2 This file is part of GNUnet.
3 (C) 2010, 2012 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file exit/gnunet-daemon-exit.c
23 * @brief tool to allow IP traffic exit from the GNUnet mesh to the Internet
24 * @author Philipp Toelke
25 * @author Christian Grothoff
28 * - need some statistics
32 * - factor out crc computations from DNS/EXIT/VPN into shared library?
35 * - which code should advertise services? the service model is right
36 * now a bit odd, especially as this code DOES the exit and knows
37 * the DNS "name", but OTOH this is clearly NOT the place to advertise
38 * the service's existence; maybe the daemon should turn into a
39 * service with an API to add local-exit services dynamically?
42 #include "gnunet_util_lib.h"
43 #include "gnunet_protocols.h"
44 #include "gnunet_applications.h"
45 #include "gnunet_mesh_service.h"
46 #include "gnunet_constants.h"
47 #include "tcpip_tun.h"
51 * Information about an address.
56 * AF_INET or AF_INET6.
61 * Remote address information.
66 * Address, if af is AF_INET.
71 * Address, if af is AF_INET6.
77 * IPPROTO_TCP or IPPROTO_UDP;
82 * Remote port, in host byte order!
89 * This struct is saved into the services-hashmap to represent
90 * a service this peer is specifically offering an exit for
91 * (for a specific domain name).
97 * Remote address to use for the service.
99 struct SocketAddress address;
102 * DNS name of the service.
107 * Port I am listening on within GNUnet for this service, in host
108 * byte order. (as we may redirect ports).
115 * Information we use to track a connection (the classical 6-tuple of
116 * IP-version, protocol, source-IP, destination-IP, source-port and
119 struct RedirectInformation
123 * Address information for the other party (equivalent of the
124 * arguments one would give to "connect").
126 struct SocketAddress remote_address;
129 * Address information we used locally (AF and proto must match
130 * "remote_address"). Equivalent of the arguments one would give to
133 struct SocketAddress local_address;
136 Note 1: additional information might be added here in the
137 future to support protocols that require special handling,
140 Note 2: we might also sometimes not match on all components
141 of the tuple, to support protocols where things do not always
148 * Queue of messages to a tunnel.
150 struct TunnelMessageQueue
153 * This is a doubly-linked list.
155 struct TunnelMessageQueue *next;
158 * This is a doubly-linked list.
160 struct TunnelMessageQueue *prev;
163 * Payload to send via the tunnel.
168 * Number of bytes in 'payload'.
175 * This struct is saved into connections_map to allow finding the
176 * right tunnel given an IP packet from TUN. It is also associated
177 * with the tunnel's closure so we can find it again for the next
178 * message from the tunnel.
183 * Mesh tunnel that is used for this connection.
185 struct GNUNET_MESH_Tunnel *tunnel;
188 * Heap node for this state in the connections_heap.
190 struct GNUNET_CONTAINER_HeapNode *heap_node;
193 * Key this state has in the connections_map.
195 GNUNET_HashCode state_key;
198 * Associated service record, or NULL for no service.
200 struct LocalService *serv;
203 * Head of DLL of messages for this tunnel.
205 struct TunnelMessageQueue *head;
208 * Tail of DLL of messages for this tunnel.
210 struct TunnelMessageQueue *tail;
213 * Active tunnel transmission request (or NULL).
215 struct GNUNET_MESH_TransmitHandle *th;
218 * Primary redirection information for this connection.
220 struct RedirectInformation ri;
226 * The handle to the configuration used throughout the process
228 static const struct GNUNET_CONFIGURATION_Handle *cfg;
231 * The handle to the helper
233 static struct GNUNET_HELPER_Handle *helper_handle;
236 * Arguments to the exit helper.
238 static char *exit_argv[7];
241 * IPv6 prefix (0..127) from configuration file.
243 static unsigned long long ipv6prefix;
248 static struct GNUNET_MESH_Handle *mesh_handle;
251 * This hashmaps contains the mapping from peer, service-descriptor,
252 * source-port and destination-port to a struct TunnelState
254 static struct GNUNET_CONTAINER_MultiHashMap *connections_map;
257 * Heap so we can quickly find "old" connections.
259 static struct GNUNET_CONTAINER_Heap *connections_heap;
262 * If there are at least this many connections, old ones will be removed
264 static long long unsigned int max_connections = 200;
267 * This hashmaps saves interesting things about the configured UDP services
269 static struct GNUNET_CONTAINER_MultiHashMap *udp_services;
272 * This hashmaps saves interesting things about the configured TCP services
274 static struct GNUNET_CONTAINER_MultiHashMap *tcp_services;
277 * Are we an IPv4-exit?
279 static int ipv4_exit;
282 * Are we an IPv6-exit?
284 static int ipv6_exit;
287 * Do we support IPv4 at all on the TUN interface?
289 static int ipv4_enabled;
292 * Do we support IPv6 at all on the TUN interface?
294 static int ipv6_enabled;
298 * Given IP information about a connection, calculate the respective
299 * hash we would use for the 'connections_map'.
301 * @param hash resulting hash
302 * @param ri information about the connection
305 hash_redirect_info (GNUNET_HashCode *hash,
306 const struct RedirectInformation *ri)
310 memset (hash, 0, sizeof (GNUNET_HashCode));
311 /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash,
312 so we put the IP address in there (and hope for few collisions) */
314 switch (ri->remote_address.af)
317 memcpy (off, &ri->remote_address.address.ipv4, sizeof (struct in_addr));
318 off += sizeof (struct in_addr);
321 memcpy (off, &ri->remote_address.address.ipv6, sizeof (struct in6_addr));
322 off += sizeof (struct in_addr);
327 memcpy (off, &ri->remote_address.port, sizeof (uint16_t));
328 off += sizeof (uint16_t);
329 switch (ri->local_address.af)
332 memcpy (off, &ri->local_address.address.ipv4, sizeof (struct in_addr));
333 off += sizeof (struct in_addr);
336 memcpy (off, &ri->local_address.address.ipv6, sizeof (struct in6_addr));
337 off += sizeof (struct in_addr);
342 memcpy (off, &ri->local_address.port, sizeof (uint16_t));
343 off += sizeof (uint16_t);
344 memcpy (off, &ri->remote_address.proto, sizeof (uint8_t));
345 off += sizeof (uint8_t);
350 * Get our connection tracking state. Warns if it does not exists,
351 * refreshes the timestamp if it does exist.
353 * @param af address family
354 * @param protocol IPPROTO_UDP or IPPROTO_TCP
355 * @param destination_ip target IP
356 * @param destination_port target port
357 * @param local_ip local IP
358 * @param local_port local port
359 * @param state_key set to hash's state if non-NULL
360 * @return NULL if we have no tracking information for this tuple
362 static struct TunnelState *
363 get_redirect_state (int af,
365 const void *destination_ip,
366 uint16_t destination_port,
367 const void *local_ip,
369 GNUNET_HashCode *state_key)
371 struct RedirectInformation ri;
373 struct TunnelState *state;
375 ri.remote_address.af = af;
377 ri.remote_address.address.ipv4 = *((struct in_addr*) destination_ip);
379 ri.remote_address.address.ipv6 = * ((struct in6_addr*) destination_ip);
380 ri.remote_address.port = destination_port;
381 ri.remote_address.proto = protocol;
382 ri.local_address.af = af;
384 ri.local_address.address.ipv4 = *((struct in_addr*) local_ip);
386 ri.local_address.address.ipv6 = * ((struct in6_addr*) local_ip);
387 ri.local_address.port = local_port;
388 ri.local_address.proto = protocol;
389 hash_redirect_info (&key, &ri);
390 if (NULL != state_key)
392 state = GNUNET_CONTAINER_multihashmap_get (connections_map, &key);
395 /* Mark this connection as freshly used */
396 if (NULL == state_key)
397 GNUNET_CONTAINER_heap_update_cost (connections_heap,
399 GNUNET_TIME_absolute_get ().abs_value);
405 * Given a service descriptor and a destination port, find the
406 * respective service entry.
408 * @param service_map map of services (TCP or UDP)
409 * @param desc service descriptor
410 * @param dpt destination port
411 * @return NULL if we are not aware of such a service
413 static struct LocalService *
414 find_service (struct GNUNET_CONTAINER_MultiHashMap *service_map,
415 const GNUNET_HashCode *desc,
418 char key[sizeof (GNUNET_HashCode) + sizeof (uint16_t)];
420 memcpy (&key[0], &dpt, sizeof (uint16_t));
421 memcpy (&key[sizeof(uint16_t)], desc, sizeof (GNUNET_HashCode));
422 return GNUNET_CONTAINER_multihashmap_get (service_map,
423 (GNUNET_HashCode *) key);
428 * Free memory associated with a service record.
431 * @param key service descriptor
432 * @param value service record to free
436 free_service_record (void *cls,
437 const GNUNET_HashCode *key,
440 struct LocalService *service = value;
442 GNUNET_free_non_null (service->name);
443 GNUNET_free (service);
449 * Given a service descriptor and a destination port, find the
450 * respective service entry.
452 * @param service_map map of services (TCP or UDP)
453 * @param name name of the service
454 * @param dpt destination port
455 * @param service service information record to store (service->name will be set).
458 store_service (struct GNUNET_CONTAINER_MultiHashMap *service_map,
461 struct LocalService *service)
463 char key[sizeof (GNUNET_HashCode) + sizeof (uint16_t)];
464 GNUNET_HashCode desc;
466 GNUNET_CRYPTO_hash (name, strlen (name) + 1, &desc);
467 service->name = GNUNET_strdup (name);
468 memcpy (&key[0], &dpt, sizeof (uint16_t));
469 memcpy (&key[sizeof(uint16_t)], &desc, sizeof (GNUNET_HashCode));
471 GNUNET_CONTAINER_multihashmap_put (service_map,
472 (GNUNET_HashCode *) key,
474 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
476 free_service_record (NULL, (GNUNET_HashCode *) key, service);
477 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
478 _("Got duplicate service records for `%s:%u'\n"),
486 * MESH is ready to receive a message for the tunnel. Transmit it.
488 * @param cls the 'struct TunnelState'.
489 * @param size number of bytes available in buf
490 * @param buf where to copy the message
491 * @return number of bytes copied to buf
494 send_to_peer_notify_callback (void *cls, size_t size, void *buf)
496 struct TunnelState *s = cls;
497 struct GNUNET_MESH_Tunnel *tunnel = s->tunnel;
498 struct TunnelMessageQueue *tnq;
502 GNUNET_assert (size >= tnq->len);
503 memcpy (buf, tnq->payload, tnq->len);
505 GNUNET_CONTAINER_DLL_remove (s->head,
509 if (NULL != (tnq = s->head))
510 s->th = GNUNET_MESH_notify_transmit_ready (tunnel,
511 GNUNET_NO /* corking */,
513 GNUNET_TIME_UNIT_FOREVER_REL,
516 &send_to_peer_notify_callback,
523 * Send the given packet via the mesh tunnel.
525 * @param mesh_tunnel destination
526 * @param payload message to transmit
527 * @param payload_length number of bytes in payload
528 * @param desc descriptor to add before payload (optional)
529 * @param mtype message type to use
532 send_packet_to_mesh_tunnel (struct GNUNET_MESH_Tunnel *mesh_tunnel,
534 size_t payload_length,
535 const GNUNET_HashCode *desc,
538 struct TunnelState *s;
539 struct TunnelMessageQueue *tnq;
540 struct GNUNET_MessageHeader *msg;
544 len = sizeof (struct GNUNET_MessageHeader) + sizeof (GNUNET_HashCode) + payload_length;
545 if (len >= GNUNET_SERVER_MAX_MESSAGE_SIZE)
550 tnq = GNUNET_malloc (sizeof (struct TunnelMessageQueue) + len);
551 tnq->payload = &tnq[1];
553 msg = (struct GNUNET_MessageHeader *) &tnq[1];
554 msg->size = htons ((uint16_t) len);
555 msg->type = htons (mtype);
558 dp = (GNUNET_HashCode *) &msg[1];
560 memcpy (&dp[1], payload, payload_length);
564 memcpy (&msg[1], payload, payload_length);
566 s = GNUNET_MESH_tunnel_get_data (mesh_tunnel);
567 GNUNET_assert (NULL != s);
568 GNUNET_CONTAINER_DLL_insert_tail (s->head, s->tail, tnq);
570 s->th = GNUNET_MESH_notify_transmit_ready (mesh_tunnel, GNUNET_NO /* cork */, 0 /* priority */,
571 GNUNET_TIME_UNIT_FOREVER_REL,
573 &send_to_peer_notify_callback,
579 * @brief Handles an UDP packet received from the helper.
581 * @param udp A pointer to the Packet
582 * @param pktlen number of bytes in 'udp'
583 * @param af address family (AFINET or AF_INET6)
584 * @param destination_ip destination IP-address of the IP packet (should
585 * be our local address)
586 * @param source_ip original source IP-address of the IP packet (should
587 * be the original destination address)
590 udp_from_helper (const struct udp_packet *udp,
593 const void *destination_ip,
594 const void *source_ip)
596 struct TunnelState *state;
599 char sbuf[INET6_ADDRSTRLEN];
600 char dbuf[INET6_ADDRSTRLEN];
601 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
602 "Received UDP packet going from %s:%u to %s:%u\n",
605 sbuf, sizeof (sbuf)),
606 (unsigned int) ntohs (udp->spt),
609 dbuf, sizeof (dbuf)),
610 (unsigned int) ntohs (udp->dpt));
612 if (pktlen < sizeof (struct udp_packet))
618 if (pktlen != ntohs (udp->len))
624 state = get_redirect_state (af, IPPROTO_UDP,
632 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
633 _("Packet dropped, have no matching connection information\n"));
636 send_packet_to_mesh_tunnel (state->tunnel,
637 &udp[1], pktlen - sizeof (struct udp_packet),
640 ? GNUNET_MESSAGE_TYPE_VPN_SERVICE_UDP_BACK
641 : GNUNET_MESSAGE_TYPE_VPN_REMOTE_UDP_BACK);
646 * @brief Handles a TCP packet received from the helper.
648 * @param tcp A pointer to the Packet
649 * @param pktlen the length of the packet, including its header
650 * @param af address family (AFINET or AF_INET6)
651 * @param destination_ip destination IP-address of the IP packet (should
652 * be our local address)
653 * @param source_ip original source IP-address of the IP packet (should
654 * be the original destination address)
657 tcp_from_helper (const struct tcp_packet *tcp,
660 const void *destination_ip,
661 const void *source_ip)
663 struct TunnelState *state;
665 struct tcp_packet *mtcp;
668 char sbuf[INET6_ADDRSTRLEN];
669 char dbuf[INET6_ADDRSTRLEN];
670 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
671 "Received TCP packet going from %s:%u to %s:%u\n",
674 sbuf, sizeof (sbuf)),
675 (unsigned int) ntohs (tcp->spt),
678 dbuf, sizeof (dbuf)),
679 (unsigned int) ntohs (tcp->dpt));
681 if (pktlen < sizeof (struct tcp_packet))
687 state = get_redirect_state (af, IPPROTO_TCP,
695 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
696 _("Packet dropped, have no matching connection information\n"));
700 /* mug port numbers and crc to avoid information leakage;
701 sender will need to lookup the correct values anyway */
702 memcpy (buf, tcp, pktlen);
703 mtcp = (struct tcp_packet *) buf;
707 send_packet_to_mesh_tunnel (state->tunnel,
711 ? GNUNET_MESSAGE_TYPE_VPN_SERVICE_TCP_BACK
712 : GNUNET_MESSAGE_TYPE_VPN_REMOTE_TCP_BACK);
717 * Receive packets from the helper-process
720 * @param client unsued
721 * @param message message received from helper
724 message_token (void *cls GNUNET_UNUSED, void *client GNUNET_UNUSED,
725 const struct GNUNET_MessageHeader *message)
727 const struct tun_header *pkt_tun;
730 if (ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER)
735 size = ntohs (message->size);
736 if (size < sizeof (struct tun_header) + sizeof (struct GNUNET_MessageHeader))
741 pkt_tun = (const struct tun_header *) &message[1];
742 size -= sizeof (struct tun_header) + sizeof (struct GNUNET_MessageHeader);
743 switch (ntohs (pkt_tun->proto))
747 const struct ip6_header *pkt6;
749 if (size < sizeof (struct ip6_header))
751 /* Kernel to blame? */
755 pkt6 = (struct ip6_header *) &pkt_tun[1];
756 if (size != ntohs (pkt6->payload_length))
758 /* Kernel to blame? */
762 size -= sizeof (struct ip6_header);
763 switch (pkt6->next_header)
766 udp_from_helper ((const struct udp_packet *) &pkt6[1], size,
768 &pkt6->destination_address,
769 &pkt6->source_address);
772 tcp_from_helper ((const struct tcp_packet *) &pkt6[1], size,
774 &pkt6->destination_address,
775 &pkt6->source_address);
778 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
779 _("IPv6 packet with unsupported next header received. Ignored.\n"));
786 const struct ip4_header *pkt4;
788 if (size < sizeof (struct ip4_header))
790 /* Kernel to blame? */
794 pkt4 = (const struct ip4_header *) &pkt_tun[1];
795 if (size != ntohs (pkt4->total_length))
797 /* Kernel to blame? */
801 if (pkt4->header_length * 4 != sizeof (struct ip4_header))
803 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
804 _("IPv4 packet options received. Ignored.\n"));
807 size -= sizeof (struct ip4_header);
808 switch (pkt4->protocol)
811 udp_from_helper ((const struct udp_packet *) &pkt4[1], size,
813 &pkt4->destination_address,
814 &pkt4->source_address);
816 tcp_from_helper ((const struct tcp_packet *) &pkt4[1], size,
818 &pkt4->destination_address,
819 &pkt4->source_address);
822 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
823 _("IPv4 packet with unsupported next header received. Ignored.\n"));
829 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
830 _("Packet from unknown protocol %u received. Ignored.\n"),
831 ntohs (pkt_tun->proto));
838 * We need to create a (unique) fresh local address (IP+port).
841 * @param af desired address family
842 * @param proto desired protocol (IPPROTO_UDP or IPPROTO_TCP)
843 * @param local_address address to initialize
846 setup_fresh_address (int af,
848 struct SocketAddress *local_address)
850 local_address->af = af;
851 local_address->proto = (uint8_t) proto;
852 /* default "local" port range is often 32768--61000,
853 so we pick a random value in that range */
855 = (uint16_t) 32768 + GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
861 const char *ipv4addr = exit_argv[4];
862 const char *ipv4mask = exit_argv[5];
867 GNUNET_assert (1 == inet_pton (AF_INET, ipv4addr, &addr));
868 GNUNET_assert (1 == inet_pton (AF_INET, ipv4mask, &mask));
869 if (0 == ~mask.s_addr)
871 /* only one valid IP anyway */
872 local_address->address.ipv4 = addr;
875 /* Given 192.168.0.1/255.255.0.0, we want a mask
876 of '192.168.255.255', thus: */
877 mask.s_addr = addr.s_addr | ~mask.s_addr;
878 /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */
881 rnd.s_addr = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
883 local_address->address.ipv4.s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr;
885 while ( (local_address->address.ipv4.s_addr == addr.s_addr) ||
886 (local_address->address.ipv4.s_addr == mask.s_addr) );
891 const char *ipv6addr = exit_argv[2];
892 struct in6_addr addr;
893 struct in6_addr mask;
897 GNUNET_assert (1 == inet_pton (AF_INET6, ipv6addr, &addr));
898 GNUNET_assert (ipv6prefix < 128);
899 if (ipv6prefix == 127)
901 /* only one valid IP anyway */
902 local_address->address.ipv6 = addr;
905 /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF,
908 for (i=127;i>=128-ipv6prefix;i--)
909 mask.s6_addr[i / 8] |= (1 << (i % 8));
911 /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */
916 rnd.s6_addr[i] = (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
918 local_address->address.ipv6.s6_addr[i]
919 = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i];
922 while ( (0 == memcmp (&local_address->address.ipv6,
924 sizeof (struct in6_addr))) ||
925 (0 == memcmp (&local_address->address.ipv6,
927 sizeof (struct in6_addr))) );
937 * We are starting a fresh connection (TCP or UDP) and need
938 * to pick a source port and IP address (within the correct
939 * range and address family) to associate replies with the
940 * connection / correct mesh tunnel. This function generates
941 * a "fresh" source IP and source port number for a connection
942 * After picking a good source address, this function sets up
943 * the state in the 'connections_map' and 'connections_heap'
944 * to allow finding the state when needed later. The function
945 * also makes sure that we remain within memory limits by
946 * cleaning up 'old' states.
948 * @param state skeleton state to setup a record for; should
949 * 'state->ri.remote_address' filled in so that
950 * this code can determine which AF/protocol is
951 * going to be used (the 'tunnel' should also
952 * already be set); after calling this function,
953 * heap_node and the local_address will be
954 * also initialized (heap_node != NULL can be
955 * used to test if a state has been fully setup).
958 setup_state_record (struct TunnelState *state)
961 struct TunnelState *s;
963 /* generate fresh, unique address */
966 setup_fresh_address (state->serv->address.af,
967 state->serv->address.proto,
968 &state->ri.local_address);
969 } while (NULL != get_redirect_state (state->ri.remote_address.af,
970 state->ri.remote_address.proto,
971 &state->ri.remote_address.address,
972 state->ri.remote_address.port,
973 &state->ri.local_address.address,
974 state->ri.local_address.port,
977 char buf[INET6_ADDRSTRLEN];
978 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
979 "Picked local address %s:%u for new connection\n",
980 inet_ntop (state->ri.local_address.af,
981 &state->ri.local_address.address,
983 (unsigned int) state->ri.local_address.port);
985 GNUNET_assert (GNUNET_OK ==
986 GNUNET_CONTAINER_multihashmap_put (connections_map,
988 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
989 state->heap_node = GNUNET_CONTAINER_heap_insert (connections_heap,
991 GNUNET_TIME_absolute_get ().abs_value);
992 while (GNUNET_CONTAINER_heap_get_size (connections_heap) > max_connections)
994 s = GNUNET_CONTAINER_heap_remove_root (connections_heap);
995 GNUNET_assert (state != s);
997 GNUNET_MESH_tunnel_destroy (s->tunnel);
998 GNUNET_assert (GNUNET_OK ==
999 GNUNET_CONTAINER_multihashmap_remove (connections_map,
1008 * Prepare an IPv4 packet for transmission via the TUN interface.
1009 * Initializes the IP header and calculates checksums (IP+UDP/TCP).
1010 * For UDP, the UDP header will be fully created, whereas for TCP
1011 * only the ports and checksum will be filled in. So for TCP,
1012 * a skeleton TCP header must be part of the provided payload.
1014 * @param payload payload of the packet (starting with UDP payload or
1015 * TCP header, depending on protocol)
1016 * @param payload_length number of bytes in 'payload'
1017 * @param protocol IPPROTO_UDP or IPPROTO_TCP
1018 * @param src_address source address to use (IP and port)
1019 * @param dst_address destination address to use (IP and port)
1020 * @param pkt6 where to write the assembled packet; must
1021 * contain enough space for the IP header, UDP/TCP header
1025 prepare_ipv4_packet (const void *payload, size_t payload_length,
1027 const struct tcp_packet *tcp_header,
1028 const struct SocketAddress *src_address,
1029 const struct SocketAddress *dst_address,
1030 struct ip4_header *pkt4)
1034 len = payload_length;
1038 len += sizeof (struct udp_packet);
1041 len += sizeof (struct tcp_packet);
1042 GNUNET_assert (NULL != tcp_header);
1048 if (len + sizeof (struct ip4_header) > UINT16_MAX)
1055 pkt4->header_length = sizeof (struct ip4_header) / 4;
1056 pkt4->diff_serv = 0;
1057 pkt4->total_length = htons ((uint16_t) (sizeof (struct ip4_header) + len));
1058 pkt4->identification = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
1061 pkt4->fragmentation_offset = 0;
1063 pkt4->protocol = protocol;
1065 pkt4->destination_address = dst_address->address.ipv4;
1066 pkt4->source_address = src_address->address.ipv4;
1067 pkt4->checksum = GNUNET_CRYPTO_crc16_n (pkt4, sizeof (struct ip4_header));
1073 struct udp_packet *pkt4_udp = (struct udp_packet *) &pkt4[1];
1075 pkt4_udp->spt = htons (src_address->port);
1076 pkt4_udp->dpt = htons (dst_address->port);
1077 pkt4_udp->crc = 0; /* Optional for IPv4 */
1078 pkt4_udp->len = htons ((uint16_t) payload_length);
1079 memcpy (&pkt4_udp[1], payload, payload_length);
1084 struct tcp_packet *pkt4_tcp = (struct tcp_packet *) &pkt4[1];
1086 memcpy (pkt4_tcp, tcp_header, sizeof (struct tcp_packet));
1087 memcpy (&pkt4_tcp[1], payload, payload_length);
1088 pkt4_tcp->spt = htons (src_address->port);
1089 pkt4_tcp->dpt = htons (dst_address->port);
1092 sum = GNUNET_CRYPTO_crc16_step (sum,
1093 &pkt4->source_address,
1094 sizeof (struct in_addr) * 2);
1095 uint32_t tmp = htonl ((protocol << 16) | (0xffff & len));
1096 sum = GNUNET_CRYPTO_crc16_step (sum, & tmp, sizeof (uint32_t));
1097 sum = GNUNET_CRYPTO_crc16_step (sum, & pkt4_tcp, len);
1098 pkt4_tcp->crc = GNUNET_CRYPTO_crc16_finish (sum);
1108 * Prepare an IPv6 packet for transmission via the TUN interface.
1109 * Initializes the IP header and calculates checksums (IP+UDP/TCP).
1110 * For UDP, the UDP header will be fully created, whereas for TCP
1111 * only the ports and checksum will be filled in. So for TCP,
1112 * a skeleton TCP header must be part of the provided payload.
1114 * @param payload payload of the packet (starting with UDP payload or
1115 * TCP header, depending on protocol)
1116 * @param payload_length number of bytes in 'payload'
1117 * @param protocol IPPROTO_UDP or IPPROTO_TCP
1118 * @param src_address source address to use (IP and port)
1119 * @param dst_address destination address to use (IP and port)
1120 * @param pkt6 where to write the assembled packet; must
1121 * contain enough space for the IP header, UDP/TCP header
1125 prepare_ipv6_packet (const void *payload, size_t payload_length,
1127 const struct tcp_packet *tcp_header,
1128 const struct SocketAddress *src_address,
1129 const struct SocketAddress *dst_address,
1130 struct ip6_header *pkt6)
1134 len = payload_length;
1138 len += sizeof (struct udp_packet);
1141 /* tcp_header (with port/crc not set) must be part of payload! */
1142 if (len < sizeof (struct tcp_packet))
1152 if (len > UINT16_MAX)
1159 pkt6->next_header = protocol;
1160 pkt6->payload_length = htons ((uint16_t) (len + sizeof (struct ip6_header)));
1161 pkt6->hop_limit = 255;
1162 pkt6->destination_address = dst_address->address.ipv6;
1163 pkt6->source_address = src_address->address.ipv6;
1169 struct udp_packet *pkt6_udp = (struct udp_packet *) &pkt6[1];
1171 memcpy (&pkt6[1], payload, payload_length);
1173 pkt6_udp->spt = htons (src_address->port);
1174 pkt6_udp->dpt = htons (dst_address->port);
1175 pkt6_udp->len = htons ((uint16_t) payload_length);
1178 sum = GNUNET_CRYPTO_crc16_step (sum,
1179 &pkt6->source_address,
1180 sizeof (struct in6_addr) * 2);
1181 uint32_t tmp = htons (len);
1182 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1183 tmp = htonl (pkt6->next_header);
1184 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1185 sum = GNUNET_CRYPTO_crc16_step (sum, pkt6_udp, len);
1186 pkt6_udp->crc = GNUNET_CRYPTO_crc16_finish (sum);
1191 struct tcp_packet *pkt6_tcp = (struct tcp_packet *) pkt6;
1193 memcpy (pkt6_tcp, payload, payload_length);
1195 pkt6_tcp->spt = htons (src_address->port);
1196 pkt6_tcp->dpt = htons (dst_address->port);
1199 sum = GNUNET_CRYPTO_crc16_step (sum, &pkt6->source_address,
1200 sizeof (struct in6_addr) * 2);
1201 uint32_t tmp = htonl (len);
1202 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1203 tmp = htonl (pkt6->next_header);
1204 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1205 sum = GNUNET_CRYPTO_crc16_step (sum, pkt6_tcp, len);
1206 pkt6_tcp->crc = GNUNET_CRYPTO_crc16_finish (sum);
1217 * Send a TCP packet via the TUN interface.
1219 * @param destination_address IP and port to use for the TCP packet's destination
1220 * @param source_address IP and port to use for the TCP packet's source
1221 * @param tcp header template to use
1222 * @param payload payload of the TCP packet
1223 * @param payload_length number of bytes in 'payload'
1226 send_tcp_packet_via_tun (const struct SocketAddress *destination_address,
1227 const struct SocketAddress *source_address,
1228 const struct tcp_packet *tcp_header,
1229 const void *payload, size_t payload_length)
1233 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1234 "Sending packet with %u bytes TCP payload via TUN\n",
1235 (unsigned int) payload_length);
1236 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct tun_header);
1237 switch (source_address->af)
1240 len += sizeof (struct ip4_header);
1243 len += sizeof (struct ip6_header);
1249 len += payload_length;
1250 if (len >= GNUNET_SERVER_MAX_MESSAGE_SIZE)
1257 struct GNUNET_MessageHeader *hdr;
1258 struct tun_header *tun;
1260 hdr= (struct GNUNET_MessageHeader *) buf;
1261 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1262 hdr->size = htons (len);
1263 tun = (struct tun_header*) &hdr[1];
1264 tun->flags = htons (0);
1265 switch (source_address->af)
1269 struct ip4_header * ipv4 = (struct ip4_header*) &tun[1];
1271 tun->proto = htons (ETH_P_IPV4);
1272 prepare_ipv4_packet (payload, payload_length,
1276 destination_address,
1282 struct ip6_header * ipv6 = (struct ip6_header*) &tun[1];
1284 tun->proto = htons (ETH_P_IPV6);
1285 prepare_ipv6_packet (payload, payload_length,
1289 destination_address,
1297 (void) GNUNET_HELPER_send (helper_handle,
1298 (const struct GNUNET_MessageHeader*) buf,
1306 * Process a request via mesh to send a request to a TCP service
1307 * offered by this system.
1309 * @param cls closure, NULL
1310 * @param tunnel connection to the other end
1311 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1312 * @param sender who sent the message
1313 * @param message the actual message
1314 * @param atsi performance data for the connection
1315 * @return GNUNET_OK to keep the connection open,
1316 * GNUNET_SYSERR to close it (signal serious error)
1319 receive_tcp_service (void *unused GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1320 void **tunnel_ctx GNUNET_UNUSED,
1321 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1322 const struct GNUNET_MessageHeader *message,
1323 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1325 struct TunnelState *state = *tunnel_ctx;
1326 const struct GNUNET_EXIT_TcpServiceStartMessage *start;
1327 uint16_t pkt_len = ntohs (message->size);
1329 /* check that we got at least a valid header */
1330 if (pkt_len < sizeof (struct GNUNET_EXIT_TcpServiceStartMessage))
1332 GNUNET_break_op (0);
1333 return GNUNET_SYSERR;
1335 start = (const struct GNUNET_EXIT_TcpServiceStartMessage*) message;
1336 pkt_len -= sizeof (struct GNUNET_EXIT_TcpServiceStartMessage);
1337 if ( (NULL == state) ||
1338 (NULL != state->serv) ||
1339 (NULL != state->heap_node) )
1341 GNUNET_break_op (0);
1342 return GNUNET_SYSERR;
1344 GNUNET_break_op (ntohl (start->reserved) == 0);
1345 /* setup fresh connection */
1346 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1347 "Received data from %s for forwarding to TCP service %s on port %u\n",
1348 GNUNET_i2s (sender),
1349 GNUNET_h2s (&start->service_descriptor),
1350 (unsigned int) ntohs (start->tcp_header.dpt));
1351 if (NULL == (state->serv = find_service (tcp_services, &start->service_descriptor,
1352 ntohs (start->tcp_header.dpt))))
1354 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1355 _("No service found for %s on port %d!\n"),
1357 ntohs (start->tcp_header.dpt));
1358 return GNUNET_SYSERR;
1360 state->ri.remote_address = state->serv->address;
1361 setup_state_record (state);
1362 send_tcp_packet_via_tun (&state->ri.remote_address,
1363 &state->ri.local_address,
1365 &start[1], pkt_len);
1371 * Process a request to forward TCP data to the Internet via this peer.
1373 * @param cls closure, NULL
1374 * @param tunnel connection to the other end
1375 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1376 * @param sender who sent the message
1377 * @param message the actual message
1378 * @param atsi performance data for the connection
1379 * @return GNUNET_OK to keep the connection open,
1380 * GNUNET_SYSERR to close it (signal serious error)
1383 receive_tcp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1384 void **tunnel_ctx GNUNET_UNUSED,
1385 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1386 const struct GNUNET_MessageHeader *message,
1387 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1389 struct TunnelState *state = *tunnel_ctx;
1390 const struct GNUNET_EXIT_TcpInternetStartMessage *start;
1391 uint16_t pkt_len = ntohs (message->size);
1392 const struct in_addr *v4;
1393 const struct in6_addr *v6;
1394 const void *payload;
1397 if (pkt_len < sizeof (struct GNUNET_EXIT_TcpInternetStartMessage))
1399 GNUNET_break_op (0);
1400 return GNUNET_SYSERR;
1402 start = (const struct GNUNET_EXIT_TcpInternetStartMessage*) message;
1403 pkt_len -= sizeof (struct GNUNET_EXIT_TcpInternetStartMessage);
1404 if ( (NULL == state) ||
1405 (NULL != state->serv) ||
1406 (NULL != state->heap_node) )
1408 GNUNET_break_op (0);
1409 return GNUNET_SYSERR;
1411 af = (int) ntohl (start->af);
1412 state->ri.remote_address.af = af;
1416 if (pkt_len < sizeof (struct in_addr))
1418 GNUNET_break_op (0);
1419 return GNUNET_SYSERR;
1421 v4 = (const struct in_addr*) &start[1];
1423 pkt_len -= sizeof (struct in_addr);
1424 state->ri.remote_address.address.ipv4 = *v4;
1427 if (pkt_len < sizeof (struct in6_addr))
1429 GNUNET_break_op (0);
1430 return GNUNET_SYSERR;
1432 v6 = (const struct in6_addr*) &start[1];
1434 pkt_len -= sizeof (struct in_addr);
1435 state->ri.remote_address.address.ipv6 = *v6;
1438 GNUNET_break_op (0);
1439 return GNUNET_SYSERR;
1442 char buf[INET6_ADDRSTRLEN];
1443 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1444 "Received data from %s for starting TCP stream to %s:%u\n",
1445 GNUNET_i2s (sender),
1447 &state->ri.remote_address.address,
1449 (unsigned int) ntohs (start->tcp_header.dpt));
1452 state->ri.remote_address.proto = IPPROTO_TCP;
1453 state->ri.remote_address.port = ntohs (start->tcp_header.dpt);
1454 setup_state_record (state);
1455 send_tcp_packet_via_tun (&state->ri.remote_address,
1456 &state->ri.local_address,
1464 * Process a request to forward TCP data on an established
1465 * connection via this peer.
1467 * @param cls closure, NULL
1468 * @param tunnel connection to the other end
1469 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1470 * @param sender who sent the message
1471 * @param message the actual message
1472 * @param atsi performance data for the connection
1473 * @return GNUNET_OK to keep the connection open,
1474 * GNUNET_SYSERR to close it (signal serious error)
1477 receive_tcp_data (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1478 void **tunnel_ctx GNUNET_UNUSED,
1479 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1480 const struct GNUNET_MessageHeader *message,
1481 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1483 struct TunnelState *state = *tunnel_ctx;
1484 const struct GNUNET_EXIT_TcpDataMessage *data;
1485 uint16_t pkt_len = ntohs (message->size);
1487 if (pkt_len < sizeof (struct GNUNET_EXIT_TcpDataMessage))
1489 GNUNET_break_op (0);
1490 return GNUNET_SYSERR;
1492 data = (const struct GNUNET_EXIT_TcpDataMessage*) message;
1493 pkt_len -= sizeof (struct GNUNET_EXIT_TcpDataMessage);
1494 if ( (NULL == state) ||
1495 (NULL == state->heap_node) )
1497 /* connection should have been up! */
1498 GNUNET_break_op (0);
1499 /* FIXME: call statistics */
1500 return GNUNET_SYSERR;
1502 GNUNET_break_op (ntohl (data->reserved) == 0);
1504 char buf[INET6_ADDRSTRLEN];
1505 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1506 "Received additional data from %s for TCP stream to %s:%u\n",
1507 GNUNET_i2s (sender),
1508 inet_ntop (state->ri.remote_address.af,
1509 &state->ri.remote_address.address,
1511 (unsigned int) state->ri.remote_address.port);
1514 send_tcp_packet_via_tun (&state->ri.remote_address,
1515 &state->ri.local_address,
1523 * Send a UDP packet via the TUN interface.
1525 * @param destination_address IP and port to use for the UDP packet's destination
1526 * @param source_address IP and port to use for the UDP packet's source
1527 * @param payload payload of the UDP packet (does NOT include UDP header)
1528 * @param payload_length number of bytes of data in payload
1531 send_udp_packet_via_tun (const struct SocketAddress *destination_address,
1532 const struct SocketAddress *source_address,
1533 const void *payload, size_t payload_length)
1537 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1538 "Sending packet with %u bytes UDP payload via TUN\n",
1539 (unsigned int) payload_length);
1540 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct tun_header);
1541 switch (source_address->af)
1544 len += sizeof (struct ip4_header);
1547 len += sizeof (struct ip6_header);
1553 len += sizeof (struct udp_packet);
1554 len += payload_length;
1555 if (len >= GNUNET_SERVER_MAX_MESSAGE_SIZE)
1562 struct GNUNET_MessageHeader *hdr;
1563 struct tun_header *tun;
1565 hdr= (struct GNUNET_MessageHeader *) buf;
1566 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1567 hdr->size = htons (len);
1568 tun = (struct tun_header*) &hdr[1];
1569 tun->flags = htons (0);
1570 switch (source_address->af)
1574 struct ip4_header * ipv4 = (struct ip4_header*) &tun[1];
1576 tun->proto = htons (ETH_P_IPV4);
1577 prepare_ipv4_packet (payload, payload_length,
1581 destination_address,
1587 struct ip6_header * ipv6 = (struct ip6_header*) &tun[1];
1589 tun->proto = htons (ETH_P_IPV6);
1590 prepare_ipv6_packet (payload, payload_length,
1594 destination_address,
1602 (void) GNUNET_HELPER_send (helper_handle,
1603 (const struct GNUNET_MessageHeader*) buf,
1611 * Process a request to forward UDP data to the Internet via this peer.
1613 * @param cls closure, NULL
1614 * @param tunnel connection to the other end
1615 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1616 * @param sender who sent the message
1617 * @param message the actual message
1618 * @param atsi performance data for the connection
1619 * @return GNUNET_OK to keep the connection open,
1620 * GNUNET_SYSERR to close it (signal serious error)
1623 receive_udp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1624 void **tunnel_ctx GNUNET_UNUSED,
1625 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1626 const struct GNUNET_MessageHeader *message,
1627 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1629 struct TunnelState *state = *tunnel_ctx;
1630 const struct GNUNET_EXIT_UdpInternetMessage *msg;
1631 uint16_t pkt_len = ntohs (message->size);
1632 const struct in_addr *v4;
1633 const struct in6_addr *v6;
1634 const void *payload;
1637 if (pkt_len < sizeof (struct GNUNET_EXIT_UdpInternetMessage))
1639 GNUNET_break_op (0);
1640 return GNUNET_SYSERR;
1642 msg = (const struct GNUNET_EXIT_UdpInternetMessage*) message;
1643 pkt_len -= sizeof (struct GNUNET_EXIT_UdpInternetMessage);
1644 af = (int) ntohl (msg->af);
1645 state->ri.remote_address.af = af;
1649 if (pkt_len < sizeof (struct in_addr))
1651 GNUNET_break_op (0);
1652 return GNUNET_SYSERR;
1654 v4 = (const struct in_addr*) &msg[1];
1656 pkt_len -= sizeof (struct in_addr);
1657 state->ri.remote_address.address.ipv4 = *v4;
1660 if (pkt_len < sizeof (struct in6_addr))
1662 GNUNET_break_op (0);
1663 return GNUNET_SYSERR;
1665 v6 = (const struct in6_addr*) &msg[1];
1667 pkt_len -= sizeof (struct in_addr);
1668 state->ri.remote_address.address.ipv6 = *v6;
1671 GNUNET_break_op (0);
1672 return GNUNET_SYSERR;
1675 char buf[INET6_ADDRSTRLEN];
1676 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1677 "Received data from %s for forwarding to UDP %s:%u\n",
1678 GNUNET_i2s (sender),
1680 &state->ri.remote_address.address,
1682 (unsigned int) ntohs (msg->destination_port));
1684 state->ri.remote_address.proto = IPPROTO_UDP;
1685 state->ri.remote_address.port = msg->destination_port;
1686 if (NULL == state->heap_node)
1687 setup_state_record (state);
1688 if (0 != ntohs (msg->source_port))
1689 state->ri.local_address.port = msg->source_port;
1690 send_udp_packet_via_tun (&state->ri.remote_address,
1691 &state->ri.local_address,
1698 * Process a request via mesh to send a request to a UDP service
1699 * offered by this system.
1701 * @param cls closure, NULL
1702 * @param tunnel connection to the other end
1703 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1704 * @param sender who sent the message
1705 * @param message the actual message
1706 * @param atsi performance data for the connection
1707 * @return GNUNET_OK to keep the connection open,
1708 * GNUNET_SYSERR to close it (signal serious error)
1711 receive_udp_service (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1713 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1714 const struct GNUNET_MessageHeader *message,
1715 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1717 struct TunnelState *state = *tunnel_ctx;
1718 const struct GNUNET_EXIT_UdpServiceMessage *msg;
1719 uint16_t pkt_len = ntohs (message->size);
1721 /* check that we got at least a valid header */
1722 if (pkt_len < sizeof (struct GNUNET_EXIT_UdpServiceMessage))
1724 GNUNET_break_op (0);
1725 return GNUNET_SYSERR;
1727 msg = (const struct GNUNET_EXIT_UdpServiceMessage*) message;
1728 pkt_len -= sizeof (struct GNUNET_EXIT_UdpServiceMessage);
1729 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1730 "Received data from %s for forwarding to UDP service %s on port %u\n",
1731 GNUNET_i2s (sender),
1732 GNUNET_h2s (&msg->service_descriptor),
1733 (unsigned int) ntohs (msg->destination_port));
1734 if (NULL == (state->serv = find_service (udp_services, &msg->service_descriptor,
1735 ntohs (msg->destination_port))))
1737 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1738 _("No service found for %s on port %d!\n"),
1740 ntohs (msg->destination_port));
1741 return GNUNET_SYSERR;
1743 state->ri.remote_address = state->serv->address;
1744 setup_state_record (state);
1745 if (0 != ntohs (msg->source_port))
1746 state->ri.local_address.port = msg->source_port;
1747 send_udp_packet_via_tun (&state->ri.remote_address,
1748 &state->ri.local_address,
1755 * Callback from GNUNET_MESH for new tunnels.
1757 * @param cls closure
1758 * @param tunnel new handle to the tunnel
1759 * @param initiator peer that started the tunnel
1760 * @param atsi performance information for the tunnel
1761 * @return initial tunnel context for the tunnel
1764 new_tunnel (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1765 const struct GNUNET_PeerIdentity *initiator GNUNET_UNUSED,
1766 const struct GNUNET_ATS_Information *ats GNUNET_UNUSED)
1768 struct TunnelState *s = GNUNET_malloc (sizeof (struct TunnelState));
1770 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1771 "Received inbound tunnel from `%s'\n",
1772 GNUNET_i2s (initiator));
1779 * Function called by mesh whenever an inbound tunnel is destroyed.
1780 * Should clean up any associated state.
1782 * @param cls closure (set from GNUNET_MESH_connect)
1783 * @param tunnel connection to the other end (henceforth invalid)
1784 * @param tunnel_ctx place where local state associated
1785 * with the tunnel is stored
1788 clean_tunnel (void *cls GNUNET_UNUSED, const struct GNUNET_MESH_Tunnel *tunnel,
1791 struct TunnelState *s = tunnel_ctx;
1792 struct TunnelMessageQueue *tnq;
1794 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1795 "Tunnel destroyed\n");
1796 while (NULL != (tnq = s->head))
1798 GNUNET_CONTAINER_DLL_remove (s->head,
1803 if (s->heap_node != NULL)
1805 GNUNET_assert (GNUNET_YES ==
1806 GNUNET_CONTAINER_multihashmap_remove (connections_map,
1809 GNUNET_CONTAINER_heap_remove_node (s->heap_node);
1810 s->heap_node = NULL;
1814 GNUNET_MESH_notify_transmit_ready_cancel (s->th);
1822 * Function that frees everything from a hashmap
1826 * @param value value to free
1829 free_iterate (void *cls GNUNET_UNUSED,
1830 const GNUNET_HashCode * hash GNUNET_UNUSED, void *value)
1832 GNUNET_free (value);
1838 * Function scheduled as very last function, cleans up after us
1841 cleanup (void *cls GNUNET_UNUSED,
1842 const struct GNUNET_SCHEDULER_TaskContext *tskctx)
1846 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1847 "Exit service is shutting down now\n");
1848 if (helper_handle != NULL)
1850 GNUNET_HELPER_stop (helper_handle);
1851 helper_handle = NULL;
1853 if (mesh_handle != NULL)
1855 GNUNET_MESH_disconnect (mesh_handle);
1858 if (NULL != connections_map)
1860 GNUNET_CONTAINER_multihashmap_iterate (connections_map, &free_iterate, NULL);
1861 GNUNET_CONTAINER_multihashmap_destroy (connections_map);
1862 connections_map = NULL;
1864 if (NULL != connections_heap)
1866 GNUNET_CONTAINER_heap_destroy (connections_heap);
1867 connections_heap = NULL;
1869 if (NULL != tcp_services)
1871 GNUNET_CONTAINER_multihashmap_iterate (tcp_services, &free_service_record, NULL);
1872 GNUNET_CONTAINER_multihashmap_destroy (tcp_services);
1873 tcp_services = NULL;
1875 if (NULL != udp_services)
1877 GNUNET_CONTAINER_multihashmap_iterate (udp_services, &free_service_record, NULL);
1878 GNUNET_CONTAINER_multihashmap_destroy (udp_services);
1879 udp_services = NULL;
1882 GNUNET_free_non_null (exit_argv[i]);
1887 * Add services to the service map.
1889 * @param proto IPPROTO_TCP or IPPROTO_UDP
1890 * @param cpy copy of the service descriptor (can be mutilated)
1891 * @param name DNS name of the service
1894 add_services (int proto,
1901 struct LocalService *serv;
1903 for (redirect = strtok (cpy, " "); redirect != NULL;
1904 redirect = strtok (NULL, " "))
1906 if (NULL == (hostname = strstr (redirect, ":")))
1908 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1909 "option `%s' for domain `%s' is not formatted correctly!\n",
1916 if (NULL == (hostport = strstr (hostname, ":")))
1918 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1919 "option `%s' for domain `%s' is not formatted correctly!\n",
1927 int local_port = atoi (redirect);
1928 int remote_port = atoi (hostport);
1930 if (!((local_port > 0) && (local_port < 65536)))
1932 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1933 "`%s' is not a valid port number (for domain `%s')!", redirect,
1937 if (!((remote_port > 0) && (remote_port < 65536)))
1939 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1940 "`%s' is not a valid port number (for domain `%s')!", hostport,
1945 serv = GNUNET_malloc (sizeof (struct LocalService));
1946 serv->my_port = (uint16_t) local_port;
1947 serv->address.port = remote_port;
1948 if (0 == strcmp ("localhost4", hostname))
1950 const char *ip4addr = exit_argv[4];
1952 serv->address.af = AF_INET;
1953 GNUNET_assert (1 != inet_pton (AF_INET, ip4addr, &serv->address.address.ipv4));
1955 else if (0 == strcmp ("localhost6", hostname))
1957 const char *ip6addr = exit_argv[2];
1959 serv->address.af = AF_INET6;
1960 GNUNET_assert (1 == inet_pton (AF_INET6, ip6addr, &serv->address.address.ipv6));
1964 struct addrinfo *res;
1967 ret = getaddrinfo (hostname, NULL, NULL, &res);
1968 if ( (ret != 0) || (res == NULL) )
1970 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1971 _("No addresses found for hostname `%s' of service `%s'!\n"),
1978 serv->address.af = res->ai_family;
1979 switch (res->ai_family)
1982 serv->address.address.ipv4 = ((struct sockaddr_in *) res->ai_addr)->sin_addr;
1985 serv->address.address.ipv6 = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr;
1989 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1990 _("No IP addresses found for hostname `%s' of service `%s'!\n"),
1998 store_service ((IPPROTO_UDP == proto) ? udp_services : tcp_services,
2007 * Reads the configuration servicecfg and populates udp_services
2010 * @param section name of section in config, equal to hostname
2013 read_service_conf (void *cls GNUNET_UNUSED, const char *section)
2017 if ((strlen (section) < 8) ||
2018 (0 != strcmp (".gnunet.", section + (strlen (section) - 8))))
2021 GNUNET_CONFIGURATION_get_value_string (cfg, section, "UDP_REDIRECTS",
2024 add_services (IPPROTO_UDP, cpy, section);
2028 GNUNET_CONFIGURATION_get_value_string (cfg, section, "TCP_REDIRECTS",
2031 add_services (IPPROTO_TCP, cpy, section);
2038 * @brief Main function that will be run by the scheduler.
2040 * @param cls closure
2041 * @param args remaining command-line arguments
2042 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
2043 * @param cfg_ configuration
2046 run (void *cls, char *const *args GNUNET_UNUSED,
2047 const char *cfgfile GNUNET_UNUSED,
2048 const struct GNUNET_CONFIGURATION_Handle *cfg_)
2050 static struct GNUNET_MESH_MessageHandler handlers[] = {
2051 {&receive_udp_service, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, 0},
2052 {&receive_udp_remote, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET, 0},
2053 {&receive_tcp_service, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, 0},
2054 {&receive_tcp_remote, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START, 0},
2055 {&receive_tcp_data, GNUNET_MESSAGE_TYPE_VPN_TCP_DATA, 0},
2059 static GNUNET_MESH_ApplicationType apptypes[] = {
2060 GNUNET_APPLICATION_TYPE_END,
2061 GNUNET_APPLICATION_TYPE_END,
2062 GNUNET_APPLICATION_TYPE_END
2064 unsigned int app_idx;
2075 ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV4");
2076 ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV6");
2077 ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_IPV4");
2078 ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_IPV6");
2079 if (ipv4_exit && (! ipv4_enabled))
2081 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2082 _("Cannot enable IPv4 exit but disable IPv4 on TUN interface, will use ENABLE_IPv4=YES\n"));
2083 ipv4_enabled = GNUNET_YES;
2085 if (ipv6_exit && (! ipv6_enabled))
2087 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2088 _("Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n"));
2089 ipv6_enabled = GNUNET_YES;
2091 if (! (ipv4_enabled || ipv6_enabled))
2093 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2094 _("No useful service enabled. Exiting.\n"));
2095 GNUNET_SCHEDULER_shutdown ();
2099 if (GNUNET_YES == ipv4_exit)
2101 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_IPV4_GATEWAY;
2104 if (GNUNET_YES == ipv6_exit)
2106 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_IPV6_GATEWAY;
2110 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
2113 GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_CONNECTIONS",
2115 max_connections = 1024;
2116 exit_argv[0] = GNUNET_strdup ("exit-gnunet");
2117 if (GNUNET_SYSERR ==
2118 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "TUN_IFNAME", &tun_ifname))
2120 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2121 "No entry 'TUN_IFNAME' in configuration!\n");
2122 GNUNET_SCHEDULER_shutdown ();
2125 exit_argv[1] = tun_ifname;
2128 if (GNUNET_SYSERR ==
2129 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "EXIT_IFNAME", &exit_ifname))
2131 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2132 "No entry 'EXIT_IFNAME' in configuration!\n");
2133 GNUNET_SCHEDULER_shutdown ();
2136 exit_argv[2] = exit_ifname;
2140 exit_argv[2] = GNUNET_strdup ("%");
2142 if (GNUNET_YES == ipv6_enabled)
2144 if ( (GNUNET_SYSERR ==
2145 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6ADDR",
2147 (1 != inet_pton (AF_INET6, ipv6addr, &v6))) )
2149 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2150 "No valid entry 'IPV6ADDR' in configuration!\n");
2151 GNUNET_SCHEDULER_shutdown ();
2154 exit_argv[3] = ipv6addr;
2155 if (GNUNET_SYSERR ==
2156 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6PREFIX",
2159 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2160 "No entry 'IPV6PREFIX' in configuration!\n");
2161 GNUNET_SCHEDULER_shutdown ();
2164 exit_argv[4] = ipv6prefix_s;
2166 GNUNET_CONFIGURATION_get_value_number (cfg, "exit",
2169 (ipv6prefix >= 127) )
2171 GNUNET_SCHEDULER_shutdown ();
2177 /* IPv6 explicitly disabled */
2178 exit_argv[3] = GNUNET_strdup ("-");
2179 exit_argv[4] = GNUNET_strdup ("-");
2181 if (GNUNET_YES == ipv4_enabled)
2183 if ( (GNUNET_SYSERR ==
2184 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4ADDR",
2186 (1 != inet_pton (AF_INET, ipv4addr, &v4))) )
2188 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2189 "No valid entry for 'IPV4ADDR' in configuration!\n");
2190 GNUNET_SCHEDULER_shutdown ();
2193 exit_argv[5] = ipv4addr;
2194 if ( (GNUNET_SYSERR ==
2195 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4MASK",
2197 (1 != inet_pton (AF_INET, ipv4mask, &v4))) )
2199 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2200 "No valid entry 'IPV4MASK' in configuration!\n");
2201 GNUNET_SCHEDULER_shutdown ();
2204 exit_argv[6] = ipv4mask;
2208 /* IPv4 explicitly disabled */
2209 exit_argv[5] = GNUNET_strdup ("-");
2210 exit_argv[6] = GNUNET_strdup ("-");
2212 exit_argv[7] = NULL;
2214 udp_services = GNUNET_CONTAINER_multihashmap_create (65536);
2215 tcp_services = GNUNET_CONTAINER_multihashmap_create (65536);
2216 GNUNET_CONFIGURATION_iterate_sections (cfg, &read_service_conf, NULL);
2218 connections_map = GNUNET_CONTAINER_multihashmap_create (65536);
2219 connections_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2221 = GNUNET_MESH_connect (cfg, 42 /* queue size */, NULL,
2223 &clean_tunnel, handlers,
2225 if (NULL == mesh_handle)
2227 GNUNET_SCHEDULER_shutdown ();
2230 helper_handle = GNUNET_HELPER_start ("gnunet-helper-exit",
2232 &message_token, NULL);
2239 * @param argc number of arguments from the command line
2240 * @param argv command line arguments
2241 * @return 0 ok, 1 on error
2244 main (int argc, char *const *argv)
2246 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2247 GNUNET_GETOPT_OPTION_END
2250 return (GNUNET_OK ==
2251 GNUNET_PROGRAM_run (argc, argv, "gnunet-daemon-exit",
2253 ("Daemon to run to provide an IP exit node for the VPN"),
2254 options, &run, NULL)) ? 0 : 1;
2258 /* end of gnunet-daemon-exit.c */
projects / oweals / gnunet.git / blob