2 This file is part of GNUnet.
3 (C) 2010, 2012 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file pt/gnunet-daemon-pt.c
23 * @brief tool to manipulate DNS and VPN services to perform protocol translation (IPvX over GNUnet)
24 * @author Christian Grothoff
27 #include "gnunet_util_lib.h"
28 #include "gnunet_dns_service.h"
29 #include "gnunet_dnsparser_lib.h"
30 #include "gnunet_mesh_service.h"
31 #include "gnunet_tun_lib.h"
32 #include "gnunet_vpn_service.h"
33 #include "gnunet_statistics_service.h"
34 #include "gnunet_applications.h"
36 #define PORT_PT 4242 // FIXME
40 * After how long do we time out if we could not get an IP from VPN or MESH?
42 #define TIMEOUT GNUNET_TIME_UNIT_MINUTES
46 * How many bytes of payload do we allow at most for a DNS reply?
47 * Given that this is pretty much limited to loopback, we can be
48 * pretty high (Linux loopback defaults to 16k, most local UDP packets
49 * should survive up to 9k (NFS), so 8k should be pretty safe in
52 #define MAX_DNS_SIZE (8 * 1024)
56 * Which group of DNS records are we currently processing?
66 * DNS authority records
68 AUTHORITY_RECORDS = 1,
71 * DNS additional records
73 ADDITIONAL_RECORDS = 2,
76 * We're done processing.
83 * Information tracked per DNS reply that we are processing.
88 * Handle to submit the final result.
90 struct GNUNET_DNS_RequestHandle *rh;
93 * DNS packet that is being modified.
95 struct GNUNET_DNSPARSER_Packet *dns;
98 * Active redirection request with the VPN.
100 struct GNUNET_VPN_RedirectionRequest *rr;
103 * Record for which we have an active redirection request.
105 struct GNUNET_DNSPARSER_Record *rec;
108 * Offset in the current record group that is being modified.
113 * Group that is being modified
115 enum RequestGroup group;
121 * State we keep for a request that is going out via MESH.
123 struct RequestContext
126 * We keep these in a DLL.
128 struct RequestContext *next;
131 * We keep these in a DLL.
133 struct RequestContext *prev;
136 * Handle for interaction with DNS service.
138 struct GNUNET_DNS_RequestHandle *rh;
141 * Message we're sending out via MESH, allocated at the
142 * end of this struct.
144 const struct GNUNET_MessageHeader *mesh_message;
147 * Task used to abort this operation with timeout.
149 GNUNET_SCHEDULER_TaskIdentifier timeout_task;
152 * ID of the original DNS request (used to match the reply).
157 * GNUNET_NO if this request is still in the transmit_queue,
158 * GNUNET_YES if we are in the receive_queue.
160 int16_t was_transmitted;
166 * The handle to the configuration used throughout the process
168 static const struct GNUNET_CONFIGURATION_Handle *cfg;
171 * The handle to the VPN
173 static struct GNUNET_VPN_Handle *vpn_handle;
176 * The handle to the MESH service
178 static struct GNUNET_MESH_Handle *mesh_handle;
181 * Tunnel we use for DNS requests over MESH.
183 static struct GNUNET_MESH_Tunnel *mesh_tunnel;
186 * Active transmission request with MESH (or NULL).
188 static struct GNUNET_MESH_TransmitHandle *mesh_th;
191 * Head of DLL of requests to be transmitted to mesh_tunnel.
193 static struct RequestContext *transmit_queue_head;
196 * Tail of DLL of requests to be transmitted to mesh_tunnel.
198 static struct RequestContext *transmit_queue_tail;
201 * Head of DLL of requests waiting for a response.
203 static struct RequestContext *receive_queue_head;
206 * Tail of DLL of requests waiting for a response.
208 static struct RequestContext *receive_queue_tail;
213 static struct GNUNET_STATISTICS_Handle *stats;
216 * The handle to DNS post-resolution modifications.
218 static struct GNUNET_DNS_Handle *dns_post_handle;
221 * The handle to DNS pre-resolution modifications.
223 static struct GNUNET_DNS_Handle *dns_pre_handle;
226 * Are we doing IPv4-pt?
231 * Are we doing IPv6-pt?
236 * Are we tunneling DNS queries?
238 static int dns_tunnel;
241 * Number of DNS exit peers we currently have in the mesh tunnel.
242 * Used to see if using the mesh tunnel makes any sense right now.
244 static unsigned int dns_exit_available;
248 * We're done modifying all records in the response. Submit the reply
249 * and free the resources of the rc.
251 * @param rc context to process
254 finish_request (struct ReplyContext *rc)
260 GNUNET_DNSPARSER_pack (rc->dns,
265 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
266 _("Failed to pack DNS request. Dropping.\n"));
267 GNUNET_DNS_request_drop (rc->rh);
271 GNUNET_STATISTICS_update (stats,
272 gettext_noop ("# DNS requests mapped to VPN"),
274 GNUNET_DNS_request_answer (rc->rh,
278 GNUNET_DNSPARSER_free_packet (rc->dns);
284 * Process the next record of the given request context.
285 * When done, submit the reply and free the resources of
288 * @param rc context to process
291 submit_request (struct ReplyContext *rc);
295 * Callback invoked from the VPN service once a redirection is
296 * available. Provides the IP address that can now be used to
297 * reach the requested destination. We substitute the active
298 * record and then continue with 'submit_request' to look at
301 * @param cls our 'struct ReplyContext'
302 * @param af address family, AF_INET or AF_INET6; AF_UNSPEC on error;
303 * will match 'result_af' from the request
304 * @param address IP address (struct in_addr or struct in_addr6, depending on 'af')
305 * that the VPN allocated for the redirection;
306 * traffic to this IP will now be redirected to the
307 * specified target peer; NULL on error
310 vpn_allocation_callback (void *cls,
314 struct ReplyContext *rc = cls;
319 GNUNET_DNS_request_drop (rc->rh);
320 GNUNET_DNSPARSER_free_packet (rc->dns);
324 GNUNET_STATISTICS_update (stats,
325 gettext_noop ("# DNS records modified"),
327 switch (rc->rec->type)
329 case GNUNET_DNSPARSER_TYPE_A:
330 GNUNET_assert (AF_INET == af);
331 memcpy (rc->rec->data.raw.data, address, sizeof (struct in_addr));
333 case GNUNET_DNSPARSER_TYPE_AAAA:
334 GNUNET_assert (AF_INET6 == af);
335 memcpy (rc->rec->data.raw.data, address, sizeof (struct in6_addr));
347 * Modify the given DNS record by asking VPN to create a tunnel
348 * to the given address. When done, continue with submitting
349 * other records from the request context ('submit_request' is
352 * @param rc context to process
353 * @param rec record to modify
356 modify_address (struct ReplyContext *rc,
357 struct GNUNET_DNSPARSER_Record *rec)
363 case GNUNET_DNSPARSER_TYPE_A:
365 GNUNET_assert (rec->data.raw.data_len == sizeof (struct in_addr));
367 case GNUNET_DNSPARSER_TYPE_AAAA:
369 GNUNET_assert (rec->data.raw.data_len == sizeof (struct in6_addr));
376 rc->rr = GNUNET_VPN_redirect_to_ip (vpn_handle,
380 GNUNET_TIME_relative_to_absolute (TIMEOUT),
381 &vpn_allocation_callback,
387 * Process the next record of the given request context.
388 * When done, submit the reply and free the resources of
391 * @param rc context to process
394 submit_request (struct ReplyContext *rc)
396 struct GNUNET_DNSPARSER_Record *ra;
405 ra = rc->dns->answers;
406 ra_len = rc->dns->num_answers;
408 case AUTHORITY_RECORDS:
409 ra = rc->dns->authority_records;
410 ra_len = rc->dns->num_authority_records;
412 case ADDITIONAL_RECORDS:
413 ra = rc->dns->additional_records;
414 ra_len = rc->dns->num_additional_records;
422 for (i=rc->offset;i<ra_len;i++)
426 case GNUNET_DNSPARSER_TYPE_A:
430 modify_address (rc, &ra[i]);
434 case GNUNET_DNSPARSER_TYPE_AAAA:
438 modify_address (rc, &ra[i]);
450 * Test if any of the given records need protocol-translation work.
452 * @param ra array of records
453 * @param ra_len number of entries in ra
454 * @return GNUNET_YES if any of the given records require protocol-translation
457 work_test (const struct GNUNET_DNSPARSER_Record *ra,
462 for (i=0;i<ra_len;i++)
466 case GNUNET_DNSPARSER_TYPE_A:
470 case GNUNET_DNSPARSER_TYPE_AAAA:
481 * This function is called AFTER we got an IP address for a
482 * DNS request. Now, the PT daemon has the chance to substitute
483 * the IP address with one from the VPN range to tunnel requests
484 * destined for this IP address via VPN and MESH.
487 * @param rh request handle to user for reply
488 * @param request_length number of bytes in request
489 * @param request udp payload of the DNS request
492 dns_post_request_handler (void *cls,
493 struct GNUNET_DNS_RequestHandle *rh,
494 size_t request_length,
497 struct GNUNET_DNSPARSER_Packet *dns;
498 struct ReplyContext *rc;
501 GNUNET_STATISTICS_update (stats,
502 gettext_noop ("# DNS replies intercepted"),
504 dns = GNUNET_DNSPARSER_parse (request, request_length);
507 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
508 _("Failed to parse DNS request. Dropping.\n"));
509 GNUNET_DNS_request_drop (rh);
513 work |= work_test (dns->answers, dns->num_answers);
514 work |= work_test (dns->authority_records, dns->num_authority_records);
515 work |= work_test (dns->additional_records, dns->num_additional_records);
518 GNUNET_DNS_request_forward (rh);
519 GNUNET_DNSPARSER_free_packet (dns);
522 rc = GNUNET_malloc (sizeof (struct ReplyContext));
532 * Transmit a DNS request via MESH and move the request
533 * handle to the receive queue.
536 * @param size number of bytes available in buf
537 * @param buf where to copy the message
538 * @return number of bytes written to buf
541 transmit_dns_request_to_mesh (void *cls,
545 struct RequestContext *rc;
549 if (NULL == (rc = transmit_queue_head))
551 mlen = ntohs (rc->mesh_message->size);
554 mesh_th = GNUNET_MESH_notify_transmit_ready (mesh_tunnel,
558 &transmit_dns_request_to_mesh,
562 GNUNET_assert (GNUNET_NO == rc->was_transmitted);
563 memcpy (buf, rc->mesh_message, mlen);
564 GNUNET_CONTAINER_DLL_remove (transmit_queue_head,
567 rc->was_transmitted = GNUNET_YES;
568 GNUNET_CONTAINER_DLL_insert (receive_queue_head,
571 rc = transmit_queue_head;
573 mesh_th = GNUNET_MESH_notify_transmit_ready (mesh_tunnel,
576 ntohs (rc->mesh_message->size),
577 &transmit_dns_request_to_mesh,
584 * Task run if the time to answer a DNS request via MESH is over.
586 * @param cls the 'struct RequestContext' to abort
587 * @param tc scheduler context
590 timeout_request (void *cls,
591 const struct GNUNET_SCHEDULER_TaskContext *tc)
593 struct RequestContext *rc = cls;
595 if (rc->was_transmitted)
596 GNUNET_CONTAINER_DLL_remove (receive_queue_head,
600 GNUNET_CONTAINER_DLL_remove (transmit_queue_head,
603 GNUNET_STATISTICS_update (stats,
604 gettext_noop ("# DNS requests dropped (timeout)"),
606 GNUNET_DNS_request_drop (rc->rh);
612 * This function is called *before* the DNS request has been
613 * given to a "local" DNS resolver. Tunneling for DNS requests
614 * was enabled, so we now need to send the request via some MESH
615 * tunnel to a DNS EXIT for resolution.
618 * @param rh request handle to user for reply
619 * @param request_length number of bytes in request
620 * @param request udp payload of the DNS request
623 dns_pre_request_handler (void *cls,
624 struct GNUNET_DNS_RequestHandle *rh,
625 size_t request_length,
628 struct RequestContext *rc;
630 struct GNUNET_MessageHeader hdr;
631 struct GNUNET_TUN_DnsHeader dns;
633 GNUNET_STATISTICS_update (stats,
634 gettext_noop ("# DNS requests intercepted"),
636 if (0 == dns_exit_available)
638 GNUNET_STATISTICS_update (stats,
639 gettext_noop ("# DNS requests dropped (DNS mesh tunnel down)"),
641 GNUNET_DNS_request_drop (rh);
644 if (request_length < sizeof (dns))
646 GNUNET_STATISTICS_update (stats,
647 gettext_noop ("# DNS requests dropped (malformed)"),
649 GNUNET_DNS_request_drop (rh);
652 memcpy (&dns, request, sizeof (dns));
653 GNUNET_assert (NULL != mesh_tunnel);
654 mlen = sizeof (struct GNUNET_MessageHeader) + request_length;
655 rc = GNUNET_malloc (sizeof (struct RequestContext) + mlen);
657 rc->mesh_message = (const struct GNUNET_MessageHeader*) &rc[1];
658 rc->timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT,
662 hdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_DNS_TO_INTERNET);
663 hdr.size = htons (mlen);
664 memcpy (&rc[1], &hdr, sizeof (struct GNUNET_MessageHeader));
665 memcpy (&(((char*)&rc[1])[sizeof (struct GNUNET_MessageHeader)]),
668 GNUNET_CONTAINER_DLL_insert_tail (transmit_queue_head,
672 mesh_th = GNUNET_MESH_notify_transmit_ready (mesh_tunnel,
676 &transmit_dns_request_to_mesh,
682 * Process a request via mesh to perform a DNS query.
684 * @param cls closure, NULL
685 * @param tunnel connection to the other end
686 * @param tunnel_ctx pointer to our 'struct TunnelState *'
687 * @param message the actual message
689 * @return GNUNET_OK to keep the connection open,
690 * GNUNET_SYSERR to close it (signal serious error)
693 receive_dns_response (void *cls GNUNET_UNUSED, struct GNUNET_MESH_Tunnel *tunnel,
695 const struct GNUNET_MessageHeader *message)
697 struct GNUNET_TUN_DnsHeader dns;
699 struct RequestContext *rc;
701 mlen = ntohs (message->size);
702 mlen -= sizeof (struct GNUNET_MessageHeader);
703 if (mlen < sizeof (struct GNUNET_TUN_DnsHeader))
706 return GNUNET_SYSERR;
708 memcpy (&dns, &message[1], sizeof (dns));
709 for (rc = receive_queue_head; NULL != rc; rc = rc->next)
711 GNUNET_assert (GNUNET_YES == rc->was_transmitted);
712 if (dns.id == rc->dns_id)
714 GNUNET_STATISTICS_update (stats,
715 gettext_noop ("# DNS replies received"),
717 GNUNET_DNS_request_answer (rc->rh,
719 (const void*) &message[1]);
720 GNUNET_CONTAINER_DLL_remove (receive_queue_head,
723 GNUNET_SCHEDULER_cancel (rc->timeout_task);
728 GNUNET_STATISTICS_update (stats,
729 gettext_noop ("# DNS replies dropped (too late?)"),
736 * The MESH DNS tunnel went down. Abort all pending DNS
737 * requests (we're unlikely to get an answer in time).
740 abort_all_requests ()
742 struct RequestContext *rc;
744 while (NULL != (rc = receive_queue_head))
746 GNUNET_STATISTICS_update (stats,
747 gettext_noop ("# DNS requests aborted (tunnel down)"),
749 GNUNET_CONTAINER_DLL_remove (receive_queue_head,
752 GNUNET_DNS_request_drop (rc->rh);
753 GNUNET_SCHEDULER_cancel (rc->timeout_task);
756 while (NULL != (rc = transmit_queue_head))
758 GNUNET_STATISTICS_update (stats,
759 gettext_noop ("# DNS requests aborted (tunnel down)"),
761 GNUNET_CONTAINER_DLL_remove (transmit_queue_head,
764 GNUNET_DNS_request_drop (rc->rh);
765 GNUNET_SCHEDULER_cancel (rc->timeout_task);
772 * Method called whenever a peer has disconnected from the tunnel.
774 * FIXME merge with inbound cleaner
777 * @param peer peer identity the tunnel stopped working with
780 mesh_disconnect_handler (void *cls,
782 GNUNET_PeerIdentity * peer)
784 GNUNET_assert (dns_exit_available > 0);
785 dns_exit_available--;
786 if (0 == dns_exit_available)
790 GNUNET_MESH_notify_transmit_ready_cancel (mesh_th);
793 abort_all_requests ();
799 * Method called whenever a peer has connected to the tunnel.
801 * FIXME find anouther way (in tmt_ready_callback ?)
804 * @param peer peer identity the tunnel was created to, NULL on timeout
805 * @param atsi performance data for the connection
808 mesh_connect_handler (void *cls,
809 const struct GNUNET_PeerIdentity
812 GNUNET_ATS_Information * atsi)
814 dns_exit_available++;
819 * Function scheduled as very last function, cleans up after us
822 cleanup (void *cls GNUNET_UNUSED,
823 const struct GNUNET_SCHEDULER_TaskContext *tskctx)
825 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
826 "Protocol translation daemon is shutting down now\n");
827 if (vpn_handle != NULL)
829 GNUNET_VPN_disconnect (vpn_handle);
834 GNUNET_MESH_notify_transmit_ready_cancel (mesh_th);
837 if (NULL != mesh_tunnel)
839 GNUNET_MESH_tunnel_destroy (mesh_tunnel);
842 if (mesh_handle != NULL)
844 GNUNET_MESH_disconnect (mesh_handle);
847 abort_all_requests ();
848 if (dns_post_handle != NULL)
850 GNUNET_DNS_disconnect (dns_post_handle);
851 dns_post_handle = NULL;
853 if (dns_pre_handle != NULL)
855 GNUNET_DNS_disconnect (dns_pre_handle);
856 dns_pre_handle = NULL;
860 GNUNET_STATISTICS_destroy (stats, GNUNET_YES);
867 * @brief Main function that will be run by the scheduler.
870 * @param args remaining command-line arguments
871 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
872 * @param cfg_ configuration
875 run (void *cls, char *const *args GNUNET_UNUSED,
876 const char *cfgfile GNUNET_UNUSED,
877 const struct GNUNET_CONFIGURATION_Handle *cfg_)
880 stats = GNUNET_STATISTICS_create ("pt", cfg);
881 ipv4_pt = GNUNET_CONFIGURATION_get_value_yesno (cfg, "pt", "TUNNEL_IPV4");
882 ipv6_pt = GNUNET_CONFIGURATION_get_value_yesno (cfg, "pt", "TUNNEL_IPV6");
883 dns_tunnel = GNUNET_CONFIGURATION_get_value_yesno (cfg, "pt", "TUNNEL_DNS");
884 if (! (ipv4_pt || ipv6_pt || dns_tunnel))
886 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
887 _("No useful service enabled. Exiting.\n"));
888 GNUNET_SCHEDULER_shutdown ();
891 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
892 if (ipv4_pt || ipv6_pt)
895 = GNUNET_DNS_connect (cfg,
896 GNUNET_DNS_FLAG_POST_RESOLUTION,
897 &dns_post_request_handler, NULL);
898 if (NULL == dns_post_handle)
900 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
901 _("Failed to connect to %s service. Exiting.\n"),
903 GNUNET_SCHEDULER_shutdown ();
906 vpn_handle = GNUNET_VPN_connect (cfg);
907 if (NULL == vpn_handle)
909 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
910 _("Failed to connect to %s service. Exiting.\n"),
912 GNUNET_SCHEDULER_shutdown ();
918 static struct GNUNET_MESH_MessageHandler mesh_handlers[] = {
919 {&receive_dns_response, GNUNET_MESSAGE_TYPE_VPN_DNS_FROM_INTERNET, 0},
924 = GNUNET_DNS_connect (cfg,
925 GNUNET_DNS_FLAG_PRE_RESOLUTION,
926 &dns_pre_request_handler, NULL);
927 if (NULL == dns_pre_handle)
929 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
930 _("Failed to connect to %s service. Exiting.\n"),
932 GNUNET_SCHEDULER_shutdown ();
935 mesh_handle = GNUNET_MESH_connect (cfg, NULL, NULL, NULL, // FIXME use end handler
936 mesh_handlers, NULL);
937 if (NULL == mesh_handle)
939 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
940 _("Failed to connect to %s service. Exiting.\n"),
942 GNUNET_SCHEDULER_shutdown ();
945 mesh_tunnel = GNUNET_MESH_tunnel_create (mesh_handle,
947 NULL, /* FIXME peer ID*/
951 // GNUNET_MESH_peer_request_connect_by_type (mesh_tunnel, FIXME use regex
952 // GNUNET_APPLICATION_TYPE_INTERNET_RESOLVER);
960 * @param argc number of arguments from the command line
961 * @param argv command line arguments
962 * @return 0 ok, 1 on error
965 main (int argc, char *const *argv)
967 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
968 GNUNET_GETOPT_OPTION_END
972 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
975 GNUNET_PROGRAM_run (argc, argv, "gnunet-daemon-pt",
977 ("Daemon to run to perform IP protocol translation to GNUnet"),
978 options, &run, NULL)) ? 0 : 1;
979 GNUNET_free ((void*) argv);
984 /* end of gnunet-daemon-pt.c */
projects / oweals / gnunet.git / blob