2 This file is part of GNUnet.
3 Copyright (C) 2007-2016 GNUnet e.V.
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
22 * @author Christian Grothoff
23 * @author Milan Bouchet-Valat
26 * Service for handling UPnP and NAT-PMP port forwarding
27 * and external IP address retrieval
30 #include "gnunet_nat_service.h"
36 * Entry in DLL of addresses of this peer.
44 struct AddrEntry *next;
49 struct AddrEntry *prev;
52 * Address class of the address.
54 enum GNUNET_NAT_AddressClass ac;
57 * Number of bytes that follow.
64 * Handle for active NAT registrations.
66 struct GNUNET_NAT_Handle
70 * Configuration we use.
72 const struct GNUNET_CONFIGURATION_Handle *cfg;
75 * Message queue for communicating with the NAT service.
77 struct GNUNET_MQ_Handle *mq;
80 * Our registration message.
82 struct GNUNET_MessageHeader *reg;
85 * Head of address DLL.
87 struct AddrEntry *ae_head;
90 * Tail of address DLL.
92 struct AddrEntry *ae_tail;
95 * Function to call when our addresses change.
97 GNUNET_NAT_AddressCallback address_callback;
100 * Function to call when another peer requests connection reversal.
102 GNUNET_NAT_ReversalCallback reversal_callback;
105 * Closure for the various callbacks.
110 * Task scheduled to reconnect to the service.
112 struct GNUNET_SCHEDULER_Task *reconnect_task;
115 * How long to wait until we reconnect.
117 struct GNUNET_TIME_Relative reconnect_delay;
122 * Task to connect to the NAT service.
124 * @param cls our `struct GNUNET_NAT_Handle *`
127 do_connect (void *cls);
131 * Task to connect to the NAT service.
133 * @param nh handle to reconnect
136 reconnect (struct GNUNET_NAT_Handle *nh)
138 struct AddrEntry *ae;
142 GNUNET_MQ_destroy (nh->mq);
145 while (NULL != (ae = nh->ae_head))
147 GNUNET_CONTAINER_DLL_remove (nh->ae_head,
150 nh->address_callback (nh->callback_cls,
153 (const struct sockaddr *) &ae[1],
158 = GNUNET_TIME_STD_BACKOFF (nh->reconnect_delay);
160 = GNUNET_SCHEDULER_add_delayed (nh->reconnect_delay,
167 * Check connection reversal request.
169 * @param cls our `struct GNUNET_NAT_Handle`
170 * @param crm the message
171 * @return #GNUNET_OK if @a crm is well-formed
174 check_connection_reversal_request (void *cls,
175 const struct GNUNET_NAT_ConnectionReversalRequestedMessage *crm)
177 if (ntohs (crm->header.size) !=
179 sizeof (struct sockaddr_in) )
182 return GNUNET_SYSERR;
189 * Handle connection reversal request.
191 * @param cls our `struct GNUNET_NAT_Handle`
192 * @param crm the message
195 handle_connection_reversal_request (void *cls,
196 const struct GNUNET_NAT_ConnectionReversalRequestedMessage *crm)
198 struct GNUNET_NAT_Handle *nh = cls;
200 nh->reversal_callback (nh->callback_cls,
201 (const struct sockaddr *) &crm[1],
202 sizeof (struct sockaddr_in));
207 * Check address change notification.
209 * @param cls our `struct GNUNET_NAT_Handle`
210 * @param acn the message
211 * @return #GNUNET_OK if @a crm is well-formed
214 check_address_change_notification (void *cls,
215 const struct GNUNET_NAT_AddressChangeNotificationMessage *acn)
217 size_t alen = ntohs (acn->header.size) - sizeof (*acn);
221 case sizeof (struct sockaddr_in):
223 const struct sockaddr_in *s4
224 = (const struct sockaddr_in *) &acn[1];
225 if (AF_INET != s4->sin_family)
228 return GNUNET_SYSERR;
232 case sizeof (struct sockaddr_in6):
234 const struct sockaddr_in6 *s6
235 = (const struct sockaddr_in6 *) &acn[1];
236 if (AF_INET6 != s6->sin6_family)
239 return GNUNET_SYSERR;
245 return GNUNET_SYSERR;
252 * Handle connection reversal request.
254 * @param cls our `struct GNUNET_NAT_Handle`
255 * @param acn the message
258 handle_address_change_notification (void *cls,
259 const struct GNUNET_NAT_AddressChangeNotificationMessage *acn)
261 struct GNUNET_NAT_Handle *nh = cls;
262 size_t alen = ntohs (acn->header.size) - sizeof (*acn);
263 const struct sockaddr *sa = (const struct sockaddr *) &acn[1];
264 enum GNUNET_NAT_AddressClass ac;
265 struct AddrEntry *ae;
267 ac = (enum GNUNET_NAT_AddressClass) ntohl (acn->addr_class);
268 if (GNUNET_YES == ntohl (acn->add_remove))
270 ae = GNUNET_malloc (sizeof (*ae) + alen);
273 GNUNET_memcpy (&ae[1],
276 GNUNET_CONTAINER_DLL_insert (nh->ae_head,
282 for (ae = nh->ae_head; NULL != ae; ae = ae->next)
283 if ( (ae->addrlen == alen) &&
284 (0 == memcmp (&ae[1],
294 GNUNET_CONTAINER_DLL_remove (nh->ae_head,
299 nh->address_callback (nh->callback_cls,
300 ntohl (acn->add_remove),
308 * Handle queue errors by reconnecting to NAT.
310 * @param cls the `struct GNUNET_NAT_Handle *`
311 * @param error details about the error
314 mq_error_handler (void *cls,
315 enum GNUNET_MQ_Error error)
317 struct GNUNET_NAT_Handle *nh = cls;
324 * Task to connect to the NAT service.
326 * @param cls our `struct GNUNET_NAT_Handle *`
329 do_connect (void *cls)
331 struct GNUNET_NAT_Handle *nh = cls;
332 struct GNUNET_MQ_MessageHandler handlers[] = {
333 GNUNET_MQ_hd_var_size (connection_reversal_request,
334 GNUNET_MESSAGE_TYPE_NAT_CONNECTION_REVERSAL_REQUESTED,
335 struct GNUNET_NAT_ConnectionReversalRequestedMessage,
337 GNUNET_MQ_hd_var_size (address_change_notification,
338 GNUNET_MESSAGE_TYPE_NAT_ADDRESS_CHANGE,
339 struct GNUNET_NAT_AddressChangeNotificationMessage,
341 GNUNET_MQ_handler_end ()
343 struct GNUNET_MQ_Envelope *env;
345 nh->reconnect_task = NULL;
346 nh->mq = GNUNET_CLIENT_connecT (nh->cfg,
356 env = GNUNET_MQ_msg_copy (nh->reg);
357 GNUNET_MQ_send (nh->mq,
363 * Attempt to enable port redirection and detect public IP address
364 * contacting UPnP or NAT-PMP routers on the local network. Use @a
365 * addr to specify to which of the local host's addresses should the
366 * external port be mapped. The port is taken from the corresponding
367 * sockaddr_in[6] field. The NAT module should call the given @a
368 * address_callback for any 'plausible' external address.
370 * @param cfg configuration to use
371 * @param proto protocol this is about, IPPROTO_TCP or IPPROTO_UDP
372 * @param hole_external hostname and port of manually punched hole in NAT, otherwise NULL (or empty string)
373 * @param num_addrs number of addresses in @a addrs
374 * @param addrs list of local addresses packets should be redirected to
375 * @param addrlens actual lengths of the addresses in @a addrs
376 * @param address_callback function to call everytime the public IP address changes
377 * @param reversal_callback function to call if someone wants connection reversal from us,
378 * NULL if connection reversal is not supported
379 * @param callback_cls closure for callbacks
380 * @return NULL on error, otherwise handle that can be used to unregister
382 struct GNUNET_NAT_Handle *
383 GNUNET_NAT_register (const struct GNUNET_CONFIGURATION_Handle *cfg,
385 const char *hole_external,
386 unsigned int num_addrs,
387 const struct sockaddr **addrs,
388 const socklen_t *addrlens,
389 GNUNET_NAT_AddressCallback address_callback,
390 GNUNET_NAT_ReversalCallback reversal_callback,
393 struct GNUNET_NAT_Handle *nh;
394 struct GNUNET_NAT_RegisterMessage *rm;
396 size_t hole_external_len;
400 for (unsigned int i=0;i<num_addrs;i++)
403 = (NULL == hole_external)
405 : strlen (hole_external);
406 len += hole_external_len;
407 if ( (len > GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*rm)) ||
408 (num_addrs > UINT16_MAX) )
413 rm = GNUNET_malloc (sizeof (*rm) + len);
414 rm->header.size = htons (sizeof (*rm) + len);
415 rm->header.type = htons (GNUNET_MESSAGE_TYPE_NAT_REGISTER);
416 rm->flags = GNUNET_NAT_RF_NONE;
417 if (NULL != address_callback)
418 rm->flags |= GNUNET_NAT_RF_ADDRESSES;
419 if (NULL != reversal_callback)
420 rm->flags |= GNUNET_NAT_RF_REVERSAL;
422 rm->hole_external_len = htons (hole_external_len);
423 rm->num_addrs = htons ((uint16_t) num_addrs);
424 off = (char *) &rm[1];
425 for (unsigned int i=0;i<num_addrs;i++)
427 switch (addrs[i]->sa_family)
430 if (sizeof (struct sockaddr_in) != addrlens[i])
437 if (sizeof (struct sockaddr_in6) != addrlens[i])
445 if (sizeof (struct sockaddr_un) != addrlens[i])
465 nh = GNUNET_new (struct GNUNET_NAT_Handle);
466 nh->reg = &rm->header;
468 nh->address_callback = address_callback;
469 nh->reversal_callback = reversal_callback;
470 nh->callback_cls = callback_cls;
477 * Check if an incoming message is a STUN message.
479 * @param data the packet
480 * @param len the length of the packet in @a data
481 * @return #GNUNET_YES if @a data is a STUN packet,
482 * #GNUNET_NO if the packet is invalid (not a stun packet)
485 test_stun_packet (const void *data,
488 const struct stun_header *hdr;
489 const struct stun_attr *attr;
490 uint32_t advertised_message_size;
491 uint32_t message_magic_cookie;
493 /* On entry, 'len' is the length of the UDP payload. After the
494 * initial checks it becomes the size of unprocessed options,
495 * while 'data' is advanced accordingly.
497 if (len < sizeof(struct stun_header))
499 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
500 "STUN packet too short (only %d, wanting at least %d)\n",
502 (int) sizeof (struct stun_header));
505 hdr = (const struct stun_header *) data;
506 /* Skip header as it is already in hdr */
507 len -= sizeof (struct stun_header);
508 data += sizeof (struct stun_header);
510 /* len as advertised in the message */
511 advertised_message_size = ntohs (hdr->msglen);
513 message_magic_cookie = ntohl (hdr->magic);
514 /* Compare if the cookie match */
515 if (STUN_MAGIC_COOKIE != message_magic_cookie)
517 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
518 "Invalid magic cookie for STUN\n");
522 if (advertised_message_size > len)
524 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
525 "Scrambled STUN packet length (got %d, expecting %d)\n",
526 advertised_message_size,
530 len = advertised_message_size;
533 if (len < sizeof (struct stun_attr))
535 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
536 "Attribute too short in STUN packet (got %d, expecting %d)\n",
538 (int) sizeof(struct stun_attr));
541 attr = (const struct stun_attr *) data;
543 /* compute total attribute length */
544 advertised_message_size = ntohs (attr->len) + sizeof(struct stun_attr);
546 /* Check if we still have space in our buffer */
547 if (advertised_message_size > len)
549 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
550 "Inconsistent Attribute (length %d exceeds remaining msg len %d)\n",
551 advertised_message_size,
555 data += advertised_message_size;
556 len -= advertised_message_size;
558 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
559 "STUN Packet, msg %04x, length: %d\n",
560 ntohs (hdr->msgtype),
561 advertised_message_size);
567 * Handle an incoming STUN message. This function is useful as
568 * some GNUnet service may be listening on a UDP port and might
569 * thus receive STUN messages while trying to receive other data.
570 * In this case, this function can be used to process replies
573 * The function does some basic sanity checks on packet size and
574 * content, try to extract a bit of information.
576 * At the moment this only processes BIND requests, and returns the
577 * externally visible address of the request to the rest of the
580 * @param nh handle to the NAT service
581 * @param sender_addr address from which we got @a data
582 * @param sender_addr_len number of bytes in @a sender_addr
583 * @param data the packet
584 * @param data_size number of bytes in @a data
585 * @return #GNUNET_OK on success
586 * #GNUNET_NO if the packet is not a STUN packet
587 * #GNUNET_SYSERR on internal error handling the packet
590 GNUNET_NAT_stun_handle_packet (struct GNUNET_NAT_Handle *nh,
591 const struct sockaddr *sender_addr,
592 size_t sender_addr_len,
596 struct GNUNET_MQ_Envelope *env;
597 struct GNUNET_NAT_HandleStunMessage *hsn;
601 test_stun_packet (data,
605 return GNUNET_SYSERR;
606 env = GNUNET_MQ_msg_extra (hsn,
607 data_size + sender_addr_len,
608 GNUNET_MESSAGE_TYPE_NAT_HANDLE_STUN);
609 hsn->sender_addr_size = htons ((uint16_t) sender_addr_len);
610 hsn->payload_size = htons ((uint16_t) data_size);
611 buf = (char *) &hsn[1];
615 buf += sender_addr_len;
619 GNUNET_MQ_send (nh->mq,
626 * Test if the given address is (currently) a plausible IP address for
627 * this peer. Mostly a convenience function so that clients do not
628 * have to explicitly track all IPs that the #GNUNET_NAT_AddressCallback
629 * has returned so far.
631 * @param nh the handle returned by register
632 * @param addr IP address to test (IPv4 or IPv6)
633 * @param addrlen number of bytes in @a addr
634 * @return #GNUNET_YES if the address is plausible,
635 * #GNUNET_NO if the address is not plausible,
636 * #GNUNET_SYSERR if the address is malformed
639 GNUNET_NAT_test_address (struct GNUNET_NAT_Handle *nh,
643 struct AddrEntry *ae;
645 if ( (addrlen != sizeof (struct sockaddr_in)) &&
646 (addrlen != sizeof (struct sockaddr_in6)) )
649 return GNUNET_SYSERR;
651 for (ae = nh->ae_head; NULL != ae; ae = ae->next)
652 if ( (addrlen == ae->addrlen) &&
662 * We learned about a peer (possibly behind NAT) so run the
663 * gnunet-nat-client to send dummy ICMP responses to cause
664 * that peer to connect to us (connection reversal).
666 * @param nh handle (used for configuration)
667 * @param local_sa our local address of the peer (IPv4-only)
668 * @param remote_sa the remote address of the peer (IPv4-only)
669 * @return #GNUNET_SYSERR on error,
670 * #GNUNET_NO if connection reversal is unavailable,
671 * #GNUNET_OK otherwise (presumably in progress)
674 GNUNET_NAT_request_reversal (struct GNUNET_NAT_Handle *nh,
675 const struct sockaddr_in *local_sa,
676 const struct sockaddr_in *remote_sa)
678 struct GNUNET_MQ_Envelope *env;
679 struct GNUNET_NAT_RequestConnectionReversalMessage *req;
683 return GNUNET_SYSERR;
684 env = GNUNET_MQ_msg_extra (req,
685 2 * sizeof (struct sockaddr_in),
686 GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL);
687 req->local_addr_size = htons (sizeof (struct sockaddr_in));
688 req->remote_addr_size = htons (sizeof (struct sockaddr_in));
689 buf = (char *) &req[1];
692 sizeof (struct sockaddr_in));
693 buf += sizeof (struct sockaddr_in);
696 sizeof (struct sockaddr_in));
697 GNUNET_MQ_send (nh->mq,
704 * Stop port redirection and public IP address detection for the given
705 * handle. This frees the handle, after having sent the needed
706 * commands to close open ports.
708 * @param nh the handle to stop
711 GNUNET_NAT_unregister (struct GNUNET_NAT_Handle *nh)
713 GNUNET_MQ_destroy (nh->mq);
714 GNUNET_free (nh->reg);
721 * Handle to auto-configuration in progress.
723 struct GNUNET_NAT_AutoHandle
727 * Configuration we use.
729 const struct GNUNET_CONFIGURATION_Handle *cfg;
732 * Message queue for communicating with the NAT service.
734 struct GNUNET_MQ_Handle *mq;
737 * Function called with the result from the autoconfiguration.
739 GNUNET_NAT_AutoResultCallback arc;
742 * Closure for @e arc.
750 * Converts `enum GNUNET_NAT_StatusCode` to string
752 * @param err error code to resolve to a string
753 * @return point to a static string containing the error code
756 GNUNET_NAT_status2string (enum GNUNET_NAT_StatusCode err)
760 case GNUNET_NAT_ERROR_SUCCESS:
761 return _ ("Operation Successful");
762 case GNUNET_NAT_ERROR_IPC_FAILURE:
763 return _ ("IPC failure");
764 case GNUNET_NAT_ERROR_INTERNAL_NETWORK_ERROR:
765 return _ ("Failure in network subsystem, check permissions.");
766 case GNUNET_NAT_ERROR_TIMEOUT:
767 return _ ("Encountered timeout while performing operation");
768 case GNUNET_NAT_ERROR_NOT_ONLINE:
769 return _ ("detected that we are offline");
770 case GNUNET_NAT_ERROR_UPNPC_NOT_FOUND:
771 return _ ("`upnpc` command not found");
772 case GNUNET_NAT_ERROR_UPNPC_FAILED:
773 return _ ("Failed to run `upnpc` command");
774 case GNUNET_NAT_ERROR_UPNPC_TIMEOUT:
775 return _ ("`upnpc' command took too long, process killed");
776 case GNUNET_NAT_ERROR_UPNPC_PORTMAP_FAILED:
777 return _ ("`upnpc' command failed to establish port mapping");
778 case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_NOT_FOUND:
779 return _ ("`external-ip' command not found");
780 case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_FAILED:
781 return _ ("Failed to run `external-ip` command");
782 case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_OUTPUT_INVALID:
783 return _ ("`external-ip' command output invalid");
784 case GNUNET_NAT_ERROR_EXTERNAL_IP_ADDRESS_INVALID:
785 return _ ("no valid address was returned by `external-ip'");
786 case GNUNET_NAT_ERROR_NO_VALID_IF_IP_COMBO:
787 return _ ("Could not determine interface with internal/local network address");
788 case GNUNET_NAT_ERROR_HELPER_NAT_SERVER_NOT_FOUND:
789 return _ ("No functioning gnunet-helper-nat-server installation found");
790 case GNUNET_NAT_ERROR_NAT_TEST_START_FAILED:
791 return _ ("NAT test could not be initialized");
792 case GNUNET_NAT_ERROR_NAT_TEST_TIMEOUT:
793 return _ ("NAT test timeout reached");
794 case GNUNET_NAT_ERROR_NAT_REGISTER_FAILED:
795 return _ ("could not register NAT");
796 case GNUNET_NAT_ERROR_HELPER_NAT_CLIENT_NOT_FOUND:
797 return _ ("No working gnunet-helper-nat-client installation found");
799 return "unknown status code";
805 * Check result from autoconfiguration attempt.
807 * @param cls the `struct GNUNET_NAT_AutoHandle`
808 * @param res the result
809 * @return #GNUNET_OK if @a res is well-formed (always for now)
812 check_auto_result (void *cls,
813 const struct GNUNET_NAT_AutoconfigResultMessage *res)
820 * Handle result from autoconfiguration attempt.
822 * @param cls the `struct GNUNET_NAT_AutoHandle`
823 * @param res the result
826 handle_auto_result (void *cls,
827 const struct GNUNET_NAT_AutoconfigResultMessage *res)
829 struct GNUNET_NAT_AutoHandle *ah = cls;
831 struct GNUNET_CONFIGURATION_Handle *cfg;
832 enum GNUNET_NAT_Type type
833 = (enum GNUNET_NAT_Type) ntohl (res->type);
834 enum GNUNET_NAT_StatusCode status
835 = (enum GNUNET_NAT_StatusCode) ntohl (res->status_code);
837 left = ntohs (res->header.size) - sizeof (*res);
838 cfg = GNUNET_CONFIGURATION_create ();
840 GNUNET_CONFIGURATION_deserialize (cfg,
841 (const char *) &res[1],
846 ah->arc (ah->arc_cls,
848 GNUNET_NAT_ERROR_IPC_FAILURE,
853 ah->arc (ah->arc_cls,
858 GNUNET_CONFIGURATION_destroy (cfg);
859 GNUNET_NAT_autoconfig_cancel (ah);
864 * Handle queue errors by reporting autoconfiguration failure.
866 * @param cls the `struct GNUNET_NAT_AutoHandle *`
867 * @param error details about the error
870 ah_error_handler (void *cls,
871 enum GNUNET_MQ_Error error)
873 struct GNUNET_NAT_AutoHandle *ah = cls;
875 ah->arc (ah->arc_cls,
877 GNUNET_NAT_ERROR_IPC_FAILURE,
878 GNUNET_NAT_TYPE_UNKNOWN);
879 GNUNET_NAT_autoconfig_cancel (ah);
884 * Start auto-configuration routine. The transport adapters should
885 * be stopped while this function is called.
887 * @param cfg initial configuration
888 * @param cb function to call with autoconfiguration result
889 * @param cb_cls closure for @a cb
890 * @return handle to cancel operation
892 struct GNUNET_NAT_AutoHandle *
893 GNUNET_NAT_autoconfig_start (const struct GNUNET_CONFIGURATION_Handle *cfg,
894 GNUNET_NAT_AutoResultCallback cb,
897 struct GNUNET_NAT_AutoHandle *ah = GNUNET_new (struct GNUNET_NAT_AutoHandle);
898 struct GNUNET_MQ_MessageHandler handlers[] = {
899 GNUNET_MQ_hd_var_size (auto_result,
900 GNUNET_MESSAGE_TYPE_NAT_AUTO_CFG_RESULT,
901 struct GNUNET_NAT_AutoconfigResultMessage,
903 GNUNET_MQ_handler_end ()
905 struct GNUNET_MQ_Envelope *env;
906 struct GNUNET_NAT_AutoconfigRequestMessage *req;
910 buf = GNUNET_CONFIGURATION_serialize (cfg,
912 if (size > GNUNET_SERVER_MAX_MESSAGE_SIZE - sizeof (*req))
920 ah->arc_cls = cb_cls;
921 ah->mq = GNUNET_CLIENT_connecT (cfg,
933 env = GNUNET_MQ_msg_extra (req,
935 GNUNET_MESSAGE_TYPE_NAT_REQUEST_AUTO_CFG);
936 GNUNET_memcpy (&req[1],
940 GNUNET_MQ_send (ah->mq,
947 * Abort autoconfiguration.
949 * @param ah handle for operation to abort
952 GNUNET_NAT_autoconfig_cancel (struct GNUNET_NAT_AutoHandle *ah)
954 GNUNET_MQ_destroy (ah->mq);
958 /* end of nat_api.c */