From c4e9ba925ffd758aaa3feee2ccfc0b76f26fe207 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Sat, 5 Oct 2019 15:09:28 +0200 Subject: global reindent, now with uncrustify hook enabled --- src/vpn/gnunet-helper-vpn.c | 893 +++++------ src/vpn/gnunet-service-vpn.c | 3594 +++++++++++++++++++++--------------------- src/vpn/gnunet-vpn.c | 334 ++-- src/vpn/vpn.h | 9 +- src/vpn/vpn_api.c | 341 ++-- 5 files changed, 2595 insertions(+), 2576 deletions(-) (limited to 'src/vpn') diff --git a/src/vpn/gnunet-helper-vpn.c b/src/vpn/gnunet-helper-vpn.c index 4b4073418..38c5c1795 100644 --- a/src/vpn/gnunet-helper-vpn.c +++ b/src/vpn/gnunet-helper-vpn.c @@ -61,7 +61,8 @@ /** * This is in linux/include/net/ipv6.h, but not always exported... */ -struct in6_ifreq { +struct in6_ifreq +{ struct in6_addr ifr6_addr; uint32_t ifr6_prefixlen; unsigned int ifr6_ifindex; @@ -77,55 +78,55 @@ struct in6_ifreq { * @return the fd to the tun or -1 on error */ static int -init_tun(char *dev) +init_tun (char *dev) { struct ifreq ifr; int fd; if (NULL == dev) - { - errno = EINVAL; - return -1; - } - - if (-1 == (fd = open("/dev/net/tun", O_RDWR))) - { - fprintf(stderr, - "Error opening `%s': %s\n", - "/dev/net/tun", - strerror(errno)); - return -1; - } + { + errno = EINVAL; + return -1; + } + + if (-1 == (fd = open ("/dev/net/tun", O_RDWR))) + { + fprintf (stderr, + "Error opening `%s': %s\n", + "/dev/net/tun", + strerror (errno)); + return -1; + } if (fd >= FD_SETSIZE) - { - fprintf(stderr, - "File descriptor to large: %d", - fd); - (void)close(fd); - return -1; - } - - memset(&ifr, 0, sizeof(ifr)); + { + fprintf (stderr, + "File descriptor to large: %d", + fd); + (void) close (fd); + return -1; + } + + memset (&ifr, 0, sizeof(ifr)); ifr.ifr_flags = IFF_TUN; if ('\0' != *dev) - strncpy(ifr.ifr_name, - dev, - IFNAMSIZ); - - if (-1 == ioctl(fd, - TUNSETIFF, - (void *)&ifr)) - { - fprintf(stderr, - "Error with ioctl on `%s': %s\n", - "/dev/net/tun", - strerror(errno)); - (void)close(fd); - return -1; - } - strcpy(dev, ifr.ifr_name); + strncpy (ifr.ifr_name, + dev, + IFNAMSIZ); + + if (-1 == ioctl (fd, + TUNSETIFF, + (void *) &ifr)) + { + fprintf (stderr, + "Error with ioctl on `%s': %s\n", + "/dev/net/tun", + strerror (errno)); + (void) close (fd); + return -1; + } + strcpy (dev, ifr.ifr_name); return fd; } @@ -138,9 +139,9 @@ init_tun(char *dev) * @param prefix_len the length of the network-prefix */ static void -set_address6(const char *dev, - const char *address, - unsigned long prefix_len) +set_address6 (const char *dev, + const char *address, + unsigned long prefix_len) { struct ifreq ifr; struct in6_ifreq ifr6; @@ -150,44 +151,44 @@ set_address6(const char *dev, /* * parse the new address */ - memset(&sa6, 0, sizeof(struct sockaddr_in6)); + memset (&sa6, 0, sizeof(struct sockaddr_in6)); sa6.sin6_family = AF_INET6; - if (1 != inet_pton(AF_INET6, address, sa6.sin6_addr.s6_addr)) - { - fprintf(stderr, - "Failed to parse IPv6 address `%s'\n", - address); - exit(1); - } - - if (-1 == (fd = socket(PF_INET6, SOCK_DGRAM, 0))) - { - fprintf(stderr, - "Error creating socket: %s\n", - strerror(errno)); - exit(1); - } - - memset(&ifr, 0, sizeof(struct ifreq)); + if (1 != inet_pton (AF_INET6, address, sa6.sin6_addr.s6_addr)) + { + fprintf (stderr, + "Failed to parse IPv6 address `%s'\n", + address); + exit (1); + } + + if (-1 == (fd = socket (PF_INET6, SOCK_DGRAM, 0))) + { + fprintf (stderr, + "Error creating socket: %s\n", + strerror (errno)); + exit (1); + } + + memset (&ifr, 0, sizeof(struct ifreq)); /* * Get the index of the if */ - strncpy(ifr.ifr_name, - dev, - IFNAMSIZ); - if (-1 == ioctl(fd, - SIOGIFINDEX, - &ifr)) - { - fprintf(stderr, - "ioctl failed at %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } - - memset(&ifr6, 0, sizeof(struct in6_ifreq)); + strncpy (ifr.ifr_name, + dev, + IFNAMSIZ); + if (-1 == ioctl (fd, + SIOGIFINDEX, + &ifr)) + { + fprintf (stderr, + "ioctl failed at %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } + + memset (&ifr6, 0, sizeof(struct in6_ifreq)); ifr6.ifr6_addr = sa6.sin6_addr; ifr6.ifr6_ifindex = ifr.ifr_ifindex; ifr6.ifr6_prefixlen = prefix_len; @@ -195,56 +196,56 @@ set_address6(const char *dev, /* * Set the address */ - if (-1 == ioctl(fd, - SIOCSIFADDR, - &ifr6)) - { - fprintf(stderr, - "ioctl failed at line %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, + SIOCSIFADDR, + &ifr6)) + { + fprintf (stderr, + "ioctl failed at line %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Get the flags */ - if (-1 == ioctl(fd, - SIOCGIFFLAGS, - &ifr)) - { - fprintf(stderr, - "ioctl failed at line %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, + SIOCGIFFLAGS, + &ifr)) + { + fprintf (stderr, + "ioctl failed at line %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Add the UP and RUNNING flags */ ifr.ifr_flags |= IFF_UP | IFF_RUNNING; - if (-1 == ioctl(fd, - SIOCSIFFLAGS, - &ifr)) - { - fprintf(stderr, - "ioctl failed at line %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } - - if (0 != close(fd)) - { - fprintf(stderr, - "close failed: %s\n", - strerror(errno)); - exit(1); - } + if (-1 == ioctl (fd, + SIOCSIFFLAGS, + &ifr)) + { + fprintf (stderr, + "ioctl failed at line %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } + + if (0 != close (fd)) + { + fprintf (stderr, + "close failed: %s\n", + strerror (errno)); + exit (1); + } } @@ -256,117 +257,117 @@ set_address6(const char *dev, * @param mask the netmask */ static void -set_address4(const char *dev, - const char *address, - const char *mask) +set_address4 (const char *dev, + const char *address, + const char *mask) { int fd; struct sockaddr_in *addr; struct ifreq ifr; - memset(&ifr, 0, sizeof(struct ifreq)); - addr = (struct sockaddr_in *)&(ifr.ifr_addr); + memset (&ifr, 0, sizeof(struct ifreq)); + addr = (struct sockaddr_in *) &(ifr.ifr_addr); addr->sin_family = AF_INET; /* * Parse the address */ - if (1 != inet_pton(AF_INET, - address, - &addr->sin_addr.s_addr)) - { - fprintf(stderr, - "Failed to parse IPv4 address `%s'\n", - address); - exit(1); - } - - if (-1 == (fd = socket(PF_INET, SOCK_DGRAM, 0))) - { - fprintf(stderr, - "Error creating socket: %s\n", - strerror(errno)); - exit(1); - } - - strncpy(ifr.ifr_name, dev, IFNAMSIZ); + if (1 != inet_pton (AF_INET, + address, + &addr->sin_addr.s_addr)) + { + fprintf (stderr, + "Failed to parse IPv4 address `%s'\n", + address); + exit (1); + } + + if (-1 == (fd = socket (PF_INET, SOCK_DGRAM, 0))) + { + fprintf (stderr, + "Error creating socket: %s\n", + strerror (errno)); + exit (1); + } + + strncpy (ifr.ifr_name, dev, IFNAMSIZ); /* * Set the address */ - if (-1 == ioctl(fd, SIOCSIFADDR, &ifr)) - { - fprintf(stderr, - "ioctl failed at %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFADDR, &ifr)) + { + fprintf (stderr, + "ioctl failed at %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Parse the netmask */ - addr = (struct sockaddr_in *)&(ifr.ifr_netmask); - if (1 != inet_pton(AF_INET, - mask, - &addr->sin_addr.s_addr)) - { - fprintf(stderr, - "Failed to parse IPv4 address mask `%s'\n", - mask); - (void)close(fd); - exit(1); - } + addr = (struct sockaddr_in *) &(ifr.ifr_netmask); + if (1 != inet_pton (AF_INET, + mask, + &addr->sin_addr.s_addr)) + { + fprintf (stderr, + "Failed to parse IPv4 address mask `%s'\n", + mask); + (void) close (fd); + exit (1); + } /* * Set the netmask */ - if (-1 == ioctl(fd, SIOCSIFNETMASK, &ifr)) - { - fprintf(stderr, - "ioctl failed at line %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFNETMASK, &ifr)) + { + fprintf (stderr, + "ioctl failed at line %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Get the flags */ - if (-1 == ioctl(fd, SIOCGIFFLAGS, &ifr)) - { - fprintf(stderr, - "ioctl failed at line %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCGIFFLAGS, &ifr)) + { + fprintf (stderr, + "ioctl failed at line %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } /* * Add the UP and RUNNING flags */ ifr.ifr_flags |= IFF_UP | IFF_RUNNING; - if (-1 == ioctl(fd, SIOCSIFFLAGS, &ifr)) - { - fprintf(stderr, - "ioctl failed at line %d: %s\n", - __LINE__, - strerror(errno)); - (void)close(fd); - exit(1); - } - - if (0 != close(fd)) - { - fprintf(stderr, - "close failed: %s\n", - strerror(errno)); - (void)close(fd); - exit(1); - } + if (-1 == ioctl (fd, SIOCSIFFLAGS, &ifr)) + { + fprintf (stderr, + "ioctl failed at line %d: %s\n", + __LINE__, + strerror (errno)); + (void) close (fd); + exit (1); + } + + if (0 != close (fd)) + { + fprintf (stderr, + "close failed: %s\n", + strerror (errno)); + (void) close (fd); + exit (1); + } } @@ -376,7 +377,7 @@ set_address4(const char *dev, * @param fd_tun tunnel FD */ static void -run(int fd_tun) +run (int fd_tun) { /* * The buffer filled by reading from fd_tun @@ -403,198 +404,198 @@ run(int fd_tun) int write_open = 1; while ((1 == read_open) && (1 == write_open)) + { + FD_ZERO (&fds_w); + FD_ZERO (&fds_r); + + /* + * We are supposed to read and the buffer is empty + * -> select on read from tun + */ + if (read_open && (0 == buftun_size)) + FD_SET (fd_tun, &fds_r); + + /* + * We are supposed to read and the buffer is not empty + * -> select on write to stdout + */ + if (read_open && (0 != buftun_size)) + FD_SET (1, &fds_w); + + /* + * We are supposed to write and the buffer is empty + * -> select on read from stdin + */ + if (write_open && (NULL == bufin_read)) + FD_SET (0, &fds_r); + + /* + * We are supposed to write and the buffer is not empty + * -> select on write to tun + */ + if (write_open && (NULL != bufin_read)) + FD_SET (fd_tun, &fds_w); + + int r = select (fd_tun + 1, &fds_r, &fds_w, NULL, NULL); + + if (-1 == r) + { + if (EINTR == errno) + continue; + fprintf (stderr, + "select failed: %s\n", + strerror (errno)); + exit (1); + } + + if (r > 0) { - FD_ZERO(&fds_w); - FD_ZERO(&fds_r); - - /* - * We are supposed to read and the buffer is empty - * -> select on read from tun - */ - if (read_open && (0 == buftun_size)) - FD_SET(fd_tun, &fds_r); - - /* - * We are supposed to read and the buffer is not empty - * -> select on write to stdout - */ - if (read_open && (0 != buftun_size)) - FD_SET(1, &fds_w); - - /* - * We are supposed to write and the buffer is empty - * -> select on read from stdin - */ - if (write_open && (NULL == bufin_read)) - FD_SET(0, &fds_r); - - /* - * We are supposed to write and the buffer is not empty - * -> select on write to tun - */ - if (write_open && (NULL != bufin_read)) - FD_SET(fd_tun, &fds_w); - - int r = select(fd_tun + 1, &fds_r, &fds_w, NULL, NULL); - - if (-1 == r) + if (FD_ISSET (fd_tun, &fds_r)) + { + buftun_size = + read (fd_tun, buftun + sizeof(struct GNUNET_MessageHeader), + MAX_SIZE - sizeof(struct GNUNET_MessageHeader)); + if (-1 == buftun_size) { - if (EINTR == errno) - continue; - fprintf(stderr, - "select failed: %s\n", - strerror(errno)); - exit(1); + fprintf (stderr, + "read-error: %s\n", + strerror (errno)); + shutdown (fd_tun, SHUT_RD); + shutdown (1, SHUT_WR); + read_open = 0; + buftun_size = 0; } - - if (r > 0) + else if (0 == buftun_size) { - if (FD_ISSET(fd_tun, &fds_r)) - { - buftun_size = - read(fd_tun, buftun + sizeof(struct GNUNET_MessageHeader), - MAX_SIZE - sizeof(struct GNUNET_MessageHeader)); - if (-1 == buftun_size) - { - fprintf(stderr, - "read-error: %s\n", - strerror(errno)); - shutdown(fd_tun, SHUT_RD); - shutdown(1, SHUT_WR); - read_open = 0; - buftun_size = 0; - } - else if (0 == buftun_size) - { - fprintf(stderr, "EOF on tun\n"); - shutdown(fd_tun, SHUT_RD); - shutdown(1, SHUT_WR); - read_open = 0; - buftun_size = 0; - } - else - { - buftun_read = buftun; - struct GNUNET_MessageHeader *hdr = - (struct GNUNET_MessageHeader *)buftun; - buftun_size += sizeof(struct GNUNET_MessageHeader); - hdr->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - hdr->size = htons(buftun_size); - } - } - else if (FD_ISSET(1, &fds_w)) - { - ssize_t written = write(1, - buftun_read, - buftun_size); - - if (-1 == written) - { -#if !DEBUG - if (errno != EPIPE) + fprintf (stderr, "EOF on tun\n"); + shutdown (fd_tun, SHUT_RD); + shutdown (1, SHUT_WR); + read_open = 0; + buftun_size = 0; + } + else + { + buftun_read = buftun; + struct GNUNET_MessageHeader *hdr = + (struct GNUNET_MessageHeader *) buftun; + buftun_size += sizeof(struct GNUNET_MessageHeader); + hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + hdr->size = htons (buftun_size); + } + } + else if (FD_ISSET (1, &fds_w)) + { + ssize_t written = write (1, + buftun_read, + buftun_size); + + if (-1 == written) + { +#if ! DEBUG + if (errno != EPIPE) #endif - fprintf(stderr, - "write-error to stdout: %s\n", - strerror(errno)); - shutdown(fd_tun, SHUT_RD); - shutdown(1, SHUT_WR); - read_open = 0; - buftun_size = 0; - } - else if (0 == written) - { - fprintf(stderr, - "write returned 0!?\n"); - exit(1); - } - else - { - buftun_size -= written; - buftun_read += written; - } - } - - if (FD_ISSET(0, &fds_r)) - { - bufin_size = read(0, bufin + bufin_rpos, MAX_SIZE - bufin_rpos); - if (-1 == bufin_size) - { - fprintf(stderr, - "read-error: %s\n", - strerror(errno)); - shutdown(0, SHUT_RD); - shutdown(fd_tun, SHUT_WR); - write_open = 0; - bufin_size = 0; - } - else if (0 == bufin_size) - { + fprintf (stderr, + "write-error to stdout: %s\n", + strerror (errno)); + shutdown (fd_tun, SHUT_RD); + shutdown (1, SHUT_WR); + read_open = 0; + buftun_size = 0; + } + else if (0 == written) + { + fprintf (stderr, + "write returned 0!?\n"); + exit (1); + } + else + { + buftun_size -= written; + buftun_read += written; + } + } + + if (FD_ISSET (0, &fds_r)) + { + bufin_size = read (0, bufin + bufin_rpos, MAX_SIZE - bufin_rpos); + if (-1 == bufin_size) + { + fprintf (stderr, + "read-error: %s\n", + strerror (errno)); + shutdown (0, SHUT_RD); + shutdown (fd_tun, SHUT_WR); + write_open = 0; + bufin_size = 0; + } + else if (0 == bufin_size) + { #if DEBUG - fprintf(stderr, "EOF on stdin\n"); + fprintf (stderr, "EOF on stdin\n"); #endif - shutdown(0, SHUT_RD); - shutdown(fd_tun, SHUT_WR); - write_open = 0; - bufin_size = 0; - } - else - { - struct GNUNET_MessageHeader *hdr; + shutdown (0, SHUT_RD); + shutdown (fd_tun, SHUT_WR); + write_open = 0; + bufin_size = 0; + } + else + { + struct GNUNET_MessageHeader *hdr; PROCESS_BUFFER: - bufin_rpos += bufin_size; - if (bufin_rpos < sizeof(struct GNUNET_MessageHeader)) - continue; - hdr = (struct GNUNET_MessageHeader *)bufin; - if (ntohs(hdr->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) - { - fprintf(stderr, - "protocol violation!\n"); - exit(1); - } - if (ntohs(hdr->size) > bufin_rpos) - continue; - bufin_read = bufin + sizeof(struct GNUNET_MessageHeader); - bufin_size = ntohs(hdr->size) - sizeof(struct GNUNET_MessageHeader); - bufin_rpos -= bufin_size + sizeof(struct GNUNET_MessageHeader); - } - } - else if (FD_ISSET(fd_tun, &fds_w)) - { - ssize_t written = write(fd_tun, - bufin_read, - bufin_size); - - if (-1 == written) - { - fprintf(stderr, - "write-error to tun: %s\n", - strerror(errno)); - shutdown(0, SHUT_RD); - shutdown(fd_tun, SHUT_WR); - write_open = 0; - bufin_size = 0; - } - else if (0 == written) - { - fprintf(stderr, "write returned 0!?\n"); - exit(1); - } - else - { - bufin_size -= written; - bufin_read += written; - if (0 == bufin_size) - { - memmove(bufin, bufin_read, bufin_rpos); - bufin_read = NULL; /* start reading again */ - bufin_size = 0; - goto PROCESS_BUFFER; - } - } - } + bufin_rpos += bufin_size; + if (bufin_rpos < sizeof(struct GNUNET_MessageHeader)) + continue; + hdr = (struct GNUNET_MessageHeader *) bufin; + if (ntohs (hdr->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) + { + fprintf (stderr, + "protocol violation!\n"); + exit (1); + } + if (ntohs (hdr->size) > bufin_rpos) + continue; + bufin_read = bufin + sizeof(struct GNUNET_MessageHeader); + bufin_size = ntohs (hdr->size) - sizeof(struct GNUNET_MessageHeader); + bufin_rpos -= bufin_size + sizeof(struct GNUNET_MessageHeader); } + } + else if (FD_ISSET (fd_tun, &fds_w)) + { + ssize_t written = write (fd_tun, + bufin_read, + bufin_size); + + if (-1 == written) + { + fprintf (stderr, + "write-error to tun: %s\n", + strerror (errno)); + shutdown (0, SHUT_RD); + shutdown (fd_tun, SHUT_WR); + write_open = 0; + bufin_size = 0; + } + else if (0 == written) + { + fprintf (stderr, "write returned 0!?\n"); + exit (1); + } + else + { + bufin_size -= written; + bufin_read += written; + if (0 == bufin_size) + { + memmove (bufin, bufin_read, bufin_rpos); + bufin_read = NULL; /* start reading again */ + bufin_size = 0; + goto PROCESS_BUFFER; + } + } + } } + } } @@ -610,92 +611,92 @@ PROCESS_BUFFER: * 5: IPv4 netmask (255.255.0.0), ignored if #4 is "-" */ int -main(int argc, char **argv) +main (int argc, char **argv) { char dev[IFNAMSIZ]; int fd_tun; int global_ret; if (6 != argc) - { - fprintf(stderr, "Fatal: must supply 5 arguments!\n"); - return 1; - } - - strncpy(dev, - argv[1], - IFNAMSIZ); + { + fprintf (stderr, "Fatal: must supply 5 arguments!\n"); + return 1; + } + + strncpy (dev, + argv[1], + IFNAMSIZ); dev[IFNAMSIZ - 1] = '\0'; - if (-1 == (fd_tun = init_tun(dev))) + if (-1 == (fd_tun = init_tun (dev))) + { + fprintf (stderr, + "Fatal: could not initialize tun-interface `%s' with IPv6 %s/%s and IPv4 %s/%s\n", + dev, + argv[2], + argv[3], + argv[4], + argv[5]); + return 1; + } + + if (0 != strcmp (argv[2], "-")) + { + const char *address = argv[2]; + long prefix_len = atol (argv[3]); + + if ((prefix_len < 1) || (prefix_len > 127)) { - fprintf(stderr, - "Fatal: could not initialize tun-interface `%s' with IPv6 %s/%s and IPv4 %s/%s\n", - dev, - argv[2], - argv[3], - argv[4], - argv[5]); + fprintf (stderr, + "Fatal: prefix_len out of range\n"); + close (fd_tun); return 1; } - if (0 != strcmp(argv[2], "-")) - { - const char *address = argv[2]; - long prefix_len = atol(argv[3]); + set_address6 (dev, + address, + prefix_len); + } - if ((prefix_len < 1) || (prefix_len > 127)) - { - fprintf(stderr, - "Fatal: prefix_len out of range\n"); - close(fd_tun); - return 1; - } + if (0 != strcmp (argv[4], "-")) + { + const char *address = argv[4]; + const char *mask = argv[5]; - set_address6(dev, - address, - prefix_len); - } - - if (0 != strcmp(argv[4], "-")) - { - const char *address = argv[4]; - const char *mask = argv[5]; + set_address4 (dev, address, mask); + } - set_address4(dev, address, mask); - } - - uid_t uid = getuid(); + uid_t uid = getuid (); #ifdef HAVE_SETRESUID - if (0 != setresuid(uid, uid, uid)) - { - fprintf(stderr, - "Failed to setresuid: %s\n", - strerror(errno)); - global_ret = 2; - goto cleanup; - } + if (0 != setresuid (uid, uid, uid)) + { + fprintf (stderr, + "Failed to setresuid: %s\n", + strerror (errno)); + global_ret = 2; + goto cleanup; + } #else - if (0 != (setuid(uid) | seteuid(uid))) - { - fprintf(stderr, - "Failed to setuid: %s\n", - strerror(errno)); - global_ret = 2; - goto cleanup; - } + if (0 != (setuid (uid) | seteuid (uid))) + { + fprintf (stderr, + "Failed to setuid: %s\n", + strerror (errno)); + global_ret = 2; + goto cleanup; + } #endif - if (SIG_ERR == signal(SIGPIPE, SIG_IGN)) - { - fprintf(stderr, - "Failed to protect against SIGPIPE: %s\n", - strerror(errno)); - /* no exit, we might as well die with SIGPIPE should it ever happen */ - } - run(fd_tun); + if (SIG_ERR == signal (SIGPIPE, SIG_IGN)) + { + fprintf (stderr, + "Failed to protect against SIGPIPE: %s\n", + strerror (errno)); + /* no exit, we might as well die with SIGPIPE should it ever happen */ + } + run (fd_tun); global_ret = 0; cleanup: - close(fd_tun); + close (fd_tun); return global_ret; } diff --git a/src/vpn/gnunet-service-vpn.c b/src/vpn/gnunet-service-vpn.c index 4c042ea80..a716a770d 100644 --- a/src/vpn/gnunet-service-vpn.c +++ b/src/vpn/gnunet-service-vpn.c @@ -65,7 +65,8 @@ struct DestinationEntry; * List of channels we keep for each destination port for a given * destination entry. */ -struct DestinationChannel { +struct DestinationChannel +{ /** * Kept in a DLL. */ @@ -92,7 +93,8 @@ struct DestinationChannel { * Information we track for each IP address to determine which channel * to send the traffic over to the destination. */ -struct DestinationEntry { +struct DestinationEntry +{ /** * Key under which this entry is in the 'destination_map' (only valid * if 'heap_node != NULL'). @@ -123,8 +125,10 @@ struct DestinationEntry { /** * Details about the connection (depending on is_service). */ - union { - struct { + union + { + struct + { /** * The description of the service (only used for service channels). */ @@ -136,7 +140,8 @@ struct DestinationEntry { struct GNUNET_PeerIdentity target; } service_destination; - struct { + struct + { /** * Address family used (AF_INET or AF_INET6). */ @@ -145,7 +150,8 @@ struct DestinationEntry { /** * IP address of the ultimate destination (only used for exit channels). */ - union { + union + { /** * Address if af is AF_INET. */ @@ -164,7 +170,8 @@ struct DestinationEntry { /** * A messages we have in queue for a particular channel. */ -struct ChannelMessageQueueEntry { +struct ChannelMessageQueueEntry +{ /** * This is a doubly-linked list. */ @@ -190,7 +197,8 @@ struct ChannelMessageQueueEntry { /** * State we keep for each of our channels. */ -struct ChannelState { +struct ChannelState +{ /** * Information about the channel to use, NULL if no channel * is available right now. @@ -250,7 +258,8 @@ struct ChannelState { /** * IP address of the source on our end, initially uninitialized. */ - union { + union + { /** * Address if af is AF_INET. */ @@ -266,7 +275,8 @@ struct ChannelState { * Destination IP address used by the source on our end (this is the IP * that we pick freely within the VPN's channel IP range). */ - union { + union + { /** * Address if af is AF_INET. */ @@ -370,24 +380,24 @@ static unsigned long long max_channel_mappings; * @param key where to store the key */ static void -get_destination_key_from_ip(int af, - const void *address, - struct GNUNET_HashCode *key) +get_destination_key_from_ip (int af, + const void *address, + struct GNUNET_HashCode *key) { switch (af) - { - case AF_INET: - GNUNET_CRYPTO_hash(address, sizeof(struct in_addr), key); - break; + { + case AF_INET: + GNUNET_CRYPTO_hash (address, sizeof(struct in_addr), key); + break; - case AF_INET6: - GNUNET_CRYPTO_hash(address, sizeof(struct in6_addr), key); - break; + case AF_INET6: + GNUNET_CRYPTO_hash (address, sizeof(struct in6_addr), key); + break; - default: - GNUNET_assert(0); - break; - } + default: + GNUNET_assert (0); + break; + } } @@ -404,45 +414,45 @@ get_destination_key_from_ip(int af, * @param key where to store the key */ static void -get_channel_key_from_ips(int af, - uint8_t protocol, - const void *source_ip, - uint16_t source_port, - const void *destination_ip, - uint16_t destination_port, - struct GNUNET_HashCode *key) +get_channel_key_from_ips (int af, + uint8_t protocol, + const void *source_ip, + uint16_t source_port, + const void *destination_ip, + uint16_t destination_port, + struct GNUNET_HashCode *key) { char *off; - memset(key, 0, sizeof(struct GNUNET_HashCode)); + memset (key, 0, sizeof(struct GNUNET_HashCode)); /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash, so we put the ports in there (and hope for few collisions) */ - off = (char *)key; - GNUNET_memcpy(off, &source_port, sizeof(uint16_t)); + off = (char *) key; + GNUNET_memcpy (off, &source_port, sizeof(uint16_t)); off += sizeof(uint16_t); - GNUNET_memcpy(off, &destination_port, sizeof(uint16_t)); + GNUNET_memcpy (off, &destination_port, sizeof(uint16_t)); off += sizeof(uint16_t); switch (af) - { - case AF_INET: - GNUNET_memcpy(off, source_ip, sizeof(struct in_addr)); - off += sizeof(struct in_addr); - GNUNET_memcpy(off, destination_ip, sizeof(struct in_addr)); - off += sizeof(struct in_addr); - break; + { + case AF_INET: + GNUNET_memcpy (off, source_ip, sizeof(struct in_addr)); + off += sizeof(struct in_addr); + GNUNET_memcpy (off, destination_ip, sizeof(struct in_addr)); + off += sizeof(struct in_addr); + break; - case AF_INET6: - GNUNET_memcpy(off, source_ip, sizeof(struct in6_addr)); - off += sizeof(struct in6_addr); - GNUNET_memcpy(off, destination_ip, sizeof(struct in6_addr)); - off += sizeof(struct in6_addr); - break; + case AF_INET6: + GNUNET_memcpy (off, source_ip, sizeof(struct in6_addr)); + off += sizeof(struct in6_addr); + GNUNET_memcpy (off, destination_ip, sizeof(struct in6_addr)); + off += sizeof(struct in6_addr); + break; - default: - GNUNET_assert(0); - break; - } - GNUNET_memcpy(off, &protocol, sizeof(uint8_t)); + default: + GNUNET_assert (0); + break; + } + GNUNET_memcpy (off, &protocol, sizeof(uint8_t)); /* off += sizeof (uint8_t); */ } @@ -456,38 +466,38 @@ get_channel_key_from_ips(int af, * @param addr resulting IP address */ static void -send_client_reply(struct GNUNET_SERVICE_Client *client, - uint64_t request_id, - int result_af, - const void *addr) +send_client_reply (struct GNUNET_SERVICE_Client *client, + uint64_t request_id, + int result_af, + const void *addr) { struct GNUNET_MQ_Envelope *env; struct RedirectToIpResponseMessage *res; size_t rlen; switch (result_af) - { - case AF_INET: - rlen = sizeof(struct in_addr); - break; + { + case AF_INET: + rlen = sizeof(struct in_addr); + break; - case AF_INET6: - rlen = sizeof(struct in6_addr); - break; + case AF_INET6: + rlen = sizeof(struct in6_addr); + break; - case AF_UNSPEC: - rlen = 0; - break; + case AF_UNSPEC: + rlen = 0; + break; - default: - GNUNET_assert(0); - return; - } - env = GNUNET_MQ_msg_extra(res, rlen, GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP); - res->result_af = htonl(result_af); + default: + GNUNET_assert (0); + return; + } + env = GNUNET_MQ_msg_extra (res, rlen, GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP); + res->result_af = htonl (result_af); res->request_id = request_id; - GNUNET_memcpy(&res[1], addr, rlen); - GNUNET_MQ_send(GNUNET_SERVICE_client_get_mq(client), env); + GNUNET_memcpy (&res[1], addr, rlen); + GNUNET_MQ_send (GNUNET_SERVICE_client_get_mq (client), env); } @@ -497,52 +507,52 @@ send_client_reply(struct GNUNET_SERVICE_Client *client, * @param ts state to free */ static void -free_channel_state(struct ChannelState *ts) +free_channel_state (struct ChannelState *ts) { struct GNUNET_HashCode key; struct ChannelMessageQueueEntry *tnq; struct GNUNET_CADET_Channel *channel; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Cleaning up channel state\n"); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up channel state\n"); if (NULL != (channel = ts->channel)) - { - ts->channel = NULL; - GNUNET_CADET_channel_destroy(channel); - return; - } - GNUNET_STATISTICS_update(stats, - gettext_noop("# Active channels"), - -1, - GNUNET_NO); + { + ts->channel = NULL; + GNUNET_CADET_channel_destroy (channel); + return; + } + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Active channels"), + -1, + GNUNET_NO); while (NULL != (tnq = ts->tmq_head)) - { - GNUNET_CONTAINER_DLL_remove(ts->tmq_head, ts->tmq_tail, tnq); - ts->tmq_length--; - GNUNET_free(tnq); - } - GNUNET_assert(0 == ts->tmq_length); - GNUNET_assert(NULL == ts->destination.heap_node); + { + GNUNET_CONTAINER_DLL_remove (ts->tmq_head, ts->tmq_tail, tnq); + ts->tmq_length--; + GNUNET_free (tnq); + } + GNUNET_assert (0 == ts->tmq_length); + GNUNET_assert (NULL == ts->destination.heap_node); if (NULL != ts->search) - { - GNUNET_REGEX_search_cancel(ts->search); - ts->search = NULL; - } + { + GNUNET_REGEX_search_cancel (ts->search); + ts->search = NULL; + } if (NULL != ts->heap_node) - { - GNUNET_CONTAINER_heap_remove_node(ts->heap_node); - ts->heap_node = NULL; - get_channel_key_from_ips(ts->af, - ts->protocol, - &ts->source_ip, - ts->source_port, - &ts->destination_ip, - ts->destination_port, - &key); - GNUNET_assert( - GNUNET_YES == - GNUNET_CONTAINER_multihashmap_remove(channel_map, &key, ts)); - } - GNUNET_free(ts); + { + GNUNET_CONTAINER_heap_remove_node (ts->heap_node); + ts->heap_node = NULL; + get_channel_key_from_ips (ts->af, + ts->protocol, + &ts->source_ip, + ts->source_port, + &ts->destination_ip, + ts->destination_port, + &key); + GNUNET_assert ( + GNUNET_YES == + GNUNET_CONTAINER_multihashmap_remove (channel_map, &key, ts)); + } + GNUNET_free (ts); } @@ -554,27 +564,27 @@ free_channel_state(struct ChannelState *ts) * @param env message to queue */ static void -send_to_channel(struct ChannelState *ts, struct GNUNET_MQ_Envelope *env) +send_to_channel (struct ChannelState *ts, struct GNUNET_MQ_Envelope *env) { struct GNUNET_MQ_Handle *mq; - GNUNET_assert(NULL != ts->channel); - mq = GNUNET_CADET_get_mq(ts->channel); - GNUNET_MQ_env_set_options(env, - GNUNET_MQ_PRIO_BEST_EFFORT | - GNUNET_MQ_PREF_OUT_OF_ORDER); - GNUNET_MQ_send(mq, env); - if (GNUNET_MQ_get_length(mq) > MAX_MESSAGE_QUEUE_SIZE) - { - env = GNUNET_MQ_unsent_head(mq); - GNUNET_assert(NULL != env); - GNUNET_STATISTICS_update(stats, - gettext_noop( - "# Messages dropped in cadet queue (overflow)"), - 1, - GNUNET_NO); - GNUNET_MQ_discard(env); - } + GNUNET_assert (NULL != ts->channel); + mq = GNUNET_CADET_get_mq (ts->channel); + GNUNET_MQ_env_set_options (env, + GNUNET_MQ_PRIO_BEST_EFFORT + | GNUNET_MQ_PREF_OUT_OF_ORDER); + GNUNET_MQ_send (mq, env); + if (GNUNET_MQ_get_length (mq) > MAX_MESSAGE_QUEUE_SIZE) + { + env = GNUNET_MQ_unsent_head (mq); + GNUNET_assert (NULL != env); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# Messages dropped in cadet queue (overflow)"), + 1, + GNUNET_NO); + GNUNET_MQ_discard (env); + } } @@ -585,26 +595,26 @@ send_to_channel(struct ChannelState *ts, struct GNUNET_MQ_Envelope *env) * @return diagnostic string describing destination */ static const char * -print_channel_destination(const struct DestinationEntry *de) +print_channel_destination (const struct DestinationEntry *de) { static char dest[256]; if (de->is_service) - { - GNUNET_snprintf(dest, - sizeof(dest), - "HS: %s-%s", - GNUNET_i2s(&de->details.service_destination.target), - GNUNET_h2s( - &de->details.service_destination.service_descriptor)); - } + { + GNUNET_snprintf (dest, + sizeof(dest), + "HS: %s-%s", + GNUNET_i2s (&de->details.service_destination.target), + GNUNET_h2s ( + &de->details.service_destination.service_descriptor)); + } else - { - inet_ntop(de->details.exit_destination.af, - &de->details.exit_destination.ip, - dest, - sizeof(dest)); - } + { + inet_ntop (de->details.exit_destination.af, + &de->details.exit_destination.ip, + dest, + sizeof(dest)); + } return dest; } @@ -617,16 +627,16 @@ print_channel_destination(const struct DestinationEntry *de) * @param channel connection to the other end (henceforth invalid) */ static void -channel_cleaner(void *cls, const struct GNUNET_CADET_Channel *channel) +channel_cleaner (void *cls, const struct GNUNET_CADET_Channel *channel) { struct ChannelState *ts = cls; ts->channel = NULL; /* we must not call GNUNET_CADET_channel_destroy() anymore */ - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "CADET notified us about death of channel to `%s'\n", - print_channel_destination(&ts->destination)); - free_channel_state(ts); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "CADET notified us about death of channel to `%s'\n", + print_channel_destination (&ts->destination)); + free_channel_state (ts); } @@ -640,19 +650,19 @@ channel_cleaner(void *cls, const struct GNUNET_CADET_Channel *channel) * also be the first 8 bytes of the TCP header */ static void -make_up_icmpv4_payload(struct ChannelState *ts, - struct GNUNET_TUN_IPv4Header *ipp, - struct GNUNET_TUN_UdpHeader *udp) +make_up_icmpv4_payload (struct ChannelState *ts, + struct GNUNET_TUN_IPv4Header *ipp, + struct GNUNET_TUN_UdpHeader *udp) { - GNUNET_TUN_initialize_ipv4_header(ipp, - ts->protocol, - sizeof(struct GNUNET_TUN_TcpHeader), - &ts->source_ip.v4, - &ts->destination_ip.v4); - udp->source_port = htons(ts->source_port); - udp->destination_port = htons(ts->destination_port); - udp->len = htons(0); - udp->crc = htons(0); + GNUNET_TUN_initialize_ipv4_header (ipp, + ts->protocol, + sizeof(struct GNUNET_TUN_TcpHeader), + &ts->source_ip.v4, + &ts->destination_ip.v4); + udp->source_port = htons (ts->source_port); + udp->destination_port = htons (ts->destination_port); + udp->len = htons (0); + udp->crc = htons (0); } @@ -666,19 +676,19 @@ make_up_icmpv4_payload(struct ChannelState *ts, * also be the first 8 bytes of the TCP header */ static void -make_up_icmpv6_payload(struct ChannelState *ts, - struct GNUNET_TUN_IPv6Header *ipp, - struct GNUNET_TUN_UdpHeader *udp) +make_up_icmpv6_payload (struct ChannelState *ts, + struct GNUNET_TUN_IPv6Header *ipp, + struct GNUNET_TUN_UdpHeader *udp) { - GNUNET_TUN_initialize_ipv6_header(ipp, - ts->protocol, - sizeof(struct GNUNET_TUN_TcpHeader), - &ts->source_ip.v6, - &ts->destination_ip.v6); - udp->source_port = htons(ts->source_port); - udp->destination_port = htons(ts->destination_port); - udp->len = htons(0); - udp->crc = htons(0); + GNUNET_TUN_initialize_ipv6_header (ipp, + ts->protocol, + sizeof(struct GNUNET_TUN_TcpHeader), + &ts->source_ip.v6, + &ts->destination_ip.v6); + udp->source_port = htons (ts->source_port); + udp->destination_port = htons (ts->destination_port); + udp->len = htons (0); + udp->crc = htons (0); } @@ -691,20 +701,20 @@ make_up_icmpv6_payload(struct ChannelState *ts, * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_icmp_back(void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) +check_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) { struct ChannelState *ts = cls; if (NULL == ts->heap_node) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (AF_UNSPEC == ts->af) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -717,344 +727,344 @@ check_icmp_back(void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) * @param message the actual message */ static void -handle_icmp_back(void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) +handle_icmp_back (void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) { struct ChannelState *ts = cls; size_t mlen; - GNUNET_STATISTICS_update(stats, - gettext_noop("# ICMP packets received from cadet"), - 1, - GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# ICMP packets received from cadet"), + 1, + GNUNET_NO); mlen = - ntohs(i2v->header.size) - sizeof(struct GNUNET_EXIT_IcmpToVPNMessage); + ntohs (i2v->header.size) - sizeof(struct GNUNET_EXIT_IcmpToVPNMessage); { char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log( + GNUNET_log ( GNUNET_ERROR_TYPE_DEBUG, "Received ICMP packet from cadet, sending %u bytes from %s -> %s via TUN\n", - (unsigned int)mlen, - inet_ntop(ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), - inet_ntop(ts->af, &ts->source_ip, dbuf, sizeof(dbuf))); + (unsigned int) mlen, + inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), + inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof(dbuf))); } switch (ts->af) - { - case AF_INET: { - size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + - sizeof(struct GNUNET_TUN_IcmpHeader) + - sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; + { + case AF_INET: { + size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + + sizeof(struct GNUNET_TUN_IcmpHeader) + + sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; { /* reserve some extra space in case we have an ICMP type here where we will need to make up the payload ourselves */ char buf[size + sizeof(struct GNUNET_TUN_IPv4Header) + 8] GNUNET_ALIGN; - struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; + struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; struct GNUNET_TUN_Layer2PacketHeader *tun = - (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; + (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; struct GNUNET_TUN_IPv4Header *ipv4 = - (struct GNUNET_TUN_IPv4Header *)&tun[1]; + (struct GNUNET_TUN_IPv4Header *) &tun[1]; struct GNUNET_TUN_IcmpHeader *icmp = - (struct GNUNET_TUN_IcmpHeader *)&ipv4[1]; - msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - tun->flags = htons(0); - tun->proto = htons(ETH_P_IPV4); - GNUNET_TUN_initialize_ipv4_header(ipv4, - IPPROTO_ICMP, - sizeof(struct GNUNET_TUN_IcmpHeader) + - mlen, - &ts->destination_ip.v4, - &ts->source_ip.v4); + (struct GNUNET_TUN_IcmpHeader *) &ipv4[1]; + msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + tun->flags = htons (0); + tun->proto = htons (ETH_P_IPV4); + GNUNET_TUN_initialize_ipv4_header (ipv4, + IPPROTO_ICMP, + sizeof(struct GNUNET_TUN_IcmpHeader) + + mlen, + &ts->destination_ip.v4, + &ts->source_ip.v4); *icmp = i2v->icmp_header; - GNUNET_memcpy(&icmp[1], &i2v[1], mlen); + GNUNET_memcpy (&icmp[1], &i2v[1], mlen); /* For some ICMP types, we need to adjust (make up) the payload here. Also, depending on the AF used on the other side, we have to do ICMP PT (translate ICMP types) */ - switch (ntohl(i2v->af)) + switch (ntohl (i2v->af)) + { + case AF_INET: + switch (icmp->type) { - case AF_INET: - switch (icmp->type) + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: + break; + + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: { + struct GNUNET_TUN_IPv4Header *ipp = + (struct GNUNET_TUN_IPv4Header *) &icmp[1]; + struct GNUNET_TUN_UdpHeader *udp = + (struct GNUNET_TUN_UdpHeader *) &ipp[1]; + + if (mlen != 0) { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: { - struct GNUNET_TUN_IPv4Header *ipp = - (struct GNUNET_TUN_IPv4Header *)&icmp[1]; - struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - if (mlen != 0) - { - /* sender did not strip ICMP payload? */ - GNUNET_break_op(0); - return; - } - size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - make_up_icmpv4_payload(ts, ipp, udp); - } - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv4 packets dropped (type not allowed)"), - 1, - GNUNET_NO); + /* sender did not strip ICMP payload? */ + GNUNET_break_op (0); return; } - /* end AF_INET */ + size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + make_up_icmpv4_payload (ts, ipp, udp); + } break; - case AF_INET6: - /* ICMP PT 6-to-4 and possibly making up payloads */ - switch (icmp->type) + default: + GNUNET_break_op (0); + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), + 1, + GNUNET_NO); + return; + } + /* end AF_INET */ + break; + + case AF_INET6: + /* ICMP PT 6-to-4 and possibly making up payloads */ + switch (icmp->type) + { + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + icmp->type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; + { + struct GNUNET_TUN_IPv4Header *ipp = + (struct GNUNET_TUN_IPv4Header *) &icmp[1]; + struct GNUNET_TUN_UdpHeader *udp = + (struct GNUNET_TUN_UdpHeader *) &ipp[1]; + + if (mlen != 0) { - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - icmp->type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; - { - struct GNUNET_TUN_IPv4Header *ipp = - (struct GNUNET_TUN_IPv4Header *)&icmp[1]; - struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - if (mlen != 0) - { - /* sender did not strip ICMP payload? */ - GNUNET_break_op(0); - return; - } - size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - make_up_icmpv4_payload(ts, ipp, udp); - } - break; - - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - icmp->type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; - { - struct GNUNET_TUN_IPv4Header *ipp = - (struct GNUNET_TUN_IPv4Header *)&icmp[1]; - struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - if (mlen != 0) - { - /* sender did not strip ICMP payload? */ - GNUNET_break_op(0); - return; - } - size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - make_up_icmpv4_payload(ts, ipp, udp); - } - break; - - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), - 1, - GNUNET_NO); + /* sender did not strip ICMP payload? */ + GNUNET_break_op (0); return; + } + size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + make_up_icmpv4_payload (ts, ipp, udp); + } + break; + + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + icmp->type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; + { + struct GNUNET_TUN_IPv4Header *ipp = + (struct GNUNET_TUN_IPv4Header *) &icmp[1]; + struct GNUNET_TUN_UdpHeader *udp = + (struct GNUNET_TUN_UdpHeader *) &ipp[1]; - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: - icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv6 packets dropped (type not allowed)"), - 1, - GNUNET_NO); + if (mlen != 0) + { + /* sender did not strip ICMP payload? */ + GNUNET_break_op (0); return; } - /* end AF_INET6 */ + size += sizeof(struct GNUNET_TUN_IPv4Header) + 8; + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + make_up_icmpv4_payload (ts, ipp, udp); + } + break; + + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), + 1, + GNUNET_NO); + return; + + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: + icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; + break; + + case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: + icmp->type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; break; default: - GNUNET_break_op(0); + GNUNET_break_op (0); + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), + 1, + GNUNET_NO); return; } - msg->size = htons(size); - GNUNET_TUN_calculate_icmp_checksum(icmp, &i2v[1], mlen); - (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); + /* end AF_INET6 */ + break; + + default: + GNUNET_break_op (0); + return; + } + msg->size = htons (size); + GNUNET_TUN_calculate_icmp_checksum (icmp, &i2v[1], mlen); + (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); } } break; - case AF_INET6: { - size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + - sizeof(struct GNUNET_TUN_IcmpHeader) + - sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; + case AF_INET6: { + size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + + sizeof(struct GNUNET_TUN_IcmpHeader) + + sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; { char buf[size + sizeof(struct GNUNET_TUN_IPv6Header) + 8] GNUNET_ALIGN; - struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; + struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; struct GNUNET_TUN_Layer2PacketHeader *tun = - (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; + (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; struct GNUNET_TUN_IPv6Header *ipv6 = - (struct GNUNET_TUN_IPv6Header *)&tun[1]; + (struct GNUNET_TUN_IPv6Header *) &tun[1]; struct GNUNET_TUN_IcmpHeader *icmp = - (struct GNUNET_TUN_IcmpHeader *)&ipv6[1]; - msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - tun->flags = htons(0); - tun->proto = htons(ETH_P_IPV6); - GNUNET_TUN_initialize_ipv6_header(ipv6, - IPPROTO_ICMPV6, - sizeof(struct GNUNET_TUN_IcmpHeader) + - mlen, - &ts->destination_ip.v6, - &ts->source_ip.v6); + (struct GNUNET_TUN_IcmpHeader *) &ipv6[1]; + msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + tun->flags = htons (0); + tun->proto = htons (ETH_P_IPV6); + GNUNET_TUN_initialize_ipv6_header (ipv6, + IPPROTO_ICMPV6, + sizeof(struct GNUNET_TUN_IcmpHeader) + + mlen, + &ts->destination_ip.v6, + &ts->source_ip.v6); *icmp = i2v->icmp_header; - GNUNET_memcpy(&icmp[1], &i2v[1], mlen); + GNUNET_memcpy (&icmp[1], &i2v[1], mlen); /* For some ICMP types, we need to adjust (make up) the payload here. Also, depending on the AF used on the other side, we have to do ICMP PT (translate ICMP types) */ - switch (ntohl(i2v->af)) + switch (ntohl (i2v->af)) + { + case AF_INET: + /* ICMP PT 4-to-6 and possibly making up payloads */ + switch (icmp->type) { - case AF_INET: - /* ICMP PT 4-to-6 and possibly making up payloads */ - switch (icmp->type) + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; + break; + + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: + icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; + break; + + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + icmp->type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; + { + struct GNUNET_TUN_IPv6Header *ipp = + (struct GNUNET_TUN_IPv6Header *) &icmp[1]; + struct GNUNET_TUN_UdpHeader *udp = + (struct GNUNET_TUN_UdpHeader *) &ipp[1]; + + if (mlen != 0) { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; - break; - - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - icmp->type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - icmp->type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; - { - struct GNUNET_TUN_IPv6Header *ipp = - (struct GNUNET_TUN_IPv6Header *)&icmp[1]; - struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - if (mlen != 0) - { - /* sender did not strip ICMP payload? */ - GNUNET_break_op(0); - return; - } - size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - make_up_icmpv6_payload(ts, ipp, udp); - } - break; - - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: - icmp->type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; - { - struct GNUNET_TUN_IPv6Header *ipp = - (struct GNUNET_TUN_IPv6Header *)&icmp[1]; - struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - if (mlen != 0) - { - /* sender did not strip ICMP payload? */ - GNUNET_break_op(0); - return; - } - size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - make_up_icmpv6_payload(ts, ipp, udp); - } - break; - - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv4 packets dropped (impossible PT to v6)"), - 1, - GNUNET_NO); + /* sender did not strip ICMP payload? */ + GNUNET_break_op (0); return; + } + size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + make_up_icmpv6_payload (ts, ipp, udp); + } + break; + + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: + icmp->type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; + { + struct GNUNET_TUN_IPv6Header *ipp = + (struct GNUNET_TUN_IPv6Header *) &icmp[1]; + struct GNUNET_TUN_UdpHeader *udp = + (struct GNUNET_TUN_UdpHeader *) &ipp[1]; - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv4 packets dropped (type not allowed)"), - 1, - GNUNET_NO); + if (mlen != 0) + { + /* sender did not strip ICMP payload? */ + GNUNET_break_op (0); return; } - /* end AF_INET */ + size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + make_up_icmpv6_payload (ts, ipp, udp); + } break; - case AF_INET6: - switch (icmp->type) + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"), + 1, + GNUNET_NO); + return; + + default: + GNUNET_break_op (0); + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), + 1, + GNUNET_NO); + return; + } + /* end AF_INET */ + break; + + case AF_INET6: + switch (icmp->type) + { + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: { + struct GNUNET_TUN_IPv6Header *ipp = + (struct GNUNET_TUN_IPv6Header *) &icmp[1]; + struct GNUNET_TUN_UdpHeader *udp = + (struct GNUNET_TUN_UdpHeader *) &ipp[1]; + + if (mlen != 0) { - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: { - struct GNUNET_TUN_IPv6Header *ipp = - (struct GNUNET_TUN_IPv6Header *)&icmp[1]; - struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipp[1]; - - if (mlen != 0) - { - /* sender did not strip ICMP payload? */ - GNUNET_break_op(0); - return; - } - size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; - GNUNET_assert(8 == sizeof(struct GNUNET_TUN_UdpHeader)); - make_up_icmpv6_payload(ts, ipp, udp); - } - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - break; - - default: - GNUNET_break_op(0); - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv6 packets dropped (type not allowed)"), - 1, - GNUNET_NO); + /* sender did not strip ICMP payload? */ + GNUNET_break_op (0); return; } - /* end AF_INET6 */ + size += sizeof(struct GNUNET_TUN_IPv6Header) + 8; + GNUNET_assert (8 == sizeof(struct GNUNET_TUN_UdpHeader)); + make_up_icmpv6_payload (ts, ipp, udp); + } + break; + + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: break; default: - GNUNET_break_op(0); + GNUNET_break_op (0); + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), + 1, + GNUNET_NO); return; } - msg->size = htons(size); - GNUNET_TUN_calculate_icmp_checksum(icmp, &i2v[1], mlen); - (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); + /* end AF_INET6 */ + break; + + default: + GNUNET_break_op (0); + return; + } + msg->size = htons (size); + GNUNET_TUN_calculate_icmp_checksum (icmp, &i2v[1], mlen); + (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); } } break; - default: - GNUNET_assert(0); - } - GNUNET_CONTAINER_heap_update_cost(ts->heap_node, - GNUNET_TIME_absolute_get().abs_value_us); - GNUNET_CADET_receive_done(ts->channel); + default: + GNUNET_assert (0); + } + GNUNET_CONTAINER_heap_update_cost (ts->heap_node, + GNUNET_TIME_absolute_get ().abs_value_us); + GNUNET_CADET_receive_done (ts->channel); } @@ -1067,20 +1077,20 @@ handle_icmp_back(void *cls, const struct GNUNET_EXIT_IcmpToVPNMessage *i2v) * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_udp_back(void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) +check_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) { struct ChannelState *ts = cls; if (NULL == ts->heap_node) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (AF_UNSPEC == ts->af) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1093,118 +1103,118 @@ check_udp_back(void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) * @param reply the actual message */ static void -handle_udp_back(void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) +handle_udp_back (void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) { struct ChannelState *ts = cls; size_t mlen; - GNUNET_STATISTICS_update(stats, - gettext_noop("# UDP packets received from cadet"), - 1, - GNUNET_NO); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# UDP packets received from cadet"), + 1, + GNUNET_NO); mlen = - ntohs(reply->header.size) - sizeof(struct GNUNET_EXIT_UdpReplyMessage); + ntohs (reply->header.size) - sizeof(struct GNUNET_EXIT_UdpReplyMessage); { char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log( + GNUNET_log ( GNUNET_ERROR_TYPE_DEBUG, "Received UDP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", - (unsigned int)mlen, - inet_ntop(ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), + (unsigned int) mlen, + inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), ts->destination_port, - inet_ntop(ts->af, &ts->source_ip, dbuf, sizeof(dbuf)), + inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof(dbuf)), ts->source_port); } switch (ts->af) - { - case AF_INET: { - size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + - sizeof(struct GNUNET_TUN_UdpHeader) + - sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; + { + case AF_INET: { + size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + + sizeof(struct GNUNET_TUN_UdpHeader) + + sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; { char buf[size] GNUNET_ALIGN; - struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; + struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; struct GNUNET_TUN_Layer2PacketHeader *tun = - (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; + (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; struct GNUNET_TUN_IPv4Header *ipv4 = - (struct GNUNET_TUN_IPv4Header *)&tun[1]; + (struct GNUNET_TUN_IPv4Header *) &tun[1]; struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipv4[1]; - msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - msg->size = htons(size); - tun->flags = htons(0); - tun->proto = htons(ETH_P_IPV4); - GNUNET_TUN_initialize_ipv4_header(ipv4, - IPPROTO_UDP, - sizeof(struct GNUNET_TUN_UdpHeader) + - mlen, - &ts->destination_ip.v4, - &ts->source_ip.v4); - if (0 == ntohs(reply->source_port)) - udp->source_port = htons(ts->destination_port); + (struct GNUNET_TUN_UdpHeader *) &ipv4[1]; + msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + msg->size = htons (size); + tun->flags = htons (0); + tun->proto = htons (ETH_P_IPV4); + GNUNET_TUN_initialize_ipv4_header (ipv4, + IPPROTO_UDP, + sizeof(struct GNUNET_TUN_UdpHeader) + + mlen, + &ts->destination_ip.v4, + &ts->source_ip.v4); + if (0 == ntohs (reply->source_port)) + udp->source_port = htons (ts->destination_port); else udp->source_port = reply->source_port; - if (0 == ntohs(reply->destination_port)) - udp->destination_port = htons(ts->source_port); + if (0 == ntohs (reply->destination_port)) + udp->destination_port = htons (ts->source_port); else udp->destination_port = reply->destination_port; - udp->len = htons(mlen + sizeof(struct GNUNET_TUN_UdpHeader)); - GNUNET_TUN_calculate_udp4_checksum(ipv4, udp, &reply[1], mlen); - GNUNET_memcpy(&udp[1], &reply[1], mlen); - (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); + udp->len = htons (mlen + sizeof(struct GNUNET_TUN_UdpHeader)); + GNUNET_TUN_calculate_udp4_checksum (ipv4, udp, &reply[1], mlen); + GNUNET_memcpy (&udp[1], &reply[1], mlen); + (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); } } break; - case AF_INET6: { - size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + - sizeof(struct GNUNET_TUN_UdpHeader) + - sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; + case AF_INET6: { + size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + + sizeof(struct GNUNET_TUN_UdpHeader) + + sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; { char buf[size] GNUNET_ALIGN; - struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; + struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; struct GNUNET_TUN_Layer2PacketHeader *tun = - (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; + (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; struct GNUNET_TUN_IPv6Header *ipv6 = - (struct GNUNET_TUN_IPv6Header *)&tun[1]; + (struct GNUNET_TUN_IPv6Header *) &tun[1]; struct GNUNET_TUN_UdpHeader *udp = - (struct GNUNET_TUN_UdpHeader *)&ipv6[1]; - msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - msg->size = htons(size); - tun->flags = htons(0); - tun->proto = htons(ETH_P_IPV6); - GNUNET_TUN_initialize_ipv6_header(ipv6, - IPPROTO_UDP, - sizeof(struct GNUNET_TUN_UdpHeader) + - mlen, - &ts->destination_ip.v6, - &ts->source_ip.v6); - if (0 == ntohs(reply->source_port)) - udp->source_port = htons(ts->destination_port); + (struct GNUNET_TUN_UdpHeader *) &ipv6[1]; + msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + msg->size = htons (size); + tun->flags = htons (0); + tun->proto = htons (ETH_P_IPV6); + GNUNET_TUN_initialize_ipv6_header (ipv6, + IPPROTO_UDP, + sizeof(struct GNUNET_TUN_UdpHeader) + + mlen, + &ts->destination_ip.v6, + &ts->source_ip.v6); + if (0 == ntohs (reply->source_port)) + udp->source_port = htons (ts->destination_port); else udp->source_port = reply->source_port; - if (0 == ntohs(reply->destination_port)) - udp->destination_port = htons(ts->source_port); + if (0 == ntohs (reply->destination_port)) + udp->destination_port = htons (ts->source_port); else udp->destination_port = reply->destination_port; - udp->len = htons(mlen + sizeof(struct GNUNET_TUN_UdpHeader)); - GNUNET_TUN_calculate_udp6_checksum(ipv6, udp, &reply[1], mlen); - GNUNET_memcpy(&udp[1], &reply[1], mlen); - (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); + udp->len = htons (mlen + sizeof(struct GNUNET_TUN_UdpHeader)); + GNUNET_TUN_calculate_udp6_checksum (ipv6, udp, &reply[1], mlen); + GNUNET_memcpy (&udp[1], &reply[1], mlen); + (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); } } break; - default: - GNUNET_assert(0); - } - GNUNET_CONTAINER_heap_update_cost(ts->heap_node, - GNUNET_TIME_absolute_get().abs_value_us); - GNUNET_CADET_receive_done(ts->channel); + default: + GNUNET_assert (0); + } + GNUNET_CONTAINER_heap_update_cost (ts->heap_node, + GNUNET_TIME_absolute_get ().abs_value_us); + GNUNET_CADET_receive_done (ts->channel); } @@ -1217,20 +1227,20 @@ handle_udp_back(void *cls, const struct GNUNET_EXIT_UdpReplyMessage *reply) * #GNUNET_SYSERR to close it (signal serious error) */ static int -check_tcp_back(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) +check_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) { struct ChannelState *ts = cls; if (NULL == ts->heap_node) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } if (data->tcp_header.off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) - { - GNUNET_break_op(0); - return GNUNET_SYSERR; - } + { + GNUNET_break_op (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -1243,102 +1253,102 @@ check_tcp_back(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) * @param data the actual message */ static void -handle_tcp_back(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) +handle_tcp_back (void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) { struct ChannelState *ts = cls; size_t mlen; - GNUNET_STATISTICS_update(stats, - gettext_noop("# TCP packets received from cadet"), - 1, - GNUNET_NO); - mlen = ntohs(data->header.size) - sizeof(struct GNUNET_EXIT_TcpDataMessage); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# TCP packets received from cadet"), + 1, + GNUNET_NO); + mlen = ntohs (data->header.size) - sizeof(struct GNUNET_EXIT_TcpDataMessage); { char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log( + GNUNET_log ( GNUNET_ERROR_TYPE_DEBUG, "Received TCP reply from cadet, sending %u bytes from [%s]:%u -> [%s]:%u via TUN\n", - (unsigned int)mlen, - inet_ntop(ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), + (unsigned int) mlen, + inet_ntop (ts->af, &ts->destination_ip, sbuf, sizeof(sbuf)), ts->destination_port, - inet_ntop(ts->af, &ts->source_ip, dbuf, sizeof(dbuf)), + inet_ntop (ts->af, &ts->source_ip, dbuf, sizeof(dbuf)), ts->source_port); } switch (ts->af) - { - case AF_INET: { - size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + - sizeof(struct GNUNET_TUN_TcpHeader) + - sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; + { + case AF_INET: { + size_t size = sizeof(struct GNUNET_TUN_IPv4Header) + + sizeof(struct GNUNET_TUN_TcpHeader) + + sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; { char buf[size] GNUNET_ALIGN; - struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; + struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; struct GNUNET_TUN_Layer2PacketHeader *tun = - (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; + (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; struct GNUNET_TUN_IPv4Header *ipv4 = - (struct GNUNET_TUN_IPv4Header *)&tun[1]; + (struct GNUNET_TUN_IPv4Header *) &tun[1]; struct GNUNET_TUN_TcpHeader *tcp = - (struct GNUNET_TUN_TcpHeader *)&ipv4[1]; - msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - msg->size = htons(size); - tun->flags = htons(0); - tun->proto = htons(ETH_P_IPV4); - GNUNET_TUN_initialize_ipv4_header(ipv4, - IPPROTO_TCP, - sizeof(struct GNUNET_TUN_TcpHeader) + - mlen, - &ts->destination_ip.v4, - &ts->source_ip.v4); + (struct GNUNET_TUN_TcpHeader *) &ipv4[1]; + msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + msg->size = htons (size); + tun->flags = htons (0); + tun->proto = htons (ETH_P_IPV4); + GNUNET_TUN_initialize_ipv4_header (ipv4, + IPPROTO_TCP, + sizeof(struct GNUNET_TUN_TcpHeader) + + mlen, + &ts->destination_ip.v4, + &ts->source_ip.v4); *tcp = data->tcp_header; - tcp->source_port = htons(ts->destination_port); - tcp->destination_port = htons(ts->source_port); - GNUNET_TUN_calculate_tcp4_checksum(ipv4, tcp, &data[1], mlen); - GNUNET_memcpy(&tcp[1], &data[1], mlen); - (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); + tcp->source_port = htons (ts->destination_port); + tcp->destination_port = htons (ts->source_port); + GNUNET_TUN_calculate_tcp4_checksum (ipv4, tcp, &data[1], mlen); + GNUNET_memcpy (&tcp[1], &data[1], mlen); + (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); } } break; - case AF_INET6: { - size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + - sizeof(struct GNUNET_TUN_TcpHeader) + - sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; + case AF_INET6: { + size_t size = sizeof(struct GNUNET_TUN_IPv6Header) + + sizeof(struct GNUNET_TUN_TcpHeader) + + sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader) + mlen; { char buf[size] GNUNET_ALIGN; - struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *)buf; + struct GNUNET_MessageHeader *msg = (struct GNUNET_MessageHeader *) buf; struct GNUNET_TUN_Layer2PacketHeader *tun = - (struct GNUNET_TUN_Layer2PacketHeader *)&msg[1]; + (struct GNUNET_TUN_Layer2PacketHeader *) &msg[1]; struct GNUNET_TUN_IPv6Header *ipv6 = - (struct GNUNET_TUN_IPv6Header *)&tun[1]; + (struct GNUNET_TUN_IPv6Header *) &tun[1]; struct GNUNET_TUN_TcpHeader *tcp = - (struct GNUNET_TUN_TcpHeader *)&ipv6[1]; - msg->type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER); - msg->size = htons(size); - tun->flags = htons(0); - tun->proto = htons(ETH_P_IPV6); - GNUNET_TUN_initialize_ipv6_header(ipv6, - IPPROTO_TCP, - sizeof(struct GNUNET_TUN_TcpHeader) + - mlen, - &ts->destination_ip.v6, - &ts->source_ip.v6); + (struct GNUNET_TUN_TcpHeader *) &ipv6[1]; + msg->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER); + msg->size = htons (size); + tun->flags = htons (0); + tun->proto = htons (ETH_P_IPV6); + GNUNET_TUN_initialize_ipv6_header (ipv6, + IPPROTO_TCP, + sizeof(struct GNUNET_TUN_TcpHeader) + + mlen, + &ts->destination_ip.v6, + &ts->source_ip.v6); *tcp = data->tcp_header; - tcp->source_port = htons(ts->destination_port); - tcp->destination_port = htons(ts->source_port); - GNUNET_TUN_calculate_tcp6_checksum(ipv6, tcp, &data[1], mlen); - GNUNET_memcpy(&tcp[1], &data[1], mlen); - (void)GNUNET_HELPER_send(helper_handle, msg, GNUNET_YES, NULL, NULL); + tcp->source_port = htons (ts->destination_port); + tcp->destination_port = htons (ts->source_port); + GNUNET_TUN_calculate_tcp6_checksum (ipv6, tcp, &data[1], mlen); + GNUNET_memcpy (&tcp[1], &data[1], mlen); + (void) GNUNET_HELPER_send (helper_handle, msg, GNUNET_YES, NULL, NULL); } } break; - } - GNUNET_CONTAINER_heap_update_cost(ts->heap_node, - GNUNET_TIME_absolute_get().abs_value_us); - GNUNET_CADET_receive_done(ts->channel); + } + GNUNET_CONTAINER_heap_update_cost (ts->heap_node, + GNUNET_TIME_absolute_get ().abs_value_us); + GNUNET_CADET_receive_done (ts->channel); } @@ -1351,32 +1361,32 @@ handle_tcp_back(void *cls, const struct GNUNET_EXIT_TcpDataMessage *data) * @return the channel handle */ static struct GNUNET_CADET_Channel * -create_channel(struct ChannelState *ts, - const struct GNUNET_PeerIdentity *target, - const struct GNUNET_HashCode *port) +create_channel (struct ChannelState *ts, + const struct GNUNET_PeerIdentity *target, + const struct GNUNET_HashCode *port) { struct GNUNET_MQ_MessageHandler cadet_handlers[] = - { GNUNET_MQ_hd_var_size(udp_back, - GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY, - struct GNUNET_EXIT_UdpReplyMessage, - ts), - GNUNET_MQ_hd_var_size(tcp_back, - GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN, - struct GNUNET_EXIT_TcpDataMessage, - ts), - GNUNET_MQ_hd_var_size(icmp_back, - GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN, - struct GNUNET_EXIT_IcmpToVPNMessage, - ts), - GNUNET_MQ_handler_end() }; - - return GNUNET_CADET_channel_create(cadet_handle, - ts, - target, - port, - NULL, - &channel_cleaner, - cadet_handlers); + { GNUNET_MQ_hd_var_size (udp_back, + GNUNET_MESSAGE_TYPE_VPN_UDP_REPLY, + struct GNUNET_EXIT_UdpReplyMessage, + ts), + GNUNET_MQ_hd_var_size (tcp_back, + GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_VPN, + struct GNUNET_EXIT_TcpDataMessage, + ts), + GNUNET_MQ_hd_var_size (icmp_back, + GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_VPN, + struct GNUNET_EXIT_IcmpToVPNMessage, + ts), + GNUNET_MQ_handler_end () }; + + return GNUNET_CADET_channel_create (cadet_handle, + ts, + target, + port, + NULL, + &channel_cleaner, + cadet_handlers); } @@ -1391,47 +1401,47 @@ create_channel(struct ChannelState *ts, * @param put_path_length Length of the @a put_path. */ static void -handle_regex_result(void *cls, - const struct GNUNET_PeerIdentity *id, - const struct GNUNET_PeerIdentity *get_path, - unsigned int get_path_length, - const struct GNUNET_PeerIdentity *put_path, - unsigned int put_path_length) +handle_regex_result (void *cls, + const struct GNUNET_PeerIdentity *id, + const struct GNUNET_PeerIdentity *get_path, + unsigned int get_path_length, + const struct GNUNET_PeerIdentity *put_path, + unsigned int put_path_length) { struct ChannelState *ts = cls; struct GNUNET_HashCode port; - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - "Exit %s found for destination %s!\n", - GNUNET_i2s(id), - print_channel_destination(&ts->destination)); - GNUNET_REGEX_search_cancel(ts->search); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Exit %s found for destination %s!\n", + GNUNET_i2s (id), + print_channel_destination (&ts->destination)); + GNUNET_REGEX_search_cancel (ts->search); ts->search = NULL; switch (ts->af) - { - case AF_INET: - /* these must match the strings used in gnunet-daemon-exit */ - GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_IPV4_GATEWAY, - strlen(GNUNET_APPLICATION_PORT_IPV4_GATEWAY), - &port); - break; + { + case AF_INET: + /* these must match the strings used in gnunet-daemon-exit */ + GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV4_GATEWAY, + strlen (GNUNET_APPLICATION_PORT_IPV4_GATEWAY), + &port); + break; - case AF_INET6: - /* these must match the strings used in gnunet-daemon-exit */ - GNUNET_CRYPTO_hash(GNUNET_APPLICATION_PORT_IPV6_GATEWAY, - strlen(GNUNET_APPLICATION_PORT_IPV6_GATEWAY), - &port); - break; + case AF_INET6: + /* these must match the strings used in gnunet-daemon-exit */ + GNUNET_CRYPTO_hash (GNUNET_APPLICATION_PORT_IPV6_GATEWAY, + strlen (GNUNET_APPLICATION_PORT_IPV6_GATEWAY), + &port); + break; - default: - GNUNET_break(0); - return; - } - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - "Creating tunnel to %s for destination %s!\n", - GNUNET_i2s(id), - print_channel_destination(&ts->destination)); - ts->channel = create_channel(ts, id, &port); + default: + GNUNET_break (0); + return; + } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Creating tunnel to %s for destination %s!\n", + GNUNET_i2s (id), + print_channel_destination (&ts->destination)); + ts->channel = create_channel (ts, id, &port); } @@ -1443,92 +1453,92 @@ handle_regex_result(void *cls, * @return channel state of the channel that was created */ static struct ChannelState * -create_channel_to_destination(struct DestinationChannel *dt, int client_af) +create_channel_to_destination (struct DestinationChannel *dt, int client_af) { struct ChannelState *ts; - GNUNET_STATISTICS_update(stats, - gettext_noop("# Cadet channels created"), - 1, - GNUNET_NO); - ts = GNUNET_new(struct ChannelState); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Cadet channels created"), + 1, + GNUNET_NO); + ts = GNUNET_new (struct ChannelState); ts->af = client_af; ts->destination = *dt->destination; ts->destination.heap_node = NULL; /* copy is NOT in destination heap */ ts->destination_port = dt->destination_port; if (dt->destination->is_service) + { + struct GNUNET_HashCode cadet_port; + + GNUNET_TUN_compute_service_cadet_port (&ts->destination.details + .service_destination + .service_descriptor, + ts->destination_port, + &cadet_port); + ts->channel = + create_channel (ts, + &dt->destination->details.service_destination.target, + &cadet_port); + + if (NULL == ts->channel) { - struct GNUNET_HashCode cadet_port; - - GNUNET_TUN_compute_service_cadet_port(&ts->destination.details - .service_destination - .service_descriptor, - ts->destination_port, - &cadet_port); - ts->channel = - create_channel(ts, - &dt->destination->details.service_destination.target, - &cadet_port); - - if (NULL == ts->channel) - { - GNUNET_break(0); - GNUNET_free(ts); - return NULL; - } - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Creating channel to peer %s offering service %s on port %u\n", - GNUNET_i2s( - &dt->destination->details.service_destination.target), - GNUNET_h2s(&ts->destination.details.service_destination + GNUNET_break (0); + GNUNET_free (ts); + return NULL; + } + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Creating channel to peer %s offering service %s on port %u\n", + GNUNET_i2s ( + &dt->destination->details.service_destination.target), + GNUNET_h2s (&ts->destination.details.service_destination .service_descriptor), - (unsigned int)ts->destination_port); - } + (unsigned int) ts->destination_port); + } else - { - char *policy; - - switch (dt->destination->details.exit_destination.af) - { - case AF_INET: { - char address[GNUNET_TUN_IPV4_REGEXLEN]; - - GNUNET_TUN_ipv4toregexsearch(&dt->destination->details.exit_destination - .ip.v4, - dt->destination_port, - address); - GNUNET_asprintf(&policy, - "%s%s", - GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, - address); - break; - } + { + char *policy; - case AF_INET6: { - char address[GNUNET_TUN_IPV6_REGEXLEN]; - - GNUNET_TUN_ipv6toregexsearch(&dt->destination->details.exit_destination - .ip.v6, - dt->destination_port, - address); - GNUNET_asprintf(&policy, - "%s%s", - GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, - address); - break; - } + switch (dt->destination->details.exit_destination.af) + { + case AF_INET: { + char address[GNUNET_TUN_IPV4_REGEXLEN]; + + GNUNET_TUN_ipv4toregexsearch (&dt->destination->details.exit_destination + .ip.v4, + dt->destination_port, + address); + GNUNET_asprintf (&policy, + "%s%s", + GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, + address); + break; + } - default: - GNUNET_assert(0); - break; - } + case AF_INET6: { + char address[GNUNET_TUN_IPV6_REGEXLEN]; + + GNUNET_TUN_ipv6toregexsearch (&dt->destination->details.exit_destination + .ip.v6, + dt->destination_port, + address); + GNUNET_asprintf (&policy, + "%s%s", + GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX, + address); + break; + } - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Requesting connect by string: %s\n", - policy); - ts->search = GNUNET_REGEX_search(cfg, policy, &handle_regex_result, ts); - GNUNET_free(policy); + default: + GNUNET_assert (0); + break; } + + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Requesting connect by string: %s\n", + policy); + ts->search = GNUNET_REGEX_search (cfg, policy, &handle_regex_result, ts); + GNUNET_free (policy); + } return ts; } @@ -1539,18 +1549,18 @@ create_channel_to_destination(struct DestinationChannel *dt, int client_af) * @param except channel that must NOT be cleaned up, even if it is the oldest */ static void -expire_channel(struct ChannelState *except) +expire_channel (struct ChannelState *except) { struct ChannelState *ts; - ts = GNUNET_CONTAINER_heap_peek(channel_heap); - GNUNET_assert(NULL != ts); + ts = GNUNET_CONTAINER_heap_peek (channel_heap); + GNUNET_assert (NULL != ts); if (except == ts) return; /* can't do this */ - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Tearing down expired channel to %s\n", - print_channel_destination(&except->destination)); - free_channel_state(ts); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Tearing down expired channel to %s\n", + print_channel_destination (&except->destination)); + free_channel_state (ts); } @@ -1566,13 +1576,13 @@ expire_channel(struct ChannelState *except) * @param payload_length number of bytes in @a payload */ static void -route_packet(struct DestinationEntry *destination, - int af, - uint8_t protocol, - const void *source_ip, - const void *destination_ip, - const void *payload, - size_t payload_length) +route_packet (struct DestinationEntry *destination, + int af, + uint8_t protocol, + const void *source_ip, + const void *destination_ip, + const void *payload, + size_t payload_length) { struct GNUNET_HashCode key; struct ChannelState *ts; @@ -1587,663 +1597,663 @@ route_packet(struct DestinationEntry *destination, uint16_t destination_port; switch (protocol) - { - case IPPROTO_UDP: { + { + case IPPROTO_UDP: { if (payload_length < sizeof(struct GNUNET_TUN_UdpHeader)) - { - /* blame kernel? */ - GNUNET_break(0); - return; - } + { + /* blame kernel? */ + GNUNET_break (0); + return; + } tcp = NULL; /* make compiler happy */ icmp = NULL; /* make compiler happy */ udp = payload; if (udp->len < sizeof(struct GNUNET_TUN_UdpHeader)) - { - GNUNET_break_op(0); - return; - } - source_port = ntohs(udp->source_port); - destination_port = ntohs(udp->destination_port); - get_channel_key_from_ips(af, - IPPROTO_UDP, - source_ip, - source_port, - destination_ip, - destination_port, - &key); + { + GNUNET_break_op (0); + return; + } + source_port = ntohs (udp->source_port); + destination_port = ntohs (udp->destination_port); + get_channel_key_from_ips (af, + IPPROTO_UDP, + source_ip, + source_port, + destination_ip, + destination_port, + &key); } break; - case IPPROTO_TCP: { + case IPPROTO_TCP: { if (payload_length < sizeof(struct GNUNET_TUN_TcpHeader)) - { - /* blame kernel? */ - GNUNET_break(0); - return; - } + { + /* blame kernel? */ + GNUNET_break (0); + return; + } udp = NULL; /* make compiler happy */ icmp = NULL; /* make compiler happy */ tcp = payload; if (tcp->off * 4 < sizeof(struct GNUNET_TUN_TcpHeader)) - { - GNUNET_break_op(0); - return; - } - source_port = ntohs(tcp->source_port); - destination_port = ntohs(tcp->destination_port); - get_channel_key_from_ips(af, - IPPROTO_TCP, - source_ip, - source_port, - destination_ip, - destination_port, - &key); + { + GNUNET_break_op (0); + return; + } + source_port = ntohs (tcp->source_port); + destination_port = ntohs (tcp->destination_port); + get_channel_key_from_ips (af, + IPPROTO_TCP, + source_ip, + source_port, + destination_ip, + destination_port, + &key); } break; - case IPPROTO_ICMP: - case IPPROTO_ICMPV6: { + case IPPROTO_ICMP: + case IPPROTO_ICMPV6: { if ((AF_INET == af) ^ (protocol == IPPROTO_ICMP)) - { - GNUNET_break(0); - return; - } + { + GNUNET_break (0); + return; + } if (payload_length < sizeof(struct GNUNET_TUN_IcmpHeader)) - { - /* blame kernel? */ - GNUNET_break(0); - return; - } + { + /* blame kernel? */ + GNUNET_break (0); + return; + } tcp = NULL; /* make compiler happy */ udp = NULL; /* make compiler happy */ icmp = payload; source_port = 0; destination_port = 0; - get_channel_key_from_ips(af, - protocol, - source_ip, - 0, - destination_ip, - 0, - &key); + get_channel_key_from_ips (af, + protocol, + source_ip, + 0, + destination_ip, + 0, + &key); } break; - default: - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _("Protocol %u not supported, dropping\n"), - (unsigned int)protocol); - return; - } + default: + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ("Protocol %u not supported, dropping\n"), + (unsigned int) protocol); + return; + } alen = 0; - if (!destination->is_service) + if (! destination->is_service) + { + switch (destination->details.exit_destination.af) { - switch (destination->details.exit_destination.af) - { - case AF_INET: - alen = sizeof(struct in_addr); - break; - - case AF_INET6: - alen = sizeof(struct in6_addr); - break; + case AF_INET: + alen = sizeof(struct in_addr); + break; - default: - GNUNET_assert(0); - } + case AF_INET6: + alen = sizeof(struct in6_addr); + break; - { - char sbuf[INET6_ADDRSTRLEN]; - char dbuf[INET6_ADDRSTRLEN]; - char xbuf[INET6_ADDRSTRLEN]; - - GNUNET_log( - GNUNET_ERROR_TYPE_DEBUG, - "Routing %s packet from [%s]:%u -> [%s]:%u to destination [%s]:%u\n", - (protocol == IPPROTO_TCP) ? "TCP" : "UDP", - inet_ntop(af, source_ip, sbuf, sizeof(sbuf)), - source_port, - inet_ntop(af, destination_ip, dbuf, sizeof(dbuf)), - destination_port, - inet_ntop(destination->details.exit_destination.af, - &destination->details.exit_destination.ip, - xbuf, - sizeof(xbuf)), - destination_port); - } - for (dt = destination->dt_head; NULL != dt; dt = dt->next) - if (dt->destination_port == destination_port) - break; + default: + GNUNET_assert (0); } + + { + char sbuf[INET6_ADDRSTRLEN]; + char dbuf[INET6_ADDRSTRLEN]; + char xbuf[INET6_ADDRSTRLEN]; + + GNUNET_log ( + GNUNET_ERROR_TYPE_DEBUG, + "Routing %s packet from [%s]:%u -> [%s]:%u to destination [%s]:%u\n", + (protocol == IPPROTO_TCP) ? "TCP" : "UDP", + inet_ntop (af, source_ip, sbuf, sizeof(sbuf)), + source_port, + inet_ntop (af, destination_ip, dbuf, sizeof(dbuf)), + destination_port, + inet_ntop (destination->details.exit_destination.af, + &destination->details.exit_destination.ip, + xbuf, + sizeof(xbuf)), + destination_port); + } + for (dt = destination->dt_head; NULL != dt; dt = dt->next) + if (dt->destination_port == destination_port) + break; + } else + { { - { - char sbuf[INET6_ADDRSTRLEN]; - char dbuf[INET6_ADDRSTRLEN]; - - GNUNET_log( - GNUNET_ERROR_TYPE_DEBUG, - "Routing %s packet from [%s]:%u -> [%s]:%u to service %s at peer %s\n", - (protocol == IPPROTO_TCP) ? "TCP" : "UDP", - inet_ntop(af, source_ip, sbuf, sizeof(sbuf)), - source_port, - inet_ntop(af, destination_ip, dbuf, sizeof(dbuf)), - destination_port, - GNUNET_h2s( - &destination->details.service_destination.service_descriptor), - GNUNET_i2s(&destination->details.service_destination.target)); - } - for (dt = destination->dt_head; NULL != dt; dt = dt->next) - if (dt->destination_port == destination_port) - break; - } + char sbuf[INET6_ADDRSTRLEN]; + char dbuf[INET6_ADDRSTRLEN]; + + GNUNET_log ( + GNUNET_ERROR_TYPE_DEBUG, + "Routing %s packet from [%s]:%u -> [%s]:%u to service %s at peer %s\n", + (protocol == IPPROTO_TCP) ? "TCP" : "UDP", + inet_ntop (af, source_ip, sbuf, sizeof(sbuf)), + source_port, + inet_ntop (af, destination_ip, dbuf, sizeof(dbuf)), + destination_port, + GNUNET_h2s ( + &destination->details.service_destination.service_descriptor), + GNUNET_i2s (&destination->details.service_destination.target)); + } + for (dt = destination->dt_head; NULL != dt; dt = dt->next) + if (dt->destination_port == destination_port) + break; + } if (NULL == dt) - { - dt = GNUNET_new(struct DestinationChannel); - dt->destination = destination; - GNUNET_CONTAINER_DLL_insert(destination->dt_head, - destination->dt_tail, - dt); - dt->destination_port = destination_port; - } + { + dt = GNUNET_new (struct DestinationChannel); + dt->destination = destination; + GNUNET_CONTAINER_DLL_insert (destination->dt_head, + destination->dt_tail, + dt); + dt->destination_port = destination_port; + } /* see if we have an existing channel for this destination */ - ts = GNUNET_CONTAINER_multihashmap_get(channel_map, &key); + ts = GNUNET_CONTAINER_multihashmap_get (channel_map, &key); if (NULL == ts) + { + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Creating new channel for key %s\n", + GNUNET_h2s (&key)); + /* need to either use the existing channel from the destination (if still + available) or create a fresh one */ + ts = create_channel_to_destination (dt, af); + if (NULL == ts) + return; + /* now bind existing "unbound" channel to our IP/port tuple */ + ts->protocol = protocol; + ts->af = af; + if (AF_INET == af) { - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Creating new channel for key %s\n", - GNUNET_h2s(&key)); - /* need to either use the existing channel from the destination (if still - available) or create a fresh one */ - ts = create_channel_to_destination(dt, af); - if (NULL == ts) - return; - /* now bind existing "unbound" channel to our IP/port tuple */ - ts->protocol = protocol; - ts->af = af; - if (AF_INET == af) - { - ts->source_ip.v4 = *(const struct in_addr *)source_ip; - ts->destination_ip.v4 = *(const struct in_addr *)destination_ip; - } - else - { - ts->source_ip.v6 = *(const struct in6_addr *)source_ip; - ts->destination_ip.v6 = *(const struct in6_addr *)destination_ip; - } - ts->source_port = source_port; - ts->destination_port = destination_port; - ts->heap_node = - GNUNET_CONTAINER_heap_insert(channel_heap, - ts, - GNUNET_TIME_absolute_get().abs_value_us); - GNUNET_assert(GNUNET_YES == - GNUNET_CONTAINER_multihashmap_put( - channel_map, - &key, - ts, - GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); - GNUNET_STATISTICS_update(stats, - gettext_noop("# Active channels"), - 1, - GNUNET_NO); - while (GNUNET_CONTAINER_multihashmap_size(channel_map) > - max_channel_mappings) - expire_channel(ts); + ts->source_ip.v4 = *(const struct in_addr *) source_ip; + ts->destination_ip.v4 = *(const struct in_addr *) destination_ip; } - else + else { - GNUNET_CONTAINER_heap_update_cost(ts->heap_node, - GNUNET_TIME_absolute_get() - .abs_value_us); - } + ts->source_ip.v6 = *(const struct in6_addr *) source_ip; + ts->destination_ip.v6 = *(const struct in6_addr *) destination_ip; + } + ts->source_port = source_port; + ts->destination_port = destination_port; + ts->heap_node = + GNUNET_CONTAINER_heap_insert (channel_heap, + ts, + GNUNET_TIME_absolute_get ().abs_value_us); + GNUNET_assert (GNUNET_YES == + GNUNET_CONTAINER_multihashmap_put ( + channel_map, + &key, + ts, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Active channels"), + 1, + GNUNET_NO); + while (GNUNET_CONTAINER_multihashmap_size (channel_map) > + max_channel_mappings) + expire_channel (ts); + } + else + { + GNUNET_CONTAINER_heap_update_cost (ts->heap_node, + GNUNET_TIME_absolute_get () + .abs_value_us); + } if (NULL == ts->channel) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - "Packet dropped, channel to %s not yet ready (%s)\n", - print_channel_destination(&ts->destination), - (NULL == ts->search) ? "EXIT search failed" - : "EXIT search active"); - GNUNET_STATISTICS_update(stats, - gettext_noop( - "# Packets dropped (channel not yet online)"), - 1, - GNUNET_NO); - return; - } + { + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + "Packet dropped, channel to %s not yet ready (%s)\n", + print_channel_destination (&ts->destination), + (NULL == ts->search) ? "EXIT search failed" + : "EXIT search active"); + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# Packets dropped (channel not yet online)"), + 1, + GNUNET_NO); + return; + } /* send via channel */ switch (protocol) + { + case IPPROTO_UDP: + if (destination->is_service) + { + struct GNUNET_EXIT_UdpServiceMessage *usm; + + mlen = sizeof(struct GNUNET_EXIT_UdpServiceMessage) + payload_length + - sizeof(struct GNUNET_TUN_UdpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) + { + GNUNET_break (0); + return; + } + env = GNUNET_MQ_msg_extra (usm, + payload_length + - sizeof(struct GNUNET_TUN_UdpHeader), + GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE); + /* if the source port is below 32000, we assume it has a special + meaning; if not, we pick a random port (this is a heuristic) */ + usm->source_port = + (ntohs (udp->source_port) < 32000) ? udp->source_port : 0; + usm->destination_port = udp->destination_port; + GNUNET_memcpy (&usm[1], + &udp[1], + payload_length - sizeof(struct GNUNET_TUN_UdpHeader)); + } + else + { + struct GNUNET_EXIT_UdpInternetMessage *uim; + struct in_addr *ip4dst; + struct in6_addr *ip6dst; + void *payload; + + mlen = sizeof(struct GNUNET_EXIT_UdpInternetMessage) + alen + + payload_length - sizeof(struct GNUNET_TUN_UdpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) + { + GNUNET_break (0); + return; + } + env = GNUNET_MQ_msg_extra (uim, + payload_length + alen + - sizeof(struct GNUNET_TUN_UdpHeader), + GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET); + uim->af = htonl (destination->details.exit_destination.af); + uim->source_port = + (ntohs (udp->source_port) < 32000) ? udp->source_port : 0; + uim->destination_port = udp->destination_port; + switch (destination->details.exit_destination.af) + { + case AF_INET: + ip4dst = (struct in_addr *) &uim[1]; + *ip4dst = destination->details.exit_destination.ip.v4; + payload = &ip4dst[1]; + break; + + case AF_INET6: + ip6dst = (struct in6_addr *) &uim[1]; + *ip6dst = destination->details.exit_destination.ip.v6; + payload = &ip6dst[1]; + break; + + default: + GNUNET_assert (0); + } + GNUNET_memcpy (payload, + &udp[1], + payload_length - sizeof(struct GNUNET_TUN_UdpHeader)); + } + break; + + case IPPROTO_TCP: + if (GNUNET_NO == ts->is_established) { - case IPPROTO_UDP: if (destination->is_service) - { - struct GNUNET_EXIT_UdpServiceMessage *usm; + { + struct GNUNET_EXIT_TcpServiceStartMessage *tsm; - mlen = sizeof(struct GNUNET_EXIT_UdpServiceMessage) + payload_length - - sizeof(struct GNUNET_TUN_UdpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = GNUNET_MQ_msg_extra(usm, - payload_length - - sizeof(struct GNUNET_TUN_UdpHeader), - GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE); - /* if the source port is below 32000, we assume it has a special - meaning; if not, we pick a random port (this is a heuristic) */ - usm->source_port = - (ntohs(udp->source_port) < 32000) ? udp->source_port : 0; - usm->destination_port = udp->destination_port; - GNUNET_memcpy(&usm[1], - &udp[1], - payload_length - sizeof(struct GNUNET_TUN_UdpHeader)); + mlen = sizeof(struct GNUNET_EXIT_TcpServiceStartMessage) + + payload_length - sizeof(struct GNUNET_TUN_TcpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) + { + GNUNET_break (0); + return; } + env = + GNUNET_MQ_msg_extra (tsm, + payload_length + - sizeof(struct GNUNET_TUN_TcpHeader), + GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START); + tsm->reserved = htonl (0); + tsm->tcp_header = *tcp; + GNUNET_memcpy (&tsm[1], + &tcp[1], + payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); + } else + { + struct GNUNET_EXIT_TcpInternetStartMessage *tim; + struct in_addr *ip4dst; + struct in6_addr *ip6dst; + void *payload; + + mlen = sizeof(struct GNUNET_EXIT_TcpInternetStartMessage) + alen + + payload_length - sizeof(struct GNUNET_TUN_TcpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) { - struct GNUNET_EXIT_UdpInternetMessage *uim; - struct in_addr *ip4dst; - struct in6_addr *ip6dst; - void *payload; - - mlen = sizeof(struct GNUNET_EXIT_UdpInternetMessage) + alen + - payload_length - sizeof(struct GNUNET_TUN_UdpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = GNUNET_MQ_msg_extra(uim, - payload_length + alen - - sizeof(struct GNUNET_TUN_UdpHeader), - GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET); - uim->af = htonl(destination->details.exit_destination.af); - uim->source_port = - (ntohs(udp->source_port) < 32000) ? udp->source_port : 0; - uim->destination_port = udp->destination_port; - switch (destination->details.exit_destination.af) - { - case AF_INET: - ip4dst = (struct in_addr *)&uim[1]; - *ip4dst = destination->details.exit_destination.ip.v4; - payload = &ip4dst[1]; - break; - - case AF_INET6: - ip6dst = (struct in6_addr *)&uim[1]; - *ip6dst = destination->details.exit_destination.ip.v6; - payload = &ip6dst[1]; - break; - - default: - GNUNET_assert(0); - } - GNUNET_memcpy(payload, - &udp[1], - payload_length - sizeof(struct GNUNET_TUN_UdpHeader)); + GNUNET_break (0); + return; } - break; + env = + GNUNET_MQ_msg_extra (tim, + payload_length + alen + - sizeof(struct GNUNET_TUN_TcpHeader), + GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START); + tim->af = htonl (destination->details.exit_destination.af); + tim->tcp_header = *tcp; + switch (destination->details.exit_destination.af) + { + case AF_INET: + ip4dst = (struct in_addr *) &tim[1]; + *ip4dst = destination->details.exit_destination.ip.v4; + payload = &ip4dst[1]; + break; - case IPPROTO_TCP: - if (GNUNET_NO == ts->is_established) + case AF_INET6: + ip6dst = (struct in6_addr *) &tim[1]; + *ip6dst = destination->details.exit_destination.ip.v6; + payload = &ip6dst[1]; + break; + + default: + GNUNET_assert (0); + } + GNUNET_memcpy (payload, + &tcp[1], + payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); + } + } + else + { + struct GNUNET_EXIT_TcpDataMessage *tdm; + + mlen = sizeof(struct GNUNET_EXIT_TcpDataMessage) + payload_length + - sizeof(struct GNUNET_TUN_TcpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) + { + GNUNET_break (0); + return; + } + env = GNUNET_MQ_msg_extra (tdm, + payload_length + - sizeof(struct GNUNET_TUN_TcpHeader), + GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT); + tdm->reserved = htonl (0); + tdm->tcp_header = *tcp; + GNUNET_memcpy (&tdm[1], + &tcp[1], + payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); + } + break; + + case IPPROTO_ICMP: + case IPPROTO_ICMPV6: + if (destination->is_service) + { + struct GNUNET_EXIT_IcmpServiceMessage *ism; + + /* ICMP protocol translation will be done by the receiver (as we don't know + the target AF); however, we still need to possibly discard the payload + depending on the ICMP type */ + switch (af) + { + case AF_INET: + switch (icmp->type) { - if (destination->is_service) - { - struct GNUNET_EXIT_TcpServiceStartMessage *tsm; - - mlen = sizeof(struct GNUNET_EXIT_TcpServiceStartMessage) + - payload_length - sizeof(struct GNUNET_TUN_TcpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = - GNUNET_MQ_msg_extra(tsm, - payload_length - - sizeof(struct GNUNET_TUN_TcpHeader), - GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START); - tsm->reserved = htonl(0); - tsm->tcp_header = *tcp; - GNUNET_memcpy(&tsm[1], - &tcp[1], - payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); - } - else - { - struct GNUNET_EXIT_TcpInternetStartMessage *tim; - struct in_addr *ip4dst; - struct in6_addr *ip6dst; - void *payload; - - mlen = sizeof(struct GNUNET_EXIT_TcpInternetStartMessage) + alen + - payload_length - sizeof(struct GNUNET_TUN_TcpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = - GNUNET_MQ_msg_extra(tim, - payload_length + alen - - sizeof(struct GNUNET_TUN_TcpHeader), - GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START); - tim->af = htonl(destination->details.exit_destination.af); - tim->tcp_header = *tcp; - switch (destination->details.exit_destination.af) - { - case AF_INET: - ip4dst = (struct in_addr *)&tim[1]; - *ip4dst = destination->details.exit_destination.ip.v4; - payload = &ip4dst[1]; - break; - - case AF_INET6: - ip6dst = (struct in6_addr *)&tim[1]; - *ip6dst = destination->details.exit_destination.ip.v6; - payload = &ip6dst[1]; - break; - - default: - GNUNET_assert(0); - } - GNUNET_memcpy(payload, - &tcp[1], - payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); - } + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: + break; + + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: + /* throw away ICMP payload, won't be useful for the other side anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; + + default: + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv4 packets dropped (not allowed)"), + 1, + GNUNET_NO); + return; } - else + /* end of AF_INET */ + break; + + case AF_INET6: + switch (icmp->type) { - struct GNUNET_EXIT_TcpDataMessage *tdm; + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: + /* throw away ICMP payload, won't be useful for the other side anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; - mlen = sizeof(struct GNUNET_EXIT_TcpDataMessage) + payload_length - - sizeof(struct GNUNET_TUN_TcpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = GNUNET_MQ_msg_extra(tdm, - payload_length - - sizeof(struct GNUNET_TUN_TcpHeader), - GNUNET_MESSAGE_TYPE_VPN_TCP_DATA_TO_EXIT); - tdm->reserved = htonl(0); - tdm->tcp_header = *tcp; - GNUNET_memcpy(&tdm[1], - &tcp[1], - payload_length - sizeof(struct GNUNET_TUN_TcpHeader)); + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: + case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: + break; + + default: + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# ICMPv6 packets dropped (not allowed)"), + 1, + GNUNET_NO); + return; } - break; + /* end of AF_INET6 */ + break; - case IPPROTO_ICMP: - case IPPROTO_ICMPV6: - if (destination->is_service) + default: + GNUNET_assert (0); + break; + } + + /* update length calculations, as payload_length may have changed */ + mlen = sizeof(struct GNUNET_EXIT_IcmpServiceMessage) + alen + + payload_length - sizeof(struct GNUNET_TUN_IcmpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) + { + GNUNET_break (0); + return; + } + + env = GNUNET_MQ_msg_extra (ism, + payload_length + - sizeof(struct GNUNET_TUN_IcmpHeader), + GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE); + ism->af = htonl (af); /* need to tell destination ICMP protocol family! */ + ism->icmp_header = *icmp; + GNUNET_memcpy (&ism[1], + &icmp[1], + payload_length - sizeof(struct GNUNET_TUN_IcmpHeader)); + } + else + { + struct GNUNET_EXIT_IcmpInternetMessage *iim; + struct in_addr *ip4dst; + struct in6_addr *ip6dst; + void *payload; + uint8_t new_type; + + new_type = icmp->type; + /* Perform ICMP protocol-translation (depending on destination AF and source AF) + and throw away ICMP payload depending on ICMP message type */ + switch (af) + { + case AF_INET: + switch (icmp->type) { - struct GNUNET_EXIT_IcmpServiceMessage *ism; + case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: + if (destination->details.exit_destination.af == AF_INET6) + new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; + break; - /* ICMP protocol translation will be done by the receiver (as we don't know - the target AF); however, we still need to possibly discard the payload - depending on the ICMP type */ - switch (af) - { - case AF_INET: - switch (icmp->type) - { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: - /* throw away ICMP payload, won't be useful for the other side anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - default: - GNUNET_STATISTICS_update(stats, - gettext_noop( - "# ICMPv4 packets dropped (not allowed)"), - 1, - GNUNET_NO); - return; - } - /* end of AF_INET */ - break; - - case AF_INET6: - switch (icmp->type) - { - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: - /* throw away ICMP payload, won't be useful for the other side anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: - break; - - default: - GNUNET_STATISTICS_update(stats, - gettext_noop( - "# ICMPv6 packets dropped (not allowed)"), - 1, - GNUNET_NO); - return; - } - /* end of AF_INET6 */ - break; - - default: - GNUNET_assert(0); - break; - } + case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: + if (destination->details.exit_destination.af == AF_INET6) + new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; + break; - /* update length calculations, as payload_length may have changed */ - mlen = sizeof(struct GNUNET_EXIT_IcmpServiceMessage) + alen + - payload_length - sizeof(struct GNUNET_TUN_IcmpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } + case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: + if (destination->details.exit_destination.af == AF_INET6) + new_type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; + + case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: + if (destination->details.exit_destination.af == AF_INET6) + new_type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; + + case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: + if (destination->details.exit_destination.af == AF_INET6) + { + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv4 packets dropped (impossible PT to v6)"), + 1, + GNUNET_NO); + return; + } + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; - env = GNUNET_MQ_msg_extra(ism, - payload_length - - sizeof(struct GNUNET_TUN_IcmpHeader), - GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_SERVICE); - ism->af = htonl(af); /* need to tell destination ICMP protocol family! */ - ism->icmp_header = *icmp; - GNUNET_memcpy(&ism[1], - &icmp[1], - payload_length - sizeof(struct GNUNET_TUN_IcmpHeader)); + default: + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv4 packets dropped (type not allowed)"), + 1, + GNUNET_NO); + return; } - else + /* end of AF_INET */ + break; + + case AF_INET6: + switch (icmp->type) { - struct GNUNET_EXIT_IcmpInternetMessage *iim; - struct in_addr *ip4dst; - struct in6_addr *ip6dst; - void *payload; - uint8_t new_type; - - new_type = icmp->type; - /* Perform ICMP protocol-translation (depending on destination AF and source AF) - and throw away ICMP payload depending on ICMP message type */ - switch (af) - { - case AF_INET: - switch (icmp->type) - { - case GNUNET_TUN_ICMPTYPE_ECHO_REPLY: - if (destination->details.exit_destination.af == AF_INET6) - new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REPLY; - break; - - case GNUNET_TUN_ICMPTYPE_ECHO_REQUEST: - if (destination->details.exit_destination.af == AF_INET6) - new_type = GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST; - break; - - case GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE: - if (destination->details.exit_destination.af == AF_INET6) - new_type = GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE; - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED: - if (destination->details.exit_destination.af == AF_INET6) - new_type = GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED; - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE_SOURCE_QUENCH: - if (destination->details.exit_destination.af == AF_INET6) - { - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv4 packets dropped (impossible PT to v6)"), - 1, - GNUNET_NO); - return; - } - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - default: - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv4 packets dropped (type not allowed)"), - 1, - GNUNET_NO); - return; - } - /* end of AF_INET */ - break; - - case AF_INET6: - switch (icmp->type) - { - case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: - if (destination->details.exit_destination.af == AF_INET) - new_type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: - if (destination->details.exit_destination.af == AF_INET) - new_type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: - if (destination->details.exit_destination.af == AF_INET) - { - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), - 1, - GNUNET_NO); - return; - } - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: - if (destination->details.exit_destination.af == AF_INET) - { - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv6 packets dropped (impossible PT to v4)"), - 1, - GNUNET_NO); - return; - } - /* throw away IP-payload, exit will have to make it up anyway */ - payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: - if (destination->details.exit_destination.af == AF_INET) - new_type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; - break; - - case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: - if (destination->details.exit_destination.af == AF_INET) - new_type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; - break; - - default: - GNUNET_STATISTICS_update( - stats, - gettext_noop("# ICMPv6 packets dropped (type not allowed)"), - 1, - GNUNET_NO); - return; - } - /* end of AF_INET6 */ - break; - - default: - GNUNET_assert(0); - } + case GNUNET_TUN_ICMPTYPE6_DESTINATION_UNREACHABLE: + if (destination->details.exit_destination.af == AF_INET) + new_type = GNUNET_TUN_ICMPTYPE_DESTINATION_UNREACHABLE; + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; - /* update length calculations, as payload_length may have changed */ - mlen = sizeof(struct GNUNET_EXIT_IcmpInternetMessage) + alen + - payload_length - sizeof(struct GNUNET_TUN_IcmpHeader); - if (mlen >= GNUNET_MAX_MESSAGE_SIZE) - { - GNUNET_break(0); - return; - } - env = GNUNET_MQ_msg_extra(iim, - alen + payload_length - - sizeof(struct GNUNET_TUN_IcmpHeader), - GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET); - iim->icmp_header = *icmp; - iim->icmp_header.type = new_type; - iim->af = htonl(destination->details.exit_destination.af); - switch (destination->details.exit_destination.af) - { - case AF_INET: - ip4dst = (struct in_addr *)&iim[1]; - *ip4dst = destination->details.exit_destination.ip.v4; - payload = &ip4dst[1]; - break; - - case AF_INET6: - ip6dst = (struct in6_addr *)&iim[1]; - *ip6dst = destination->details.exit_destination.ip.v6; - payload = &ip6dst[1]; - break; - - default: - GNUNET_assert(0); - } - GNUNET_memcpy(payload, - &icmp[1], - payload_length - sizeof(struct GNUNET_TUN_IcmpHeader)); + case GNUNET_TUN_ICMPTYPE6_TIME_EXCEEDED: + if (destination->details.exit_destination.af == AF_INET) + new_type = GNUNET_TUN_ICMPTYPE_TIME_EXCEEDED; + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; + + case GNUNET_TUN_ICMPTYPE6_PACKET_TOO_BIG: + if (destination->details.exit_destination.af == AF_INET) + { + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), + 1, + GNUNET_NO); + return; + } + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; + + case GNUNET_TUN_ICMPTYPE6_PARAMETER_PROBLEM: + if (destination->details.exit_destination.af == AF_INET) + { + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv6 packets dropped (impossible PT to v4)"), + 1, + GNUNET_NO); + return; + } + /* throw away IP-payload, exit will have to make it up anyway */ + payload_length = sizeof(struct GNUNET_TUN_IcmpHeader); + break; + + case GNUNET_TUN_ICMPTYPE6_ECHO_REQUEST: + if (destination->details.exit_destination.af == AF_INET) + new_type = GNUNET_TUN_ICMPTYPE_ECHO_REQUEST; + break; + + case GNUNET_TUN_ICMPTYPE6_ECHO_REPLY: + if (destination->details.exit_destination.af == AF_INET) + new_type = GNUNET_TUN_ICMPTYPE_ECHO_REPLY; + break; + + default: + GNUNET_STATISTICS_update ( + stats, + gettext_noop ("# ICMPv6 packets dropped (type not allowed)"), + 1, + GNUNET_NO); + return; } - break; + /* end of AF_INET6 */ + break; - default: - /* not supported above, how can we get here !? */ - GNUNET_assert(0); - break; + default: + GNUNET_assert (0); + } + + /* update length calculations, as payload_length may have changed */ + mlen = sizeof(struct GNUNET_EXIT_IcmpInternetMessage) + alen + + payload_length - sizeof(struct GNUNET_TUN_IcmpHeader); + if (mlen >= GNUNET_MAX_MESSAGE_SIZE) + { + GNUNET_break (0); + return; + } + env = GNUNET_MQ_msg_extra (iim, + alen + payload_length + - sizeof(struct GNUNET_TUN_IcmpHeader), + GNUNET_MESSAGE_TYPE_VPN_ICMP_TO_INTERNET); + iim->icmp_header = *icmp; + iim->icmp_header.type = new_type; + iim->af = htonl (destination->details.exit_destination.af); + switch (destination->details.exit_destination.af) + { + case AF_INET: + ip4dst = (struct in_addr *) &iim[1]; + *ip4dst = destination->details.exit_destination.ip.v4; + payload = &ip4dst[1]; + break; + + case AF_INET6: + ip6dst = (struct in6_addr *) &iim[1]; + *ip6dst = destination->details.exit_destination.ip.v6; + payload = &ip6dst[1]; + break; + + default: + GNUNET_assert (0); + } + GNUNET_memcpy (payload, + &icmp[1], + payload_length - sizeof(struct GNUNET_TUN_IcmpHeader)); } + break; + + default: + /* not supported above, how can we get here !? */ + GNUNET_assert (0); + break; + } ts->is_established = GNUNET_YES; - send_to_channel(ts, env); + send_to_channel (ts, env); } @@ -2260,108 +2270,108 @@ route_packet(struct DestinationEntry *destination, * #GNUNET_SYSERR to stop further processing with error */ static int -message_token(void *cls, const struct GNUNET_MessageHeader *message) +message_token (void *cls, const struct GNUNET_MessageHeader *message) { const struct GNUNET_TUN_Layer2PacketHeader *tun; size_t mlen; struct GNUNET_HashCode key; struct DestinationEntry *de; - GNUNET_STATISTICS_update(stats, - gettext_noop( - "# Packets received from TUN interface"), - 1, - GNUNET_NO); - mlen = ntohs(message->size); - if ((ntohs(message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) || - (mlen < sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader))) - { - GNUNET_break(0); - return GNUNET_OK; - } - tun = (const struct GNUNET_TUN_Layer2PacketHeader *)&message[1]; - mlen -= (sizeof(struct GNUNET_MessageHeader) + - sizeof(struct GNUNET_TUN_Layer2PacketHeader)); - switch (ntohs(tun->proto)) - { - case ETH_P_IPV6: { + GNUNET_STATISTICS_update (stats, + gettext_noop ( + "# Packets received from TUN interface"), + 1, + GNUNET_NO); + mlen = ntohs (message->size); + if ((ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER) || + (mlen < sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader))) + { + GNUNET_break (0); + return GNUNET_OK; + } + tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1]; + mlen -= (sizeof(struct GNUNET_MessageHeader) + + sizeof(struct GNUNET_TUN_Layer2PacketHeader)); + switch (ntohs (tun->proto)) + { + case ETH_P_IPV6: { const struct GNUNET_TUN_IPv6Header *pkt6; if (mlen < sizeof(struct GNUNET_TUN_IPv6Header)) - { - /* blame kernel */ - GNUNET_break(0); - return GNUNET_OK; - } - pkt6 = (const struct GNUNET_TUN_IPv6Header *)&tun[1]; - get_destination_key_from_ip(AF_INET6, &pkt6->destination_address, &key); - de = GNUNET_CONTAINER_multihashmap_get(destination_map, &key); + { + /* blame kernel */ + GNUNET_break (0); + return GNUNET_OK; + } + pkt6 = (const struct GNUNET_TUN_IPv6Header *) &tun[1]; + get_destination_key_from_ip (AF_INET6, &pkt6->destination_address, &key); + de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key); if (NULL == de) - { - char buf[INET6_ADDRSTRLEN]; + { + char buf[INET6_ADDRSTRLEN]; - GNUNET_log( - GNUNET_ERROR_TYPE_INFO, - _("Packet received for unmapped destination `%s' (dropping it)\n"), - inet_ntop(AF_INET6, &pkt6->destination_address, buf, sizeof(buf))); - return GNUNET_OK; - } - route_packet(de, - AF_INET6, - pkt6->next_header, - &pkt6->source_address, - &pkt6->destination_address, - &pkt6[1], - mlen - sizeof(struct GNUNET_TUN_IPv6Header)); + GNUNET_log ( + GNUNET_ERROR_TYPE_INFO, + _ ("Packet received for unmapped destination `%s' (dropping it)\n"), + inet_ntop (AF_INET6, &pkt6->destination_address, buf, sizeof(buf))); + return GNUNET_OK; + } + route_packet (de, + AF_INET6, + pkt6->next_header, + &pkt6->source_address, + &pkt6->destination_address, + &pkt6[1], + mlen - sizeof(struct GNUNET_TUN_IPv6Header)); } break; - case ETH_P_IPV4: { + case ETH_P_IPV4: { struct GNUNET_TUN_IPv4Header *pkt4; if (mlen < sizeof(struct GNUNET_TUN_IPv4Header)) - { - /* blame kernel */ - GNUNET_break(0); - return GNUNET_OK; - } - pkt4 = (struct GNUNET_TUN_IPv4Header *)&tun[1]; - get_destination_key_from_ip(AF_INET, &pkt4->destination_address, &key); - de = GNUNET_CONTAINER_multihashmap_get(destination_map, &key); + { + /* blame kernel */ + GNUNET_break (0); + return GNUNET_OK; + } + pkt4 = (struct GNUNET_TUN_IPv4Header *) &tun[1]; + get_destination_key_from_ip (AF_INET, &pkt4->destination_address, &key); + de = GNUNET_CONTAINER_multihashmap_get (destination_map, &key); if (NULL == de) - { - char buf[INET_ADDRSTRLEN]; + { + char buf[INET_ADDRSTRLEN]; - GNUNET_log( - GNUNET_ERROR_TYPE_INFO, - _("Packet received for unmapped destination `%s' (dropping it)\n"), - inet_ntop(AF_INET, &pkt4->destination_address, buf, sizeof(buf))); - return GNUNET_OK; - } + GNUNET_log ( + GNUNET_ERROR_TYPE_INFO, + _ ("Packet received for unmapped destination `%s' (dropping it)\n"), + inet_ntop (AF_INET, &pkt4->destination_address, buf, sizeof(buf))); + return GNUNET_OK; + } if (pkt4->header_length * 4 != sizeof(struct GNUNET_TUN_IPv4Header)) - { - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _("Received IPv4 packet with options (dropping it)\n")); - return GNUNET_OK; - } - route_packet(de, - AF_INET, - pkt4->protocol, - &pkt4->source_address, - &pkt4->destination_address, - &pkt4[1], - mlen - sizeof(struct GNUNET_TUN_IPv4Header)); + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ("Received IPv4 packet with options (dropping it)\n")); + return GNUNET_OK; + } + route_packet (de, + AF_INET, + pkt4->protocol, + &pkt4->source_address, + &pkt4->destination_address, + &pkt4[1], + mlen - sizeof(struct GNUNET_TUN_IPv4Header)); } break; - default: - GNUNET_log( - GNUNET_ERROR_TYPE_INFO, - _("Received packet of unknown protocol %d from TUN (dropping it)\n"), - (unsigned int)ntohs(tun->proto)); - break; - } + default: + GNUNET_log ( + GNUNET_ERROR_TYPE_INFO, + _ ("Received packet of unknown protocol %d from TUN (dropping it)\n"), + (unsigned int) ntohs (tun->proto)); + break; + } return GNUNET_OK; } @@ -2375,7 +2385,7 @@ message_token(void *cls, const struct GNUNET_MessageHeader *message) * #GNUNET_SYSERR on error */ static int -allocate_v4_address(struct in_addr *v4) +allocate_v4_address (struct in_addr *v4) { const char *ipv4addr = vpn_argv[4]; const char *ipv4mask = vpn_argv[5]; @@ -2385,30 +2395,30 @@ allocate_v4_address(struct in_addr *v4) struct GNUNET_HashCode key; unsigned int tries; - GNUNET_assert(1 == inet_pton(AF_INET, ipv4addr, &addr)); - GNUNET_assert(1 == inet_pton(AF_INET, ipv4mask, &mask)); + GNUNET_assert (1 == inet_pton (AF_INET, ipv4addr, &addr)); + GNUNET_assert (1 == inet_pton (AF_INET, ipv4mask, &mask)); /* Given 192.168.0.1/255.255.0.0, we want a mask of '192.168.255.255', thus: */ mask.s_addr = addr.s_addr | ~mask.s_addr; tries = 0; do + { + tries++; + if (tries > 16) { - tries++; - if (tries > 16) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _( - "Failed to find unallocated IPv4 address in VPN's range\n")); - return GNUNET_SYSERR; - } - /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */ - rnd.s_addr = - GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX); - v4->s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr; - get_destination_key_from_ip(AF_INET, v4, &key); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "Failed to find unallocated IPv4 address in VPN's range\n")); + return GNUNET_SYSERR; } + /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */ + rnd.s_addr = + GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX); + v4->s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr; + get_destination_key_from_ip (AF_INET, v4, &key); + } while ((GNUNET_YES == - GNUNET_CONTAINER_multihashmap_contains(destination_map, &key)) || + GNUNET_CONTAINER_multihashmap_contains (destination_map, &key)) || (v4->s_addr == addr.s_addr) || (v4->s_addr == mask.s_addr)); return GNUNET_OK; } @@ -2423,7 +2433,7 @@ allocate_v4_address(struct in_addr *v4) * #GNUNET_SYSERR on error */ static int -allocate_v6_address(struct in6_addr *v6) +allocate_v6_address (struct in6_addr *v6) { const char *ipv6addr = vpn_argv[2]; struct in6_addr addr; @@ -2433,8 +2443,8 @@ allocate_v6_address(struct in6_addr *v6) struct GNUNET_HashCode key; unsigned int tries; - GNUNET_assert(1 == inet_pton(AF_INET6, ipv6addr, &addr)); - GNUNET_assert(ipv6prefix < 128); + GNUNET_assert (1 == inet_pton (AF_INET6, ipv6addr, &addr)); + GNUNET_assert (ipv6prefix < 128); /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF, thus: */ mask = addr; @@ -2444,28 +2454,28 @@ allocate_v6_address(struct in6_addr *v6) /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */ tries = 0; do + { + tries++; + if (tries > 16) { - tries++; - if (tries > 16) - { - GNUNET_log(GNUNET_ERROR_TYPE_WARNING, - _( - "Failed to find unallocated IPv6 address in VPN's range\n")); - return GNUNET_SYSERR; - } - for (i = 0; i < 16; i++) - { - rnd.s6_addr[i] = - (unsigned char)GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, - 256); - v6->s6_addr[i] = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i]; - } - get_destination_key_from_ip(AF_INET6, v6, &key); + GNUNET_log (GNUNET_ERROR_TYPE_WARNING, + _ ( + "Failed to find unallocated IPv6 address in VPN's range\n")); + return GNUNET_SYSERR; + } + for (i = 0; i < 16; i++) + { + rnd.s6_addr[i] = + (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, + 256); + v6->s6_addr[i] = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i]; } + get_destination_key_from_ip (AF_INET6, v6, &key); + } while ((GNUNET_YES == - GNUNET_CONTAINER_multihashmap_contains(destination_map, &key)) || - (0 == GNUNET_memcmp(v6, &addr)) || - (0 == GNUNET_memcmp(v6, &mask))); + GNUNET_CONTAINER_multihashmap_contains (destination_map, &key)) || + (0 == GNUNET_memcmp (v6, &addr)) || + (0 == GNUNET_memcmp (v6, &mask))); return GNUNET_OK; } @@ -2476,31 +2486,31 @@ allocate_v6_address(struct in6_addr *v6) * @param de entry to free */ static void -free_destination_entry(struct DestinationEntry *de) +free_destination_entry (struct DestinationEntry *de) { struct DestinationChannel *dt; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Cleaning up destination entry `%s'\n", - print_channel_destination(de)); - GNUNET_STATISTICS_update(stats, - gettext_noop("# Active destinations"), - -1, - GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Cleaning up destination entry `%s'\n", + print_channel_destination (de)); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Active destinations"), + -1, + GNUNET_NO); while (NULL != (dt = de->dt_head)) - { - GNUNET_CONTAINER_DLL_remove(de->dt_head, de->dt_tail, dt); - GNUNET_free(dt); - } + { + GNUNET_CONTAINER_DLL_remove (de->dt_head, de->dt_tail, dt); + GNUNET_free (dt); + } if (NULL != de->heap_node) - { - GNUNET_CONTAINER_heap_remove_node(de->heap_node); - de->heap_node = NULL; - GNUNET_assert( - GNUNET_YES == - GNUNET_CONTAINER_multihashmap_remove(destination_map, &de->key, de)); - } - GNUNET_free(de); + { + GNUNET_CONTAINER_heap_remove_node (de->heap_node); + de->heap_node = NULL; + GNUNET_assert ( + GNUNET_YES == + GNUNET_CONTAINER_multihashmap_remove (destination_map, &de->key, de)); + } + GNUNET_free (de); } @@ -2510,15 +2520,15 @@ free_destination_entry(struct DestinationEntry *de) * @param except destination that must NOT be cleaned up, even if it is the oldest */ static void -expire_destination(struct DestinationEntry *except) +expire_destination (struct DestinationEntry *except) { struct DestinationEntry *de; - de = GNUNET_CONTAINER_heap_peek(destination_heap); - GNUNET_assert(NULL != de); + de = GNUNET_CONTAINER_heap_peek (destination_heap); + GNUNET_assert (NULL != de); if (except == de) return; /* can't do this */ - free_destination_entry(de); + free_destination_entry (de); } @@ -2537,45 +2547,45 @@ expire_destination(struct DestinationEntry *except) * an unsupported address family (not AF_INET, AF_INET6 or AF_UNSPEC) */ static int -allocate_response_ip(int *result_af, - void **addr, - struct in_addr *v4, - struct in6_addr *v6) +allocate_response_ip (int *result_af, + void **addr, + struct in_addr *v4, + struct in6_addr *v6) { *addr = NULL; switch (*result_af) - { - case AF_INET: - if (GNUNET_OK != allocate_v4_address(v4)) - *result_af = AF_UNSPEC; - else - *addr = v4; - break; - - case AF_INET6: - if (GNUNET_OK != allocate_v6_address(v6)) - *result_af = AF_UNSPEC; - else - *addr = v6; - break; + { + case AF_INET: + if (GNUNET_OK != allocate_v4_address (v4)) + *result_af = AF_UNSPEC; + else + *addr = v4; + break; - case AF_UNSPEC: - if (GNUNET_OK == allocate_v4_address(v4)) - { - *addr = v4; - *result_af = AF_INET; - } - else if (GNUNET_OK == allocate_v6_address(v6)) - { - *addr = v6; - *result_af = AF_INET6; - } - break; + case AF_INET6: + if (GNUNET_OK != allocate_v6_address (v6)) + *result_af = AF_UNSPEC; + else + *addr = v6; + break; - default: - GNUNET_break(0); - return GNUNET_SYSERR; + case AF_UNSPEC: + if (GNUNET_OK == allocate_v4_address (v4)) + { + *addr = v4; + *result_af = AF_INET; } + else if (GNUNET_OK == allocate_v6_address (v6)) + { + *addr = v6; + *result_af = AF_INET6; + } + break; + + default: + GNUNET_break (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -2590,36 +2600,36 @@ allocate_response_ip(int *result_af, * @return #GNUNET_OK if @a msg is well-formed */ static int -check_client_redirect_to_ip(void *cls, - const struct RedirectToIpRequestMessage *msg) +check_client_redirect_to_ip (void *cls, + const struct RedirectToIpRequestMessage *msg) { size_t alen; int addr_af; - alen = ntohs(msg->header.size) - sizeof(struct RedirectToIpRequestMessage); - addr_af = (int)htonl(msg->addr_af); + alen = ntohs (msg->header.size) - sizeof(struct RedirectToIpRequestMessage); + addr_af = (int) htonl (msg->addr_af); switch (addr_af) + { + case AF_INET: + if (alen != sizeof(struct in_addr)) { - case AF_INET: - if (alen != sizeof(struct in_addr)) - { - GNUNET_break(0); - return GNUNET_SYSERR; - } - break; - - case AF_INET6: - if (alen != sizeof(struct in6_addr)) - { - GNUNET_break(0); - return GNUNET_SYSERR; - } - break; + GNUNET_break (0); + return GNUNET_SYSERR; + } + break; - default: - GNUNET_break(0); + case AF_INET6: + if (alen != sizeof(struct in6_addr)) + { + GNUNET_break (0); return GNUNET_SYSERR; } + break; + + default: + GNUNET_break (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -2633,8 +2643,8 @@ check_client_redirect_to_ip(void *cls, * @param msg redirection request */ static void -handle_client_redirect_to_ip(void *cls, - const struct RedirectToIpRequestMessage *msg) +handle_client_redirect_to_ip (void *cls, + const struct RedirectToIpRequestMessage *msg) { struct GNUNET_SERVICE_Client *client = cls; size_t alen; @@ -2646,59 +2656,59 @@ handle_client_redirect_to_ip(void *cls, struct DestinationEntry *de; struct GNUNET_HashCode key; - alen = ntohs(msg->header.size) - sizeof(struct RedirectToIpRequestMessage); - addr_af = (int)htonl(msg->addr_af); + alen = ntohs (msg->header.size) - sizeof(struct RedirectToIpRequestMessage); + addr_af = (int) htonl (msg->addr_af); /* allocate response IP */ - result_af = (int)htonl(msg->result_af); - if (GNUNET_OK != allocate_response_ip(&result_af, &addr, &v4, &v6)) - { - GNUNET_SERVICE_client_drop(client); - return; - } + result_af = (int) htonl (msg->result_af); + if (GNUNET_OK != allocate_response_ip (&result_af, &addr, &v4, &v6)) + { + GNUNET_SERVICE_client_drop (client); + return; + } /* send reply with our IP address */ - send_client_reply(client, msg->request_id, result_af, addr); + send_client_reply (client, msg->request_id, result_af, addr); if (result_af == AF_UNSPEC) - { - /* failure, we're done */ - GNUNET_SERVICE_client_continue(client); - return; - } + { + /* failure, we're done */ + GNUNET_SERVICE_client_continue (client); + return; + } { char sbuf[INET6_ADDRSTRLEN]; char dbuf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Allocated address %s for redirection via exit to %s\n", - inet_ntop(result_af, addr, sbuf, sizeof(sbuf)), - inet_ntop(addr_af, &msg[1], dbuf, sizeof(dbuf))); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Allocated address %s for redirection via exit to %s\n", + inet_ntop (result_af, addr, sbuf, sizeof(sbuf)), + inet_ntop (addr_af, &msg[1], dbuf, sizeof(dbuf))); } /* setup destination record */ - de = GNUNET_new(struct DestinationEntry); + de = GNUNET_new (struct DestinationEntry); de->is_service = GNUNET_NO; de->details.exit_destination.af = addr_af; - GNUNET_memcpy(&de->details.exit_destination.ip, &msg[1], alen); - get_destination_key_from_ip(result_af, addr, &key); + GNUNET_memcpy (&de->details.exit_destination.ip, &msg[1], alen); + get_destination_key_from_ip (result_af, addr, &key); de->key = key; - GNUNET_assert(GNUNET_OK == GNUNET_CONTAINER_multihashmap_put( - destination_map, - &key, - de, - GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); - de->heap_node = GNUNET_CONTAINER_heap_insert(destination_heap, - de, - GNUNET_TIME_absolute_ntoh( - msg->expiration_time) - .abs_value_us); - GNUNET_STATISTICS_update(stats, - gettext_noop("# Active destinations"), - 1, - GNUNET_NO); - while (GNUNET_CONTAINER_multihashmap_size(destination_map) > + GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put ( + destination_map, + &key, + de, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); + de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap, + de, + GNUNET_TIME_absolute_ntoh ( + msg->expiration_time) + .abs_value_us); + GNUNET_STATISTICS_update (stats, + gettext_noop ("# Active destinations"), + 1, + GNUNET_NO); + while (GNUNET_CONTAINER_multihashmap_size (destination_map) > max_destination_mappings) - expire_destination(de); - GNUNET_SERVICE_client_continue(client); + expire_destination (de); + GNUNET_SERVICE_client_continue (client); } @@ -2711,7 +2721,7 @@ handle_client_redirect_to_ip(void *cls, * @param msg redirection request */ static void -handle_client_redirect_to_service( +handle_client_redirect_to_service ( void *cls, const struct RedirectToServiceRequestMessage *msg) { @@ -2725,59 +2735,59 @@ handle_client_redirect_to_service( struct DestinationChannel *dt; /* allocate response IP */ - result_af = (int)htonl(msg->result_af); - if (GNUNET_OK != allocate_response_ip(&result_af, &addr, &v4, &v6)) - { - GNUNET_break(0); - GNUNET_SERVICE_client_drop(client); - return; - } - send_client_reply(client, msg->request_id, result_af, addr); + result_af = (int) htonl (msg->result_af); + if (GNUNET_OK != allocate_response_ip (&result_af, &addr, &v4, &v6)) + { + GNUNET_break (0); + GNUNET_SERVICE_client_drop (client); + return; + } + send_client_reply (client, msg->request_id, result_af, addr); if (result_af == AF_UNSPEC) - { - /* failure, we're done */ - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - _("Failed to allocate IP address for new destination\n")); - GNUNET_SERVICE_client_continue(client); - return; - } + { + /* failure, we're done */ + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + _ ("Failed to allocate IP address for new destination\n")); + GNUNET_SERVICE_client_continue (client); + return; + } { char sbuf[INET6_ADDRSTRLEN]; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Allocated address %s for redirection to service %s on peer %s\n", - inet_ntop(result_af, addr, sbuf, sizeof(sbuf)), - GNUNET_h2s(&msg->service_descriptor), - GNUNET_i2s(&msg->target)); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Allocated address %s for redirection to service %s on peer %s\n", + inet_ntop (result_af, addr, sbuf, sizeof(sbuf)), + GNUNET_h2s (&msg->service_descriptor), + GNUNET_i2s (&msg->target)); } /* setup destination record */ - de = GNUNET_new(struct DestinationEntry); + de = GNUNET_new (struct DestinationEntry); de->is_service = GNUNET_YES; de->details.service_destination.target = msg->target; de->details.service_destination.service_descriptor = msg->service_descriptor; - get_destination_key_from_ip(result_af, addr, &key); + get_destination_key_from_ip (result_af, addr, &key); de->key = key; - GNUNET_assert(GNUNET_OK == GNUNET_CONTAINER_multihashmap_put( - destination_map, - &key, - de, - GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); - de->heap_node = GNUNET_CONTAINER_heap_insert(destination_heap, - de, - GNUNET_TIME_absolute_ntoh( - msg->expiration_time) - .abs_value_us); - while (GNUNET_CONTAINER_multihashmap_size(destination_map) > + GNUNET_assert (GNUNET_OK == GNUNET_CONTAINER_multihashmap_put ( + destination_map, + &key, + de, + GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE)); + de->heap_node = GNUNET_CONTAINER_heap_insert (destination_heap, + de, + GNUNET_TIME_absolute_ntoh ( + msg->expiration_time) + .abs_value_us); + while (GNUNET_CONTAINER_multihashmap_size (destination_map) > max_destination_mappings) - expire_destination(de); + expire_destination (de); - dt = GNUNET_new(struct DestinationChannel); + dt = GNUNET_new (struct DestinationChannel); dt->destination = de; - GNUNET_CONTAINER_DLL_insert(de->dt_head, de->dt_tail, dt); + GNUNET_CONTAINER_DLL_insert (de->dt_head, de->dt_tail, dt); /* we're done */ - GNUNET_SERVICE_client_continue(client); + GNUNET_SERVICE_client_continue (client); } @@ -2790,11 +2800,11 @@ handle_client_redirect_to_service( * @return #GNUNET_OK (continue to iterate) */ static int -cleanup_destination(void *cls, const struct GNUNET_HashCode *key, void *value) +cleanup_destination (void *cls, const struct GNUNET_HashCode *key, void *value) { struct DestinationEntry *de = value; - free_destination_entry(de); + free_destination_entry (de); return GNUNET_OK; } @@ -2808,14 +2818,14 @@ cleanup_destination(void *cls, const struct GNUNET_HashCode *key, void *value) * @return #GNUNET_OK (continue to iterate) */ static int -cleanup_channel(void *cls, const struct GNUNET_HashCode *key, void *value) +cleanup_channel (void *cls, const struct GNUNET_HashCode *key, void *value) { struct ChannelState *ts = value; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, - "Tearing down channel to `%s' during cleanup\n", - print_channel_destination(&ts->destination)); - free_channel_state(ts); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, + "Tearing down channel to `%s' during cleanup\n", + print_channel_destination (&ts->destination)); + free_channel_state (ts); return GNUNET_OK; } @@ -2826,53 +2836,53 @@ cleanup_channel(void *cls, const struct GNUNET_HashCode *key, void *value) * @param cls unused */ static void -cleanup(void *cls) +cleanup (void *cls) { unsigned int i; - GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "VPN is shutting down\n"); + GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "VPN is shutting down\n"); if (NULL != destination_map) - { - GNUNET_CONTAINER_multihashmap_iterate(destination_map, - &cleanup_destination, - NULL); - GNUNET_CONTAINER_multihashmap_destroy(destination_map); - destination_map = NULL; - } + { + GNUNET_CONTAINER_multihashmap_iterate (destination_map, + &cleanup_destination, + NULL); + GNUNET_CONTAINER_multihashmap_destroy (destination_map); + destination_map = NULL; + } if (NULL != destination_heap) - { - GNUNET_CONTAINER_heap_destroy(destination_heap); - destination_heap = NULL; - } + { + GNUNET_CONTAINER_heap_destroy (destination_heap); + destination_heap = NULL; + } if (NULL != channel_map) - { - GNUNET_CONTAINER_multihashmap_iterate(channel_map, &cleanup_channel, NULL); - GNUNET_CONTAINER_multihashmap_destroy(channel_map); - channel_map = NULL; - } + { + GNUNET_CONTAINER_multihashmap_iterate (channel_map, &cleanup_channel, NULL); + GNUNET_CONTAINER_multihashmap_destroy (channel_map); + channel_map = NULL; + } if (NULL != channel_heap) - { - GNUNET_CONTAINER_heap_destroy(channel_heap); - channel_heap = NULL; - } + { + GNUNET_CONTAINER_heap_destroy (channel_heap); + channel_heap = NULL; + } if (NULL != cadet_handle) - { - GNUNET_CADET_disconnect(cadet_handle); - cadet_handle = NULL; - } + { + GNUNET_CADET_disconnect (cadet_handle); + cadet_handle = NULL; + } if (NULL != helper_handle) - { - GNUNET_HELPER_kill(helper_handle, GNUNET_NO); - GNUNET_HELPER_wait(helper_handle); - helper_handle = NULL; - } + { + GNUNET_HELPER_kill (helper_handle, GNUNET_NO); + GNUNET_HELPER_wait (helper_handle); + helper_handle = NULL; + } if (NULL != stats) - { - GNUNET_STATISTICS_destroy(stats, GNUNET_NO); - stats = NULL; - } + { + GNUNET_STATISTICS_destroy (stats, GNUNET_NO); + stats = NULL; + } for (i = 0; i < 5; i++) - GNUNET_free_non_null(vpn_argv[i]); + GNUNET_free_non_null (vpn_argv[i]); } @@ -2885,9 +2895,9 @@ cleanup(void *cls) * @return @a c */ static void * -client_connect_cb(void *cls, - struct GNUNET_SERVICE_Client *c, - struct GNUNET_MQ_Handle *mq) +client_connect_cb (void *cls, + struct GNUNET_SERVICE_Client *c, + struct GNUNET_MQ_Handle *mq) { return c; } @@ -2901,11 +2911,11 @@ client_connect_cb(void *cls, * @param internal_cls should be equal to @a c */ static void -client_disconnect_cb(void *cls, - struct GNUNET_SERVICE_Client *c, - void *internal_cls) +client_disconnect_cb (void *cls, + struct GNUNET_SERVICE_Client *c, + void *internal_cls) { - GNUNET_assert(c == internal_cls); + GNUNET_assert (c == internal_cls); } @@ -2917,9 +2927,9 @@ client_disconnect_cb(void *cls, * @param service the initialized service */ static void -run(void *cls, - const struct GNUNET_CONFIGURATION_Handle *cfg_, - struct GNUNET_SERVICE_Handle *service) +run (void *cls, + const struct GNUNET_CONFIGURATION_Handle *cfg_, + struct GNUNET_SERVICE_Handle *service) { char *ifname; char *ipv6addr; @@ -2930,187 +2940,187 @@ run(void *cls, struct in6_addr v6; char *binary; - binary = GNUNET_OS_get_libexec_binary_path("gnunet-helper-vpn"); + binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn"); if (GNUNET_YES != - GNUNET_OS_check_helper_binary( + GNUNET_OS_check_helper_binary ( binary, GNUNET_YES, - "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please! - { - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, - "`%s' is not SUID, refusing to run.\n", - "gnunet-helper-vpn"); - GNUNET_free(binary); - global_ret = 1; - /* we won't "really" exit here, as the 'service' is still running; - however, as no handlers are registered, the service won't do - anything either */ - return; - } - GNUNET_free(binary); + "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) // ipv4 only please! + { + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, + "`%s' is not SUID, refusing to run.\n", + "gnunet-helper-vpn"); + GNUNET_free (binary); + global_ret = 1; + /* we won't "really" exit here, as the 'service' is still running; + however, as no handlers are registered, the service won't do + anything either */ + return; + } + GNUNET_free (binary); cfg = cfg_; - stats = GNUNET_STATISTICS_create("vpn", cfg); + stats = GNUNET_STATISTICS_create ("vpn", cfg); if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_number(cfg, - "VPN", - "MAX_MAPPING", - &max_destination_mappings)) + GNUNET_CONFIGURATION_get_value_number (cfg, + "VPN", + "MAX_MAPPING", + &max_destination_mappings)) max_destination_mappings = 200; if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_number(cfg, - "VPN", - "MAX_TUNNELS", - &max_channel_mappings)) + GNUNET_CONFIGURATION_get_value_number (cfg, + "VPN", + "MAX_TUNNELS", + &max_channel_mappings)) max_channel_mappings = 200; destination_map = - GNUNET_CONTAINER_multihashmap_create(max_destination_mappings * 2, - GNUNET_NO); + GNUNET_CONTAINER_multihashmap_create (max_destination_mappings * 2, + GNUNET_NO); destination_heap = - GNUNET_CONTAINER_heap_create(GNUNET_CONTAINER_HEAP_ORDER_MIN); + GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); channel_map = - GNUNET_CONTAINER_multihashmap_create(max_channel_mappings * 2, GNUNET_NO); - channel_heap = GNUNET_CONTAINER_heap_create(GNUNET_CONTAINER_HEAP_ORDER_MIN); + GNUNET_CONTAINER_multihashmap_create (max_channel_mappings * 2, GNUNET_NO); + channel_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); - vpn_argv[0] = GNUNET_strdup("vpn-gnunet"); + vpn_argv[0] = GNUNET_strdup ("vpn-gnunet"); if (GNUNET_SYSERR == - GNUNET_CONFIGURATION_get_value_string(cfg, "VPN", "IFNAME", &ifname)) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); - GNUNET_SCHEDULER_shutdown(); - return; - } + GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IFNAME", &ifname)) + { + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IFNAME"); + GNUNET_SCHEDULER_shutdown (); + return; + } vpn_argv[1] = ifname; ipv6addr = NULL; - if (GNUNET_OK == GNUNET_NETWORK_test_pf(PF_INET6)) - { - if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, + if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6)) + { + if (((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, "VPN", "IPV6ADDR", - &ipv6addr) || - (1 != inet_pton(AF_INET6, ipv6addr, &v6)))) - { - GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, - "VPN", - "IPV6ADDR", - _("Must specify valid IPv6 address")); - GNUNET_SCHEDULER_shutdown(); - GNUNET_free_non_null(ipv6addr); - return; - } - vpn_argv[2] = ipv6addr; - ipv6prefix_s = NULL; - if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, - "VPN", - "IPV6PREFIX", - &ipv6prefix_s)) - { - GNUNET_log_config_missing(GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); - GNUNET_SCHEDULER_shutdown(); - GNUNET_free_non_null(ipv6prefix_s); - return; - } - vpn_argv[3] = ipv6prefix_s; - if ((GNUNET_OK != GNUNET_CONFIGURATION_get_value_number(cfg, - "VPN", - "IPV6PREFIX", - &ipv6prefix)) || - (ipv6prefix >= 127)) - { - GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, - "VPN", - "IPV4MASK", - _("Must specify valid IPv6 mask")); - GNUNET_SCHEDULER_shutdown(); - return; - } + &ipv6addr))|| + (1 != inet_pton (AF_INET6, ipv6addr, &v6)))) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "VPN", + "IPV6ADDR", + _ ("Must specify valid IPv6 address")); + GNUNET_SCHEDULER_shutdown (); + GNUNET_free_non_null (ipv6addr); + return; } - else + vpn_argv[2] = ipv6addr; + ipv6prefix_s = NULL; + if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, + "VPN", + "IPV6PREFIX", + &ipv6prefix_s)) { - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _( - "IPv6 support disabled as this system does not support IPv6\n")); - vpn_argv[2] = GNUNET_strdup("-"); - vpn_argv[3] = GNUNET_strdup("-"); + GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "VPN", "IPV6PREFIX"); + GNUNET_SCHEDULER_shutdown (); + GNUNET_free_non_null (ipv6prefix_s); + return; } - if (GNUNET_OK == GNUNET_NETWORK_test_pf(PF_INET)) + vpn_argv[3] = ipv6prefix_s; + if ((GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (cfg, + "VPN", + "IPV6PREFIX", + &ipv6prefix)) || + (ipv6prefix >= 127)) { - ipv4addr = NULL; - if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "VPN", + "IPV4MASK", + _ ("Must specify valid IPv6 mask")); + GNUNET_SCHEDULER_shutdown (); + return; + } + } + else + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ( + "IPv6 support disabled as this system does not support IPv6\n")); + vpn_argv[2] = GNUNET_strdup ("-"); + vpn_argv[3] = GNUNET_strdup ("-"); + } + if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET)) + { + ipv4addr = NULL; + if (((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, "vpn", "IPV4ADDR", - &ipv4addr) || - (1 != inet_pton(AF_INET, ipv4addr, &v4)))) - { - GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, - "VPN", - "IPV4ADDR", - _("Must specify valid IPv4 address")); - GNUNET_SCHEDULER_shutdown(); - GNUNET_free_non_null(ipv4addr); - return; - } - vpn_argv[4] = ipv4addr; - ipv4mask = NULL; - if ((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, + &ipv4addr))|| + (1 != inet_pton (AF_INET, ipv4addr, &v4)))) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "VPN", + "IPV4ADDR", + _ ("Must specify valid IPv4 address")); + GNUNET_SCHEDULER_shutdown (); + GNUNET_free_non_null (ipv4addr); + return; + } + vpn_argv[4] = ipv4addr; + ipv4mask = NULL; + if (((GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string (cfg, "vpn", "IPV4MASK", - &ipv4mask) || - (1 != inet_pton(AF_INET, ipv4mask, &v4)))) - { - GNUNET_log_config_invalid(GNUNET_ERROR_TYPE_ERROR, - "VPN", - "IPV4MASK", - _("Must specify valid IPv4 mask")); - GNUNET_SCHEDULER_shutdown(); - GNUNET_free_non_null(ipv4mask); - return; - } - vpn_argv[5] = ipv4mask; - } - else + &ipv4mask))|| + (1 != inet_pton (AF_INET, ipv4mask, &v4)))) { - GNUNET_log(GNUNET_ERROR_TYPE_INFO, - _( - "IPv4 support disabled as this system does not support IPv4\n")); - vpn_argv[4] = GNUNET_strdup("-"); - vpn_argv[5] = GNUNET_strdup("-"); + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "VPN", + "IPV4MASK", + _ ("Must specify valid IPv4 mask")); + GNUNET_SCHEDULER_shutdown (); + GNUNET_free_non_null (ipv4mask); + return; } + vpn_argv[5] = ipv4mask; + } + else + { + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + _ ( + "IPv4 support disabled as this system does not support IPv4\n")); + vpn_argv[4] = GNUNET_strdup ("-"); + vpn_argv[5] = GNUNET_strdup ("-"); + } vpn_argv[6] = NULL; - cadet_handle = GNUNET_CADET_connect(cfg_); + cadet_handle = GNUNET_CADET_connect (cfg_); // FIXME never opens ports??? - helper_handle = GNUNET_HELPER_start(GNUNET_NO, - "gnunet-helper-vpn", - vpn_argv, - &message_token, - NULL, - NULL); - GNUNET_SCHEDULER_add_shutdown(&cleanup, NULL); + helper_handle = GNUNET_HELPER_start (GNUNET_NO, + "gnunet-helper-vpn", + vpn_argv, + &message_token, + NULL, + NULL); + GNUNET_SCHEDULER_add_shutdown (&cleanup, NULL); } /** * Define "main" method using service macro. */ -GNUNET_SERVICE_MAIN( +GNUNET_SERVICE_MAIN ( "vpn", GNUNET_SERVICE_OPTION_NONE, &run, &client_connect_cb, &client_disconnect_cb, NULL, - GNUNET_MQ_hd_var_size(client_redirect_to_ip, - GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP, - struct RedirectToIpRequestMessage, - NULL), - GNUNET_MQ_hd_fixed_size(client_redirect_to_service, - GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE, - struct RedirectToServiceRequestMessage, - NULL), - GNUNET_MQ_handler_end()); + GNUNET_MQ_hd_var_size (client_redirect_to_ip, + GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP, + struct RedirectToIpRequestMessage, + NULL), + GNUNET_MQ_hd_fixed_size (client_redirect_to_service, + GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE, + struct RedirectToServiceRequestMessage, + NULL), + GNUNET_MQ_handler_end ()); /* end of gnunet-service-vpn.c */ diff --git a/src/vpn/gnunet-vpn.c b/src/vpn/gnunet-vpn.c index e5b79be6e..6dcd227c7 100644 --- a/src/vpn/gnunet-vpn.c +++ b/src/vpn/gnunet-vpn.c @@ -95,21 +95,21 @@ static struct GNUNET_TIME_Relative duration = { 5 * 60 * 1000 }; * Shutdown. */ static void -do_disconnect(void *cls) +do_disconnect (void *cls) { if (NULL != request) - { - GNUNET_VPN_cancel_request(request); - request = NULL; - } + { + GNUNET_VPN_cancel_request (request); + request = NULL; + } if (NULL != handle) - { - GNUNET_VPN_disconnect(handle); - handle = NULL; - } - GNUNET_free_non_null(peer_id); - GNUNET_free_non_null(service_name); - GNUNET_free_non_null(target_ip); + { + GNUNET_VPN_disconnect (handle); + handle = NULL; + } + GNUNET_free_non_null (peer_id); + GNUNET_free_non_null (service_name); + GNUNET_free_non_null (target_ip); } @@ -127,27 +127,27 @@ do_disconnect(void *cls) * specified target peer; NULL on error */ static void -allocation_cb(void *cls, int af, const void *address) +allocation_cb (void *cls, int af, const void *address) { char buf[INET6_ADDRSTRLEN]; request = NULL; switch (af) - { - case AF_INET6: - case AF_INET: - fprintf(stdout, "%s\n", inet_ntop(af, address, buf, sizeof(buf))); - break; - - case AF_UNSPEC: - GNUNET_log(GNUNET_ERROR_TYPE_ERROR, _("Error creating tunnel\n")); - ret = 1; - break; - - default: - break; - } - GNUNET_SCHEDULER_shutdown(); + { + case AF_INET6: + case AF_INET: + fprintf (stdout, "%s\n", inet_ntop (af, address, buf, sizeof(buf))); + break; + + case AF_UNSPEC: + GNUNET_log (GNUNET_ERROR_TYPE_ERROR, _ ("Error creating tunnel\n")); + ret = 1; + break; + + default: + break; + } + GNUNET_SCHEDULER_shutdown (); } @@ -160,10 +160,10 @@ allocation_cb(void *cls, int af, const void *address) * @param cfg configuration */ static void -run(void *cls, - char *const *args, - const char *cfgfile, - const struct GNUNET_CONFIGURATION_Handle *cfg) +run (void *cls, + char *const *args, + const char *cfgfile, + const struct GNUNET_CONFIGURATION_Handle *cfg) { int dst_af; int req_af; @@ -175,189 +175,189 @@ run(void *cls, uint8_t protocol; struct GNUNET_TIME_Absolute etime; - etime = GNUNET_TIME_relative_to_absolute(duration); - GNUNET_SCHEDULER_add_shutdown(&do_disconnect, NULL); - handle = GNUNET_VPN_connect(cfg); + etime = GNUNET_TIME_relative_to_absolute (duration); + GNUNET_SCHEDULER_add_shutdown (&do_disconnect, NULL); + handle = GNUNET_VPN_connect (cfg); if (NULL == handle) goto error; req_af = AF_UNSPEC; if (ipv4) + { + if (ipv6) { - if (ipv6) - { - fprintf(stderr, - _("Option `%s' makes no sense with option `%s'.\n"), - "-4", - "-6"); - goto error; - } - req_af = AF_INET; + fprintf (stderr, + _ ("Option `%s' makes no sense with option `%s'.\n"), + "-4", + "-6"); + goto error; } + req_af = AF_INET; + } if (ipv6) req_af = AF_INET6; if (NULL == target_ip) + { + if (NULL == service_name) + { + fprintf (stderr, _ ("Option `%s' or `%s' is required.\n"), "-i", "-s"); + goto error; + } + if (NULL == peer_id) { - if (NULL == service_name) - { - fprintf(stderr, _("Option `%s' or `%s' is required.\n"), "-i", "-s"); - goto error; - } - if (NULL == peer_id) - { - fprintf(stderr, - _("Option `%s' is required when using option `%s'.\n"), - "-p", - "-s"); - goto error; - } - if (!(tcp | udp)) - { - fprintf(stderr, - _("Option `%s' or `%s' is required when using option `%s'.\n"), - "-t", - "-u", - "-s"); - goto error; - } - if (tcp & udp) - { - fprintf(stderr, - _("Option `%s' makes no sense with option `%s'.\n"), - "-t", - "-u"); - goto error; - } - if (tcp) - protocol = IPPROTO_TCP; - if (udp) - protocol = IPPROTO_UDP; - if (GNUNET_OK != - GNUNET_CRYPTO_eddsa_public_key_from_string(peer_id, - strlen(peer_id), - &peer.public_key)) - { - fprintf(stderr, _("`%s' is not a valid peer identifier.\n"), peer_id); - goto error; - } - GNUNET_TUN_service_name_to_hash(service_name, &sd); - request = GNUNET_VPN_redirect_to_peer(handle, - req_af, - protocol, - &peer, - &sd, - etime, - &allocation_cb, - NULL); + fprintf (stderr, + _ ("Option `%s' is required when using option `%s'.\n"), + "-p", + "-s"); + goto error; } + if (! (tcp | udp)) + { + fprintf (stderr, + _ ("Option `%s' or `%s' is required when using option `%s'.\n"), + "-t", + "-u", + "-s"); + goto error; + } + if (tcp & udp) + { + fprintf (stderr, + _ ("Option `%s' makes no sense with option `%s'.\n"), + "-t", + "-u"); + goto error; + } + if (tcp) + protocol = IPPROTO_TCP; + if (udp) + protocol = IPPROTO_UDP; + if (GNUNET_OK != + GNUNET_CRYPTO_eddsa_public_key_from_string (peer_id, + strlen (peer_id), + &peer.public_key)) + { + fprintf (stderr, _ ("`%s' is not a valid peer identifier.\n"), peer_id); + goto error; + } + GNUNET_TUN_service_name_to_hash (service_name, &sd); + request = GNUNET_VPN_redirect_to_peer (handle, + req_af, + protocol, + &peer, + &sd, + etime, + &allocation_cb, + NULL); + } else + { + if (1 != inet_pton (AF_INET6, target_ip, &v6)) { - if (1 != inet_pton(AF_INET6, target_ip, &v6)) - { - if (1 != inet_pton(AF_INET, target_ip, &v4)) - { - fprintf(stderr, _("`%s' is not a valid IP address.\n"), target_ip); - goto error; - } - else - { - dst_af = AF_INET; - addr = &v4; - } - } + if (1 != inet_pton (AF_INET, target_ip, &v4)) + { + fprintf (stderr, _ ("`%s' is not a valid IP address.\n"), target_ip); + goto error; + } else - { - dst_af = AF_INET6; - addr = &v6; - } - request = GNUNET_VPN_redirect_to_ip(handle, - req_af, - dst_af, - addr, - etime, - &allocation_cb, - NULL); + { + dst_af = AF_INET; + addr = &v4; + } + } + else + { + dst_af = AF_INET6; + addr = &v6; } + request = GNUNET_VPN_redirect_to_ip (handle, + req_af, + dst_af, + addr, + etime, + &allocation_cb, + NULL); + } return; error: - GNUNET_SCHEDULER_shutdown(); + GNUNET_SCHEDULER_shutdown (); ret = 1; } int -main(int argc, char *const *argv) +main (int argc, char *const *argv) { struct GNUNET_GETOPT_CommandLineOption options[] = - { GNUNET_GETOPT_option_flag('4', - "ipv4", - gettext_noop( - "request that result should be an IPv4 address"), - &ipv4), - - GNUNET_GETOPT_option_flag('6', - "ipv6", - gettext_noop( - "request that result should be an IPv6 address"), - &ipv6), - - GNUNET_GETOPT_option_relative_time( + { GNUNET_GETOPT_option_flag ('4', + "ipv4", + gettext_noop ( + "request that result should be an IPv4 address"), + &ipv4), + + GNUNET_GETOPT_option_flag ('6', + "ipv6", + gettext_noop ( + "request that result should be an IPv6 address"), + &ipv6), + + GNUNET_GETOPT_option_relative_time ( 'd', "duration", "TIME", - gettext_noop("how long should the mapping be valid for new tunnels?"), + gettext_noop ("how long should the mapping be valid for new tunnels?"), &duration), - GNUNET_GETOPT_option_string('i', - "ip", - "IP", - gettext_noop( - "destination IP for the tunnel"), - &target_ip), + GNUNET_GETOPT_option_string ('i', + "ip", + "IP", + gettext_noop ( + "destination IP for the tunnel"), + &target_ip), - GNUNET_GETOPT_option_string( + GNUNET_GETOPT_option_string ( 'p', "peer", "PEERID", - gettext_noop("peer offering the service we would like to access"), + gettext_noop ("peer offering the service we would like to access"), &peer_id), - GNUNET_GETOPT_option_string('s', - "service", - "NAME", - gettext_noop( - "name of the service we would like to access"), - &service_name), + GNUNET_GETOPT_option_string ('s', + "service", + "NAME", + gettext_noop ( + "name of the service we would like to access"), + &service_name), - GNUNET_GETOPT_option_flag('t', - "tcp", - gettext_noop("service is offered via TCP"), - &tcp), + GNUNET_GETOPT_option_flag ('t', + "tcp", + gettext_noop ("service is offered via TCP"), + &tcp), - GNUNET_GETOPT_option_flag('u', - "udp", - gettext_noop("service is offered via UDP"), - &udp), + GNUNET_GETOPT_option_flag ('u', + "udp", + gettext_noop ("service is offered via UDP"), + &udp), - GNUNET_GETOPT_option_verbose(&verbosity), + GNUNET_GETOPT_option_verbose (&verbosity), GNUNET_GETOPT_OPTION_END }; - if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args(argc, argv, &argc, &argv)) + if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv)) return 2; ret = - (GNUNET_OK == GNUNET_PROGRAM_run(argc, - argv, - "gnunet-vpn", - gettext_noop("Setup tunnels via VPN."), - options, - &run, - NULL)) + (GNUNET_OK == GNUNET_PROGRAM_run (argc, + argv, + "gnunet-vpn", + gettext_noop ("Setup tunnels via VPN."), + options, + &run, + NULL)) ? ret : 1; - GNUNET_free((void *)argv); + GNUNET_free ((void *) argv); return ret; } diff --git a/src/vpn/vpn.h b/src/vpn/vpn.h index 38c5e88d3..77cfd34e6 100644 --- a/src/vpn/vpn.h +++ b/src/vpn/vpn.h @@ -35,7 +35,8 @@ GNUNET_NETWORK_STRUCT_BEGIN * the setup of a redirection from some IP via an exit node to * some global Internet address. */ -struct RedirectToIpRequestMessage { +struct RedirectToIpRequestMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP */ @@ -76,7 +77,8 @@ struct RedirectToIpRequestMessage { * the setup of a redirection from some IP to a service running * at a particular peer. */ -struct RedirectToServiceRequestMessage { +struct RedirectToServiceRequestMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE */ @@ -124,7 +126,8 @@ struct RedirectToServiceRequestMessage { * Response from the VPN service to a VPN client informing about * the IP that was assigned for the requested redirection. */ -struct RedirectToIpResponseMessage { +struct RedirectToIpResponseMessage +{ /** * Type is #GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP */ diff --git a/src/vpn/vpn_api.c b/src/vpn/vpn_api.c index dcb1d99c9..3b5ea9257 100644 --- a/src/vpn/vpn_api.c +++ b/src/vpn/vpn_api.c @@ -31,7 +31,8 @@ /** * Opaque VPN handle */ -struct GNUNET_VPN_Handle { +struct GNUNET_VPN_Handle +{ /** * Configuration we use. */ @@ -72,7 +73,8 @@ struct GNUNET_VPN_Handle { /** * Opaque redirection request handle. */ -struct GNUNET_VPN_RedirectionRequest { +struct GNUNET_VPN_RedirectionRequest +{ /** * Element in DLL. */ @@ -147,7 +149,7 @@ struct GNUNET_VPN_RedirectionRequest { * @param vh handle to reconnect. */ static void -reconnect(struct GNUNET_VPN_Handle *vh); +reconnect (struct GNUNET_VPN_Handle *vh); /** @@ -159,37 +161,37 @@ reconnect(struct GNUNET_VPN_Handle *vh); * @return #GNUNET_OK if @a rm is well-formed */ static int -check_use_ip(void *cls, - const struct RedirectToIpResponseMessage *rm) +check_use_ip (void *cls, + const struct RedirectToIpResponseMessage *rm) { size_t alen; int af; - af = (int)ntohl(rm->result_af); + af = (int) ntohl (rm->result_af); switch (af) - { - case AF_UNSPEC: - alen = 0; - break; - - case AF_INET: - alen = sizeof(struct in_addr); - break; - - case AF_INET6: - alen = sizeof(struct in6_addr); - break; - - default: - GNUNET_break(0); - return GNUNET_SYSERR; - } - if ((ntohs(rm->header.size) != alen + sizeof(*rm)) || + { + case AF_UNSPEC: + alen = 0; + break; + + case AF_INET: + alen = sizeof(struct in_addr); + break; + + case AF_INET6: + alen = sizeof(struct in6_addr); + break; + + default: + GNUNET_break (0); + return GNUNET_SYSERR; + } + if ((ntohs (rm->header.size) != alen + sizeof(*rm)) || (0 == rm->request_id)) - { - GNUNET_break(0); - return GNUNET_SYSERR; - } + { + GNUNET_break (0); + return GNUNET_SYSERR; + } return GNUNET_OK; } @@ -202,28 +204,28 @@ check_use_ip(void *cls, * @param rm message received */ static void -handle_use_ip(void *cls, - const struct RedirectToIpResponseMessage *rm) +handle_use_ip (void *cls, + const struct RedirectToIpResponseMessage *rm) { struct GNUNET_VPN_Handle *vh = cls; struct GNUNET_VPN_RedirectionRequest *rr; int af; - af = (int)ntohl(rm->result_af); + af = (int) ntohl (rm->result_af); for (rr = vh->rr_head; NULL != rr; rr = rr->next) + { + if (rr->request_id == rm->request_id) { - if (rr->request_id == rm->request_id) - { - GNUNET_CONTAINER_DLL_remove(vh->rr_head, - vh->rr_tail, - rr); - rr->cb(rr->cb_cls, - af, - (af == AF_UNSPEC) ? NULL : &rm[1]); - GNUNET_free(rr); - break; - } + GNUNET_CONTAINER_DLL_remove (vh->rr_head, + vh->rr_tail, + rr); + rr->cb (rr->cb_cls, + af, + (af == AF_UNSPEC) ? NULL : &rm[1]); + GNUNET_free (rr); + break; } + } } @@ -233,7 +235,7 @@ handle_use_ip(void *cls, * @param rr request to queue and transmit. */ static void -send_request(struct GNUNET_VPN_RedirectionRequest *rr) +send_request (struct GNUNET_VPN_RedirectionRequest *rr) { struct GNUNET_VPN_Handle *vh = rr->vh; struct RedirectToIpRequestMessage *rip; @@ -244,47 +246,47 @@ send_request(struct GNUNET_VPN_RedirectionRequest *rr) if (NULL == vh->mq) return; if (NULL == rr->addr) - { - env = GNUNET_MQ_msg(rs, - GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE); - rs->reserved = htonl(0); - rs->expiration_time = GNUNET_TIME_absolute_hton(rr->expiration_time); - rs->protocol = htonl(rr->protocol); - rs->result_af = htonl(rr->result_af); - rs->target = rr->peer; - rs->service_descriptor = rr->serv; - rs->request_id = rr->request_id = ++vh->request_id_gen; - } + { + env = GNUNET_MQ_msg (rs, + GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_SERVICE); + rs->reserved = htonl (0); + rs->expiration_time = GNUNET_TIME_absolute_hton (rr->expiration_time); + rs->protocol = htonl (rr->protocol); + rs->result_af = htonl (rr->result_af); + rs->target = rr->peer; + rs->service_descriptor = rr->serv; + rs->request_id = rr->request_id = ++vh->request_id_gen; + } else + { + switch (rr->addr_af) { - switch (rr->addr_af) - { - case AF_INET: - alen = sizeof(struct in_addr); - break; - - case AF_INET6: - alen = sizeof(struct in6_addr); - break; - - default: - GNUNET_assert(0); - return; - } - env = GNUNET_MQ_msg_extra(rip, - alen, - GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP); - rip->reserved = htonl(0); - rip->expiration_time = GNUNET_TIME_absolute_hton(rr->expiration_time); - rip->result_af = htonl(rr->result_af); - rip->addr_af = htonl(rr->addr_af); - rip->request_id = rr->request_id = ++vh->request_id_gen; - GNUNET_memcpy(&rip[1], - rr->addr, - alen); + case AF_INET: + alen = sizeof(struct in_addr); + break; + + case AF_INET6: + alen = sizeof(struct in6_addr); + break; + + default: + GNUNET_assert (0); + return; } - GNUNET_MQ_send(vh->mq, - env); + env = GNUNET_MQ_msg_extra (rip, + alen, + GNUNET_MESSAGE_TYPE_VPN_CLIENT_REDIRECT_TO_IP); + rip->reserved = htonl (0); + rip->expiration_time = GNUNET_TIME_absolute_hton (rr->expiration_time); + rip->result_af = htonl (rr->result_af); + rip->addr_af = htonl (rr->addr_af); + rip->request_id = rr->request_id = ++vh->request_id_gen; + GNUNET_memcpy (&rip[1], + rr->addr, + alen); + } + GNUNET_MQ_send (vh->mq, + env); } @@ -297,12 +299,12 @@ send_request(struct GNUNET_VPN_RedirectionRequest *rr) * @param error error code */ static void -mq_error_handler(void *cls, - enum GNUNET_MQ_Error error) +mq_error_handler (void *cls, + enum GNUNET_MQ_Error error) { struct GNUNET_VPN_Handle *vh = cls; - reconnect(vh); + reconnect (vh); } @@ -312,28 +314,28 @@ mq_error_handler(void *cls, * @param cls the `struct GNUNET_VPN_Handle *` */ static void -connect_task(void *cls) +connect_task (void *cls) { struct GNUNET_VPN_Handle *vh = cls; struct GNUNET_MQ_MessageHandler handlers[] = { - GNUNET_MQ_hd_var_size(use_ip, - GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP, - struct RedirectToIpResponseMessage, - cls), - GNUNET_MQ_handler_end() + GNUNET_MQ_hd_var_size (use_ip, + GNUNET_MESSAGE_TYPE_VPN_CLIENT_USE_IP, + struct RedirectToIpResponseMessage, + cls), + GNUNET_MQ_handler_end () }; struct GNUNET_VPN_RedirectionRequest *rr; vh->rt = NULL; - vh->mq = GNUNET_CLIENT_connect(vh->cfg, - "vpn", - handlers, - &mq_error_handler, - vh); + vh->mq = GNUNET_CLIENT_connect (vh->cfg, + "vpn", + handlers, + &mq_error_handler, + vh); if (NULL == vh->mq) return; for (rr = vh->rr_head; NULL != rr; rr = rr->next) - send_request(rr); + send_request (rr); } @@ -343,21 +345,24 @@ connect_task(void *cls) * @param vh handle to reconnect. */ static void -reconnect(struct GNUNET_VPN_Handle *vh) +reconnect (struct GNUNET_VPN_Handle *vh) { struct GNUNET_VPN_RedirectionRequest *rr; - GNUNET_MQ_destroy(vh->mq); + GNUNET_MQ_destroy (vh->mq); vh->mq = NULL; vh->request_id_gen = 0; for (rr = vh->rr_head; NULL != rr; rr = rr->next) rr->request_id = 0; - vh->backoff = GNUNET_TIME_relative_max(GNUNET_TIME_UNIT_MILLISECONDS, - GNUNET_TIME_relative_min(GNUNET_TIME_relative_saturating_multiply(vh->backoff, 2), - GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 30))); - vh->rt = GNUNET_SCHEDULER_add_delayed(vh->backoff, - &connect_task, - vh); + vh->backoff = GNUNET_TIME_relative_max (GNUNET_TIME_UNIT_MILLISECONDS, + GNUNET_TIME_relative_min ( + GNUNET_TIME_relative_saturating_multiply ( + vh->backoff, 2), + GNUNET_TIME_relative_multiply ( + GNUNET_TIME_UNIT_SECONDS, 30))); + vh->rt = GNUNET_SCHEDULER_add_delayed (vh->backoff, + &connect_task, + vh); } @@ -367,15 +372,15 @@ reconnect(struct GNUNET_VPN_Handle *vh) * @param rr request to cancel */ void -GNUNET_VPN_cancel_request(struct GNUNET_VPN_RedirectionRequest *rr) +GNUNET_VPN_cancel_request (struct GNUNET_VPN_RedirectionRequest *rr) { struct GNUNET_VPN_Handle *vh; vh = rr->vh; - GNUNET_CONTAINER_DLL_remove(vh->rr_head, - vh->rr_tail, - rr); - GNUNET_free(rr); + GNUNET_CONTAINER_DLL_remove (vh->rr_head, + vh->rr_tail, + rr); + GNUNET_free (rr); } @@ -402,18 +407,18 @@ GNUNET_VPN_cancel_request(struct GNUNET_VPN_RedirectionRequest *rr) * anyway) */ struct GNUNET_VPN_RedirectionRequest * -GNUNET_VPN_redirect_to_peer(struct GNUNET_VPN_Handle *vh, - int result_af, - uint8_t protocol, - const struct GNUNET_PeerIdentity *peer, - const struct GNUNET_HashCode *serv, - struct GNUNET_TIME_Absolute expiration_time, - GNUNET_VPN_AllocationCallback cb, - void *cb_cls) +GNUNET_VPN_redirect_to_peer (struct GNUNET_VPN_Handle *vh, + int result_af, + uint8_t protocol, + const struct GNUNET_PeerIdentity *peer, + const struct GNUNET_HashCode *serv, + struct GNUNET_TIME_Absolute expiration_time, + GNUNET_VPN_AllocationCallback cb, + void *cb_cls) { struct GNUNET_VPN_RedirectionRequest *rr; - rr = GNUNET_new(struct GNUNET_VPN_RedirectionRequest); + rr = GNUNET_new (struct GNUNET_VPN_RedirectionRequest); rr->vh = vh; rr->cb = cb; rr->cb_cls = cb_cls; @@ -422,10 +427,10 @@ GNUNET_VPN_redirect_to_peer(struct GNUNET_VPN_Handle *vh, rr->expiration_time = expiration_time; rr->result_af = result_af; rr->protocol = protocol; - GNUNET_CONTAINER_DLL_insert_tail(vh->rr_head, - vh->rr_tail, - rr); - send_request(rr); + GNUNET_CONTAINER_DLL_insert_tail (vh->rr_head, + vh->rr_tail, + rr); + send_request (rr); return rr; } @@ -453,32 +458,32 @@ GNUNET_VPN_redirect_to_peer(struct GNUNET_VPN_Handle *vh, * anyway) */ struct GNUNET_VPN_RedirectionRequest * -GNUNET_VPN_redirect_to_ip(struct GNUNET_VPN_Handle *vh, - int result_af, - int addr_af, - const void *addr, - struct GNUNET_TIME_Absolute expiration_time, - GNUNET_VPN_AllocationCallback cb, - void *cb_cls) +GNUNET_VPN_redirect_to_ip (struct GNUNET_VPN_Handle *vh, + int result_af, + int addr_af, + const void *addr, + struct GNUNET_TIME_Absolute expiration_time, + GNUNET_VPN_AllocationCallback cb, + void *cb_cls) { struct GNUNET_VPN_RedirectionRequest *rr; size_t alen; switch (addr_af) - { - case AF_INET: - alen = sizeof(struct in_addr); - break; - - case AF_INET6: - alen = sizeof(struct in6_addr); - break; - - default: - GNUNET_break(0); - return NULL; - } - rr = GNUNET_malloc(sizeof(struct GNUNET_VPN_RedirectionRequest) + alen); + { + case AF_INET: + alen = sizeof(struct in_addr); + break; + + case AF_INET6: + alen = sizeof(struct in6_addr); + break; + + default: + GNUNET_break (0); + return NULL; + } + rr = GNUNET_malloc (sizeof(struct GNUNET_VPN_RedirectionRequest) + alen); rr->vh = vh; rr->addr = &rr[1]; rr->cb = cb; @@ -486,13 +491,13 @@ GNUNET_VPN_redirect_to_ip(struct GNUNET_VPN_Handle *vh, rr->expiration_time = expiration_time; rr->result_af = result_af; rr->addr_af = addr_af; - GNUNET_memcpy(&rr[1], - addr, - alen); - GNUNET_CONTAINER_DLL_insert_tail(vh->rr_head, - vh->rr_tail, - rr); - send_request(rr); + GNUNET_memcpy (&rr[1], + addr, + alen); + GNUNET_CONTAINER_DLL_insert_tail (vh->rr_head, + vh->rr_tail, + rr); + send_request (rr); return rr; } @@ -504,18 +509,18 @@ GNUNET_VPN_redirect_to_ip(struct GNUNET_VPN_Handle *vh, * @return VPN handle */ struct GNUNET_VPN_Handle * -GNUNET_VPN_connect(const struct GNUNET_CONFIGURATION_Handle *cfg) +GNUNET_VPN_connect (const struct GNUNET_CONFIGURATION_Handle *cfg) { struct GNUNET_VPN_Handle *vh - = GNUNET_new(struct GNUNET_VPN_Handle); + = GNUNET_new (struct GNUNET_VPN_Handle); vh->cfg = cfg; - connect_task(vh); + connect_task (vh); if (NULL == vh->mq) - { - GNUNET_free(vh); - return NULL; - } + { + GNUNET_free (vh); + return NULL; + } return vh; } @@ -526,20 +531,20 @@ GNUNET_VPN_connect(const struct GNUNET_CONFIGURATION_Handle *cfg) * @param vh VPN handle */ void -GNUNET_VPN_disconnect(struct GNUNET_VPN_Handle *vh) +GNUNET_VPN_disconnect (struct GNUNET_VPN_Handle *vh) { - GNUNET_assert(NULL == vh->rr_head); + GNUNET_assert (NULL == vh->rr_head); if (NULL != vh->mq) - { - GNUNET_MQ_destroy(vh->mq); - vh->mq = NULL; - } + { + GNUNET_MQ_destroy (vh->mq); + vh->mq = NULL; + } if (NULL != vh->rt) - { - GNUNET_SCHEDULER_cancel(vh->rt); - vh->rt = NULL; - } - GNUNET_free(vh); + { + GNUNET_SCHEDULER_cancel (vh->rt); + vh->rt = NULL; + } + GNUNET_free (vh); } /* end of vpn_api.c */ -- cgit v1.2.3