2 This file is part of GNUnet.
3 (C) 2010, 2012 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file exit/gnunet-daemon-exit.c
23 * @brief tool to allow IP traffic exit from the GNUnet mesh to the Internet
24 * @author Philipp Toelke
25 * @author Christian Grothoff
29 * - need some statistics
33 * - factor out crc computations from DNS/EXIT/VPN into shared library?
36 * - which code should advertise services? the service model is right
37 * now a bit odd, especially as this code DOES the exit and knows
38 * the DNS "name", but OTOH this is clearly NOT the place to advertise
39 * the service's existence; maybe the daemon should turn into a
40 * service with an API to add local-exit services dynamically?
43 #include "gnunet_util_lib.h"
44 #include "gnunet_protocols.h"
45 #include "gnunet_applications.h"
46 #include "gnunet_mesh_service.h"
47 #include "gnunet_constants.h"
48 #include "tcpip_tun.h"
52 * Information about an address.
57 * AF_INET or AF_INET6.
62 * Remote address information.
67 * Address, if af is AF_INET.
72 * Address, if af is AF_INET6.
78 * IPPROTO_TCP or IPPROTO_UDP;
83 * Remote port, in host byte order!
90 * This struct is saved into the services-hashmap to represent
91 * a service this peer is specifically offering an exit for
92 * (for a specific domain name).
98 * Remote address to use for the service.
100 struct SocketAddress address;
103 * DNS name of the service.
108 * Port I am listening on within GNUnet for this service, in host
109 * byte order. (as we may redirect ports).
116 * Information we use to track a connection (the classical 6-tuple of
117 * IP-version, protocol, source-IP, destination-IP, source-port and
120 struct RedirectInformation
124 * Address information for the other party (equivalent of the
125 * arguments one would give to "connect").
127 struct SocketAddress remote_address;
130 * Address information we used locally (AF and proto must match
131 * "remote_address"). Equivalent of the arguments one would give to
134 struct SocketAddress local_address;
137 Note 1: additional information might be added here in the
138 future to support protocols that require special handling,
141 Note 2: we might also sometimes not match on all components
142 of the tuple, to support protocols where things do not always
149 * Queue of messages to a tunnel.
151 struct TunnelMessageQueue
154 * This is a doubly-linked list.
156 struct TunnelMessageQueue *next;
159 * This is a doubly-linked list.
161 struct TunnelMessageQueue *prev;
164 * Payload to send via the tunnel.
169 * Number of bytes in 'payload'.
176 * This struct is saved into connections_map to allow finding the
177 * right tunnel given an IP packet from TUN. It is also associated
178 * with the tunnel's closure so we can find it again for the next
179 * message from the tunnel.
184 * Mesh tunnel that is used for this connection.
186 struct GNUNET_MESH_Tunnel *tunnel;
189 * Heap node for this state in the connections_heap.
191 struct GNUNET_CONTAINER_HeapNode *heap_node;
194 * Key this state has in the connections_map.
196 GNUNET_HashCode state_key;
199 * Associated service record, or NULL for no service.
201 struct LocalService *serv;
204 * Head of DLL of messages for this tunnel.
206 struct TunnelMessageQueue *head;
209 * Tail of DLL of messages for this tunnel.
211 struct TunnelMessageQueue *tail;
214 * Active tunnel transmission request (or NULL).
216 struct GNUNET_MESH_TransmitHandle *th;
219 * Primary redirection information for this connection.
221 struct RedirectInformation ri;
227 * The handle to the configuration used throughout the process
229 static const struct GNUNET_CONFIGURATION_Handle *cfg;
232 * The handle to the helper
234 static struct GNUNET_HELPER_Handle *helper_handle;
237 * Arguments to the exit helper.
239 static char *exit_argv[7];
242 * IPv6 prefix (0..127) from configuration file.
244 static unsigned long long ipv6prefix;
249 static struct GNUNET_MESH_Handle *mesh_handle;
252 * This hashmaps contains the mapping from peer, service-descriptor,
253 * source-port and destination-port to a struct TunnelState
255 static struct GNUNET_CONTAINER_MultiHashMap *connections_map;
258 * Heap so we can quickly find "old" connections.
260 static struct GNUNET_CONTAINER_Heap *connections_heap;
263 * If there are at least this many connections, old ones will be removed
265 static long long unsigned int max_connections = 200;
268 * This hashmaps saves interesting things about the configured UDP services
270 static struct GNUNET_CONTAINER_MultiHashMap *udp_services;
273 * This hashmaps saves interesting things about the configured TCP services
275 static struct GNUNET_CONTAINER_MultiHashMap *tcp_services;
278 * Are we an IPv4-exit?
280 static int ipv4_exit;
283 * Are we an IPv6-exit?
285 static int ipv6_exit;
288 * Do we support IPv4 at all on the TUN interface?
290 static int ipv4_enabled;
293 * Do we support IPv6 at all on the TUN interface?
295 static int ipv6_enabled;
299 * Given IP information about a connection, calculate the respective
300 * hash we would use for the 'connections_map'.
302 * @param hash resulting hash
303 * @param ri information about the connection
306 hash_redirect_info (GNUNET_HashCode *hash,
307 const struct RedirectInformation *ri)
311 memset (hash, 0, sizeof (GNUNET_HashCode));
312 /* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash,
313 so we put the IP address in there (and hope for few collisions) */
315 switch (ri->remote_address.af)
318 memcpy (off, &ri->remote_address.address.ipv4, sizeof (struct in_addr));
319 off += sizeof (struct in_addr);
322 memcpy (off, &ri->remote_address.address.ipv6, sizeof (struct in6_addr));
323 off += sizeof (struct in_addr);
328 memcpy (off, &ri->remote_address.port, sizeof (uint16_t));
329 off += sizeof (uint16_t);
330 switch (ri->local_address.af)
333 memcpy (off, &ri->local_address.address.ipv4, sizeof (struct in_addr));
334 off += sizeof (struct in_addr);
337 memcpy (off, &ri->local_address.address.ipv6, sizeof (struct in6_addr));
338 off += sizeof (struct in_addr);
343 memcpy (off, &ri->local_address.port, sizeof (uint16_t));
344 off += sizeof (uint16_t);
345 memcpy (off, &ri->remote_address.proto, sizeof (uint8_t));
346 off += sizeof (uint8_t);
351 * Get our connection tracking state. Warns if it does not exists,
352 * refreshes the timestamp if it does exist.
354 * @param af address family
355 * @param protocol IPPROTO_UDP or IPPROTO_TCP
356 * @param destination_ip target IP
357 * @param destination_port target port
358 * @param local_ip local IP
359 * @param local_port local port
360 * @param state_key set to hash's state if non-NULL
361 * @return NULL if we have no tracking information for this tuple
363 static struct TunnelState *
364 get_redirect_state (int af,
366 const void *destination_ip,
367 uint16_t destination_port,
368 const void *local_ip,
370 GNUNET_HashCode *state_key)
372 struct RedirectInformation ri;
374 struct TunnelState *state;
376 ri.remote_address.af = af;
378 ri.remote_address.address.ipv4 = *((struct in_addr*) destination_ip);
380 ri.remote_address.address.ipv6 = * ((struct in6_addr*) destination_ip);
381 ri.remote_address.port = destination_port;
382 ri.remote_address.proto = protocol;
383 ri.local_address.af = af;
385 ri.local_address.address.ipv4 = *((struct in_addr*) local_ip);
387 ri.local_address.address.ipv6 = * ((struct in6_addr*) local_ip);
388 ri.local_address.port = local_port;
389 ri.local_address.proto = protocol;
390 hash_redirect_info (&key, &ri);
391 if (NULL != state_key)
393 state = GNUNET_CONTAINER_multihashmap_get (connections_map, &key);
396 /* Mark this connection as freshly used */
397 if (NULL == state_key)
398 GNUNET_CONTAINER_heap_update_cost (connections_heap,
400 GNUNET_TIME_absolute_get ().abs_value);
406 * Given a service descriptor and a destination port, find the
407 * respective service entry.
409 * @param service_map map of services (TCP or UDP)
410 * @param desc service descriptor
411 * @param dpt destination port
412 * @return NULL if we are not aware of such a service
414 static struct LocalService *
415 find_service (struct GNUNET_CONTAINER_MultiHashMap *service_map,
416 const GNUNET_HashCode *desc,
419 char key[sizeof (GNUNET_HashCode) + sizeof (uint16_t)];
421 memcpy (&key[0], &dpt, sizeof (uint16_t));
422 memcpy (&key[sizeof(uint16_t)], desc, sizeof (GNUNET_HashCode));
423 return GNUNET_CONTAINER_multihashmap_get (service_map,
424 (GNUNET_HashCode *) key);
429 * Free memory associated with a service record.
432 * @param key service descriptor
433 * @param value service record to free
437 free_service_record (void *cls,
438 const GNUNET_HashCode *key,
441 struct LocalService *service = value;
443 GNUNET_free_non_null (service->name);
444 GNUNET_free (service);
450 * Given a service descriptor and a destination port, find the
451 * respective service entry.
453 * @param service_map map of services (TCP or UDP)
454 * @param name name of the service
455 * @param dpt destination port
456 * @param service service information record to store (service->name will be set).
459 store_service (struct GNUNET_CONTAINER_MultiHashMap *service_map,
462 struct LocalService *service)
464 char key[sizeof (GNUNET_HashCode) + sizeof (uint16_t)];
465 GNUNET_HashCode desc;
467 GNUNET_CRYPTO_hash (name, strlen (name) + 1, &desc);
468 service->name = GNUNET_strdup (name);
469 memcpy (&key[0], &dpt, sizeof (uint16_t));
470 memcpy (&key[sizeof(uint16_t)], &desc, sizeof (GNUNET_HashCode));
472 GNUNET_CONTAINER_multihashmap_put (service_map,
473 (GNUNET_HashCode *) key,
475 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
477 free_service_record (NULL, (GNUNET_HashCode *) key, service);
478 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
479 _("Got duplicate service records for `%s:%u'\n"),
487 * MESH is ready to receive a message for the tunnel. Transmit it.
489 * @param cls the 'struct TunnelState'.
490 * @param size number of bytes available in buf
491 * @param buf where to copy the message
492 * @return number of bytes copied to buf
495 send_to_peer_notify_callback (void *cls, size_t size, void *buf)
497 struct TunnelState *s = cls;
498 struct GNUNET_MESH_Tunnel *tunnel = s->tunnel;
499 struct TunnelMessageQueue *tnq;
503 GNUNET_assert (size >= tnq->len);
504 memcpy (buf, tnq->payload, tnq->len);
506 GNUNET_CONTAINER_DLL_remove (s->head,
510 if (NULL != (tnq = s->head))
511 s->th = GNUNET_MESH_notify_transmit_ready (tunnel,
512 GNUNET_NO /* corking */,
514 GNUNET_TIME_UNIT_FOREVER_REL,
517 &send_to_peer_notify_callback,
524 * Send the given packet via the mesh tunnel.
526 * @param mesh_tunnel destination
527 * @param payload message to transmit
528 * @param payload_length number of bytes in payload
529 * @param desc descriptor to add before payload (optional)
530 * @param mtype message type to use
533 send_packet_to_mesh_tunnel (struct GNUNET_MESH_Tunnel *mesh_tunnel,
535 size_t payload_length,
536 const GNUNET_HashCode *desc,
539 struct TunnelState *s;
540 struct TunnelMessageQueue *tnq;
541 struct GNUNET_MessageHeader *msg;
545 len = sizeof (struct GNUNET_MessageHeader) + sizeof (GNUNET_HashCode) + payload_length;
546 if (len >= GNUNET_SERVER_MAX_MESSAGE_SIZE)
551 tnq = GNUNET_malloc (sizeof (struct TunnelMessageQueue) + len);
552 tnq->payload = &tnq[1];
554 msg = (struct GNUNET_MessageHeader *) &tnq[1];
555 msg->size = htons ((uint16_t) len);
556 msg->type = htons (mtype);
559 dp = (GNUNET_HashCode *) &msg[1];
561 memcpy (&dp[1], payload, payload_length);
565 memcpy (&msg[1], payload, payload_length);
567 s = GNUNET_MESH_tunnel_get_data (mesh_tunnel);
568 GNUNET_assert (NULL != s);
569 GNUNET_CONTAINER_DLL_insert_tail (s->head, s->tail, tnq);
571 s->th = GNUNET_MESH_notify_transmit_ready (mesh_tunnel, GNUNET_NO /* cork */, 0 /* priority */,
572 GNUNET_TIME_UNIT_FOREVER_REL,
574 &send_to_peer_notify_callback,
580 * @brief Handles an UDP packet received from the helper.
582 * @param udp A pointer to the Packet
583 * @param pktlen number of bytes in 'udp'
584 * @param af address family (AFINET or AF_INET6)
585 * @param destination_ip destination IP-address of the IP packet (should
586 * be our local address)
587 * @param source_ip original source IP-address of the IP packet (should
588 * be the original destination address)
591 udp_from_helper (const struct udp_packet *udp,
594 const void *destination_ip,
595 const void *source_ip)
597 struct TunnelState *state;
599 if (pktlen < sizeof (struct udp_packet))
605 if (pktlen != ntohs (udp->len))
611 state = get_redirect_state (af, IPPROTO_UDP,
619 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
620 _("Packet dropped, have no matching connection information\n"));
623 send_packet_to_mesh_tunnel (state->tunnel,
624 &udp[1], pktlen - sizeof (struct udp_packet),
627 ? GNUNET_MESSAGE_TYPE_VPN_SERVICE_UDP_BACK
628 : GNUNET_MESSAGE_TYPE_VPN_REMOTE_UDP_BACK);
633 * @brief Handles a TCP packet received from the helper.
635 * @param tcp A pointer to the Packet
636 * @param pktlen the length of the packet, including its header
637 * @param af address family (AFINET or AF_INET6)
638 * @param destination_ip destination IP-address of the IP packet (should
639 * be our local address)
640 * @param source_ip original source IP-address of the IP packet (should
641 * be the original destination address)
644 tcp_from_helper (const struct tcp_packet *tcp,
647 const void *destination_ip,
648 const void *source_ip)
650 struct TunnelState *state;
652 struct tcp_packet *mtcp;
654 if (pktlen < sizeof (struct tcp_packet))
660 state = get_redirect_state (af, IPPROTO_TCP,
668 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
669 _("Packet dropped, have no matching connection information\n"));
673 /* mug port numbers and crc to avoid information leakage;
674 sender will need to lookup the correct values anyway */
675 memcpy (buf, tcp, pktlen);
676 mtcp = (struct tcp_packet *) buf;
680 send_packet_to_mesh_tunnel (state->tunnel,
684 ? GNUNET_MESSAGE_TYPE_VPN_SERVICE_TCP_BACK
685 : GNUNET_MESSAGE_TYPE_VPN_REMOTE_TCP_BACK);
690 * Receive packets from the helper-process
693 * @param client unsued
694 * @param message message received from helper
697 message_token (void *cls GNUNET_UNUSED, void *client GNUNET_UNUSED,
698 const struct GNUNET_MessageHeader *message)
700 const struct tun_header *pkt_tun;
703 if (ntohs (message->type) != GNUNET_MESSAGE_TYPE_VPN_HELPER)
708 size = ntohs (message->size);
709 if (size < sizeof (struct tun_header) + sizeof (struct GNUNET_MessageHeader))
714 pkt_tun = (const struct tun_header *) &message[1];
715 size -= sizeof (struct tun_header) + sizeof (struct GNUNET_MessageHeader);
716 switch (ntohs (pkt_tun->proto))
720 const struct ip6_header *pkt6;
722 if (size < sizeof (struct ip6_header))
724 /* Kernel to blame? */
728 pkt6 = (struct ip6_header *) &pkt_tun[1];
729 if (size != ntohs (pkt6->payload_length))
731 /* Kernel to blame? */
735 size -= sizeof (struct ip6_header);
736 switch (pkt6->next_header)
739 udp_from_helper ((const struct udp_packet *) &pkt6[1], size,
741 &pkt6->destination_address,
742 &pkt6->source_address);
745 tcp_from_helper ((const struct tcp_packet *) &pkt6[1], size,
747 &pkt6->destination_address,
748 &pkt6->source_address);
751 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
752 _("IPv6 packet with unsupported next header received. Ignored.\n"));
759 const struct ip4_header *pkt4;
761 if (size < sizeof (struct ip4_header))
763 /* Kernel to blame? */
767 pkt4 = (const struct ip4_header *) &pkt_tun[1];
768 if (size != ntohs (pkt4->total_length))
770 /* Kernel to blame? */
774 if (pkt4->header_length * 4 != sizeof (struct ip4_header))
776 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
777 _("IPv4 packet options received. Ignored.\n"));
780 size -= sizeof (struct ip4_header);
781 switch (pkt4->protocol)
784 udp_from_helper ((const struct udp_packet *) &pkt4[1], size,
786 &pkt4->destination_address,
787 &pkt4->source_address);
789 tcp_from_helper ((const struct tcp_packet *) &pkt4[1], size,
791 &pkt4->destination_address,
792 &pkt4->source_address);
795 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
796 _("IPv4 packet with unsupported next header received. Ignored.\n"));
802 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
803 _("Packet from unknown protocol %u received. Ignored.\n"),
804 ntohs (pkt_tun->proto));
811 * We need to create a (unique) fresh local address (IP+port).
814 * @param af desired address family
815 * @param proto desired protocol (IPPROTO_UDP or IPPROTO_TCP)
816 * @param local_address address to initialize
819 setup_fresh_address (int af,
821 struct SocketAddress *local_address)
823 local_address->af = af;
824 local_address->proto = (uint8_t) proto;
825 /* default "local" port range is often 32768--61000,
826 so we pick a random value in that range */
828 = (uint16_t) 32768 + GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
834 const char *ipv4addr = exit_argv[4];
835 const char *ipv4mask = exit_argv[5];
840 GNUNET_assert (1 == inet_pton (AF_INET, ipv4addr, &addr));
841 GNUNET_assert (1 == inet_pton (AF_INET, ipv4mask, &mask));
842 if (0 == ~mask.s_addr)
844 /* only one valid IP anyway */
845 local_address->address.ipv4 = addr;
848 /* Given 192.168.0.1/255.255.0.0, we want a mask
849 of '192.168.255.255', thus: */
850 mask.s_addr = addr.s_addr | ~mask.s_addr;
851 /* Pick random IPv4 address within the subnet, except 'addr' or 'mask' itself */
854 rnd.s_addr = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
856 local_address->address.ipv4.s_addr = (addr.s_addr | rnd.s_addr) & mask.s_addr;
858 while ( (local_address->address.ipv4.s_addr == addr.s_addr) ||
859 (local_address->address.ipv4.s_addr == mask.s_addr) );
864 const char *ipv6addr = exit_argv[2];
865 struct in6_addr addr;
866 struct in6_addr mask;
870 GNUNET_assert (1 == inet_pton (AF_INET6, ipv6addr, &addr));
871 GNUNET_assert (ipv6prefix < 128);
872 if (ipv6prefix == 127)
874 /* only one valid IP anyway */
875 local_address->address.ipv6 = addr;
878 /* Given ABCD::/96, we want a mask of 'ABCD::FFFF:FFFF,
881 for (i=127;i>=128-ipv6prefix;i--)
882 mask.s6_addr[i / 8] |= (1 << (i % 8));
884 /* Pick random IPv6 address within the subnet, except 'addr' or 'mask' itself */
889 rnd.s6_addr[i] = (unsigned char) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
891 local_address->address.ipv6.s6_addr[i]
892 = (addr.s6_addr[i] | rnd.s6_addr[i]) & mask.s6_addr[i];
895 while ( (0 == memcmp (&local_address->address.ipv6,
897 sizeof (struct in6_addr))) ||
898 (0 == memcmp (&local_address->address.ipv6,
900 sizeof (struct in6_addr))) );
910 * We are starting a fresh connection (TCP or UDP) and need
911 * to pick a source port and IP address (within the correct
912 * range and address family) to associate replies with the
913 * connection / correct mesh tunnel. This function generates
914 * a "fresh" source IP and source port number for a connection
915 * After picking a good source address, this function sets up
916 * the state in the 'connections_map' and 'connections_heap'
917 * to allow finding the state when needed later. The function
918 * also makes sure that we remain within memory limits by
919 * cleaning up 'old' states.
921 * @param state skeleton state to setup a record for; should
922 * 'state->ri.remote_address' filled in so that
923 * this code can determine which AF/protocol is
924 * going to be used (the 'tunnel' should also
925 * already be set); after calling this function,
926 * heap_node and the local_address will be
927 * also initialized (heap_node != NULL can be
928 * used to test if a state has been fully setup).
931 setup_state_record (struct TunnelState *state)
934 struct TunnelState *s;
936 /* generate fresh, unique address */
939 setup_fresh_address (state->serv->address.af,
940 state->serv->address.proto,
941 &state->ri.local_address);
942 } while (NULL != get_redirect_state (state->ri.remote_address.af,
944 &state->ri.remote_address.address,
945 state->ri.remote_address.port,
946 &state->ri.local_address.address,
947 state->ri.local_address.port,
949 GNUNET_assert (GNUNET_OK ==
950 GNUNET_CONTAINER_multihashmap_put (connections_map,
952 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
953 state->heap_node = GNUNET_CONTAINER_heap_insert (connections_heap,
955 GNUNET_TIME_absolute_get ().abs_value);
956 while (GNUNET_CONTAINER_heap_get_size (connections_heap) > max_connections)
958 s = GNUNET_CONTAINER_heap_remove_root (connections_heap);
959 GNUNET_assert (state != s);
961 GNUNET_MESH_tunnel_destroy (s->tunnel);
962 GNUNET_assert (GNUNET_OK ==
963 GNUNET_CONTAINER_multihashmap_remove (connections_map,
972 * Prepare an IPv4 packet for transmission via the TUN interface.
973 * Initializes the IP header and calculates checksums (IP+UDP/TCP).
974 * For UDP, the UDP header will be fully created, whereas for TCP
975 * only the ports and checksum will be filled in. So for TCP,
976 * a skeleton TCP header must be part of the provided payload.
978 * @param payload payload of the packet (starting with UDP payload or
979 * TCP header, depending on protocol)
980 * @param payload_length number of bytes in 'payload'
981 * @param protocol IPPROTO_UDP or IPPROTO_TCP
982 * @param src_address source address to use (IP and port)
983 * @param dst_address destination address to use (IP and port)
984 * @param pkt6 where to write the assembled packet; must
985 * contain enough space for the IP header, UDP/TCP header
989 prepare_ipv4_packet (const void *payload, size_t payload_length,
991 const struct tcp_packet *tcp_header,
992 const struct SocketAddress *src_address,
993 const struct SocketAddress *dst_address,
994 struct ip4_header *pkt4)
998 len = payload_length;
1002 len += sizeof (struct udp_packet);
1005 len += sizeof (struct tcp_packet);
1006 GNUNET_assert (NULL != tcp_header);
1012 if (len + sizeof (struct ip4_header) > UINT16_MAX)
1019 pkt4->header_length = sizeof (struct ip4_header) / 4;
1020 pkt4->diff_serv = 0;
1021 pkt4->total_length = htons ((uint16_t) (sizeof (struct ip4_header) + len));
1022 pkt4->identification = (uint16_t) GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
1025 pkt4->fragmentation_offset = 0;
1027 pkt4->protocol = protocol;
1029 pkt4->destination_address = dst_address->address.ipv4;
1030 pkt4->source_address = src_address->address.ipv4;
1031 pkt4->checksum = GNUNET_CRYPTO_crc16_n (pkt4, sizeof (struct ip4_header));
1037 struct udp_packet *pkt4_udp = (struct udp_packet *) &pkt4[1];
1039 pkt4_udp->spt = htons (src_address->port);
1040 pkt4_udp->dpt = htons (dst_address->port);
1041 pkt4_udp->crc = 0; /* Optional for IPv4 */
1042 pkt4_udp->len = htons ((uint16_t) payload_length);
1043 memcpy (&pkt4_udp[1], payload, payload_length);
1048 struct tcp_packet *pkt4_tcp = (struct tcp_packet *) &pkt4[1];
1050 memcpy (pkt4_tcp, tcp_header, sizeof (struct tcp_packet));
1051 memcpy (&pkt4_tcp[1], payload, payload_length);
1052 pkt4_tcp->spt = htons (src_address->port);
1053 pkt4_tcp->dpt = htons (dst_address->port);
1056 sum = GNUNET_CRYPTO_crc16_step (sum,
1057 &pkt4->source_address,
1058 sizeof (struct in_addr) * 2);
1059 uint32_t tmp = htonl ((protocol << 16) | (0xffff & len));
1060 sum = GNUNET_CRYPTO_crc16_step (sum, & tmp, sizeof (uint32_t));
1061 sum = GNUNET_CRYPTO_crc16_step (sum, & pkt4_tcp, len);
1062 pkt4_tcp->crc = GNUNET_CRYPTO_crc16_finish (sum);
1072 * Prepare an IPv6 packet for transmission via the TUN interface.
1073 * Initializes the IP header and calculates checksums (IP+UDP/TCP).
1074 * For UDP, the UDP header will be fully created, whereas for TCP
1075 * only the ports and checksum will be filled in. So for TCP,
1076 * a skeleton TCP header must be part of the provided payload.
1078 * @param payload payload of the packet (starting with UDP payload or
1079 * TCP header, depending on protocol)
1080 * @param payload_length number of bytes in 'payload'
1081 * @param protocol IPPROTO_UDP or IPPROTO_TCP
1082 * @param src_address source address to use (IP and port)
1083 * @param dst_address destination address to use (IP and port)
1084 * @param pkt6 where to write the assembled packet; must
1085 * contain enough space for the IP header, UDP/TCP header
1089 prepare_ipv6_packet (const void *payload, size_t payload_length,
1091 const struct tcp_packet *tcp_header,
1092 const struct SocketAddress *src_address,
1093 const struct SocketAddress *dst_address,
1094 struct ip6_header *pkt6)
1098 len = payload_length;
1102 len += sizeof (struct udp_packet);
1105 /* tcp_header (with port/crc not set) must be part of payload! */
1106 if (len < sizeof (struct tcp_packet))
1116 if (len > UINT16_MAX)
1123 pkt6->next_header = protocol;
1124 pkt6->payload_length = htons ((uint16_t) (len + sizeof (struct ip6_header)));
1125 pkt6->hop_limit = 255;
1126 pkt6->destination_address = dst_address->address.ipv6;
1127 pkt6->source_address = src_address->address.ipv6;
1133 struct udp_packet *pkt6_udp = (struct udp_packet *) &pkt6[1];
1135 memcpy (&pkt6[1], payload, payload_length);
1137 pkt6_udp->spt = htons (src_address->port);
1138 pkt6_udp->dpt = htons (dst_address->port);
1139 pkt6_udp->len = htons ((uint16_t) payload_length);
1142 sum = GNUNET_CRYPTO_crc16_step (sum,
1143 &pkt6->source_address,
1144 sizeof (struct in6_addr) * 2);
1145 uint32_t tmp = htons (len);
1146 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1147 tmp = htonl (pkt6->next_header);
1148 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1149 sum = GNUNET_CRYPTO_crc16_step (sum, pkt6_udp, len);
1150 pkt6_udp->crc = GNUNET_CRYPTO_crc16_finish (sum);
1155 struct tcp_packet *pkt6_tcp = (struct tcp_packet *) pkt6;
1157 memcpy (pkt6_tcp, payload, payload_length);
1159 pkt6_tcp->spt = htons (src_address->port);
1160 pkt6_tcp->dpt = htons (dst_address->port);
1163 sum = GNUNET_CRYPTO_crc16_step (sum, &pkt6->source_address,
1164 sizeof (struct in6_addr) * 2);
1165 uint32_t tmp = htonl (len);
1166 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1167 tmp = htonl (pkt6->next_header);
1168 sum = GNUNET_CRYPTO_crc16_step (sum, &tmp, sizeof (uint32_t));
1169 sum = GNUNET_CRYPTO_crc16_step (sum, pkt6_tcp, len);
1170 pkt6_tcp->crc = GNUNET_CRYPTO_crc16_finish (sum);
1181 * Send a TCP packet via the TUN interface.
1183 * @param destination_address IP and port to use for the TCP packet's destination
1184 * @param source_address IP and port to use for the TCP packet's source
1185 * @param tcp header template to use
1186 * @param payload payload of the TCP packet
1187 * @param payload_length number of bytes in 'payload'
1190 send_tcp_packet_via_tun (const struct SocketAddress *destination_address,
1191 const struct SocketAddress *source_address,
1192 const struct tcp_packet *tcp_header,
1193 const void *payload, size_t payload_length)
1197 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct tun_header);
1198 switch (source_address->af)
1201 len += sizeof (struct ip4_header);
1204 len += sizeof (struct ip6_header);
1210 len += payload_length;
1211 if (len >= GNUNET_SERVER_MAX_MESSAGE_SIZE)
1218 struct GNUNET_MessageHeader *hdr;
1219 struct tun_header *tun;
1221 hdr= (struct GNUNET_MessageHeader *) buf;
1222 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1223 hdr->size = htons (len);
1224 tun = (struct tun_header*) &hdr[1];
1225 tun->flags = htons (0);
1226 switch (source_address->af)
1230 struct ip4_header * ipv4 = (struct ip4_header*) &tun[1];
1232 tun->proto = htons (ETH_P_IPV4);
1233 prepare_ipv4_packet (payload, payload_length,
1237 destination_address,
1243 struct ip6_header * ipv6 = (struct ip6_header*) &tun[1];
1245 tun->proto = htons (ETH_P_IPV6);
1246 prepare_ipv6_packet (payload, payload_length,
1250 destination_address,
1258 (void) GNUNET_HELPER_send (helper_handle,
1259 (const struct GNUNET_MessageHeader*) buf,
1267 * Process a request via mesh to send a request to a TCP service
1268 * offered by this system.
1270 * @param cls closure, NULL
1271 * @param tunnel connection to the other end
1272 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1273 * @param sender who sent the message
1274 * @param message the actual message
1275 * @param atsi performance data for the connection
1276 * @return GNUNET_OK to keep the connection open,
1277 * GNUNET_SYSERR to close it (signal serious error)
1280 receive_tcp_service (void *unused GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1281 void **tunnel_ctx GNUNET_UNUSED,
1282 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1283 const struct GNUNET_MessageHeader *message,
1284 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1286 struct TunnelState *state = *tunnel_ctx;
1287 const struct GNUNET_EXIT_TcpServiceStartMessage *start;
1288 uint16_t pkt_len = ntohs (message->size);
1290 /* check that we got at least a valid header */
1291 if (pkt_len < sizeof (struct GNUNET_EXIT_TcpServiceStartMessage))
1293 GNUNET_break_op (0);
1294 return GNUNET_SYSERR;
1296 start = (const struct GNUNET_EXIT_TcpServiceStartMessage*) message;
1297 pkt_len -= sizeof (struct GNUNET_EXIT_TcpServiceStartMessage);
1298 if ( (NULL == state) ||
1299 (NULL != state->serv) ||
1300 (NULL != state->heap_node) )
1302 GNUNET_break_op (0);
1303 return GNUNET_SYSERR;
1305 GNUNET_break_op (ntohl (start->reserved) == 0);
1306 /* setup fresh connection */
1307 if (NULL == (state->serv = find_service (tcp_services, &start->service_descriptor,
1308 ntohs (start->tcp_header.dpt))))
1310 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1311 _("No service found for %s on port %d!\n"),
1313 ntohs (start->tcp_header.dpt));
1314 return GNUNET_SYSERR;
1316 state->ri.remote_address = state->serv->address;
1317 setup_state_record (state);
1318 send_tcp_packet_via_tun (&state->ri.remote_address,
1319 &state->ri.local_address,
1321 &start[1], pkt_len);
1327 * Process a request to forward TCP data to the Internet via this peer.
1329 * @param cls closure, NULL
1330 * @param tunnel connection to the other end
1331 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1332 * @param sender who sent the message
1333 * @param message the actual message
1334 * @param atsi performance data for the connection
1335 * @return GNUNET_OK to keep the connection open,
1336 * GNUNET_SYSERR to close it (signal serious error)
1339 receive_tcp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1340 void **tunnel_ctx GNUNET_UNUSED,
1341 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1342 const struct GNUNET_MessageHeader *message,
1343 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1345 struct TunnelState *state = *tunnel_ctx;
1346 const struct GNUNET_EXIT_TcpInternetStartMessage *start;
1347 uint16_t pkt_len = ntohs (message->size);
1348 const struct in_addr *v4;
1349 const struct in6_addr *v6;
1350 const void *payload;
1353 if (pkt_len < sizeof (struct GNUNET_EXIT_TcpInternetStartMessage))
1355 GNUNET_break_op (0);
1356 return GNUNET_SYSERR;
1358 start = (const struct GNUNET_EXIT_TcpInternetStartMessage*) message;
1359 pkt_len -= sizeof (struct GNUNET_EXIT_TcpInternetStartMessage);
1360 if ( (NULL == state) ||
1361 (NULL != state->serv) ||
1362 (NULL != state->heap_node) )
1364 GNUNET_break_op (0);
1365 return GNUNET_SYSERR;
1367 af = (int) ntohl (start->af);
1368 state->ri.remote_address.af = af;
1372 if (pkt_len < sizeof (struct in_addr))
1374 GNUNET_break_op (0);
1375 return GNUNET_SYSERR;
1377 v4 = (const struct in_addr*) &start[1];
1379 pkt_len -= sizeof (struct in_addr);
1380 state->ri.remote_address.address.ipv4 = *v4;
1383 if (pkt_len < sizeof (struct in6_addr))
1385 GNUNET_break_op (0);
1386 return GNUNET_SYSERR;
1388 v6 = (const struct in6_addr*) &start[1];
1390 pkt_len -= sizeof (struct in_addr);
1391 state->ri.remote_address.address.ipv6 = *v6;
1394 GNUNET_break_op (0);
1395 return GNUNET_SYSERR;
1397 state->ri.remote_address.proto = IPPROTO_TCP;
1398 state->ri.remote_address.port = ntohs (start->tcp_header.dpt);
1399 setup_state_record (state);
1400 send_tcp_packet_via_tun (&state->ri.remote_address,
1401 &state->ri.local_address,
1409 * Process a request to forward TCP data on an established
1410 * connection via this peer.
1412 * @param cls closure, NULL
1413 * @param tunnel connection to the other end
1414 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1415 * @param sender who sent the message
1416 * @param message the actual message
1417 * @param atsi performance data for the connection
1418 * @return GNUNET_OK to keep the connection open,
1419 * GNUNET_SYSERR to close it (signal serious error)
1422 receive_tcp_data (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1423 void **tunnel_ctx GNUNET_UNUSED,
1424 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1425 const struct GNUNET_MessageHeader *message,
1426 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1428 struct TunnelState *state = *tunnel_ctx;
1429 const struct GNUNET_EXIT_TcpDataMessage *data;
1430 uint16_t pkt_len = ntohs (message->size);
1432 if (pkt_len < sizeof (struct GNUNET_EXIT_TcpDataMessage))
1434 GNUNET_break_op (0);
1435 return GNUNET_SYSERR;
1437 data = (const struct GNUNET_EXIT_TcpDataMessage*) message;
1438 pkt_len -= sizeof (struct GNUNET_EXIT_TcpDataMessage);
1439 if ( (NULL == state) ||
1440 (NULL == state->heap_node) )
1442 /* connection should have been up! */
1443 GNUNET_break_op (0);
1444 /* FIXME: call statistics */
1445 return GNUNET_SYSERR;
1447 GNUNET_break_op (ntohl (data->reserved) == 0);
1448 send_tcp_packet_via_tun (&state->ri.remote_address,
1449 &state->ri.local_address,
1457 * Send a UDP packet via the TUN interface.
1459 * @param destination_address IP and port to use for the UDP packet's destination
1460 * @param source_address IP and port to use for the UDP packet's source
1461 * @param payload payload of the UDP packet (does NOT include UDP header)
1462 * @param payload_length number of bytes of data in payload
1465 send_udp_packet_via_tun (const struct SocketAddress *destination_address,
1466 const struct SocketAddress *source_address,
1467 const void *payload, size_t payload_length)
1471 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct tun_header);
1472 switch (source_address->af)
1475 len += sizeof (struct ip4_header);
1478 len += sizeof (struct ip6_header);
1484 len += sizeof (struct udp_packet);
1485 len += payload_length;
1486 if (len >= GNUNET_SERVER_MAX_MESSAGE_SIZE)
1493 struct GNUNET_MessageHeader *hdr;
1494 struct tun_header *tun;
1496 hdr= (struct GNUNET_MessageHeader *) buf;
1497 hdr->type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
1498 hdr->size = htons (len);
1499 tun = (struct tun_header*) &hdr[1];
1500 tun->flags = htons (0);
1501 switch (source_address->af)
1505 struct ip4_header * ipv4 = (struct ip4_header*) &tun[1];
1507 tun->proto = htons (ETH_P_IPV4);
1508 prepare_ipv4_packet (payload, payload_length,
1512 destination_address,
1518 struct ip6_header * ipv6 = (struct ip6_header*) &tun[1];
1520 tun->proto = htons (ETH_P_IPV6);
1521 prepare_ipv6_packet (payload, payload_length,
1525 destination_address,
1533 (void) GNUNET_HELPER_send (helper_handle,
1534 (const struct GNUNET_MessageHeader*) buf,
1542 * Process a request to forward UDP data to the Internet via this peer.
1544 * @param cls closure, NULL
1545 * @param tunnel connection to the other end
1546 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1547 * @param sender who sent the message
1548 * @param message the actual message
1549 * @param atsi performance data for the connection
1550 * @return GNUNET_OK to keep the connection open,
1551 * GNUNET_SYSERR to close it (signal serious error)
1554 receive_udp_remote (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1555 void **tunnel_ctx GNUNET_UNUSED,
1556 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1557 const struct GNUNET_MessageHeader *message,
1558 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1560 struct TunnelState *state = *tunnel_ctx;
1561 const struct GNUNET_EXIT_UdpInternetMessage *msg;
1562 uint16_t pkt_len = ntohs (message->size);
1563 const struct in_addr *v4;
1564 const struct in6_addr *v6;
1565 const void *payload;
1568 if (pkt_len < sizeof (struct GNUNET_EXIT_UdpInternetMessage))
1570 GNUNET_break_op (0);
1571 return GNUNET_SYSERR;
1573 msg = (const struct GNUNET_EXIT_UdpInternetMessage*) message;
1574 pkt_len -= sizeof (struct GNUNET_EXIT_UdpInternetMessage);
1575 af = (int) ntohl (msg->af);
1576 state->ri.remote_address.af = af;
1580 if (pkt_len < sizeof (struct in_addr))
1582 GNUNET_break_op (0);
1583 return GNUNET_SYSERR;
1585 v4 = (const struct in_addr*) &msg[1];
1587 pkt_len -= sizeof (struct in_addr);
1588 state->ri.remote_address.address.ipv4 = *v4;
1591 if (pkt_len < sizeof (struct in6_addr))
1593 GNUNET_break_op (0);
1594 return GNUNET_SYSERR;
1596 v6 = (const struct in6_addr*) &msg[1];
1598 pkt_len -= sizeof (struct in_addr);
1599 state->ri.remote_address.address.ipv6 = *v6;
1602 GNUNET_break_op (0);
1603 return GNUNET_SYSERR;
1605 state->ri.remote_address.proto = IPPROTO_UDP;
1606 state->ri.remote_address.port = msg->destination_port;
1607 if (NULL == state->heap_node)
1608 setup_state_record (state);
1609 if (0 != ntohs (msg->source_port))
1610 state->ri.local_address.port = msg->source_port;
1611 send_udp_packet_via_tun (&state->ri.remote_address,
1612 &state->ri.local_address,
1619 * Process a request via mesh to send a request to a UDP service
1620 * offered by this system.
1622 * @param cls closure, NULL
1623 * @param tunnel connection to the other end
1624 * @param tunnel_ctx pointer to our 'struct TunnelState *'
1625 * @param sender who sent the message
1626 * @param message the actual message
1627 * @param atsi performance data for the connection
1628 * @return GNUNET_OK to keep the connection open,
1629 * GNUNET_SYSERR to close it (signal serious error)
1632 receive_udp_service (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1634 const struct GNUNET_PeerIdentity *sender GNUNET_UNUSED,
1635 const struct GNUNET_MessageHeader *message,
1636 const struct GNUNET_ATS_Information *atsi GNUNET_UNUSED)
1638 struct TunnelState *state = *tunnel_ctx;
1639 const struct GNUNET_EXIT_UdpServiceMessage *msg;
1640 uint16_t pkt_len = ntohs (message->size);
1642 /* check that we got at least a valid header */
1643 if (pkt_len < sizeof (struct GNUNET_EXIT_UdpServiceMessage))
1645 GNUNET_break_op (0);
1646 return GNUNET_SYSERR;
1648 msg = (const struct GNUNET_EXIT_UdpServiceMessage*) message;
1649 pkt_len -= sizeof (struct GNUNET_EXIT_UdpServiceMessage);
1651 if (NULL == (state->serv = find_service (udp_services, &msg->service_descriptor,
1652 ntohs (msg->destination_port))))
1654 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1655 _("No service found for %s on port %d!\n"),
1657 ntohs (msg->destination_port));
1658 return GNUNET_SYSERR;
1660 state->ri.remote_address = state->serv->address;
1661 setup_state_record (state);
1662 if (0 != ntohs (msg->source_port))
1663 state->ri.local_address.port = msg->source_port;
1664 send_udp_packet_via_tun (&state->ri.remote_address,
1665 &state->ri.local_address,
1672 * Callback from GNUNET_MESH for new tunnels.
1674 * @param cls closure
1675 * @param tunnel new handle to the tunnel
1676 * @param initiator peer that started the tunnel
1677 * @param atsi performance information for the tunnel
1678 * @return initial tunnel context for the tunnel
1681 new_tunnel (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
1682 const struct GNUNET_PeerIdentity *initiator GNUNET_UNUSED,
1683 const struct GNUNET_ATS_Information *ats GNUNET_UNUSED)
1685 struct TunnelState *s = GNUNET_malloc (sizeof (struct TunnelState));
1693 * Function called by mesh whenever an inbound tunnel is destroyed.
1694 * Should clean up any associated state.
1696 * @param cls closure (set from GNUNET_MESH_connect)
1697 * @param tunnel connection to the other end (henceforth invalid)
1698 * @param tunnel_ctx place where local state associated
1699 * with the tunnel is stored
1702 clean_tunnel (void *cls GNUNET_UNUSED, const struct GNUNET_MESH_Tunnel *tunnel,
1705 struct TunnelState *s = tunnel_ctx;
1706 struct TunnelMessageQueue *tnq;
1708 while (NULL != (tnq = s->head))
1710 GNUNET_CONTAINER_DLL_remove (s->head,
1715 if (s->heap_node != NULL)
1717 GNUNET_assert (GNUNET_YES ==
1718 GNUNET_CONTAINER_multihashmap_remove (connections_map,
1721 GNUNET_CONTAINER_heap_remove_node (s->heap_node);
1722 s->heap_node = NULL;
1726 GNUNET_MESH_notify_transmit_ready_cancel (s->th);
1734 * Function that frees everything from a hashmap
1738 * @param value value to free
1741 free_iterate (void *cls GNUNET_UNUSED,
1742 const GNUNET_HashCode * hash GNUNET_UNUSED, void *value)
1744 GNUNET_free (value);
1750 * Function scheduled as very last function, cleans up after us
1753 cleanup (void *cls GNUNET_UNUSED,
1754 const struct GNUNET_SCHEDULER_TaskContext *tskctx)
1758 if (helper_handle != NULL)
1760 GNUNET_HELPER_stop (helper_handle);
1761 helper_handle = NULL;
1763 if (mesh_handle != NULL)
1765 GNUNET_MESH_disconnect (mesh_handle);
1768 if (NULL != connections_map)
1770 GNUNET_CONTAINER_multihashmap_iterate (connections_map, &free_iterate, NULL);
1771 GNUNET_CONTAINER_multihashmap_destroy (connections_map);
1772 connections_map = NULL;
1774 if (NULL != connections_heap)
1776 GNUNET_CONTAINER_heap_destroy (connections_heap);
1777 connections_heap = NULL;
1779 if (NULL != tcp_services)
1781 GNUNET_CONTAINER_multihashmap_iterate (tcp_services, &free_service_record, NULL);
1782 GNUNET_CONTAINER_multihashmap_destroy (tcp_services);
1783 tcp_services = NULL;
1785 if (NULL != udp_services)
1787 GNUNET_CONTAINER_multihashmap_iterate (udp_services, &free_service_record, NULL);
1788 GNUNET_CONTAINER_multihashmap_destroy (udp_services);
1789 udp_services = NULL;
1792 GNUNET_free_non_null (exit_argv[i]);
1797 * Add services to the service map.
1799 * @param proto IPPROTO_TCP or IPPROTO_UDP
1800 * @param cpy copy of the service descriptor (can be mutilated)
1801 * @param name DNS name of the service
1804 add_services (int proto,
1811 struct LocalService *serv;
1813 for (redirect = strtok (cpy, " "); redirect != NULL;
1814 redirect = strtok (NULL, " "))
1816 if (NULL == (hostname = strstr (redirect, ":")))
1818 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1819 "option `%s' for domain `%s' is not formatted correctly!\n",
1826 if (NULL == (hostport = strstr (hostname, ":")))
1828 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1829 "option `%s' for domain `%s' is not formatted correctly!\n",
1837 int local_port = atoi (redirect);
1838 int remote_port = atoi (hostport);
1840 if (!((local_port > 0) && (local_port < 65536)))
1842 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1843 "`%s' is not a valid port number (for domain `%s')!", redirect,
1847 if (!((remote_port > 0) && (remote_port < 65536)))
1849 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1850 "`%s' is not a valid port number (for domain `%s')!", hostport,
1855 serv = GNUNET_malloc (sizeof (struct LocalService));
1856 serv->my_port = (uint16_t) local_port;
1857 serv->address.port = remote_port;
1858 if (0 == strcmp ("localhost4", hostname))
1860 const char *ip4addr = exit_argv[4];
1862 serv->address.af = AF_INET;
1863 GNUNET_assert (1 != inet_pton (AF_INET, ip4addr, &serv->address.address.ipv4));
1865 else if (0 == strcmp ("localhost6", hostname))
1867 const char *ip6addr = exit_argv[2];
1869 serv->address.af = AF_INET6;
1870 GNUNET_assert (1 == inet_pton (AF_INET6, ip6addr, &serv->address.address.ipv6));
1874 struct addrinfo *res;
1877 ret = getaddrinfo (hostname, NULL, NULL, &res);
1878 if ( (ret != 0) || (res == NULL) )
1880 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1881 _("No addresses found for hostname `%s' of service `%s'!\n"),
1888 serv->address.af = res->ai_family;
1889 switch (res->ai_family)
1892 serv->address.address.ipv4 = ((struct sockaddr_in *) res->ai_addr)->sin_addr;
1895 serv->address.address.ipv6 = ((struct sockaddr_in6 *) res->ai_addr)->sin6_addr;
1899 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1900 _("No IP addresses found for hostname `%s' of service `%s'!\n"),
1908 store_service ((IPPROTO_UDP == proto) ? udp_services : tcp_services,
1917 * Reads the configuration servicecfg and populates udp_services
1920 * @param section name of section in config, equal to hostname
1923 read_service_conf (void *cls GNUNET_UNUSED, const char *section)
1927 if ((strlen (section) < 8) ||
1928 (0 != strcmp (".gnunet.", section + (strlen (section) - 8))))
1931 GNUNET_CONFIGURATION_get_value_string (cfg, section, "UDP_REDIRECTS",
1934 add_services (IPPROTO_UDP, cpy, section);
1938 GNUNET_CONFIGURATION_get_value_string (cfg, section, "TCP_REDIRECTS",
1941 add_services (IPPROTO_TCP, cpy, section);
1948 * @brief Main function that will be run by the scheduler.
1950 * @param cls closure
1951 * @param args remaining command-line arguments
1952 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
1953 * @param cfg_ configuration
1956 run (void *cls, char *const *args GNUNET_UNUSED,
1957 const char *cfgfile GNUNET_UNUSED,
1958 const struct GNUNET_CONFIGURATION_Handle *cfg_)
1960 static struct GNUNET_MESH_MessageHandler handlers[] = {
1961 {&receive_udp_service, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_SERVICE, 0},
1962 {&receive_udp_remote, GNUNET_MESSAGE_TYPE_VPN_UDP_TO_INTERNET, 0},
1963 {&receive_tcp_service, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_SERVICE_START, 0},
1964 {&receive_tcp_remote, GNUNET_MESSAGE_TYPE_VPN_TCP_TO_INTERNET_START, 0},
1965 {&receive_tcp_data, GNUNET_MESSAGE_TYPE_VPN_TCP_DATA, 0},
1969 static GNUNET_MESH_ApplicationType apptypes[] = {
1970 GNUNET_APPLICATION_TYPE_END,
1971 GNUNET_APPLICATION_TYPE_END,
1972 GNUNET_APPLICATION_TYPE_END
1974 unsigned int app_idx;
1985 ipv4_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV4");
1986 ipv6_exit = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "EXIT_IPV6");
1987 ipv4_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_IPV4");
1988 ipv6_enabled = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_IPV6");
1989 if (ipv4_exit && (! ipv4_enabled))
1991 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1992 _("Cannot enable IPv4 exit but disable IPv4 on TUN interface, will use ENABLE_IPv4=YES\n"));
1993 ipv4_enabled = GNUNET_YES;
1995 if (ipv6_exit && (! ipv6_enabled))
1997 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1998 _("Cannot enable IPv6 exit but disable IPv6 on TUN interface, will use ENABLE_IPv6=YES\n"));
1999 ipv6_enabled = GNUNET_YES;
2001 if (! (ipv4_enabled || ipv6_enabled))
2003 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2004 _("No useful service enabled. Exiting.\n"));
2005 GNUNET_SCHEDULER_shutdown ();
2009 if (GNUNET_YES == ipv4_exit)
2011 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_IPV4_GATEWAY;
2014 if (GNUNET_YES == ipv6_exit)
2016 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_IPV6_GATEWAY;
2020 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
2023 GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_CONNECTIONS",
2025 max_connections = 1024;
2026 exit_argv[0] = GNUNET_strdup ("exit-gnunet");
2027 if (GNUNET_SYSERR ==
2028 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "TUN_IFNAME", &tun_ifname))
2030 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2031 "No entry 'TUN_IFNAME' in configuration!\n");
2032 GNUNET_SCHEDULER_shutdown ();
2035 exit_argv[1] = tun_ifname;
2038 if (GNUNET_SYSERR ==
2039 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "EXIT_IFNAME", &exit_ifname))
2041 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2042 "No entry 'EXIT_IFNAME' in configuration!\n");
2043 GNUNET_SCHEDULER_shutdown ();
2046 exit_argv[2] = exit_ifname;
2050 exit_argv[2] = GNUNET_strdup ("%");
2052 if (GNUNET_YES == ipv6_enabled)
2054 if ( (GNUNET_SYSERR ==
2055 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6ADDR",
2057 (1 != inet_pton (AF_INET6, ipv6addr, &v6))) )
2059 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2060 "No valid entry 'IPV6ADDR' in configuration!\n");
2061 GNUNET_SCHEDULER_shutdown ();
2064 exit_argv[3] = ipv6addr;
2065 if (GNUNET_SYSERR ==
2066 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6PREFIX",
2069 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2070 "No entry 'IPV6PREFIX' in configuration!\n");
2071 GNUNET_SCHEDULER_shutdown ();
2074 exit_argv[4] = ipv6prefix_s;
2076 GNUNET_CONFIGURATION_get_value_number (cfg, "exit",
2079 (ipv6prefix >= 127) )
2081 GNUNET_SCHEDULER_shutdown ();
2087 /* IPv6 explicitly disabled */
2088 exit_argv[3] = GNUNET_strdup ("-");
2089 exit_argv[4] = GNUNET_strdup ("-");
2091 if (GNUNET_YES == ipv4_enabled)
2093 if ( (GNUNET_SYSERR ==
2094 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4ADDR",
2096 (1 != inet_pton (AF_INET, ipv4addr, &v4))) )
2098 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2099 "No valid entry for 'IPV4ADDR' in configuration!\n");
2100 GNUNET_SCHEDULER_shutdown ();
2103 exit_argv[5] = ipv4addr;
2104 if ( (GNUNET_SYSERR ==
2105 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4MASK",
2107 (1 != inet_pton (AF_INET, ipv4mask, &v4))) )
2109 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2110 "No valid entry 'IPV4MASK' in configuration!\n");
2111 GNUNET_SCHEDULER_shutdown ();
2114 exit_argv[6] = ipv4mask;
2118 /* IPv4 explicitly disabled */
2119 exit_argv[5] = GNUNET_strdup ("-");
2120 exit_argv[6] = GNUNET_strdup ("-");
2122 exit_argv[7] = NULL;
2124 udp_services = GNUNET_CONTAINER_multihashmap_create (65536);
2125 tcp_services = GNUNET_CONTAINER_multihashmap_create (65536);
2126 GNUNET_CONFIGURATION_iterate_sections (cfg, &read_service_conf, NULL);
2128 connections_map = GNUNET_CONTAINER_multihashmap_create (65536);
2129 connections_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2131 = GNUNET_MESH_connect (cfg, 42 /* queue size */, NULL,
2133 &clean_tunnel, handlers,
2135 if (NULL == mesh_handle)
2137 GNUNET_SCHEDULER_shutdown ();
2140 helper_handle = GNUNET_HELPER_start ("gnunet-helper-exit",
2142 &message_token, NULL);
2149 * @param argc number of arguments from the command line
2150 * @param argv command line arguments
2151 * @return 0 ok, 1 on error
2154 main (int argc, char *const *argv)
2156 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2157 GNUNET_GETOPT_OPTION_END
2160 return (GNUNET_OK ==
2161 GNUNET_PROGRAM_run (argc, argv, "gnunet-daemon-exit",
2163 ("Daemon to run to provide an IP exit node for the VPN"),
2164 options, &run, NULL)) ? 0 : 1;
2168 /* end of gnunet-daemon-exit.c */
projects / oweals / gnunet.git / blob