2 This file is part of GNUnet
3 Copyright (C) 2007, 2009, 2011, 2012, 2015, 2017 Christian Grothoff
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 SPDX-License-Identifier: AGPL3.0-or-later
22 * @file test_gns_vpn.c
23 * @brief testcase for accessing VPN services via GNS
24 * @author Martin Schanzenbach
25 * @author Christian Grothoff
27 * This test requires libcurl/libgnurl *with* support for C-ARES.
28 * This is NOT the default on most platforms, which means the test
29 * will be skipped in many cases. Compile libcurl/libgnurl with
30 * "--enable-ares" to get this test to pass.
32 * Furthermore, the test relies on gnunet-dns2gns being able to bind
33 * to port 53. This means that 'setcap' has to have worked during
34 * 'make install'. If this failed, but everything else is OK, the
35 * test may FAIL hard even though it is just an installation issue (we
36 * cannot conveniently test for the setcap to have worked). However,
37 * you should get a warning that gnunet-dns2gns failed to 'bind'.
41 #include <curl/curl.h>
42 #elif HAVE_GNURL_CURL_H
43 #include <gnurl/curl.h>
45 #include <microhttpd.h>
46 #include "gnunet_identity_service.h"
47 #include "gnunet_namestore_service.h"
48 #include "gnunet_gnsrecord_lib.h"
49 #include "gnunet_gns_service.h"
50 #include "gnunet_testing_lib.h"
53 #define TEST_DOMAIN "www.gnu"
55 #define TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30)
58 * Return value for #main().
60 static int global_ret;
62 static struct GNUNET_NAMESTORE_Handle *namestore;
64 static struct MHD_Daemon *mhd;
66 static struct GNUNET_SCHEDULER_Task *mhd_task_id;
68 static struct GNUNET_SCHEDULER_Task *curl_task_id;
70 static struct GNUNET_SCHEDULER_Task *timeout_task;
72 static struct GNUNET_IDENTITY_Handle *identity;
74 static struct GNUNET_NAMESTORE_QueueEntry *qe;
82 static struct GNUNET_PeerIdentity id;
85 * IP address of the ultimate destination.
87 static const char *dest_ip;
90 * Address family of the dest_ip.
95 * Address family to use by the curl client.
108 static struct CBC cbc;
112 copy_buffer (void *ptr,
117 struct CBC *cbc = ctx;
119 if (cbc->pos + size * nmemb > sizeof(cbc->buf))
120 return 0; /* overflow */
121 GNUNET_memcpy (&cbc->buf[cbc->pos], ptr, size * nmemb);
122 cbc->pos += size * nmemb;
129 struct MHD_Connection *connection,
133 const char *upload_data, size_t *upload_data_size,
137 struct MHD_Response *response;
140 if (0 != strcmp ("GET", method))
141 return MHD_NO; /* unexpected method */
148 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "MHD sends respose for request to URL `%s'\n", url);
149 response = MHD_create_response_from_buffer (strlen (url),
151 MHD_RESPMEM_MUST_COPY);
152 ret = MHD_queue_response (connection, MHD_HTTP_OK, response);
153 MHD_destroy_response (response);
161 do_shutdown (void *cls)
163 if (NULL != mhd_task_id)
165 GNUNET_SCHEDULER_cancel (mhd_task_id);
168 if (NULL != curl_task_id)
170 GNUNET_SCHEDULER_cancel (curl_task_id);
173 if (NULL != timeout_task)
175 GNUNET_SCHEDULER_cancel (timeout_task);
180 MHD_stop_daemon (mhd);
183 if (NULL != identity)
185 GNUNET_IDENTITY_disconnect (identity);
190 GNUNET_NAMESTORE_cancel (qe);
193 if (NULL != namestore)
195 GNUNET_NAMESTORE_disconnect (namestore);
198 GNUNET_free_non_null (url);
204 do_timeout (void *cls)
207 GNUNET_SCHEDULER_shutdown ();
212 * Function to run the HTTP client.
219 curl_task (void *cls)
233 struct GNUNET_NETWORK_FDSet nrs;
234 struct GNUNET_NETWORK_FDSet nws;
235 struct GNUNET_TIME_Relative delay;
244 curl_multi_perform (multi, &running);
247 GNUNET_assert (NULL != (msg = curl_multi_info_read (multi, &running)));
248 if (msg->msg == CURLMSG_DONE)
250 if (msg->data.result != CURLE_OK)
253 "%s failed at %s:%d: `%s'\n",
254 "curl_multi_perform",
256 __LINE__, curl_easy_strerror (msg->data.result));
260 curl_multi_remove_handle (multi, curl);
261 curl_multi_cleanup (multi);
262 curl_easy_cleanup (curl);
265 if (cbc.pos != strlen ("/hello_world"))
270 if (0 != strncmp ("/hello_world", cbc.buf, strlen ("/hello_world")))
275 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
276 "Download complete, shutting down!\n");
277 GNUNET_SCHEDULER_shutdown ();
280 GNUNET_assert (CURLM_OK == curl_multi_fdset (multi, &rs, &ws, &es, &max));
281 if ( (CURLM_OK != curl_multi_timeout (multi, &timeout)) ||
283 delay = GNUNET_TIME_UNIT_SECONDS;
285 delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, (unsigned int) timeout);
286 GNUNET_NETWORK_fdset_copy_native (&nrs,
289 GNUNET_NETWORK_fdset_copy_native (&nws,
292 curl_task_id = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
302 start_curl (void *cls)
307 GNUNET_asprintf (&url,
308 "http://%s/hello_world",
310 curl = curl_easy_init ();
311 curl_easy_setopt (curl, CURLOPT_URL, url);
312 curl_easy_setopt (curl, CURLOPT_WRITEFUNCTION, ©_buffer);
313 curl_easy_setopt (curl, CURLOPT_WRITEDATA, &cbc);
314 curl_easy_setopt (curl, CURLOPT_FAILONERROR, 1);
315 curl_easy_setopt (curl, CURLOPT_TIMEOUT, 150L);
316 curl_easy_setopt (curl, CURLOPT_CONNECTTIMEOUT, 150L);
317 curl_easy_setopt (curl, CURLOPT_NOSIGNAL, 1);
319 (ec = curl_easy_setopt (curl,
323 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
324 "curl build without support for CURLOPT_DNS_SERVERS (%s), cannot run test\n",
325 curl_easy_strerror (ec));
327 GNUNET_SCHEDULER_shutdown ();
330 multi = curl_multi_init ();
331 GNUNET_assert (multi != NULL);
332 GNUNET_assert (CURLM_OK == curl_multi_add_handle (multi, curl));
333 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
334 "Beginning HTTP download from `%s'\n",
341 * Callback invoked from the namestore service once record is
345 * @param af address family, AF_INET or AF_INET6; AF_UNSPEC on error;
346 * will match 'result_af' from the request
347 * @param address IP address (struct in_addr or struct in_addr6, depending on 'af')
348 * that the VPN allocated for the redirection;
349 * traffic to this IP will now be redirected to the
350 * specified target peer; NULL on error
353 commence_testing (void *cls,
358 if ( (NULL != emsg) &&
359 (GNUNET_YES != success) )
362 "NS failed to create record %s\n",
364 GNUNET_SCHEDULER_shutdown ();
368 /* wait a little bit before downloading, as we just created the record */
369 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
370 "Launching cURL request\n");
372 = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
379 * Function to keep the HTTP server running.
397 struct GNUNET_NETWORK_FDSet nrs;
398 struct GNUNET_NETWORK_FDSet nws;
403 unsigned MHD_LONG_LONG timeout;
404 struct GNUNET_TIME_Relative delay;
406 GNUNET_assert (NULL == mhd_task_id);
411 GNUNET_assert (MHD_YES ==
412 MHD_get_fdset (mhd, &rs, &ws, &es, &max_fd));
413 if (MHD_YES == MHD_get_timeout (mhd, &timeout))
414 delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS,
415 (unsigned int) timeout);
417 delay = GNUNET_TIME_UNIT_FOREVER_REL;
418 GNUNET_NETWORK_fdset_copy_native (&nrs,
421 GNUNET_NETWORK_fdset_copy_native (&nws,
424 mhd_task_id = GNUNET_SCHEDULER_add_select (GNUNET_SCHEDULER_PRIORITY_DEFAULT,
435 * Open '/dev/null' and make the result the given
438 * @param target_fd desired FD to point to /dev/null
439 * @param flags open flags (O_RDONLY, O_WRONLY)
442 open_dev_null (int target_fd,
447 fd = open ("/dev/null", flags);
452 if (-1 == dup2 (fd, target_fd))
462 * Run the given command and wait for it to complete.
464 * @param file name of the binary to run
465 * @param cmd command line arguments (as given to 'execv')
466 * @return 0 on success, 1 on any error
469 fork_and_exec (const char *file,
479 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
485 /* we are the child process */
486 /* close stdin/stdout to not cause interference
487 with the helper's main protocol! */
489 open_dev_null (0, O_RDONLY);
491 open_dev_null (1, O_WRONLY);
492 (void) execv (file, cmd);
493 /* can only get here on error */
494 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
499 /* keep running waitpid as long as the only error we get is 'EINTR' */
500 while ( (-1 == (ret = waitpid (pid, &status, 0))) &&
504 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
508 if (! (WIFEXITED (status) &&
509 (0 == WEXITSTATUS (status))) )
511 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
512 "Process `%s` returned status code %d/%d.\n",
515 WEXITSTATUS (status));
518 /* child process completed and returned success, we're happy */
525 * Method called to inform about the egos of this peer.
527 * When used with #GNUNET_IDENTITY_connect, this function is
528 * initially called for all egos and then again whenever a
529 * ego's name changes or if it is deleted. At the end of
530 * the initial pass over all egos, the function is once called
531 * with 'NULL' for @a ego. That does NOT mean that the callback won't
532 * be invoked in the future or that there was an error.
534 * When used with #GNUNET_IDENTITY_create or #GNUNET_IDENTITY_get,
535 * this function is only called ONCE, and 'NULL' being passed in
536 * @a ego does indicate an error (i.e. name is taken or no default
537 * value is known). If @a ego is non-NULL and if '*ctx'
538 * is set in those callbacks, the value WILL be passed to a subsequent
539 * call to the identity callback of #GNUNET_IDENTITY_connect (if
540 * that one was not NULL).
542 * When an identity is renamed, this function is called with the
543 * (known) @a ego but the NEW @a name.
545 * When an identity is deleted, this function is called with the
546 * (known) ego and "NULL" for the @a name. In this case,
547 * the @a ego is henceforth invalid (and the @a ctx should also be
551 * @param ego ego handle
552 * @param ctx context for application to store data for this ego
553 * (during the lifetime of this process, initially NULL)
554 * @param name name assigned by the user for this ego,
555 * NULL if the user just deleted the ego and it
556 * must thus no longer be used
559 identity_cb (void *cls,
560 struct GNUNET_IDENTITY_Ego *ego,
564 const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone_key;
565 struct GNUNET_GNSRECORD_Data rd;
576 "Failed to find master-zone ego\n");
577 GNUNET_SCHEDULER_shutdown ();
580 GNUNET_IDENTITY_disconnect (identity);
584 GNUNET_assert (NULL != name);
585 if (0 != strcmp (name,
589 "Unexpected name %s\n",
593 zone_key = GNUNET_IDENTITY_ego_get_private_key (ego);
594 rd.expiration_time = GNUNET_TIME_UNIT_FOREVER_ABS.abs_value_us;
595 peername = GNUNET_strdup (GNUNET_i2s_full (&id));
596 GNUNET_asprintf (&rd_string,
600 GNUNET_free (peername);
601 GNUNET_assert (GNUNET_OK ==
602 GNUNET_GNSRECORD_string_to_value (GNUNET_GNSRECORD_TYPE_VPN,
606 rd.record_type = GNUNET_GNSRECORD_TYPE_VPN;
608 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
609 "Creating `www` record\n");
610 qe = GNUNET_NAMESTORE_records_store (namestore,
616 GNUNET_free ((void**)rd.data);
617 GNUNET_free (rd_string);
623 const struct GNUNET_CONFIGURATION_Handle *cfg,
624 struct GNUNET_TESTING_Peer *peer)
634 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
635 "Test logic starting...\n");
637 GNUNET_CONFIGURATION_get_value_string (cfg,
642 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
643 "Failed to locate configuration file. Skipping test.\n");
644 GNUNET_SCHEDULER_shutdown ();
648 char *const identity_args[] =
655 char *const identity2_args[] =
663 char *const identity3_args[] =
671 char *const arm_args[] =
678 char *const gns_args[] =
686 GNUNET_TESTING_peer_get_identity (peer,
688 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
690 timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT,
693 bin = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_BINDIR);
694 GNUNET_asprintf (&bin_identity,
698 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
699 "Creating `master-zone` ego\n");
700 if (0 != fork_and_exec (bin_identity, identity_args))
702 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
703 "Failed to run `gnunet-identity -C`. Skipping test.\n");
704 GNUNET_SCHEDULER_shutdown ();
705 GNUNET_free (bin_identity);
706 GNUNET_free (config);
710 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
711 "Setting `master-zone` ego as default for `gns-master` and `dns2gns`\n");
712 if (0 != fork_and_exec (bin_identity, identity2_args))
714 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
715 "Failed to run `gnunet-identity -e`. Skipping test.\n");
716 GNUNET_SCHEDULER_shutdown ();
717 GNUNET_free (bin_identity);
718 GNUNET_free (config);
722 if (0 != fork_and_exec (bin_identity, identity3_args))
724 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
725 "Failed to run `gnunet-identity -e`. Skipping test.\n");
726 GNUNET_SCHEDULER_shutdown ();
727 GNUNET_free (bin_identity);
728 GNUNET_free (config);
732 GNUNET_free (bin_identity);
734 /* do lookup just to launch GNS service */
735 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
736 "Resolving `www.gnu` zone entry to launch GNS (will yield no answer yet)\n");
737 GNUNET_asprintf (&bin_gns,
741 if (0 != fork_and_exec (bin_gns,
744 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
745 "Failed to run `gnunet-gns -u. Skipping test.\n");
746 GNUNET_SCHEDULER_shutdown ();
747 GNUNET_free (bin_gns);
748 GNUNET_free (config);
752 GNUNET_free (bin_gns);
754 GNUNET_asprintf (&bin_arm,
758 if (0 != fork_and_exec (bin_arm,
761 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
762 "Failed to run `gnunet-arm -i dns2gns. Skipping test.\n");
763 GNUNET_SCHEDULER_shutdown ();
764 GNUNET_free (bin_arm);
765 GNUNET_free (config);
769 GNUNET_free (bin_arm);
771 GNUNET_free (config);
773 sleep (1); /* give dns2gns chance to really run */
775 namestore = GNUNET_NAMESTORE_connect (cfg);
776 GNUNET_assert (NULL != namestore);
777 flags = MHD_USE_DEBUG;
778 if (GNUNET_YES == use_v6)
779 flags |= MHD_USE_DUAL_STACK;
780 mhd = MHD_start_daemon (flags,
785 GNUNET_assert (NULL != mhd);
788 identity = GNUNET_IDENTITY_connect (cfg,
801 GNUNET_log_setup ("test-gns-vpn",
804 if (0 != ACCESS ("/dev/net/tun", R_OK))
806 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
810 "WARNING: System unable to run test, skipping.\n");
814 bin_vpn = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn");
815 bin_exit = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-exit");
816 if ( (0 != geteuid ()) &&
818 GNUNET_OS_check_helper_binary (bin_vpn,
820 "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) || //ipv4 only please!
822 GNUNET_OS_check_helper_binary (bin_exit,
824 "-d gnunet-vpn - - - 169.1.3.3.7 255.255.255.0")) ) ) //no nat, ipv4 only
827 "WARNING: gnunet-helper-{exit,vpn} binaries in $PATH are not SUID, refusing to run test (as it would have to fail).\n");
829 "Change $PATH ('.' in $PATH before $GNUNET_PREFIX/bin is problematic) or permissions (run 'make install' as root) to fix this!\n");
830 GNUNET_free (bin_vpn);
831 GNUNET_free (bin_exit);
834 GNUNET_free (bin_vpn);
835 GNUNET_free (bin_exit);
837 dest_ip = "169.254.86.1";
841 if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6))
846 if ( (GNUNET_OK != GNUNET_NETWORK_test_pf (src_af)) ||
847 (GNUNET_OK != GNUNET_NETWORK_test_pf (dest_af)) )
850 "Required address families not supported by this system, skipping test.\n");
853 if (0 != curl_global_init (CURL_GLOBAL_WIN32))
855 fprintf (stderr, "failed to initialize curl\n");
861 GNUNET_TESTING_peer_run ("test_gns_vpn",
866 GNUNET_DISK_directory_remove ("/tmp/gnunet-test-vpn");
870 /* end of test_gns_vpn.c */
projects / oweals / gnunet.git / blob