = 0; + buftun_size = 0; + } + else if (0 == written) + { + fprintf (stderr, "write returned 0!?\n"); + exit (1); + } + else + { + buftun_size -= written; + buftun_read += written; + } + } + + if (FD_ISSET (0, &fds_r)) + { + bufin_size = read (0, bufin + bufin_rpos, MAX_SIZE - bufin_rpos); + if (-1 == bufin_size) + { + fprintf (stderr, "read-error: %s\n", strerror (errno)); + shutdown (0, SHUT_RD); + shutdown (fd_tun, SHUT_WR); + write_open = 0; + bufin_size = 0; + } + else if (0 == bufin_size) + { #if DEBUG - fprintf(stderr, "EOF on stdin\n"); + fprintf (stderr, "EOF on stdin\n"); #endif - shutdown(0, SHUT_RD); - shutdown(fd_tun, SHUT_WR); - write_open = 0; - bufin_size = 0; - } - else - { - struct GNUNET_MessageHeader *hdr; + shutdown (0, SHUT_RD); + shutdown (fd_tun, SHUT_WR); + write_open = 0; + bufin_size = 0; + } + else + { + struct GNUNET_MessageHeader *hdr; PROCESS_BUFFER: - bufin_rpos += bufin_size; - if (bufin_rpos < sizeof(struct GNUNET_MessageHeader)) - continue; - hdr = (struct GNUNET_MessageHeader *)bufin; - if (ntohs(hdr->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) - { - fprintf(stderr, "protocol violation!\n"); - exit(1); - } - if (ntohs(hdr->size) > bufin_rpos) - continue; - bufin_read = bufin + sizeof(struct GNUNET_MessageHeader); - bufin_size = ntohs(hdr->size) - sizeof(struct GNUNET_MessageHeader); - bufin_rpos -= bufin_size + sizeof(struct GNUNET_MessageHeader); - } - } - else if (FD_ISSET(fd_tun, &fds_w)) - { - ssize_t written = write(fd_tun, bufin_read, bufin_size); - - if (-1 == written) - { - fprintf(stderr, "write-error to tun: %s\n", strerror(errno)); - shutdown(0, SHUT_RD); - shutdown(fd_tun, SHUT_WR); - write_open = 0; - bufin_size = 0; - } - else if (0 == written) - { - fprintf(stderr, "write returned 0!?\n"); - exit(1); - } - else - { - bufin_size -= written; - bufin_read += written; - if (0 == bufin_size) - { - memmove(bufin, bufin_read, bufin_rpos); - bufin_read = NULL; /* start reading again */ - bufin_size = 0; - goto PROCESS_BUFFER; - } - } - } + bufin_rpos += bufin_size; + if (bufin_rpos < sizeof(struct GNUNET_MessageHeader)) + continue; + hdr = (struct GNUNET_MessageHeader *) bufin; + if (ntohs (hdr->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) + { + fprintf (stderr, "protocol violation!\n"); + exit (1); + } + if (ntohs (hdr->size) > bufin_rpos) + continue; + bufin_read = bufin + sizeof(struct GNUNET_MessageHeader); + bufin_size = ntohs (hdr->size) - sizeof(struct GNUNET_MessageHeader); + bufin_rpos -= bufin_size + sizeof(struct GNUNET_MessageHeader); + } + } + else if (FD_ISSET (fd_tun, &fds_w)) + { + ssize_t written = write (fd_tun, bufin_read, bufin_size); + + if (-1 == written) + { + fprintf (stderr, "write-error to tun: %s\n", strerror (errno)); + shutdown (0, SHUT_RD); + shutdown (fd_tun, SHUT_WR); + write_open = 0; + bufin_size = 0; } + else if (0 == written) + { + fprintf (stderr, "write returned 0!?\n"); + exit (1); + } + else + { + bufin_size -= written; + bufin_read += written; + if (0 == bufin_size) + { + memmove (bufin, bufin_read, bufin_rpos); + bufin_read = NULL; /* start reading again */ + bufin_size = 0; + goto PROCESS_BUFFER; + } + } + } } + } } @@ -651,166 +652,164 @@ PROCESS_BUFFER: * 6: IPv4 netmask ("255.255.0.0") [ignored if #4 is "-"] */ int -main(int argc, char **argv) +main (int argc, char **argv) { char dev[IFNAMSIZ]; int fd_tun; int global_ret; if (7 != argc) - { - fprintf(stderr, "Fatal: must supply 6 arguments!\n"); - return 1; - } - if ((0 == strcmp(argv[3], "-")) && - (0 == strcmp(argv[5], "-"))) - { - fprintf(stderr, "Fatal: disabling both IPv4 and IPv6 makes no sense.\n"); - return 1; - } - if (0 != strcmp(argv[2], "-")) - { + { + fprintf (stderr, "Fatal: must supply 6 arguments!\n"); + return 1; + } + if ((0 == strcmp (argv[3], "-")) && + (0 == strcmp (argv[5], "-"))) + { + fprintf (stderr, "Fatal: disabling both IPv4 and IPv6 makes no sense.\n"); + return 1; + } + if (0 != strcmp (argv[2], "-")) + { #ifdef IPTABLES - if (0 == access(IPTABLES, X_OK)) - sbin_iptables = IPTABLES; - else + if (0 == access (IPTABLES, X_OK)) + sbin_iptables = IPTABLES; + else #endif - if (0 == access("/sbin/iptables", X_OK)) - sbin_iptables = "/sbin/iptables"; - else if (0 == access("/usr/sbin/iptables", X_OK)) - sbin_iptables = "/usr/sbin/iptables"; - else - { - fprintf(stderr, - "Fatal: executable iptables not found in approved directories: %s\n", - strerror(errno)); - return 1; - } + if (0 == access ("/sbin/iptables", X_OK)) + sbin_iptables = "/sbin/iptables"; + else if (0 == access ("/usr/sbin/iptables", X_OK)) + sbin_iptables = "/usr/sbin/iptables"; + else + { + fprintf (stderr, + "Fatal: executable iptables not found in approved directories: %s\n", + strerror (errno)); + return 1; + } #ifdef SYSCTL - if (0 == access(SYSCTL, X_OK)) - sbin_sysctl = SYSCTL; - else + if (0 == access (SYSCTL, X_OK)) + sbin_sysctl = SYSCTL; + else #endif - if (0 == access("/sbin/sysctl", X_OK)) - sbin_sysctl = "/sbin/sysctl"; - else if (0 == access("/usr/sbin/sysctl", X_OK)) - sbin_sysctl = "/usr/sbin/sysctl"; - else - { - fprintf(stderr, - "Fatal: executable sysctl not found in approved directories: %s\n", - strerror(errno)); - return 1; - } + if (0 == access ("/sbin/sysctl", X_OK)) + sbin_sysctl = "/sbin/sysctl"; + else if (0 == access ("/usr/sbin/sysctl", X_OK)) + sbin_sysctl = "/usr/sbin/sysctl"; + else + { + fprintf (stderr, + "Fatal: executable sysctl not found in approved directories: %s\n", + strerror (errno)); + return 1; } + } - strncpy(dev, argv[1], IFNAMSIZ); + strncpy (dev, argv[1], IFNAMSIZ); dev[IFNAMSIZ - 1] = '\0'; - if (-1 == (fd_tun = init_tun(dev))) + if (-1 == (fd_tun = init_tun (dev))) + { + fprintf (stderr, + "Fatal: could not initialize tun-interface `%s' with IPv6 %s/%s and IPv4 %s/%s\n", + dev, + argv[3], + argv[4], + argv[5], + argv[6]); + return 1; + } + + if (0 != strcmp (argv[3], "-")) + { { - fprintf(stderr, - "Fatal: could not initialize tun-interface `%s' with IPv6 %s/%s and IPv4 %s/%s\n", - dev, - argv[3], - argv[4], - argv[5], - argv[6]); - return 1; - } + const char *address = argv[3]; + long prefix_len = atol (argv[4]); - if (0 != strcmp(argv[3], "-")) + if ((prefix_len < 1) || (prefix_len > 127)) + { + fprintf (stderr, "Fatal: prefix_len out of range\n"); + return 1; + } + set_address6 (dev, address, prefix_len); + } + if (0 != strcmp (argv[2], "-")) { + char *const sysctl_args[] = { + "sysctl", "-w", "net.ipv6.conf.all.forwarding=1", NULL + }; + if (0 != fork_and_exec (sbin_sysctl, + sysctl_args)) { - const char *address = argv[3]; - long prefix_len = atol(argv[4]); - - if ((prefix_len < 1) || (prefix_len > 127)) - { - fprintf(stderr, "Fatal: prefix_len out of range\n"); - return 1; - } - set_address6(dev, address, prefix_len); + fprintf (stderr, + "Failed to enable IPv6 forwarding. Will continue anyway.\n"); } - if (0 != strcmp(argv[2], "-")) - { - char *const sysctl_args[] = - { - "sysctl", "-w", "net.ipv6.conf.all.forwarding=1", NULL - }; - if (0 != fork_and_exec(sbin_sysctl, - sysctl_args)) - { - fprintf(stderr, - "Failed to enable IPv6 forwarding. Will continue anyway.\n"); - } - } } + } - if (0 != strcmp(argv[5], "-")) + if (0 != strcmp (argv[5], "-")) + { { - { - const char *address = argv[5]; - const char *mask = argv[6]; + const char *address = argv[5]; + const char *mask = argv[6]; - set_address4(dev, address, mask); + set_address4 (dev, address, mask); + } + if (0 != strcmp (argv[2], "-")) + { + { + char *const sysctl_args[] = { + "sysctl", "-w", "net.ipv4.ip_forward=1", NULL + }; + if (0 != fork_and_exec (sbin_sysctl, + sysctl_args)) + { + fprintf (stderr, + "Failed to enable IPv4 forwarding. Will continue anyway.\n"); + } } - if (0 != strcmp(argv[2], "-")) + { + char *const iptables_args[] = { + "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", + "MASQUERADE", NULL + }; + if (0 != fork_and_exec (sbin_iptables, + iptables_args)) { - { - char *const sysctl_args[] = - { - "sysctl", "-w", "net.ipv4.ip_forward=1", NULL - }; - if (0 != fork_and_exec(sbin_sysctl, - sysctl_args)) - { - fprintf(stderr, - "Failed to enable IPv4 forwarding. Will continue anyway.\n"); - } - } - { - char *const iptables_args[] = - { - "iptables", "-t", "nat", "-A", "POSTROUTING", "-o", argv[2], "-j", "MASQUERADE", NULL - }; - if (0 != fork_and_exec(sbin_iptables, - iptables_args)) - { - fprintf(stderr, - "Failed to enable IPv4 masquerading (NAT). Will continue anyway.\n"); - } - } + fprintf (stderr, + "Failed to enable IPv4 masquerading (NAT). Will continue anyway.\n"); } + } } + } - uid_t uid = getuid(); + uid_t uid = getuid (); #ifdef HAVE_SETRESUID - if (0 != setresuid(uid, uid, uid)) - { - fprintf(stderr, "Failed to setresuid: %s\n", strerror(errno)); - global_ret = 2; - goto cleanup; - } + if (0 != setresuid (uid, uid, uid)) + { + fprintf (stderr, "Failed to setresuid: %s\n", strerror (errno)); + global_ret = 2; + goto cleanup; + } #else - if (0 != (setuid(uid) | seteuid(uid))) - { - fprintf(stderr, "Failed to setuid: %s\n", strerror(errno)); - global_ret = 2; - goto cleanup; - } + if (0 != (setuid (uid) | seteuid (uid))) + { + fprintf (stderr, "Failed to setuid: %s\n", strerror (errno)); + global_ret = 2; + goto cleanup; + } #endif - if (SIG_ERR == signal(SIGPIPE, SIG_IGN)) - { - fprintf(stderr, "Failed to protect against SIGPIPE: %s\n", - strerror(errno)); - /* no exit, we might as well die with SIGPIPE should it ever happen */ - } - run(fd_tun); + if (SIG_ERR == signal (SIGPIPE, SIG_IGN)) + { + fprintf (stderr, "Failed to protect against SIGPIPE: %s\n", + strerror (errno)); + /* no exit, we might as well die with SIGPIPE should it ever happen */ + } + run (fd_tun); global_ret = 0; cleanup: - (void)close(fd_tun); + (void) close (fd_tun); return global_ret; } -- cgit v1.2.3