2 This file is part of GNUnet
3 Copyright (C) 2007, 2009, 2011, 2012, 2015 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
18 Boston, MA 02110-1301, USA.
22 * @file test_gns_vpn.c
23 * @brief testcase for accessing VPN services via GNS
24 * @author Martin Schanzenbach
28 #include <curl/curl.h>
29 #elif HAVE_GNURL_CURL_H
30 #include <gnurl/curl.h>
32 #include <microhttpd.h>
33 #include "gnunet_identity_service.h"
34 #include "gnunet_namestore_service.h"
35 #include "gnunet_gnsrecord_lib.h"
36 #include "gnunet_gns_service.h"
37 #include "gnunet_testing_lib.h"
40 #define TEST_DOMAIN "www.gnu"
42 #define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 300)
45 * Return value for #main().
47 static int global_ret;
49 static struct GNUNET_NAMESTORE_Handle *namestore;
51 static struct MHD_Daemon *mhd;
53 static struct GNUNET_SCHEDULER_Task *mhd_task_id;
55 static struct GNUNET_SCHEDULER_Task *curl_task_id;
57 static struct GNUNET_SCHEDULER_Task *timeout_task;
59 static struct GNUNET_IDENTITY_Handle *identity;
61 static struct GNUNET_NAMESTORE_QueueEntry *qe;
69 static struct GNUNET_PeerIdentity id;
72 * IP address of the ultimate destination.
74 static const char *dest_ip;
77 * Address family of the dest_ip.
82 * Address family to use by the curl client.
95 static struct CBC cbc;
99 copy_buffer (void *ptr, size_t size, size_t nmemb, void *ctx)
101 struct CBC *cbc = ctx;
103 if (cbc->pos + size * nmemb > sizeof(cbc->buf))
104 return 0; /* overflow */
105 GNUNET_memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
106 cbc->pos += size * nmemb;
113 struct MHD_Connection *connection,
117 const char *upload_data, size_t *upload_data_size,
121 struct MHD_Response *response;
124 if (0 != strcmp ("GET", method))
125 return MHD_NO; /* unexpected method */
132 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "MHD sends respose for request to URL `%s'\n", url);
133 response = MHD_create_response_from_buffer (strlen (url),
135 MHD_RESPMEM_MUST_COPY);
136 ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
137 MHD_destroy_response (response);
145 do_shutdown (void *cls)
147 if (NULL != mhd_task_id)
149 GNUNET_SCHEDULER_cancel (mhd_task_id);
152 if (NULL != curl_task_id)
154 GNUNET_SCHEDULER_cancel (curl_task_id);
157 if (NULL != timeout_task)
159 GNUNET_SCHEDULER_cancel (timeout_task);
164 MHD_stop_daemon (mhd);
167 if (NULL != identity)
169 GNUNET_IDENTITY_disconnect (identity);
174 GNUNET_NAMESTORE_cancel (qe);
177 GNUNET_free_non_null (url);
183 do_timeout (void *cls)
186 GNUNET_SCHEDULER_shutdown ();
191 * Function to run the HTTP client.
198 curl_task (void *cls)
212 struct GNUNET_NETWORK_FDSet nrs;
213 struct GNUNET_NETWORK_FDSet nws;
214 struct GNUNET_TIME_Relative delay;
223 curl_multi_perform (multi, &running);
226 GNUNET_assert (NULL != (msg = curl_multi_info_read (multi, &running)));
227 if (msg->msg == CURLMSG_DONE)
229 if (msg->data.result != CURLE_OK)
232 "%s failed at %s:%d: `%s'\n",
233 "curl_multi_perform",
235 __LINE__, curl_easy_strerror (msg->data.result));
239 curl_multi_remove_handle (multi, curl);
240 curl_multi_cleanup (multi);
241 curl_easy_cleanup (curl);
244 if (cbc.pos != strlen ("/hello_world"))
249 if (0 != strncmp ("/hello_world", cbc.buf, strlen ("/hello_world")))
254 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
255 "Download complete, shutting down!\n");
256 GNUNET_SCHEDULER_shutdown ();
259 GNUNET_assert (CURLM_OK == curl_multi_fdset (multi, &rs, &ws, &es, &max));
260 if ( (CURLM_OK != curl_multi_timeout (multi, &timeout)) ||
262 delay = GNUNET_TIME_UNIT_SECONDS;
264 delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, (unsigned int) timeout);
265 GNUNET_NETWORK_fdset_copy_native (&nrs,
268 GNUNET_NETWORK_fdset_copy_native (&nws,
271 curl_task_id = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
281 start_curl (void *cls)
283 GNUNET_asprintf (&url,
284 "http://%s/hello_world",
286 curl = curl_easy_init ();
287 curl_easy_setopt (curl, CURLOPT_URL, url);
288 curl_easy_setopt (curl, CURLOPT_WRITEFUNCTION, ©_buffer);
289 curl_easy_setopt (curl, CURLOPT_WRITEDATA, &cbc);
290 curl_easy_setopt (curl, CURLOPT_FAILONERROR, 1);
291 curl_easy_setopt (curl, CURLOPT_TIMEOUT, 150L);
292 curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, 150L);
293 curl_easy_setopt (curl, CURLOPT_NOSIGNAL, 1);
295 multi = curl_multi_init ();
296 GNUNET_assert (multi != NULL);
297 GNUNET_assert (CURLM_OK == curl_multi_add_handle (multi, curl));
298 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
299 "Beginning HTTP download from `%s'\n",
308 GNUNET_NAMESTORE_disconnect (namestore);
314 * Callback invoked from the namestore service once record is
318 * @param af address family, AF_INET or AF_INET6; AF_UNSPEC on error;
319 * will match 'result_af' from the request
320 * @param address IP address (struct in_addr or struct in_addr6, depending on 'af')
321 * that the VPN allocated for the redirection;
322 * traffic to this IP will now be redirected to the
323 * specified target peer; NULL on error
326 commence_testing (void *cls,
331 GNUNET_SCHEDULER_add_now (&disco_ns, NULL);
333 if ((emsg != NULL) && (GNUNET_YES != success))
336 "NS failed to create record %s\n",
338 GNUNET_SCHEDULER_shutdown ();
341 /* wait a little bit before downloading, as we just created the record */
342 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_relative_multiply
343 (GNUNET_TIME_UNIT_SECONDS, 1),
350 * Function to keep the HTTP server running.
368 struct GNUNET_NETWORK_FDSet nrs;
369 struct GNUNET_NETWORK_FDSet nws;
374 unsigned MHD_LONG_LONG timeout;
375 struct GNUNET_TIME_Relative delay;
377 GNUNET_assert (NULL == mhd_task_id);
382 GNUNET_assert (MHD_YES ==
383 MHD_get_fdset (mhd, &rs, &ws, &es, &max_fd));
384 if (MHD_YES == MHD_get_timeout (mhd, &timeout))
385 delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS,
386 (unsigned int) timeout);
388 delay = GNUNET_TIME_UNIT_FOREVER_REL;
389 GNUNET_NETWORK_fdset_copy_native (&nrs,
392 GNUNET_NETWORK_fdset_copy_native (&nws,
395 mhd_task_id = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
407 * Open '/dev/null' and make the result the given
410 * @param target_fd desired FD to point to /dev/null
411 * @param flags open flags (O_RDONLY, O_WRONLY)
414 open_dev_null (int target_fd,
419 fd = open ("/dev/null", flags);
424 if (-1 == dup2 (fd, target_fd))
434 * Run the given command and wait for it to complete.
436 * @param file name of the binary to run
437 * @param cmd command line arguments (as given to 'execv')
438 * @return 0 on success, 1 on any error
441 fork_and_exec (const char *file,
458 /* we are the child process */
459 /* close stdin/stdout to not cause interference
460 with the helper's main protocol! */
462 open_dev_null (0, O_RDONLY);
464 open_dev_null (1, O_WRONLY);
465 (void) execv (file, cmd);
466 /* can only get here on error */
468 "exec `%s' failed: %s\n",
473 /* keep running waitpid as long as the only error we get is 'EINTR' */
474 while ( (-1 == (ret = waitpid (pid, &status, 0))) &&
479 "waitpid failed: %s\n",
483 if (! (WIFEXITED (status) && (0 == WEXITSTATUS (status))))
485 /* child process completed and returned success, we're happy */
492 * Method called to inform about the egos of this peer.
494 * When used with #GNUNET_IDENTITY_connect, this function is
495 * initially called for all egos and then again whenever a
496 * ego's name changes or if it is deleted. At the end of
497 * the initial pass over all egos, the function is once called
498 * with 'NULL' for @a ego. That does NOT mean that the callback won't
499 * be invoked in the future or that there was an error.
501 * When used with #GNUNET_IDENTITY_create or #GNUNET_IDENTITY_get,
502 * this function is only called ONCE, and 'NULL' being passed in
503 * @a ego does indicate an error (i.e. name is taken or no default
504 * value is known). If @a ego is non-NULL and if '*ctx'
505 * is set in those callbacks, the value WILL be passed to a subsequent
506 * call to the identity callback of #GNUNET_IDENTITY_connect (if
507 * that one was not NULL).
509 * When an identity is renamed, this function is called with the
510 * (known) @a ego but the NEW @a name.
512 * When an identity is deleted, this function is called with the
513 * (known) ego and "NULL" for the @a name. In this case,
514 * the @a ego is henceforth invalid (and the @a ctx should also be
518 * @param ego ego handle
519 * @param ctx context for application to store data for this ego
520 * (during the lifetime of this process, initially NULL)
521 * @param name name assigned by the user for this ego,
522 * NULL if the user just deleted the ego and it
523 * must thus no longer be used
526 identity_cb (void *cls,
527 struct GNUNET_IDENTITY_Ego *ego,
531 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key;
532 struct GNUNET_GNSRECORD_Data rd;
543 "Failed to find master-zone ego\n");
544 GNUNET_SCHEDULER_shutdown ();
547 GNUNET_IDENTITY_disconnect (identity);
551 GNUNET_assert (NULL != name);
552 if (0 != strcmp (name,
556 "Unexpected name %s\n",
560 zone_key = GNUNET_IDENTITY_ego_get_private_key (ego);
561 rd.expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
562 peername = GNUNET_strdup (GNUNET_i2s_full (&id));
563 GNUNET_asprintf (&rd_string,
567 GNUNET_free (peername);
568 GNUNET_assert (GNUNET_OK ==
569 GNUNET_GNSRECORD_string_to_value (GNUNET_GNSRECORD_TYPE_VPN,
573 rd.record_type = GNUNET_GNSRECORD_TYPE_VPN;
575 qe = GNUNET_NAMESTORE_records_store (namestore,
581 GNUNET_free ((void**)rd.data);
582 GNUNET_free (rd_string);
588 const struct GNUNET_CONFIGURATION_Handle *cfg,
589 struct GNUNET_TESTING_Peer *peer)
599 GNUNET_CONFIGURATION_get_value_string (cfg,
605 "Failed to locate configuration file. Skipping test.\n");
606 GNUNET_SCHEDULER_shutdown ();
610 char *const identity_args[] =
617 char *const identity2_args[] =
625 char *const identity3_args[] =
629 "-s", "gns-intercept",
633 char *const gns_args[] =
640 GNUNET_TESTING_peer_get_identity (peer, &id);
641 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
643 timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT,
646 bin = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_BINDIR);
647 GNUNET_asprintf (&bin_identity,
651 if (0 != fork_and_exec (bin_identity, identity_args))
654 "Failed to run `gnunet-identity -C. Skipping test.\n");
655 GNUNET_SCHEDULER_shutdown ();
656 GNUNET_free (bin_identity);
657 GNUNET_free (config);
661 if (0 != fork_and_exec (bin_identity, identity2_args))
664 "Failed to run `gnunet-identity -e. Skipping test.\n");
665 GNUNET_SCHEDULER_shutdown ();
666 GNUNET_free (bin_identity);
667 GNUNET_free (config);
671 if (0 != fork_and_exec (bin_identity, identity3_args))
674 "Failed to run `gnunet-identity -e. Skipping test.\n");
675 GNUNET_SCHEDULER_shutdown ();
676 GNUNET_free (bin_identity);
677 GNUNET_free (config);
681 GNUNET_free (bin_identity);
683 /* do lookup just to launch GNS service */
684 GNUNET_asprintf (&bin_gns,
688 if (0 != fork_and_exec (bin_gns, gns_args))
691 "Failed to run `gnunet-gns -u. Skipping test.\n");
692 GNUNET_SCHEDULER_shutdown ();
693 GNUNET_free (bin_gns);
694 GNUNET_free (config);
698 GNUNET_free (bin_gns);
699 GNUNET_free (config);
703 namestore = GNUNET_NAMESTORE_connect (cfg);
704 GNUNET_assert (NULL != namestore);
705 flags = MHD_USE_DEBUG;
706 if (GNUNET_YES == use_v6)
707 flags |= MHD_USE_DUAL_STACK;
708 mhd = MHD_start_daemon (flags,
713 GNUNET_assert (NULL != mhd);
716 identity = GNUNET_IDENTITY_connect (cfg,
723 main (int argc, char *const *argv)
732 char *const iptables_args[] =
734 "iptables", "-t", "mangle", "-L", "-v", NULL
737 if (0 == access ("/sbin/iptables", X_OK))
738 sbin_iptables = "/sbin/iptables";
739 else if (0 == access ("/usr/sbin/iptables", X_OK))
740 sbin_iptables = "/usr/sbin/iptables";
744 "Executable iptables not found in approved directories: %s, skipping\n",
749 if (0 != fork_and_exec (sbin_iptables, iptables_args))
752 "Failed to run `iptables -t mangle -L -v'. Skipping test.\n");
756 if (0 != ACCESS ("/dev/net/tun", R_OK))
758 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
762 "WARNING: System unable to run test, skipping.\n");
766 bin_vpn = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn");
767 bin_exit = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit");
768 bin_dns = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-dns");
769 srv_dns = GNUNET_OS_get_libexec_binary_path ("gnunet-service-dns");
770 if ( (0 != geteuid ()) &&
772 GNUNET_OS_check_helper_binary (bin_vpn, GNUNET_YES, "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) || //ipv4 only please!
774 GNUNET_OS_check_helper_binary (bin_exit, GNUNET_YES, "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0")) || //no nat, ipv4 only
776 GNUNET_OS_check_helper_binary (bin_dns, GNUNET_YES, NULL))) ) // TODO: once we have a windows-testcase, add test parameters here
779 "WARNING: gnunet-helper-{exit,vpn,dns} binaries in $PATH are not SUID, refusing to run test (as it would have to fail).\n");
781 "Change $PATH ('.' in $PATH before $GNUNET_PREFIX/bin is problematic) or permissions (run 'make install' as root) to fix this!\n");
782 GNUNET_free (bin_vpn);
783 GNUNET_free (bin_exit);
784 GNUNET_free (bin_dns);
785 GNUNET_free (srv_dns);
788 GNUNET_free (bin_vpn);
789 GNUNET_free (bin_exit);
791 if ( (0 != stat (bin_dns, &s)) ||
792 (my_gid == s.st_gid) ||
793 ( (0 == (S_ISUID & s.st_mode)) && (0 != getuid()) ) )
796 "WARNING: %s has wrong permissions (%d, %d, %d), refusing to run test (as it would have to fail).\n",
798 (0 != stat (bin_dns, &s)),
799 (my_gid == s.st_gid),
800 (0 == (S_ISUID & s.st_mode)) || (0 != getuid()) );
801 GNUNET_free (bin_dns);
802 GNUNET_free (srv_dns);
805 if ( (0 != stat (srv_dns, &s)) ||
806 (my_gid == s.st_gid) ||
807 (0 == (S_ISGID & s.st_mode)) )
810 "WARNING: %s has wrong permissions (%d, %d, %d), refusing to run test (as it would have to fail).\n",
812 (0 != stat (bin_dns, &s)),
813 (my_gid == s.st_gid),
814 (0 == (S_ISGID & s.st_mode)) );
815 GNUNET_free (bin_dns);
816 GNUNET_free (srv_dns);
819 GNUNET_free (bin_dns);
820 GNUNET_free (srv_dns);
822 dest_ip = "169.254.86.1";
826 if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6))
831 if ( (GNUNET_OK != GNUNET_NETWORK_test_pf (src_af)) ||
832 (GNUNET_OK != GNUNET_NETWORK_test_pf (dest_af)) )
835 "Required address families not supported by this system, skipping test.\n");
838 if (0 != curl_global_init (CURL_GLOBAL_WIN32))
840 fprintf (stderr, "failed to initialize curl\n");
845 if (0 != GNUNET_TESTING_peer_run ("test-gnunet-vpn",
849 GNUNET_DISK_directory_remove ("/tmp/gnunet-test-vpn");
853 /* end of test_gns_vpn.c */
projects / oweals / gnunet.git / blob