2 This file is part of GNUnet
3 Copyright (C) 2008--2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
18 * @file testbed/gnunet-daemon-testbed-blacklist.c
19 * @brief daemon to restrict incoming connections from other peers at the
20 * transport layer of a peer
21 * @author Sree Harsha Totakura <sreeharsha@totakura.in>
25 #include "gnunet_util_lib.h"
26 #include "gnunet_transport_service.h"
27 #include "gnunet_transport_manipulation_service.h"
28 #include "gnunet_ats_service.h"
29 #include "gnunet_testing_lib.h"
35 #define LOG(type,...) \
36 GNUNET_log (type, __VA_ARGS__)
39 * Debug logging shorthand
42 LOG (GNUNET_ERROR_TYPE_DEBUG, __VA_ARGS__)
45 * Log an error message at log-level 'level' that indicates
46 * a failure of the command 'cmd' on file 'filename'
47 * with the message given by strerror(errno).
49 #define LOG_SQLITE(db, msg, level, cmd) \
51 GNUNET_log_from (level, "sqlite", _("`%s' failed at %s:%d with error: %s\n"), \
52 cmd, __FILE__,__LINE__, sqlite3_errmsg(db)); \
54 GNUNET_asprintf(msg, _("`%s' failed at %s:%u with error: %s"), cmd, \
55 __FILE__, __LINE__, sqlite3_errmsg(db)); \
60 * The map to store the peer identities to allow/deny
62 static struct GNUNET_CONTAINER_MultiPeerMap *map;
65 * The database connection
67 static struct sqlite3 *db;
70 * The blacklist handle we obtain from transport when we register ourselves for
73 static struct GNUNET_TRANSPORT_Blacklist *bh;
78 struct GNUNET_DISK_FileHandle *hostkeys_fd;
83 static struct GNUNET_DISK_MapHandle *hostkeys_map;
88 static void *hostkeys_data;
91 * Handle to the transport service. This is used for setting link metrics
93 static struct GNUNET_TRANSPORT_ManipulationHandle *transport;
96 * The number of hostkeys in the hostkeys array
98 static unsigned int num_hostkeys;
103 * Iterator over hash map entries.
106 * @param key current key code
107 * @param value value in the hash map
108 * @return #GNUNET_YES if we should continue to
113 iterator (void *cls, const struct GNUNET_PeerIdentity *key, void *value)
115 GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multipeermap_remove (map, key,
122 * Cleaup and destroy the map
129 GNUNET_assert (GNUNET_SYSERR != GNUNET_CONTAINER_multipeermap_iterate (map,
132 GNUNET_CONTAINER_multipeermap_destroy (map);
139 * Function that decides if a connection is acceptable or not.
142 * @param pid peer to approve or disapproave
143 * @return GNUNET_OK if the connection is allowed, GNUNET_SYSERR if not
146 check_access (void *cls, const struct GNUNET_PeerIdentity * pid)
150 GNUNET_assert (NULL != map);
151 contains = GNUNET_CONTAINER_multipeermap_contains (map, pid);
152 if (GNUNET_YES == contains)
154 DEBUG ("Permitting `%s'\n", GNUNET_i2s (pid));
157 DEBUG ("Not permitting `%s'\n", GNUNET_i2s (pid));
158 return GNUNET_SYSERR;
163 get_identity (unsigned int offset,
164 struct GNUNET_PeerIdentity *id)
166 struct GNUNET_CRYPTO_EddsaPrivateKey private_key;
168 if (offset >= num_hostkeys)
169 return GNUNET_SYSERR;
170 GNUNET_memcpy (&private_key,
171 hostkeys_data + (offset * GNUNET_TESTING_HOSTKEYFILESIZE),
172 GNUNET_TESTING_HOSTKEYFILESIZE);
173 GNUNET_CRYPTO_eddsa_key_get_public (&private_key,
187 struct WhiteListRow *next;
190 * The offset where to find the hostkey for the peer
195 * Latency to be assigned to the link
203 * Function to load keys
206 load_keys (const struct GNUNET_CONFIGURATION_Handle *c)
215 data_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_DATADIR);
216 GNUNET_asprintf (&idfile, "%s/testing_hostkeys.ecc", data_dir);
217 GNUNET_free (data_dir);
220 GNUNET_DISK_file_size (idfile, &fsize, GNUNET_YES, GNUNET_YES))
222 GNUNET_free (idfile);
223 return GNUNET_SYSERR;
225 if (0 != (fsize % GNUNET_TESTING_HOSTKEYFILESIZE))
227 LOG (GNUNET_ERROR_TYPE_ERROR,
228 _("Incorrect hostkey file format: %s\n"), idfile);
229 GNUNET_free (idfile);
230 return GNUNET_SYSERR;
232 hostkeys_fd = GNUNET_DISK_file_open (idfile, GNUNET_DISK_OPEN_READ,
233 GNUNET_DISK_PERM_NONE);
234 if (NULL == hostkeys_fd)
236 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", idfile);
237 GNUNET_free (idfile);
238 return GNUNET_SYSERR;
240 GNUNET_free (idfile);
242 hostkeys_data = GNUNET_DISK_file_map (hostkeys_fd,
244 GNUNET_DISK_MAP_TYPE_READ,
246 if (NULL == hostkeys_data)
249 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "mmap");
250 return GNUNET_SYSERR;
252 num_hostkeys = fsize / GNUNET_TESTING_HOSTKEYFILESIZE;
258 * Function to unload keys
263 if (NULL != hostkeys_map)
265 GNUNET_assert (NULL != hostkeys_data);
266 GNUNET_DISK_file_unmap (hostkeys_map);
268 hostkeys_data = NULL;
270 if (NULL != hostkeys_fd)
272 GNUNET_DISK_file_close (hostkeys_fd);
279 * Shutdown task to cleanup our resources and exit.
284 do_shutdown (void *cls)
286 if (NULL != transport)
288 GNUNET_TRANSPORT_manipulation_disconnect (transport);
294 GNUNET_TRANSPORT_blacklist_cancel (bh);
299 * Function to read whitelist rows from the database
301 * @param db the database connection
302 * @param pid the identity of this peer
303 * @param wl_rows where to store the retrieved whitelist rows
304 * @return GNUNET_SYSERR upon error OR the number of rows retrieved
307 db_read_whitelist (struct sqlite3 *db, int pid, struct WhiteListRow **wl_rows)
309 static const char *query_wl = "SELECT oid, latency FROM whitelist WHERE (id == ?);";
310 struct sqlite3_stmt *stmt_wl;
311 struct WhiteListRow *lr;
315 if (SQLITE_OK != (ret = sqlite3_prepare_v2 (db, query_wl, -1, &stmt_wl, NULL)))
317 LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite3_prepare_v2");
318 return GNUNET_SYSERR;
320 if (SQLITE_OK != (ret = sqlite3_bind_int (stmt_wl, 1, pid)))
322 LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite3_bind_int");
323 sqlite3_finalize (stmt_wl);
324 return GNUNET_SYSERR;
329 ret = sqlite3_step (stmt_wl);
330 if (SQLITE_ROW != ret)
333 lr = GNUNET_new (struct WhiteListRow);
334 lr->id = sqlite3_column_int (stmt_wl, 0);
335 lr->latency = sqlite3_column_int (stmt_wl, 1);
339 sqlite3_finalize (stmt_wl);
345 * Main function that will be run.
348 * @param args remaining command-line arguments
349 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
350 * @param c configuration
353 run (void *cls, char *const *args, const char *cfgfile,
354 const struct GNUNET_CONFIGURATION_Handle *c)
357 struct WhiteListRow *wl_head;
358 struct WhiteListRow *wl_entry;
359 struct GNUNET_PeerIdentity identity;
360 struct GNUNET_ATS_Properties prop;
361 struct GNUNET_TIME_Relative delay;
362 unsigned long long pid;
367 GNUNET_CONFIGURATION_get_value_number (c, "TESTBED",
373 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (c, "TESTBED-UNDERLAY",
380 if (SQLITE_OK != (ret = sqlite3_open_v2 (dbfile, &db, SQLITE_OPEN_READONLY, NULL)))
384 LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite_open_v2");
385 GNUNET_break (SQLITE_OK == sqlite3_close (db));
388 LOG (GNUNET_ERROR_TYPE_ERROR, "Cannot open sqlite file %s\n", dbfile);
389 GNUNET_free (dbfile);
392 DEBUG ("Opened database %s\n", dbfile);
393 GNUNET_free (dbfile);
396 if (GNUNET_OK != load_keys (c))
399 transport = GNUNET_TRANSPORT_manipulation_connect (c);
400 if (NULL == transport)
405 /* read and process whitelist */
408 nrows = db_read_whitelist (db, pid, &wl_head);
409 if ((GNUNET_SYSERR == nrows) || (0 == nrows))
411 GNUNET_TRANSPORT_manipulation_disconnect (transport);
414 map = GNUNET_CONTAINER_multipeermap_create (nrows, GNUNET_NO);
415 while (NULL != (wl_entry = wl_head))
417 wl_head = wl_entry->next;
418 delay.rel_value_us = wl_entry->latency;
419 memset (&prop, 0, sizeof (prop));
420 GNUNET_assert (GNUNET_OK == get_identity (wl_entry->id, &identity));
421 GNUNET_break (GNUNET_OK ==
422 GNUNET_CONTAINER_multipeermap_put (map, &identity, &identity,
423 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_FAST));
424 DEBUG ("Setting %u ms latency to peer `%s'\n",
426 GNUNET_i2s (&identity));
427 GNUNET_TRANSPORT_manipulation_set (transport,
432 GNUNET_free (wl_entry);
434 bh = GNUNET_TRANSPORT_blacklist (c, &check_access, NULL);
435 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
438 GNUNET_break (SQLITE_OK == sqlite3_close (db));
445 * @param argc number of arguments from the command line
446 * @param argv command line arguments
447 * @return 0 ok, 1 on error
450 main (int argc, char *const *argv)
452 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
453 GNUNET_GETOPT_OPTION_END
457 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
459 #ifdef SQLITE_CONFIG_MMAP_SIZE
460 (void) sqlite3_config (SQLITE_CONFIG_MMAP_SIZE, 512000, 256000000);
464 GNUNET_PROGRAM_run (argc, argv, "testbed-underlay",
466 ("Daemon to restrict underlay network in testbed deployments"),
467 options, &run, NULL)) ? 0 : 1;
468 GNUNET_free ((void*) argv);