2 This file is part of GNUnet.
3 Copyright (C) 2007-2016 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
22 * @author Christian Grothoff
23 * @author Milan Bouchet-Valat
26 * Service for handling UPnP and NAT-PMP port forwarding
27 * and external IP address retrieval
30 #include "gnunet_nat_service.h"
36 * Entry in DLL of addresses of this peer.
44 struct AddrEntry *next;
49 struct AddrEntry *prev;
52 * Number of bytes that follow.
59 * Handle for active NAT registrations.
61 struct GNUNET_NAT_Handle
65 * Configuration we use.
67 const struct GNUNET_CONFIGURATION_Handle *cfg;
70 * Message queue for communicating with the NAT service.
72 struct GNUNET_MQ_Handle *mq;
75 * Our registration message.
77 struct GNUNET_MessageHeader *reg;
80 * Head of address DLL.
82 struct AddrEntry *ae_head;
85 * Tail of address DLL.
87 struct AddrEntry *ae_tail;
90 * Function to call when our addresses change.
92 GNUNET_NAT_AddressCallback address_callback;
95 * Function to call when another peer requests connection reversal.
97 GNUNET_NAT_ReversalCallback reversal_callback;
100 * Closure for the various callbacks.
105 * Task scheduled to reconnect to the service.
107 struct GNUNET_SCHEDULER_Task *reconnect_task;
110 * How long to wait until we reconnect.
112 struct GNUNET_TIME_Relative reconnect_delay;
117 * Task to connect to the NAT service.
119 * @param cls our `struct GNUNET_NAT_Handle *`
122 do_connect (void *cls);
126 * Task to connect to the NAT service.
128 * @param nh handle to reconnect
131 reconnect (struct GNUNET_NAT_Handle *nh)
135 GNUNET_MQ_destroy (nh->mq);
139 = GNUNET_TIME_STD_BACKOFF (nh->reconnect_delay);
141 = GNUNET_SCHEDULER_add_delayed (nh->reconnect_delay,
148 * Check connection reversal request.
150 * @param cls our `struct GNUNET_NAT_Handle`
151 * @param crm the message
152 * @return #GNUNET_OK if @a crm is well-formed
155 check_connection_reversal_request (void *cls,
156 const struct GNUNET_NAT_ConnectionReversalRequestedMessage *crm)
158 if (ntohs (crm->header.size) !=
160 ntohs (crm->local_addr_size) +
161 ntohs (crm->remote_addr_size) )
164 return GNUNET_SYSERR;
166 if ( (sizeof (struct sockaddr_in) != ntohs (crm->local_addr_size)) ||
167 (sizeof (struct sockaddr_in) != ntohs (crm->remote_addr_size)) )
170 return GNUNET_SYSERR;
177 * Handle connection reversal request.
179 * @param cls our `struct GNUNET_NAT_Handle`
180 * @param crm the message
183 handle_connection_reversal_request (void *cls,
184 const struct GNUNET_NAT_ConnectionReversalRequestedMessage *crm)
186 struct GNUNET_NAT_Handle *nh = cls;
187 const struct sockaddr_in *local_sa = (const struct sockaddr_in *) &crm[1];
188 const struct sockaddr_in *remote_sa = &local_sa[1];
190 nh->reversal_callback (nh->callback_cls,
191 (const struct sockaddr *) local_sa,
192 sizeof (struct sockaddr_in),
193 (const struct sockaddr *) remote_sa,
194 sizeof (struct sockaddr_in));
199 * Check address change notification.
201 * @param cls our `struct GNUNET_NAT_Handle`
202 * @param acn the message
203 * @return #GNUNET_OK if @a crm is well-formed
206 check_address_change_notification (void *cls,
207 const struct GNUNET_NAT_AddressChangeNotificationMessage *acn)
209 size_t alen = ntohs (acn->header.size) - sizeof (*acn);
213 case sizeof (struct sockaddr_in):
215 const struct sockaddr_in *s4
216 = (const struct sockaddr_in *) &acn[1];
217 if (AF_INET != s4->sin_family)
220 return GNUNET_SYSERR;
224 case sizeof (struct sockaddr_in6):
226 const struct sockaddr_in6 *s6
227 = (const struct sockaddr_in6 *) &acn[1];
228 if (AF_INET6 != s6->sin6_family)
231 return GNUNET_SYSERR;
237 return GNUNET_SYSERR;
244 * Handle connection reversal request.
246 * @param cls our `struct GNUNET_NAT_Handle`
247 * @param acn the message
250 handle_address_change_notification (void *cls,
251 const struct GNUNET_NAT_AddressChangeNotificationMessage *acn)
253 struct GNUNET_NAT_Handle *nh = cls;
254 size_t alen = ntohs (acn->header.size) - sizeof (*acn);
255 const struct sockaddr *sa = (const struct sockaddr *) &acn[1];
256 enum GNUNET_NAT_AddressClass ac;
257 struct AddrEntry *ae;
259 ac = (enum GNUNET_NAT_AddressClass) ntohl (acn->addr_class);
260 if (GNUNET_YES == ntohl (acn->add_remove))
262 ae = GNUNET_malloc (sizeof (*ae) + alen);
264 GNUNET_memcpy (&ae[1],
267 GNUNET_CONTAINER_DLL_insert (nh->ae_head,
273 for (ae = nh->ae_head; NULL != ae; ae = ae->next)
274 if ( (ae->addrlen == alen) &&
275 (0 == memcmp (&ae[1],
285 GNUNET_CONTAINER_DLL_remove (nh->ae_head,
290 nh->address_callback (nh->callback_cls,
291 ntohl (acn->add_remove),
299 * Handle queue errors by reconnecting to NAT.
301 * @param cls the `struct GNUNET_NAT_Handle *`
302 * @param error details about the error
305 mq_error_handler (void *cls,
306 enum GNUNET_MQ_Error error)
308 struct GNUNET_NAT_Handle *nh = cls;
315 * Task to connect to the NAT service.
317 * @param cls our `struct GNUNET_NAT_Handle *`
320 do_connect (void *cls)
322 struct GNUNET_NAT_Handle *nh = cls;
323 struct GNUNET_MQ_MessageHandler handlers[] = {
324 GNUNET_MQ_hd_var_size (connection_reversal_request,
325 GNUNET_MESSAGE_TYPE_NAT_CONNECTION_REVERSAL_REQUESTED,
326 struct GNUNET_NAT_ConnectionReversalRequestedMessage,
328 GNUNET_MQ_hd_var_size (address_change_notification,
329 GNUNET_MESSAGE_TYPE_NAT_ADDRESS_CHANGE,
330 struct GNUNET_NAT_AddressChangeNotificationMessage,
332 GNUNET_MQ_handler_end ()
334 struct GNUNET_MQ_Envelope *env;
336 nh->reconnect_task = NULL;
337 nh->mq = GNUNET_CLIENT_connecT (nh->cfg,
347 env = GNUNET_MQ_msg_copy (nh->reg);
348 GNUNET_MQ_send (nh->mq,
354 * Attempt to enable port redirection and detect public IP address
355 * contacting UPnP or NAT-PMP routers on the local network. Use @a
356 * addr to specify to which of the local host's addresses should the
357 * external port be mapped. The port is taken from the corresponding
358 * sockaddr_in[6] field. The NAT module should call the given @a
359 * address_callback for any 'plausible' external address.
361 * @param cfg configuration to use
362 * @param proto protocol this is about, IPPROTO_TCP or IPPROTO_UDP
363 * @param adv_port advertised port (port we are either bound to or that our OS
364 * locally performs redirection from to our bound port).
365 * @param num_addrs number of addresses in @a addrs
366 * @param addrs list of local addresses packets should be redirected to
367 * @param addrlens actual lengths of the addresses in @a addrs
368 * @param address_callback function to call everytime the public IP address changes
369 * @param reversal_callback function to call if someone wants connection reversal from us,
370 * NULL if connection reversal is not supported
371 * @param callback_cls closure for callbacks
372 * @return NULL on error, otherwise handle that can be used to unregister
374 struct GNUNET_NAT_Handle *
375 GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg,
378 unsigned int num_addrs,
379 const struct sockaddr **addrs,
380 const socklen_t *addrlens,
381 GNUNET_NAT_AddressCallback address_callback,
382 GNUNET_NAT_ReversalCallback reversal_callback,
385 struct GNUNET_NAT_Handle *nh;
386 struct GNUNET_NAT_RegisterMessage *rm;
391 for (unsigned int i=0;i<num_addrs;i++)
393 if ( (len > GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*rm)) ||
394 (num_addrs > UINT16_MAX) )
399 rm = GNUNET_malloc (sizeof (*rm) + len);
400 rm->header.size = htons (sizeof (*rm) + len);
401 rm->header.type = htons (GNUNET_MESSAGE_TYPE_NAT_REGISTER);
402 rm->flags = GNUNET_NAT_RF_NONE;
403 if (NULL != address_callback)
404 rm->flags |= GNUNET_NAT_RF_ADDRESSES;
405 if (NULL != reversal_callback)
406 rm->flags |= GNUNET_NAT_RF_REVERSAL;
408 rm->adv_port = htons (adv_port);
409 rm->num_addrs = htons ((uint16_t) num_addrs);
410 off = (char *) &rm[1];
411 for (unsigned int i=0;i<num_addrs;i++)
413 switch (addrs[i]->sa_family)
416 if (sizeof (struct sockaddr_in) != addrlens[i])
423 if (sizeof (struct sockaddr_in6) != addrlens[i])
431 if (sizeof (struct sockaddr_un) != addrlens[i])
448 nh = GNUNET_new (struct GNUNET_NAT_Handle);
449 nh->reg = &rm->header;
451 nh->address_callback = address_callback;
452 nh->reversal_callback = reversal_callback;
453 nh->callback_cls = callback_cls;
460 * Check if an incoming message is a STUN message.
462 * @param data the packet
463 * @param len the length of the packet in @a data
464 * @return #GNUNET_YES if @a data is a STUN packet,
465 * #GNUNET_NO if the packet is invalid (not a stun packet)
468 test_stun_packet (const void *data,
471 const struct stun_header *hdr;
472 const struct stun_attr *attr;
473 uint32_t advertised_message_size;
474 uint32_t message_magic_cookie;
476 /* On entry, 'len' is the length of the UDP payload. After the
477 * initial checks it becomes the size of unprocessed options,
478 * while 'data' is advanced accordingly.
480 if (len < sizeof(struct stun_header))
482 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
483 "STUN packet too short (only %d, wanting at least %d)\n",
485 (int) sizeof (struct stun_header));
488 hdr = (const struct stun_header *) data;
489 /* Skip header as it is already in hdr */
490 len -= sizeof (struct stun_header);
491 data += sizeof (struct stun_header);
493 /* len as advertised in the message */
494 advertised_message_size = ntohs (hdr->msglen);
496 message_magic_cookie = ntohl (hdr->magic);
497 /* Compare if the cookie match */
498 if (STUN_MAGIC_COOKIE != message_magic_cookie)
500 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
501 "Invalid magic cookie for STUN\n");
505 if (advertised_message_size > len)
507 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
508 "Scrambled STUN packet length (got %d, expecting %d)\n",
509 advertised_message_size,
513 len = advertised_message_size;
516 if (len < sizeof (struct stun_attr))
518 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
519 "Attribute too short in STUN packet (got %d, expecting %d)\n",
521 (int) sizeof(struct stun_attr));
524 attr = (const struct stun_attr *) data;
526 /* compute total attribute length */
527 advertised_message_size = ntohs (attr->len) + sizeof(struct stun_attr);
529 /* Check if we still have space in our buffer */
530 if (advertised_message_size > len)
532 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
533 "Inconsistent Attribute (length %d exceeds remaining msg len %d)\n",
534 advertised_message_size,
538 data += advertised_message_size;
539 len -= advertised_message_size;
541 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
542 "STUN Packet, msg %04x, length: %d\n",
543 ntohs (hdr->msgtype),
544 advertised_message_size);
550 * Handle an incoming STUN message. This function is useful as
551 * some GNUnet service may be listening on a UDP port and might
552 * thus receive STUN messages while trying to receive other data.
553 * In this case, this function can be used to process replies
556 * The function does some basic sanity checks on packet size and
557 * content, try to extract a bit of information.
559 * At the moment this only processes BIND requests, and returns the
560 * externally visible address of the request to the rest of the
563 * @param nh handle to the NAT service
564 * @param sender_addr address from which we got @a data
565 * @param sender_addr_len number of bytes in @a sender_addr
566 * @param data the packet
567 * @param data_size number of bytes in @a data
568 * @return #GNUNET_OK on success
569 * #GNUNET_NO if the packet is not a STUN packet
570 * #GNUNET_SYSERR on internal error handling the packet
573 GNUNET_NAT_stun_handle_packet (struct GNUNET_NAT_Handle *nh,
574 const struct sockaddr *sender_addr,
575 size_t sender_addr_len,
579 struct GNUNET_MQ_Envelope *env;
580 struct GNUNET_NAT_HandleStunMessage *hsn;
584 test_stun_packet (data,
588 return GNUNET_SYSERR;
589 env = GNUNET_MQ_msg_extra (hsn,
590 data_size + sender_addr_len,
591 GNUNET_MESSAGE_TYPE_NAT_HANDLE_STUN);
592 hsn->sender_addr_size = htons ((uint16_t) sender_addr_len);
593 hsn->payload_size = htons ((uint16_t) data_size);
594 buf = (char *) &hsn[1];
598 buf += sender_addr_len;
602 GNUNET_MQ_send (nh->mq,
609 * Test if the given address is (currently) a plausible IP address for
610 * this peer. Mostly a convenience function so that clients do not
611 * have to explicitly track all IPs that the #GNUNET_NAT_AddressCallback
612 * has returned so far.
614 * @param nh the handle returned by register
615 * @param addr IP address to test (IPv4 or IPv6)
616 * @param addrlen number of bytes in @a addr
617 * @return #GNUNET_YES if the address is plausible,
618 * #GNUNET_NO if the address is not plausible,
619 * #GNUNET_SYSERR if the address is malformed
622 GNUNET_NAT_test_address (struct GNUNET_NAT_Handle *nh,
626 struct AddrEntry *ae;
628 if ( (addrlen != sizeof (struct sockaddr_in)) &&
629 (addrlen != sizeof (struct sockaddr_in6)) )
632 return GNUNET_SYSERR;
634 for (ae = nh->ae_head; NULL != ae; ae = ae->next)
635 if ( (addrlen == ae->addrlen) &&
645 * We learned about a peer (possibly behind NAT) so run the
646 * gnunet-nat-client to send dummy ICMP responses to cause
647 * that peer to connect to us (connection reversal).
649 * @param nh handle (used for configuration)
650 * @param local_sa our local address of the peer (IPv4-only)
651 * @param remote_sa the remote address of the peer (IPv4-only)
652 * @return #GNUNET_SYSERR on error,
653 * #GNUNET_NO if connection reversal is unavailable,
654 * #GNUNET_OK otherwise (presumably in progress)
657 GNUNET_NAT_request_reversal (struct GNUNET_NAT_Handle *nh,
658 const struct sockaddr_in *local_sa,
659 const struct sockaddr_in *remote_sa)
661 struct GNUNET_MQ_Envelope *env;
662 struct GNUNET_NAT_RequestConnectionReversalMessage *req;
666 return GNUNET_SYSERR;
667 env = GNUNET_MQ_msg_extra (req,
668 2 * sizeof (struct sockaddr_in),
669 GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL);
670 req->local_addr_size = htons (sizeof (struct sockaddr_in));
671 req->remote_addr_size = htons (sizeof (struct sockaddr_in));
672 buf = (char *) &req[1];
675 sizeof (struct sockaddr_in));
676 buf += sizeof (struct sockaddr_in);
679 sizeof (struct sockaddr_in));
680 GNUNET_MQ_send (nh->mq,
687 * Stop port redirection and public IP address detection for the given
688 * handle. This frees the handle, after having sent the needed
689 * commands to close open ports.
691 * @param nh the handle to stop
694 GNUNET_NAT_unregister (struct GNUNET_NAT_Handle *nh)
696 GNUNET_MQ_destroy (nh->mq);
697 GNUNET_free (nh->reg);
704 * Handle to auto-configuration in progress.
706 struct GNUNET_NAT_AutoHandle
710 * Configuration we use.
712 const struct GNUNET_CONFIGURATION_Handle *cfg;
715 * Message queue for communicating with the NAT service.
717 struct GNUNET_MQ_Handle *mq;
720 * Function called with the result from the autoconfiguration.
722 GNUNET_NAT_AutoResultCallback arc;
725 * Closure for @e arc.
733 * Converts `enum GNUNET_NAT_StatusCode` to string
735 * @param err error code to resolve to a string
736 * @return point to a static string containing the error code
739 GNUNET_NAT_status2string (enum GNUNET_NAT_StatusCode err)
743 case GNUNET_NAT_ERROR_SUCCESS:
744 return _ ("Operation Successful");
745 case GNUNET_NAT_ERROR_IPC_FAILURE:
746 return _ ("IPC failure");
747 case GNUNET_NAT_ERROR_INTERNAL_NETWORK_ERROR:
748 return _ ("Failure in network subsystem, check permissions.");
749 case GNUNET_NAT_ERROR_TIMEOUT:
750 return _ ("Encountered timeout while performing operation");
751 case GNUNET_NAT_ERROR_NOT_ONLINE:
752 return _ ("detected that we are offline");
753 case GNUNET_NAT_ERROR_UPNPC_NOT_FOUND:
754 return _ ("`upnpc` command not found");
755 case GNUNET_NAT_ERROR_UPNPC_FAILED:
756 return _ ("Failed to run `upnpc` command");
757 case GNUNET_NAT_ERROR_UPNPC_TIMEOUT:
758 return _ ("`upnpc' command took too long, process killed");
759 case GNUNET_NAT_ERROR_UPNPC_PORTMAP_FAILED:
760 return _ ("`upnpc' command failed to establish port mapping");
761 case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_NOT_FOUND:
762 return _ ("`external-ip' command not found");
763 case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_FAILED:
764 return _ ("Failed to run `external-ip` command");
765 case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_OUTPUT_INVALID:
766 return _ ("`external-ip' command output invalid");
767 case GNUNET_NAT_ERROR_EXTERNAL_IP_ADDRESS_INVALID:
768 return _ ("no valid address was returned by `external-ip'");
769 case GNUNET_NAT_ERROR_NO_VALID_IF_IP_COMBO:
770 return _ ("Could not determine interface with internal/local network address");
771 case GNUNET_NAT_ERROR_HELPER_NAT_SERVER_NOT_FOUND:
772 return _ ("No functioning gnunet-helper-nat-server installation found");
773 case GNUNET_NAT_ERROR_NAT_TEST_START_FAILED:
774 return _ ("NAT test could not be initialized");
775 case GNUNET_NAT_ERROR_NAT_TEST_TIMEOUT:
776 return _ ("NAT test timeout reached");
777 case GNUNET_NAT_ERROR_NAT_REGISTER_FAILED:
778 return _ ("could not register NAT");
779 case GNUNET_NAT_ERROR_HELPER_NAT_CLIENT_NOT_FOUND:
780 return _ ("No working gnunet-helper-nat-client installation found");
782 return "unknown status code";
788 * Check result from autoconfiguration attempt.
790 * @param cls the `struct GNUNET_NAT_AutoHandle`
791 * @param res the result
792 * @return #GNUNET_OK if @a res is well-formed (always for now)
795 check_auto_result (void *cls,
796 const struct GNUNET_NAT_AutoconfigResultMessage *res)
803 * Handle result from autoconfiguration attempt.
805 * @param cls the `struct GNUNET_NAT_AutoHandle`
806 * @param res the result
809 handle_auto_result (void *cls,
810 const struct GNUNET_NAT_AutoconfigResultMessage *res)
812 struct GNUNET_NAT_AutoHandle *ah = cls;
814 struct GNUNET_CONFIGURATION_Handle *cfg;
815 enum GNUNET_NAT_Type type
816 = (enum GNUNET_NAT_Type) ntohl (res->type);
817 enum GNUNET_NAT_StatusCode status
818 = (enum GNUNET_NAT_StatusCode) ntohl (res->status_code);
820 left = ntohs (res->header.size) - sizeof (*res);
821 cfg = GNUNET_CONFIGURATION_create ();
823 GNUNET_CONFIGURATION_deserialize (cfg,
824 (const char *) &res[1],
829 ah->arc (ah->arc_cls,
831 GNUNET_NAT_ERROR_IPC_FAILURE,
836 ah->arc (ah->arc_cls,
841 GNUNET_CONFIGURATION_destroy (cfg);
842 GNUNET_NAT_autoconfig_cancel (ah);
847 * Handle queue errors by reporting autoconfiguration failure.
849 * @param cls the `struct GNUNET_NAT_AutoHandle *`
850 * @param error details about the error
853 ah_error_handler (void *cls,
854 enum GNUNET_MQ_Error error)
856 struct GNUNET_NAT_AutoHandle *ah = cls;
858 ah->arc (ah->arc_cls,
860 GNUNET_NAT_ERROR_IPC_FAILURE,
861 GNUNET_NAT_TYPE_UNKNOWN);
862 GNUNET_NAT_autoconfig_cancel (ah);
867 * Start auto-configuration routine. The transport adapters should
868 * be stopped while this function is called.
870 * @param cfg initial configuration
871 * @param cb function to call with autoconfiguration result
872 * @param cb_cls closure for @a cb
873 * @return handle to cancel operation
875 struct GNUNET_NAT_AutoHandle *
876 GNUNET_NAT_autoconfig_start (const struct GNUNET_CONFIGURATION_Handle *cfg,
877 GNUNET_NAT_AutoResultCallback cb,
880 struct GNUNET_NAT_AutoHandle *ah = GNUNET_new (struct GNUNET_NAT_AutoHandle);
881 struct GNUNET_MQ_MessageHandler handlers[] = {
882 GNUNET_MQ_hd_var_size (auto_result,
883 GNUNET_MESSAGE_TYPE_NAT_AUTO_CFG_RESULT,
884 struct GNUNET_NAT_AutoconfigResultMessage,
886 GNUNET_MQ_handler_end ()
888 struct GNUNET_MQ_Envelope *env;
889 struct GNUNET_NAT_AutoconfigRequestMessage *req;
893 buf = GNUNET_CONFIGURATION_serialize (cfg,
895 if (size > GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*req))
903 ah->arc_cls = cb_cls;
904 ah->mq = GNUNET_CLIENT_connecT (cfg,
916 env = GNUNET_MQ_msg_extra (req,
918 GNUNET_MESSAGE_TYPE_NAT_REQUEST_AUTO_CFG);
919 GNUNET_memcpy (&req[1],
923 GNUNET_MQ_send (ah->mq,
930 * Abort autoconfiguration.
932 * @param ah handle for operation to abort
935 GNUNET_NAT_autoconfig_cancel (struct GNUNET_NAT_AutoHandle *ah)
937 GNUNET_MQ_destroy (ah->mq);
941 /* end of nat_api.c */