2 This file is part of GNUnet.
3 (C) 2010 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file vpn/gnunet-daemon-exit.c
24 * @author Philipp Toelke
27 #include <gnunet_common.h>
28 #include <gnunet_program_lib.h>
29 #include <gnunet_protocols.h>
30 #include <gnunet_applications.h>
31 #include <gnunet_mesh_service.h>
32 #include <gnunet_constants.h>
35 #include "gnunet-vpn-packet.h"
36 #include "gnunet-helper-vpn-api.h"
37 #include "gnunet-vpn-checksum.h"
39 GNUNET_SCHEDULER_TaskIdentifier shs_task;
42 * The handle to the configuration used throughout the process
44 static const struct GNUNET_CONFIGURATION_Handle *cfg;
47 * The handle to the helper
49 struct GNUNET_VPN_HELPER_Handle *helper_handle;
59 static struct GNUNET_MESH_Handle *mesh_handle;
62 * This hashmaps contains the mapping from peer, service-descriptor,
63 * source-port and destination-port to a struct redirect_state
65 static struct GNUNET_CONTAINER_MultiHashMap *udp_connections;
66 static struct GNUNET_CONTAINER_Heap *udp_connections_heap;
67 static struct GNUNET_CONTAINER_MultiHashMap *tcp_connections;
68 static struct GNUNET_CONTAINER_Heap *tcp_connections_heap;
71 * If there are at least this many udp-Connections, old ones will be removed
73 static long long unsigned int max_udp_connections = 200;
76 * If there are at least this many tcp-Connections, old ones will be removed
78 static long long unsigned int max_tcp_connections = 200;
83 unsigned char addr[16];
88 * This struct is saved into the services-hashmap
90 struct redirect_service
115 * The source-address of this connection. When a packet to this address is
116 * received, this tunnel is used to forward it. ipv4-addresses will be put
117 * here left-aligned */
120 * The source-port of this connection
126 * This struct is saved into {tcp,udp}_connections;
128 struct redirect_state
130 struct GNUNET_MESH_Tunnel *tunnel;
131 GNUNET_HashCode desc;
132 struct redirect_service *serv;
133 struct remote_addr remote;
135 struct GNUNET_CONTAINER_HeapNode* heap_node;
136 struct GNUNET_CONTAINER_MultiHashMap *hashmap;
137 GNUNET_HashCode hash;
139 enum { SERVICE, REMOTE } type;
142 * The source-address and -port of this connection
144 struct redirect_info redirect_info;
148 * This hashmaps saves interesting things about the configured services
150 static struct GNUNET_CONTAINER_MultiHashMap *udp_services;
151 static struct GNUNET_CONTAINER_MultiHashMap *tcp_services;
153 struct tunnel_notify_queue
155 struct tunnel_notify_queue* next;
156 struct tunnel_notify_queue* prev;
162 * Function that frees everything from a hashmap
165 free_iterate(void* cls __attribute__((unused)), const GNUNET_HashCode* hash __attribute__((unused)), void* value)
172 * Function scheduled as very last function, cleans up after us
175 cleanup(void* cls __attribute__((unused)), const struct GNUNET_SCHEDULER_TaskContext* tskctx) {
176 GNUNET_assert (0 != (tskctx->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN));
178 GNUNET_CONTAINER_multihashmap_iterate(udp_connections,
182 GNUNET_CONTAINER_multihashmap_iterate(tcp_connections,
186 if (mesh_handle != NULL)
188 GNUNET_MESH_disconnect(mesh_handle);
194 collect_connections(void* cls, const struct GNUNET_SCHEDULER_TaskContext* tc) {
195 if ( (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN) != 0)
199 struct GNUNET_CONTAINER_Heap *heap = cls;
201 struct redirect_state* state = GNUNET_CONTAINER_heap_remove_root(heap);
203 /* This is free()ed memory! */
204 state->heap_node = NULL;
206 /* FIXME! GNUNET_MESH_close_tunnel(state->tunnel); */
208 GNUNET_CONTAINER_multihashmap_remove(state->hashmap, &state->hash, state);
214 hash_redirect_info(GNUNET_HashCode* hash, struct redirect_info* u_i, size_t addrlen)
217 /* the gnunet hashmap only uses the first sizeof(unsigned int) of the hash
219 * build the hash out of the last bytes of the address and the 2 bytes of
222 memcpy(hash, &u_i->pt, sizeof(u_i->pt));
223 memcpy(((unsigned char*)hash)+2, u_i->addr+(addrlen-(sizeof(unsigned int) - 2)), (sizeof(unsigned int) - 2));
224 memset(((unsigned char*)hash)+sizeof(unsigned int), 0, sizeof(GNUNET_HashCode) - sizeof(unsigned int));
228 * cls is the pointer to a GNUNET_MessageHeader that is
229 * followed by the service-descriptor and the udp-packet that should be sent;
232 send_udp_to_peer_notify_callback (void *cls, size_t size, void *buf)
234 struct GNUNET_MESH_Tunnel** tunnel = cls;
235 GNUNET_MESH_tunnel_set_data(*tunnel, NULL);
236 struct GNUNET_MessageHeader *hdr = (struct GNUNET_MessageHeader*)(tunnel + 1);
237 GNUNET_assert (size >= ntohs (hdr->size));
238 memcpy (buf, hdr, ntohs (hdr->size));
239 size = ntohs(hdr->size);
241 if (NULL != GNUNET_MESH_tunnel_get_head(*tunnel))
243 struct tunnel_notify_queue* element = GNUNET_MESH_tunnel_get_head(*tunnel);
244 struct tunnel_notify_queue* head = GNUNET_MESH_tunnel_get_head(*tunnel);
245 struct tunnel_notify_queue* tail = GNUNET_MESH_tunnel_get_tail(*tunnel);
247 GNUNET_CONTAINER_DLL_remove(head, tail, element);
249 GNUNET_MESH_tunnel_set_head(*tunnel, head);
250 GNUNET_MESH_tunnel_set_tail(*tunnel, tail);
252 struct GNUNET_MESH_TransmitHandle* th = GNUNET_MESH_notify_transmit_ready (*tunnel,
255 GNUNET_TIME_relative_divide
256 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
257 (const struct GNUNET_PeerIdentity *)
259 send_udp_to_peer_notify_callback, element->cls);
260 /* save the handle */
261 GNUNET_MESH_tunnel_set_data(*tunnel, th);
262 GNUNET_free(element);
271 * @brief Handles an UDP-Packet received from the helper.
273 * @param udp A pointer to the Packet
274 * @param dadr The IP-Destination-address
275 * @param addrlen The length of the address
276 * @param version 4 or 6
279 udp_from_helper (struct udp_pkt *udp, unsigned char *dadr, size_t addrlen)
281 struct redirect_info u_i;
282 struct GNUNET_MESH_Tunnel *tunnel;
284 struct GNUNET_MessageHeader *msg;
286 memset (&u_i, 0, sizeof (struct redirect_info));
288 memcpy (&u_i.addr, dadr, addrlen);
292 /* get tunnel and service-descriptor from this */
293 GNUNET_HashCode hash;
294 hash_redirect_info(&hash, &u_i, addrlen);
296 struct redirect_state *state =
297 GNUNET_CONTAINER_multihashmap_get (udp_connections, &hash);
299 /* Mark this connection as freshly used */
300 GNUNET_CONTAINER_heap_update_cost (udp_connections_heap, state->heap_node,
301 GNUNET_TIME_absolute_get ().abs_value);
303 tunnel = state->tunnel;
305 if (state->type == SERVICE)
307 /* check if spt == serv.remote if yes: set spt = serv.myport ("nat") */
308 if (ntohs (udp->spt) == state->serv->remote_port)
310 udp->spt = htons (state->serv->my_port);
314 /* otherwise the answer came from a different port (tftp does this)
315 * add this new port to the list of all services, so that the packets
316 * coming back from the client to this new port will be routed correctly
318 struct redirect_service *serv =
319 GNUNET_malloc (sizeof (struct redirect_service));
320 memcpy (serv, state->serv, sizeof (struct redirect_service));
321 serv->my_port = ntohs (udp->spt);
322 serv->remote_port = ntohs (udp->spt);
323 uint16_t *desc = alloca (sizeof (GNUNET_HashCode) + 2);
324 memcpy ((GNUNET_HashCode *) (desc + 1), &state->desc,
325 sizeof (GNUNET_HashCode));
326 *desc = ntohs (udp->spt);
327 GNUNET_assert (GNUNET_OK ==
328 GNUNET_CONTAINER_multihashmap_put (udp_services,
329 (GNUNET_HashCode*)desc, serv,
330 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
336 /* send udp-packet back */
338 sizeof (struct GNUNET_MessageHeader) + sizeof (GNUNET_HashCode) +
340 struct GNUNET_MESH_Tunnel** ctunnel = GNUNET_malloc (sizeof(struct GNUNET_MESH_TUNNEL*) + len);
342 msg = (struct GNUNET_MessageHeader*)(ctunnel + 1);
343 msg->size = htons (len);
344 msg->type = htons (state->type == SERVICE ? GNUNET_MESSAGE_TYPE_SERVICE_UDP_BACK : GNUNET_MESSAGE_TYPE_REMOTE_UDP_BACK);
345 GNUNET_HashCode *desc = (GNUNET_HashCode *) (msg + 1);
346 if (state->type == SERVICE)
347 memcpy (desc, &state->desc, sizeof (GNUNET_HashCode));
349 memcpy (desc, &state->remote, sizeof (struct remote_addr));
350 void *_udp = desc + 1;
351 memcpy (_udp, udp, ntohs (udp->len));
353 if (NULL == GNUNET_MESH_tunnel_get_data(tunnel))
355 /* No notify is pending */
356 struct GNUNET_MESH_TransmitHandle* th = GNUNET_MESH_notify_transmit_ready (tunnel,
359 GNUNET_TIME_relative_divide
360 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
361 (const struct GNUNET_PeerIdentity *)
363 send_udp_to_peer_notify_callback, ctunnel);
364 /* save the handle */
365 GNUNET_MESH_tunnel_set_data(tunnel, th);
369 struct tunnel_notify_queue* head = GNUNET_MESH_tunnel_get_head(tunnel);
370 struct tunnel_notify_queue* tail = GNUNET_MESH_tunnel_get_tail(tunnel);
372 struct tunnel_notify_queue* element = GNUNET_malloc(sizeof(struct tunnel_notify_queue));
373 element->cls = ctunnel;
376 GNUNET_CONTAINER_DLL_insert_tail(head, tail, element);
377 GNUNET_MESH_tunnel_set_head(tunnel, head);
378 GNUNET_MESH_tunnel_set_tail(tunnel, tail);
383 * @brief Handles a TCP-Packet received from the helper.
385 * @param tcp A pointer to the Packet
386 * @param dadr The IP-Destination-address
387 * @param addrlen The length of the address
388 * @param version 4 or 6
389 * @param pktlen the length of the packet, including its header
392 tcp_from_helper (struct tcp_pkt *tcp, unsigned char *dadr, size_t addrlen,
395 struct redirect_info u_i;
396 struct GNUNET_MESH_Tunnel *tunnel;
398 struct GNUNET_MessageHeader *msg;
400 memset (&u_i, 0, sizeof (struct redirect_info));
402 memcpy (&u_i.addr, dadr, addrlen);
405 /* get tunnel and service-descriptor from this */
406 GNUNET_HashCode hash;
407 hash_redirect_info(&hash, &u_i, addrlen);
409 struct redirect_state *state =
410 GNUNET_CONTAINER_multihashmap_get (tcp_connections, &hash);
414 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "No mapping for this connection; hash is %x\n", *((uint32_t*)&hash));
418 /* Mark this connection as freshly used */
419 GNUNET_CONTAINER_heap_update_cost (tcp_connections_heap, state->heap_node,
420 GNUNET_TIME_absolute_get ().abs_value);
422 tunnel = state->tunnel;
424 if (state->type == SERVICE)
426 /* check if spt == serv.remote if yes: set spt = serv.myport ("nat") */
427 if (ntohs (tcp->spt) == state->serv->remote_port)
429 tcp->spt = htons (state->serv->my_port);
433 // This is an illegal packet.
438 /* send tcp-packet back */
440 sizeof (struct GNUNET_MessageHeader) + sizeof (GNUNET_HashCode) + pktlen;
441 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "len: %d\n", pktlen);
442 struct GNUNET_MESH_Tunnel** ctunnel = GNUNET_malloc (sizeof(struct GNUNET_MESH_TUNNEL*) + len);
444 msg = (struct GNUNET_MessageHeader*)(ctunnel + 1);
445 msg->size = htons (len);
446 msg->type = htons (state->type == SERVICE ? GNUNET_MESSAGE_TYPE_SERVICE_TCP_BACK : GNUNET_MESSAGE_TYPE_REMOTE_TCP_BACK);
447 GNUNET_HashCode *desc = (GNUNET_HashCode *) (msg + 1);
448 if (state->type == SERVICE)
449 memcpy (desc, &state->desc, sizeof (GNUNET_HashCode));
451 memcpy (desc, &state->remote, sizeof (struct remote_addr));
452 void *_tcp = desc + 1;
453 memcpy (_tcp, tcp, pktlen);
455 if (NULL == GNUNET_MESH_tunnel_get_data(tunnel))
457 /* No notify is pending */
458 struct GNUNET_MESH_TransmitHandle* th = GNUNET_MESH_notify_transmit_ready (tunnel,
461 GNUNET_TIME_relative_divide
462 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
463 (const struct GNUNET_PeerIdentity *)NULL,
464 len, send_udp_to_peer_notify_callback,
466 /* save the handle */
467 GNUNET_MESH_tunnel_set_data(tunnel, th);
471 struct tunnel_notify_queue* head = GNUNET_MESH_tunnel_get_head(tunnel);
472 struct tunnel_notify_queue* tail = GNUNET_MESH_tunnel_get_tail(tunnel);
474 struct tunnel_notify_queue* element = GNUNET_malloc(sizeof(struct tunnel_notify_queue));
475 element->cls = ctunnel;
478 GNUNET_CONTAINER_DLL_insert_tail(head, tail, element);
484 * Receive packets from the helper-process
487 message_token (void *cls __attribute__((unused)),
488 void *client __attribute__((unused)), const struct GNUNET_MessageHeader *message)
490 GNUNET_assert (ntohs (message->type) == GNUNET_MESSAGE_TYPE_VPN_HELPER);
492 struct tun_pkt *pkt_tun = (struct tun_pkt *) message;
494 /* ethertype is ipv6 */
495 if (ntohs (pkt_tun->tun.type) == 0x86dd)
497 struct ip6_pkt *pkt6 = (struct ip6_pkt *) pkt_tun;
498 if (0x11 == pkt6->ip6_hdr.nxthdr)
499 udp_from_helper (&((struct ip6_udp *) pkt6)->udp_hdr,
500 (unsigned char *) &pkt6->ip6_hdr.dadr, 16);
501 else if (0x06 == pkt6->ip6_hdr.nxthdr)
502 tcp_from_helper (&((struct ip6_tcp *) pkt6)->tcp_hdr,
503 (unsigned char *) &pkt6->ip6_hdr.dadr, 16,
504 ntohs (pkt6->ip6_hdr.paylgth));
506 else if (ntohs (pkt_tun->tun.type) == 0x0800)
508 struct ip_pkt *pkt4 = (struct ip_pkt *) pkt_tun;
509 uint32_t tmp = pkt4->ip_hdr.dadr;
510 if (0x11 == pkt4->ip_hdr.proto)
511 udp_from_helper (&((struct ip_udp *) pkt4)->udp_hdr,
512 (unsigned char *) &tmp, 4);
513 else if (0x06 == pkt4->ip_hdr.proto)
515 size_t pktlen = ntohs(pkt4->ip_hdr.tot_lngth);
516 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "tot: %d\n", pktlen);
517 pktlen -= 4*pkt4->ip_hdr.hdr_lngth;
518 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "-hdr: %d\n", pktlen);
519 tcp_from_helper (&((struct ip_tcp *) pkt4)->tcp_hdr,
520 (unsigned char *) &tmp, 4, pktlen);
530 * Reads the configuration servicecfg and populates udp_services
533 * @param section name of section in config, equal to hostname
536 read_service_conf (void *cls __attribute__((unused)), const char *section)
538 if ((strlen(section) < 8) || (0 != strcmp (".gnunet.", section + (strlen(section) - 8))))
541 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Parsing dns-name %d %s %s\n", strlen(section), section, section + (strlen(section) - 8));
547 uint16_t *desc = alloca (sizeof (GNUNET_HashCode) + 2);
548 GNUNET_CRYPTO_hash (section, strlen (section) + 1,
549 (GNUNET_HashCode *) (desc + 1));
558 if (proto == UDP && (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string(cfg, section, "UDP_REDIRECTS", &cpy)))
560 else if (proto == TCP && (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string(cfg, section, "TCP_REDIRECTS", &cpy)))
563 for (redirect = strtok (cpy, " "); redirect != NULL; redirect = strtok
566 if (NULL == (hostname = strstr (redirect, ":")))
568 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Warning: option %s is not formatted correctly!\n",
574 if (NULL == (hostport = strstr (hostname, ":")))
576 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Warning: option %s is not formatted correctly!\n",
583 int local_port = atoi (redirect);
584 if (!((local_port > 0) && (local_port < 65536)))
585 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Warning: %s is not a correct port.",
590 struct redirect_service *serv =
591 GNUNET_malloc (sizeof (struct redirect_service));
592 memset (serv, 0, sizeof (struct redirect_service));
593 serv->my_port = local_port;
595 if (0 == strcmp ("localhost4", hostname))
600 GNUNET_assert (GNUNET_OK ==
601 GNUNET_CONFIGURATION_get_value_string (cfg,
606 inet_pton (AF_INET, ip4addr,
607 serv->v4.ip4address));
608 GNUNET_free (ip4addr);
610 else if (0 == strcmp ("localhost6", hostname))
615 GNUNET_assert (GNUNET_OK ==
616 GNUNET_CONFIGURATION_get_value_string (cfg,
621 inet_pton (AF_INET6, ip6addr,
622 serv->v6.ip6address));
623 GNUNET_free (ip6addr);
627 // TODO Lookup, yadayadayada
630 serv->remote_port = atoi (hostport);
632 GNUNET_assert (GNUNET_OK ==
633 GNUNET_CONTAINER_multihashmap_put (udp_services,
634 (GNUNET_HashCode*)desc, serv,
635 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
637 GNUNET_assert (GNUNET_OK ==
638 GNUNET_CONTAINER_multihashmap_put (tcp_services,
639 (GNUNET_HashCode*)desc, serv,
640 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
645 proto = (proto == UDP) ? TCP : UDP;
647 while (proto != UDP);
651 * Start the helper-process
653 * If cls != NULL it is assumed that this function is called as a result of a dying
654 * helper. cls is then taken as handle to the old helper and is cleaned up.
657 start_helper_and_schedule(void *cls,
658 const struct GNUNET_SCHEDULER_TaskContext *tc) {
659 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
672 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IFNAME", &ifname))
674 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IFNAME' in configuration!\n");
678 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV6ADDR", &ipv6addr))
680 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV6ADDR' in configuration!\n");
684 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV6PREFIX", &ipv6prefix))
686 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV6PREFIX' in configuration!\n");
690 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV4ADDR", &ipv4addr))
692 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV4ADDR' in configuration!\n");
696 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV4MASK", &ipv4mask))
698 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV4MASK' in configuration!\n");
703 * Messages get passed to the function message_token
704 * When the helper dies, this function will be called again with the
705 * helper_handle as cls.
707 helper_handle = start_helper(ifname,
713 start_helper_and_schedule,
717 GNUNET_free(ipv6addr);
718 GNUNET_free(ipv6prefix);
719 GNUNET_free(ipv4addr);
720 GNUNET_free(ipv4mask);
725 prepare_ipv4_packet (ssize_t len, ssize_t pktlen, void *payload,
726 uint16_t protocol, void *ipaddress, void *tunnel,
727 struct redirect_state *state, struct ip_pkt *pkt4)
731 pkt4->shdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
732 pkt4->shdr.size = htons (len);
734 pkt4->tun.type = htons (0x0800);
736 memcpy (&pkt4->data, payload, pktlen);
738 pkt4->ip_hdr.version = 4;
739 pkt4->ip_hdr.hdr_lngth = 5;
740 pkt4->ip_hdr.diff_serv = 0;
741 pkt4->ip_hdr.tot_lngth = htons (20 + pktlen);
742 pkt4->ip_hdr.ident = 0;
743 pkt4->ip_hdr.flags = 0;
744 pkt4->ip_hdr.frag_off = 0;
745 pkt4->ip_hdr.ttl = 255;
746 pkt4->ip_hdr.proto = protocol;
747 pkt4->ip_hdr.chks = 0; /* Will be calculated later */
749 memcpy (&tmp, ipaddress, 4);
750 pkt4->ip_hdr.dadr = tmp;
752 /* Generate a new src-address */
755 GNUNET_assert (GNUNET_OK ==
756 GNUNET_CONFIGURATION_get_value_string (cfg, "exit",
759 GNUNET_assert (GNUNET_OK ==
760 GNUNET_CONFIGURATION_get_value_string (cfg, "exit",
763 inet_pton (AF_INET, ipv4addr, &tmp);
764 inet_pton (AF_INET, ipv4mask, &tmp2);
765 GNUNET_free (ipv4addr);
766 GNUNET_free (ipv4mask);
768 /* This should be a noop */
771 tmp |= ntohl (*((uint32_t *) tunnel)) & (~tmp2);
773 pkt4->ip_hdr.sadr = tmp;
775 memcpy (&state->redirect_info.addr, &tmp, 4);
776 if (0x11 == protocol)
778 struct ip_udp* pkt4_udp = (struct ip_udp*)pkt4;
779 state->redirect_info.pt = pkt4_udp->udp_hdr.spt;
781 pkt4_udp->udp_hdr.crc = 0; /* Optional for IPv4 */
783 else if (0x06 == protocol)
785 struct ip_tcp* pkt4_tcp = (struct ip_tcp*)pkt4;
786 state->redirect_info.pt = pkt4_tcp->tcp_hdr.spt;
788 pkt4_tcp->tcp_hdr.crc = 0;
790 tmp = pkt4->ip_hdr.sadr;
792 calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
793 tmp = pkt4->ip_hdr.dadr;
795 calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
797 tmp = (protocol << 16) | (0xffff & pktlen);
799 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "line: %08x, %x \n", tmp, (0xffff & pktlen));
803 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
806 calculate_checksum_update (sum, (uint16_t *) & pkt4_tcp->tcp_hdr, pktlen);
807 pkt4_tcp->tcp_hdr.crc = calculate_checksum_end (sum);
811 calculate_ip_checksum ((uint16_t *) & pkt4->ip_hdr, 5 * 4);
815 prepare_ipv6_packet (ssize_t len, ssize_t pktlen, void *payload,
816 uint16_t protocol, void *ipaddress, void *tunnel,
817 struct redirect_state *state, struct ip6_pkt *pkt6)
821 pkt6->shdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
822 pkt6->shdr.size = htons (len);
825 pkt6->tun.type = htons (0x86dd);
827 memcpy (&pkt6->data, payload, pktlen);
829 pkt6->ip6_hdr.version = 6;
830 pkt6->ip6_hdr.nxthdr = protocol;
831 pkt6->ip6_hdr.paylgth = htons (pktlen);
832 pkt6->ip6_hdr.hoplmt = 64;
834 memcpy (pkt6->ip6_hdr.dadr, ipaddress, 16);
836 /* Generate a new src-address
837 * This takes as much from the address of the tunnel as fits into
840 unsigned long long ipv6prefix;
841 GNUNET_assert (GNUNET_OK ==
842 GNUNET_CONFIGURATION_get_value_string (cfg, "exit",
845 GNUNET_assert (GNUNET_OK ==
846 GNUNET_CONFIGURATION_get_value_number (cfg, "exit",
849 GNUNET_assert (ipv6prefix < 127);
850 ipv6prefix = (ipv6prefix + 7) / 8;
852 inet_pton (AF_INET6, ipv6addr, &pkt6->ip6_hdr.sadr);
853 GNUNET_free (ipv6addr);
855 if (ipv6prefix < (16 - sizeof (void *)))
856 ipv6prefix = 16 - sizeof (void *);
858 unsigned int offset = ipv6prefix - (16 - sizeof (void *));
859 memcpy ((((char *) &pkt6->ip6_hdr.sadr)) + ipv6prefix,
860 ((char *) &tunnel) + offset, 16 - ipv6prefix);
862 /* copy the needed information into the state */
863 memcpy (&state->redirect_info.addr, &pkt6->ip6_hdr.sadr, 16);
865 if (0x11 == protocol)
867 struct ip6_udp* pkt6_udp = (struct ip6_udp*)pkt6;
868 state->redirect_info.pt = pkt6_udp->udp_hdr.spt;
870 pkt6_udp->udp_hdr.crc = 0;
873 calculate_checksum_update (sum, (uint16_t *) & pkt6_udp->ip6_hdr.sadr, 16);
875 calculate_checksum_update (sum, (uint16_t *) & pkt6_udp->ip6_hdr.dadr, 16);
876 tmp = (htons (pktlen) & 0xffff);
877 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
878 tmp = htons (((pkt6_udp->ip6_hdr.nxthdr & 0x00ff)));
879 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
882 calculate_checksum_update (sum, (uint16_t *) & pkt6_udp->udp_hdr,
883 ntohs (pkt6_udp->udp_hdr.len));
884 pkt6_udp->udp_hdr.crc = calculate_checksum_end (sum);
886 else if (0x06 == protocol)
888 struct ip6_tcp* pkt6_tcp = (struct ip6_tcp*)pkt6;
889 state->redirect_info.pt = pkt6_tcp->tcp_hdr.spt;
891 pkt6_tcp->tcp_hdr.crc = 0;
894 calculate_checksum_update (sum, (uint16_t *) & pkt6->ip6_hdr.sadr, 16);
896 calculate_checksum_update (sum, (uint16_t *) & pkt6->ip6_hdr.dadr, 16);
898 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
899 tmp = htonl (((pkt6->ip6_hdr.nxthdr & 0x000000ff)));
900 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
903 calculate_checksum_update (sum, (uint16_t *) & pkt6_tcp->tcp_hdr,
904 ntohs (pkt6->ip6_hdr.paylgth));
905 pkt6_tcp->tcp_hdr.crc = calculate_checksum_end (sum);
910 * The messages are one GNUNET_HashCode for the service followed by a struct tcp_pkt
913 receive_tcp_service (void *cls __attribute__((unused)),
914 struct GNUNET_MESH_Tunnel *tunnel,
915 void **tunnel_ctx __attribute__((unused)),
916 const struct GNUNET_PeerIdentity *sender __attribute__((unused)),
917 const struct GNUNET_MessageHeader *message,
918 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
920 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received TCP-Packet\n");
921 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
922 struct tcp_pkt *pkt = (struct tcp_pkt *) (desc + 1);
923 unsigned int pkt_len = ntohs (message->size) - sizeof (struct
924 GNUNET_MessageHeader)
925 - sizeof (GNUNET_HashCode);
927 /** Get the configuration from the services-hashmap.
929 * Which service is needed only depends on the service-descriptor and the
932 uint16_t *tcp_desc = alloca (sizeof (GNUNET_HashCode) + 2);
934 memcpy (tcp_desc + 1, desc, sizeof (GNUNET_HashCode));
935 *tcp_desc = ntohs (pkt->dpt);
936 struct redirect_service *serv =
937 GNUNET_CONTAINER_multihashmap_get (tcp_services, (GNUNET_HashCode*)tcp_desc);
940 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
941 "No service found for TCP dpt %d!\n", *tcp_desc);
945 pkt->dpt = htons (serv->remote_port);
948 * At this point it would be possible to check against some kind of ACL.
954 /* Prepare the state.
955 * This will be saved in the hashmap, so that the receiving procedure knows
956 * through which tunnel this connection has to be routed.
958 struct redirect_state *state =
959 GNUNET_malloc (sizeof (struct redirect_state));
960 memset (state, 0, sizeof (struct redirect_state));
961 state->tunnel = tunnel;
963 state->type = SERVICE;
964 state->hashmap = tcp_connections;
965 memcpy (&state->desc, desc, sizeof (GNUNET_HashCode));
967 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
968 sizeof (struct ip6_hdr) + pkt_len;
971 memset (buf, 0, len);
973 switch (serv->version)
976 prepare_ipv4_packet (len, pkt_len, pkt, 0x06, /* TCP */
977 &serv->v4.ip4address,
978 tunnel, state, (struct ip_pkt *) buf);
981 prepare_ipv6_packet (len, pkt_len, pkt, 0x06, /* TCP */
982 &serv->v6.ip6address,
983 tunnel, state, (struct ip6_pkt *) buf);
991 hash_redirect_info(&state->hash, &state->redirect_info, serv->version == 4 ? 4 : 16);
994 GNUNET_CONTAINER_multihashmap_contains (tcp_connections, &state->hash))
996 GNUNET_CONTAINER_multihashmap_put (tcp_connections, &state->hash, state,
997 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1000 GNUNET_CONTAINER_heap_insert (tcp_connections_heap, state,
1001 GNUNET_TIME_absolute_get ().abs_value);
1003 if (GNUNET_CONTAINER_heap_get_size(tcp_connections_heap) > max_tcp_connections)
1004 GNUNET_SCHEDULER_add_now(collect_connections, tcp_connections_heap);
1007 GNUNET_free (state);
1009 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1014 receive_tcp_remote (void *cls __attribute__((unused)),
1015 struct GNUNET_MESH_Tunnel *tunnel,
1016 void **tunnel_ctx __attribute__((unused)),
1017 const struct GNUNET_PeerIdentity *sender __attribute__((unused)),
1018 const struct GNUNET_MessageHeader *message,
1019 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
1021 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1022 struct tcp_pkt *pkt = (struct tcp_pkt *) (desc + 1);
1023 struct remote_addr *s = (struct remote_addr *) desc;
1026 unsigned int pkt_len = ntohs (message->size) - sizeof (struct GNUNET_MessageHeader) - sizeof (GNUNET_HashCode);
1028 struct redirect_state *state =
1029 GNUNET_malloc (sizeof (struct redirect_state));
1030 memset (state, 0, sizeof (struct redirect_state));
1031 state->tunnel = tunnel;
1032 state->type = REMOTE;
1033 state->hashmap = tcp_connections;
1034 memcpy (&state->remote, s, sizeof (struct remote_addr));
1036 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1037 sizeof (struct ip6_hdr) + pkt_len;
1040 memset (buf, 0, len);
1045 prepare_ipv4_packet (len, pkt_len, pkt, 0x06, /* TCP */
1046 &s->addr, tunnel, state, (struct ip_pkt *) buf);
1049 prepare_ipv6_packet (len, pkt_len, pkt, 0x06, /* TCP */
1050 &s->addr, tunnel, state, (struct ip6_pkt *) buf);
1053 return GNUNET_SYSERR;
1057 hash_redirect_info (&state->hash, &state->redirect_info, s->addrlen);
1059 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Packet from remote; hash is %x\n", *((uint32_t*)&state->hash));
1062 GNUNET_CONTAINER_multihashmap_contains (tcp_connections, &state->hash))
1064 GNUNET_CONTAINER_multihashmap_put (tcp_connections, &state->hash, state,
1065 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1068 GNUNET_CONTAINER_heap_insert (tcp_connections_heap, state,
1069 GNUNET_TIME_absolute_get ().abs_value);
1071 if (GNUNET_CONTAINER_heap_get_size (tcp_connections_heap) >
1072 max_tcp_connections)
1073 GNUNET_SCHEDULER_add_now (collect_connections, tcp_connections_heap);
1076 GNUNET_free (state);
1078 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1084 receive_udp_remote (void *cls __attribute__((unused)),
1085 struct GNUNET_MESH_Tunnel *tunnel,
1086 void **tunnel_ctx __attribute__((unused)),
1087 const struct GNUNET_PeerIdentity *sender __attribute__((unused)),
1088 const struct GNUNET_MessageHeader *message,
1089 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
1091 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1092 struct udp_pkt *pkt = (struct udp_pkt *) (desc + 1);
1093 struct remote_addr *s = (struct remote_addr *) desc;
1097 GNUNET_assert (ntohs (pkt->len) ==
1098 ntohs (message->size) -
1099 sizeof (struct GNUNET_MessageHeader) -
1100 sizeof (GNUNET_HashCode));
1102 /* Prepare the state.
1103 * This will be saved in the hashmap, so that the receiving procedure knows
1104 * through which tunnel this connection has to be routed.
1106 struct redirect_state *state =
1107 GNUNET_malloc (sizeof (struct redirect_state));
1108 memset (state, 0, sizeof (struct redirect_state));
1109 state->tunnel = tunnel;
1110 state->hashmap = udp_connections;
1111 state->type = REMOTE;
1112 memcpy (&state->remote, s, sizeof (struct remote_addr));
1114 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1115 sizeof (struct ip6_hdr) + ntohs (pkt->len);
1118 memset (buf, 0, len);
1123 prepare_ipv4_packet (len, ntohs (pkt->len), pkt, 0x11, /* UDP */
1124 &s->addr, tunnel, state, (struct ip_pkt *) buf);
1127 prepare_ipv6_packet (len, ntohs (pkt->len), pkt, 0x11, /* UDP */
1128 &s->addr, tunnel, state, (struct ip6_pkt *) buf);
1135 hash_redirect_info (&state->hash, &state->redirect_info, s->addrlen);
1138 GNUNET_CONTAINER_multihashmap_contains (udp_connections, &state->hash))
1140 GNUNET_CONTAINER_multihashmap_put (udp_connections, &state->hash, state,
1141 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1144 GNUNET_CONTAINER_heap_insert (udp_connections_heap, state,
1145 GNUNET_TIME_absolute_get ().abs_value);
1147 if (GNUNET_CONTAINER_heap_get_size (udp_connections_heap) >
1148 max_udp_connections)
1149 GNUNET_SCHEDULER_add_now (collect_connections, udp_connections_heap);
1152 GNUNET_free (state);
1154 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1159 * The messages are one GNUNET_HashCode for the service, followed by a struct udp_pkt
1162 receive_udp_service (void *cls __attribute__((unused)),
1163 struct GNUNET_MESH_Tunnel *tunnel,
1164 void **tunnel_ctx __attribute__((unused)),
1165 const struct GNUNET_PeerIdentity *sender __attribute__((unused)),
1166 const struct GNUNET_MessageHeader *message,
1167 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
1169 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1170 struct udp_pkt *pkt = (struct udp_pkt *) (desc + 1);
1172 GNUNET_assert (ntohs (pkt->len) ==
1173 ntohs (message->size) -
1174 sizeof (struct GNUNET_MessageHeader) -
1175 sizeof (GNUNET_HashCode));
1177 /* Get the configuration from the hashmap */
1178 uint16_t *udp_desc = alloca (sizeof (GNUNET_HashCode) + 2);
1179 memcpy (udp_desc + 1, desc, sizeof (GNUNET_HashCode));
1180 *udp_desc = ntohs (pkt->dpt);
1181 struct redirect_service *serv =
1182 GNUNET_CONTAINER_multihashmap_get (udp_services, (GNUNET_HashCode*)udp_desc);
1185 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1186 "No service found for UDP dpt %d!\n", *udp_desc);
1190 pkt->dpt = htons (serv->remote_port);
1193 * At this point it would be possible to check against some kind of ACL.
1199 /* Prepare the state.
1200 * This will be saved in the hashmap, so that the receiving procedure knows
1201 * through which tunnel this connection has to be routed.
1203 struct redirect_state *state =
1204 GNUNET_malloc (sizeof (struct redirect_state));
1205 memset (state, 0, sizeof (struct redirect_state));
1206 state->tunnel = tunnel;
1208 state->type = SERVICE;
1209 state->hashmap = udp_connections;
1210 memcpy (&state->desc, desc, sizeof (GNUNET_HashCode));
1212 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1213 sizeof (struct ip6_hdr) + ntohs (pkt->len);
1216 memset (buf, 0, len);
1218 switch (serv->version)
1221 prepare_ipv4_packet (len, ntohs (pkt->len), pkt, 0x11, /* UDP */
1222 &serv->v4.ip4address,
1223 tunnel, state, (struct ip_pkt *) buf);
1226 prepare_ipv6_packet (len, ntohs (pkt->len), pkt, 0x11, /* UDP */
1227 &serv->v6.ip6address,
1228 tunnel, state, (struct ip6_pkt *) buf);
1236 hash_redirect_info(&state->hash, &state->redirect_info, serv->version == 4 ? 4 : 16);
1239 GNUNET_CONTAINER_multihashmap_contains (udp_connections, &state->hash))
1241 GNUNET_CONTAINER_multihashmap_put (udp_connections, &state->hash, state,
1242 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1245 GNUNET_CONTAINER_heap_insert (udp_connections_heap, state,
1246 GNUNET_TIME_absolute_get ().abs_value);
1248 if (GNUNET_CONTAINER_heap_get_size(udp_connections_heap) > max_udp_connections)
1249 GNUNET_SCHEDULER_add_now(collect_connections, udp_connections_heap);
1252 GNUNET_free (state);
1254 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1262 int handler_idx, app_idx;
1264 udp = GNUNET_CONFIGURATION_get_value_yesno(cfg, "exit", "ENABLE_UDP");
1265 tcp = GNUNET_CONFIGURATION_get_value_yesno(cfg, "exit", "ENABLE_TCP");
1267 static struct GNUNET_MESH_MessageHandler handlers[] = {
1268 {receive_udp_service, GNUNET_MESSAGE_TYPE_SERVICE_UDP, 0},
1269 {receive_tcp_service, GNUNET_MESSAGE_TYPE_SERVICE_TCP, 0},
1275 static GNUNET_MESH_ApplicationType apptypes[] =
1277 GNUNET_APPLICATION_TYPE_END,
1278 GNUNET_APPLICATION_TYPE_END,
1279 GNUNET_APPLICATION_TYPE_END
1285 if (GNUNET_YES == udp)
1287 handlers[handler_idx].callback = receive_udp_remote;
1288 handlers[handler_idx].expected_size = 0;
1289 handlers[handler_idx].type = GNUNET_MESSAGE_TYPE_REMOTE_UDP;
1290 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_INTERNET_UDP_GATEWAY;
1295 if (GNUNET_YES == tcp)
1297 handlers[handler_idx].callback = receive_tcp_remote;
1298 handlers[handler_idx].expected_size = 0;
1299 handlers[handler_idx].type = GNUNET_MESSAGE_TYPE_REMOTE_TCP;
1300 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_INTERNET_TCP_GATEWAY;
1305 mesh_handle = GNUNET_MESH_connect (cfg, NULL, NULL, handlers, apptypes);
1309 * @brief Main function that will be run by the scheduler.
1311 * @param cls closure
1312 * @param args remaining command-line arguments
1313 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
1314 * @param cfg_ configuration
1318 char *const *args __attribute__((unused)),
1319 const char *cfgfile __attribute__((unused)), const struct GNUNET_CONFIGURATION_Handle *cfg_)
1325 udp_connections = GNUNET_CONTAINER_multihashmap_create (65536);
1326 udp_connections_heap =
1327 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
1328 tcp_connections = GNUNET_CONTAINER_multihashmap_create (65536);
1329 tcp_connections_heap =
1330 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
1331 udp_services = GNUNET_CONTAINER_multihashmap_create (65536);
1332 tcp_services = GNUNET_CONTAINER_multihashmap_create (65536);
1334 GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_UDP_CONNECTIONS",
1335 &max_udp_connections);
1336 GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_TCP_CONNECTIONS",
1337 &max_tcp_connections);
1339 GNUNET_CONFIGURATION_iterate_sections (cfg, read_service_conf, NULL);
1341 GNUNET_SCHEDULER_add_now (start_helper_and_schedule, NULL);
1342 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
1346 * The main function to obtain template from gnunetd.
1348 * @param argc number of arguments from the command line
1349 * @param argv command line arguments
1350 * @return 0 ok, 1 on error
1353 main (int argc, char *const *argv) {
1354 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
1355 GNUNET_GETOPT_OPTION_END
1358 return (GNUNET_OK ==
1359 GNUNET_PROGRAM_run (argc,
1362 gettext_noop ("help text"),
1363 options, &run, NULL)) ? ret : 1;
1366 /* end of gnunet-daemon-exit.c */