2 This file is part of GNUnet
3 Copyright (C) 2008--2013 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 * @file testbed/gnunet-daemon-testbed-blacklist.c
22 * @brief daemon to restrict incoming connections from other peers at the
23 * transport layer of a peer
24 * @author Sree Harsha Totakura <sreeharsha@totakura.in>
28 #include "gnunet_util_lib.h"
29 #include "gnunet_transport_service.h"
30 #include "gnunet_transport_manipulation_service.h"
31 #include "gnunet_ats_service.h"
32 #include "gnunet_testing_lib.h"
38 #define LOG(type,...) \
39 GNUNET_log (type, __VA_ARGS__)
42 * Debug logging shorthand
45 LOG (GNUNET_ERROR_TYPE_DEBUG, __VA_ARGS__)
48 * Log an error message at log-level 'level' that indicates
49 * a failure of the command 'cmd' on file 'filename'
50 * with the message given by strerror(errno).
52 #define LOG_SQLITE(db, msg, level, cmd) \
54 GNUNET_log_from (level, "sqlite", _("`%s' failed at %s:%d with error: %s\n"), \
55 cmd, __FILE__,__LINE__, sqlite3_errmsg(db)); \
57 GNUNET_asprintf(msg, _("`%s' failed at %s:%u with error: %s"), cmd, \
58 __FILE__, __LINE__, sqlite3_errmsg(db)); \
63 * The map to store the peer identities to allow/deny
65 static struct GNUNET_CONTAINER_MultiPeerMap *map;
68 * The database connection
70 static struct sqlite3 *db;
73 * The blacklist handle we obtain from transport when we register ourselves for
76 static struct GNUNET_TRANSPORT_Blacklist *bh;
81 struct GNUNET_DISK_FileHandle *hostkeys_fd;
86 static struct GNUNET_DISK_MapHandle *hostkeys_map;
91 static void *hostkeys_data;
94 * Handle to the transport service. This is used for setting link metrics
96 static struct GNUNET_TRANSPORT_ManipulationHandle *transport;
99 * The number of hostkeys in the hostkeys array
101 static unsigned int num_hostkeys;
106 * Iterator over hash map entries.
109 * @param key current key code
110 * @param value value in the hash map
111 * @return #GNUNET_YES if we should continue to
116 iterator (void *cls, const struct GNUNET_PeerIdentity *key, void *value)
118 GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multipeermap_remove (map, key,
125 * Cleaup and destroy the map
132 GNUNET_assert (GNUNET_SYSERR != GNUNET_CONTAINER_multipeermap_iterate (map,
135 GNUNET_CONTAINER_multipeermap_destroy (map);
142 * Function that decides if a connection is acceptable or not.
145 * @param pid peer to approve or disapproave
146 * @return GNUNET_OK if the connection is allowed, GNUNET_SYSERR if not
149 check_access (void *cls, const struct GNUNET_PeerIdentity * pid)
153 GNUNET_assert (NULL != map);
154 contains = GNUNET_CONTAINER_multipeermap_contains (map, pid);
155 if (GNUNET_YES == contains)
157 DEBUG ("Permitting `%s'\n", GNUNET_i2s (pid));
160 DEBUG ("Not permitting `%s'\n", GNUNET_i2s (pid));
161 return GNUNET_SYSERR;
166 get_identity (unsigned int offset,
167 struct GNUNET_PeerIdentity *id)
169 struct GNUNET_CRYPTO_EddsaPrivateKey private_key;
171 if (offset >= num_hostkeys)
172 return GNUNET_SYSERR;
173 GNUNET_memcpy (&private_key,
174 hostkeys_data + (offset * GNUNET_TESTING_HOSTKEYFILESIZE),
175 GNUNET_TESTING_HOSTKEYFILESIZE);
176 GNUNET_CRYPTO_eddsa_key_get_public (&private_key,
190 struct WhiteListRow *next;
193 * The offset where to find the hostkey for the peer
198 * Latency to be assigned to the link
206 * Function to load keys
209 load_keys (const struct GNUNET_CONFIGURATION_Handle *c)
218 data_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_DATADIR);
219 GNUNET_asprintf (&idfile, "%s/testing_hostkeys.ecc", data_dir);
220 GNUNET_free (data_dir);
223 GNUNET_DISK_file_size (idfile, &fsize, GNUNET_YES, GNUNET_YES))
225 GNUNET_free (idfile);
226 return GNUNET_SYSERR;
228 if (0 != (fsize % GNUNET_TESTING_HOSTKEYFILESIZE))
230 LOG (GNUNET_ERROR_TYPE_ERROR,
231 _("Incorrect hostkey file format: %s\n"), idfile);
232 GNUNET_free (idfile);
233 return GNUNET_SYSERR;
235 hostkeys_fd = GNUNET_DISK_file_open (idfile, GNUNET_DISK_OPEN_READ,
236 GNUNET_DISK_PERM_NONE);
237 if (NULL == hostkeys_fd)
239 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", idfile);
240 GNUNET_free (idfile);
241 return GNUNET_SYSERR;
243 GNUNET_free (idfile);
245 hostkeys_data = GNUNET_DISK_file_map (hostkeys_fd,
247 GNUNET_DISK_MAP_TYPE_READ,
249 if (NULL == hostkeys_data)
252 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "mmap");
253 return GNUNET_SYSERR;
255 num_hostkeys = fsize / GNUNET_TESTING_HOSTKEYFILESIZE;
261 * Function to unload keys
266 if (NULL != hostkeys_map)
268 GNUNET_assert (NULL != hostkeys_data);
269 GNUNET_DISK_file_unmap (hostkeys_map);
271 hostkeys_data = NULL;
273 if (NULL != hostkeys_fd)
275 GNUNET_DISK_file_close (hostkeys_fd);
282 * Shutdown task to cleanup our resources and exit.
287 do_shutdown (void *cls)
289 if (NULL != transport)
291 GNUNET_TRANSPORT_manipulation_disconnect (transport);
297 GNUNET_TRANSPORT_blacklist_cancel (bh);
302 * Function to read whitelist rows from the database
304 * @param db the database connection
305 * @param pid the identity of this peer
306 * @param wl_rows where to store the retrieved whitelist rows
307 * @return GNUNET_SYSERR upon error OR the number of rows retrieved
310 db_read_whitelist (struct sqlite3 *db, int pid, struct WhiteListRow **wl_rows)
312 static const char *query_wl = "SELECT oid, latency FROM whitelist WHERE (id == ?);";
313 struct sqlite3_stmt *stmt_wl;
314 struct WhiteListRow *lr;
318 if (SQLITE_OK != (ret = sqlite3_prepare_v2 (db, query_wl, -1, &stmt_wl, NULL)))
320 LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite3_prepare_v2");
321 return GNUNET_SYSERR;
323 if (SQLITE_OK != (ret = sqlite3_bind_int (stmt_wl, 1, pid)))
325 LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite3_bind_int");
326 sqlite3_finalize (stmt_wl);
327 return GNUNET_SYSERR;
332 ret = sqlite3_step (stmt_wl);
333 if (SQLITE_ROW != ret)
336 lr = GNUNET_new (struct WhiteListRow);
337 lr->id = sqlite3_column_int (stmt_wl, 0);
338 lr->latency = sqlite3_column_int (stmt_wl, 1);
342 sqlite3_finalize (stmt_wl);
348 * Main function that will be run.
351 * @param args remaining command-line arguments
352 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
353 * @param c configuration
356 run (void *cls, char *const *args, const char *cfgfile,
357 const struct GNUNET_CONFIGURATION_Handle *c)
360 struct WhiteListRow *wl_head;
361 struct WhiteListRow *wl_entry;
362 struct GNUNET_PeerIdentity identity;
363 struct GNUNET_ATS_Properties prop;
364 struct GNUNET_TIME_Relative delay;
365 unsigned long long pid;
370 GNUNET_CONFIGURATION_get_value_number (c, "TESTBED",
376 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (c, "TESTBED-UNDERLAY",
383 if (SQLITE_OK != (ret = sqlite3_open_v2 (dbfile, &db, SQLITE_OPEN_READONLY, NULL)))
387 LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite_open_v2");
388 GNUNET_break (SQLITE_OK == sqlite3_close (db));
391 LOG (GNUNET_ERROR_TYPE_ERROR, "Cannot open sqlite file %s\n", dbfile);
392 GNUNET_free (dbfile);
395 DEBUG ("Opened database %s\n", dbfile);
396 GNUNET_free (dbfile);
399 if (GNUNET_OK != load_keys (c))
402 transport = GNUNET_TRANSPORT_manipulation_connect (c);
403 if (NULL == transport)
408 /* read and process whitelist */
411 nrows = db_read_whitelist (db, pid, &wl_head);
412 if ((GNUNET_SYSERR == nrows) || (0 == nrows))
414 GNUNET_TRANSPORT_manipulation_disconnect (transport);
417 map = GNUNET_CONTAINER_multipeermap_create (nrows, GNUNET_NO);
418 while (NULL != (wl_entry = wl_head))
420 wl_head = wl_entry->next;
421 delay.rel_value_us = wl_entry->latency;
422 memset (&prop, 0, sizeof (prop));
423 GNUNET_assert (GNUNET_OK == get_identity (wl_entry->id, &identity));
424 GNUNET_break (GNUNET_OK ==
425 GNUNET_CONTAINER_multipeermap_put (map, &identity, &identity,
426 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_FAST));
427 DEBUG ("Setting %u ms latency to peer `%s'\n",
429 GNUNET_i2s (&identity));
430 GNUNET_TRANSPORT_manipulation_set (transport,
435 GNUNET_free (wl_entry);
437 bh = GNUNET_TRANSPORT_blacklist (c, &check_access, NULL);
438 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
441 GNUNET_break (SQLITE_OK == sqlite3_close (db));
448 * @param argc number of arguments from the command line
449 * @param argv command line arguments
450 * @return 0 ok, 1 on error
453 main (int argc, char *const *argv)
455 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
456 GNUNET_GETOPT_OPTION_END
460 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
462 #ifdef SQLITE_CONFIG_MMAP_SIZE
463 (void) sqlite3_config (SQLITE_CONFIG_MMAP_SIZE, 512000, 256000000);
467 GNUNET_PROGRAM_run (argc, argv, "testbed-underlay",
469 ("Daemon to restrict underlay network in testbed deployments"),
470 options, &run, NULL)) ? 0 : 1;
471 GNUNET_free ((void*) argv);