2 This file is part of GNUnet.
3 Copyright (C) 2010 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
17 * @file src/nat/gnunet-helper-nat-server.c
18 * @brief Tool to help bypass NATs using ICMP method; must run as root (SUID will do)
19 * This code will work under GNU/Linux only (or maybe BSDs, but never W32)
20 * @author Christian Grothoff
22 * This program will send ONE ICMP message every 500 ms RAW sockets
23 * to a DUMMY IP address and also listens for ICMP replies. Since
24 * it uses RAW sockets, it must be installed SUID or run as 'root'.
25 * In order to keep the security risk of the resulting SUID binary
26 * minimal, the program ONLY opens the two RAW sockets with root
27 * privileges, then drops them and only then starts to process
28 * command line arguments. The code also does not link against
29 * any shared libraries (except libc) and is strictly minimal
30 * (except for checking for errors). The following list of people
31 * have reviewed this code and considered it safe since the last
32 * modification (if you reviewed it, please have your name added
35 * - Christian Grothoff
37 * - Benjamin Kuperman (22 Aug 2010)
38 * - Jacob Appelbaum (19 Dec 2011)
41 /* Just needed for HAVE_SOCKADDR_IN_SIN_LEN test macro! */
42 #include "gnunet_config.h"
46 #include <sys/types.h>
47 #include <sys/socket.h>
48 #include <arpa/inet.h>
49 #include <sys/select.h>
51 #include <sys/types.h>
59 #include <netinet/ip.h>
60 #include <netinet/ip_icmp.h>
61 #include <netinet/in.h>
63 /* The following constant is missing from FreeBSD 9.2 */
64 #ifndef ICMP_TIME_EXCEEDED
65 #define ICMP_TIME_EXCEEDED 11
69 * Call memcpy() but check for @a n being 0 first. In the latter
70 * case, it is now safe to pass NULL for @a src or @a dst.
71 * Unlike traditional memcpy(), returns nothing.
73 * @param dst destination of the copy, may be NULL if @a n is zero
74 * @param src source of the copy, may be NULL if @a n is zero
75 * @param n number of bytes to copy
77 #define GNUNET_memcpy(dst,src,n) do { if (0 != n) { (void) memcpy (dst,src,n); } } while (0)
80 * Should we print some debug output?
85 * Must match packet ID used by gnunet-helper-nat-client.c
90 * Must match IP given in the client.
92 #define DUMMY_IP "192.0.2.86"
97 #define NAT_TRAV_PORT 22225
100 * How often do we send our ICMP messages to receive replies?
102 #define ICMP_SEND_FREQUENCY_MS 500
111 * Version (4 bits) + Internet header length (4 bits)
131 * Flags (3 bits) + Fragment offset (13 bits)
133 uint16_t flags_frag_offset;
156 * Destination address
162 * Format of ICMP packet.
164 struct icmp_ttl_exceeded_header
174 /* followed by original payload */
177 struct icmp_echo_header
190 * Beginning of UDP packet.
204 * Socket we use to receive "fake" ICMP replies.
209 * Socket we use to send our ICMP requests.
214 * Socket we use to send our UDP requests.
219 * Target "dummy" address.
221 static struct in_addr dummy;
225 * CRC-16 for IP/ICMP headers.
227 * @param data what to calculate the CRC over
228 * @param bytes number of bytes in data (must be multiple of 2)
229 * @return the CRC 16.
232 calc_checksum (const uint16_t * data, unsigned int bytes)
238 for (i = 0; i < bytes / 2; i++)
240 sum = (sum & 0xffff) + (sum >> 16);
241 sum = htons (0xffff - sum);
247 * Send an ICMP message to the dummy IP.
249 * @param my_ip source address (our ip address)
252 send_icmp_echo (const struct in_addr *my_ip)
254 char packet[sizeof (struct ip_header) + sizeof (struct icmp_echo_header)];
255 struct icmp_echo_header icmp_echo;
256 struct ip_header ip_pkt;
257 struct sockaddr_in dst;
262 ip_pkt.vers_ihl = 0x45;
264 ip_pkt.pkt_len = htons (sizeof (packet));
265 ip_pkt.id = htons (PACKET_ID);
266 ip_pkt.flags_frag_offset = 0;
267 ip_pkt.ttl = IPDEFTTL;
268 ip_pkt.proto = IPPROTO_ICMP;
270 ip_pkt.src_ip = my_ip->s_addr;
271 ip_pkt.dst_ip = dummy.s_addr;
273 htons (calc_checksum ((uint16_t *) & ip_pkt,
274 sizeof (struct ip_header)));
275 GNUNET_memcpy (&packet[off],
277 sizeof (struct ip_header));
278 off += sizeof (struct ip_header);
280 icmp_echo.type = ICMP_ECHO;
282 icmp_echo.checksum = 0;
283 icmp_echo.reserved = 0;
286 ((uint16_t *) & icmp_echo,
287 sizeof (struct icmp_echo_header)));
288 GNUNET_memcpy (&packet[off],
290 sizeof (struct icmp_echo_header));
291 off += sizeof (struct icmp_echo_header);
293 memset (&dst, 0, sizeof (dst));
294 dst.sin_family = AF_INET;
295 #if HAVE_SOCKADDR_IN_SIN_LEN
296 dst.sin_len = sizeof (struct sockaddr_in);
298 dst.sin_addr = dummy;
299 err = sendto (rawsock,
303 (struct sockaddr *) &dst,
309 "sendto failed: %s\n",
313 else if (sizeof (packet) != err)
316 "Error: partial send of ICMP message\n");
322 * Send a UDP message to the dummy IP.
327 struct sockaddr_in dst;
330 memset (&dst, 0, sizeof (dst));
331 dst.sin_family = AF_INET;
332 #if HAVE_SOCKADDR_IN_SIN_LEN
333 dst.sin_len = sizeof (struct sockaddr_in);
335 dst.sin_addr = dummy;
336 dst.sin_port = htons (NAT_TRAV_PORT);
337 err = sendto (udpsock,
341 (struct sockaddr *) &dst,
347 "sendto failed: %s\n",
354 "Error: partial send of ICMP message\n");
360 * We've received an ICMP response. Process it.
363 process_icmp_response ()
367 struct in_addr source_ip;
368 struct ip_header ip_pkt;
369 struct icmp_ttl_exceeded_header icmp_ttl;
370 struct icmp_echo_header icmp_echo;
371 struct udp_header udp_pkt;
375 have = read (icmpsock, buf, sizeof (buf));
379 "Error reading raw socket: %s\n",
385 "Received message of %u bytes\n",
386 (unsigned int) have);
389 (ssize_t) (sizeof (struct ip_header) +
390 sizeof (struct icmp_ttl_exceeded_header) +
391 sizeof (struct ip_header)))
397 GNUNET_memcpy (&ip_pkt,
399 sizeof (struct ip_header));
400 off += sizeof (struct ip_header);
401 GNUNET_memcpy (&icmp_ttl,
403 sizeof (struct icmp_ttl_exceeded_header));
404 off += sizeof (struct icmp_ttl_exceeded_header);
405 if ((ICMP_TIME_EXCEEDED != icmp_ttl.type) || (0 != icmp_ttl.code))
407 /* different type than what we want */
410 /* grab source IP of 1st IP header */
411 source_ip.s_addr = ip_pkt.src_ip;
413 /* skip 2nd IP header */
414 GNUNET_memcpy (&ip_pkt,
416 sizeof (struct ip_header));
417 off += sizeof (struct ip_header);
419 switch (ip_pkt.proto)
423 (sizeof (struct ip_header) * 2 +
424 sizeof (struct icmp_ttl_exceeded_header) +
425 sizeof (struct icmp_echo_header)))
430 /* grab ICMP ECHO content */
431 GNUNET_memcpy (&icmp_echo,
433 sizeof (struct icmp_echo_header));
434 port = (uint16_t) ntohl (icmp_echo.reserved);
438 (sizeof (struct ip_header) * 2 +
439 sizeof (struct icmp_ttl_exceeded_header) + sizeof (struct udp_header)))
444 /* grab UDP content */
445 GNUNET_memcpy (&udp_pkt,
447 sizeof (struct udp_header));
448 port = ntohs (udp_pkt.length);
451 /* different type than what we want */
456 fprintf (stdout, "%s\n",
457 inet_ntop (AF_INET, &source_ip, buf, sizeof (buf)));
459 fprintf (stdout, "%s:%u\n",
460 inet_ntop (AF_INET, &source_ip, buf, sizeof (buf)),
461 (unsigned int) port);
467 * Fully initialize the raw socket.
469 * @return -1 on error, 0 on success
484 "setsockopt failed: %s\n",
496 "setsockopt failed: %s\n",
505 * Create a UDP socket for writing.
507 * @param my_ip source address (our ip address)
508 * @return -1 on error
511 make_udp_socket (const struct in_addr *my_ip)
514 struct sockaddr_in addr;
516 ret = socket (AF_INET, SOCK_DGRAM, 0);
520 "Error opening UDP socket: %s\n",
524 memset (&addr, 0, sizeof (addr));
525 addr.sin_family = AF_INET;
526 #if HAVE_SOCKADDR_IN_SIN_LEN
527 addr.sin_len = sizeof (struct sockaddr_in);
529 addr.sin_addr = *my_ip;
530 addr.sin_port = htons (NAT_TRAV_PORT);
533 (struct sockaddr *) &addr,
537 "Error binding UDP socket to port %u: %s\n",
551 struct in_addr external;
560 /* Create an ICMP raw socket for reading (we'll check errors later) */
561 icmpsock = socket (AF_INET,
566 /* Create an (ICMP) raw socket for writing (we'll check errors later) */
567 rawsock = socket (AF_INET,
573 /* drop root rights */
575 #ifdef HAVE_SETRESUID
576 if (0 != setresuid (uid, uid, uid))
579 "Failed to setresuid: %s\n",
585 if (0 != (setuid (uid) | seteuid (uid)))
588 "Failed to setuid: %s\n",
595 /* Now that we run without root rights, we can do error checking... */
599 "This program must be started with our (internal NAT) IP as the only argument.\n");
603 if (1 != inet_pton (AF_INET, argv[1], &external))
606 "Error parsing IPv4 address: %s\n",
611 if (1 != inet_pton (AF_INET, DUMMY_IP, &dummy))
614 "Internal error converting dummy IP to binary.\n");
619 /* error checking icmpsock */
623 "Error opening RAW socket: %s\n",
624 strerror (icmp_eno));
628 if (icmpsock >= FD_SETSIZE)
630 /* this could happen if we were started with a large number of already-open
631 file descriptors... */
633 "Socket number too large (%d > %u)\n",
635 (unsigned int) FD_SETSIZE);
640 /* error checking rawsock */
644 "Error opening RAW socket: %s\n",
649 /* no need to check 'rawsock' against FD_SETSIZE as it is never used
652 if (0 != setup_raw_socket ())
658 if (-1 == (udpsock = make_udp_socket (&external)))
668 FD_SET (icmpsock, &rs);
670 tv.tv_usec = ICMP_SEND_FREQUENCY_MS * 1000;
671 if (-1 == select (icmpsock + 1, &rs, NULL, NULL, &tv))
676 "select failed: %s\n",
680 if (1 == getppid ()) /* Check the parent process id, if 1 the parent has died, so we should die too */
682 if (FD_ISSET (icmpsock, &rs))
683 process_icmp_response ();
684 if (0 == (++alt % 2))
685 send_icmp_echo (&external);
690 /* select failed (internal error or OS out of resources) */
694 (void) close (icmpsock);
696 (void) close (rawsock);
698 (void) close (udpsock);
703 /* end of gnunet-helper-nat-server.c */