2 This file is part of GNUnet.
3 (C) 2010 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file vpn/gnunet-daemon-exit.c
24 * @author Philipp Toelke
27 #include <gnunet_common.h>
28 #include <gnunet_program_lib.h>
29 #include <gnunet_protocols.h>
30 #include <gnunet_applications.h>
31 #include <gnunet_mesh_service.h>
32 #include <gnunet_constants.h>
35 #include "gnunet-vpn-packet.h"
36 #include "gnunet-helper-vpn-api.h"
37 #include "gnunet-vpn-checksum.h"
39 GNUNET_SCHEDULER_TaskIdentifier shs_task;
42 * The handle to the configuration used throughout the process
44 static const struct GNUNET_CONFIGURATION_Handle *cfg;
47 * The handle to the helper
49 struct GNUNET_VPN_HELPER_Handle *helper_handle;
59 static struct GNUNET_MESH_Handle *mesh_handle;
62 * This hashmaps contains the mapping from peer, service-descriptor,
63 * source-port and destination-port to a struct redirect_state
65 static struct GNUNET_CONTAINER_MultiHashMap *udp_connections;
66 static struct GNUNET_CONTAINER_Heap *udp_connections_heap;
67 static struct GNUNET_CONTAINER_MultiHashMap *tcp_connections;
68 static struct GNUNET_CONTAINER_Heap *tcp_connections_heap;
71 * If there are at least this many udp-Connections, old ones will be removed
73 static long long unsigned int max_udp_connections = 200;
76 * If there are at least this many tcp-Connections, old ones will be removed
78 static long long unsigned int max_tcp_connections = 200;
83 unsigned char addr[16];
88 * This struct is saved into the services-hashmap
90 struct redirect_service
115 * The source-address of this connection. When a packet to this address is
116 * received, this tunnel is used to forward it. ipv4-addresses will be put
117 * here left-aligned */
120 * The source-port of this connection
126 * This struct is saved into {tcp,udp}_connections;
128 struct redirect_state
130 struct GNUNET_MESH_Tunnel *tunnel;
131 GNUNET_HashCode desc;
132 struct redirect_service *serv;
133 struct remote_addr remote;
135 struct GNUNET_CONTAINER_HeapNode *heap_node;
136 struct GNUNET_CONTAINER_MultiHashMap *hashmap;
137 GNUNET_HashCode hash;
140 { SERVICE, REMOTE } type;
143 * The source-address and -port of this connection
145 struct redirect_info redirect_info;
149 * This hashmaps saves interesting things about the configured services
151 static struct GNUNET_CONTAINER_MultiHashMap *udp_services;
152 static struct GNUNET_CONTAINER_MultiHashMap *tcp_services;
154 struct tunnel_notify_queue
156 struct tunnel_notify_queue *next;
157 struct tunnel_notify_queue *prev;
163 * Function that frees everything from a hashmap
166 free_iterate (void *cls __attribute__ ((unused)), const GNUNET_HashCode * hash
167 __attribute__ ((unused)), void *value)
174 * Function scheduled as very last function, cleans up after us
178 __attribute__ ((unused)),
179 const struct GNUNET_SCHEDULER_TaskContext *tskctx)
181 GNUNET_assert (0 != (tskctx->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN));
183 GNUNET_CONTAINER_multihashmap_iterate (udp_connections, free_iterate, NULL);
185 GNUNET_CONTAINER_multihashmap_iterate (tcp_connections, free_iterate, NULL);
187 if (mesh_handle != NULL)
189 GNUNET_MESH_disconnect (mesh_handle);
195 collect_connections (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
197 if ((tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN) != 0)
201 struct GNUNET_CONTAINER_Heap *heap = cls;
203 struct redirect_state *state = GNUNET_CONTAINER_heap_remove_root (heap);
205 /* This is free()ed memory! */
206 state->heap_node = NULL;
208 /* FIXME! GNUNET_MESH_close_tunnel(state->tunnel); */
210 GNUNET_assert (GNUNET_OK ==
211 GNUNET_CONTAINER_multihashmap_remove (state->hashmap, &state->hash, state));
217 hash_redirect_info (GNUNET_HashCode * hash, struct redirect_info *u_i,
221 /* the gnunet hashmap only uses the first sizeof(unsigned int) of the hash
223 * build the hash out of the last bytes of the address and the 2 bytes of
226 memcpy (hash, &u_i->pt, sizeof (u_i->pt));
227 memcpy (((unsigned char *) hash) + 2,
228 u_i->addr + (addrlen - (sizeof (unsigned int) - 2)),
229 (sizeof (unsigned int) - 2));
230 memset (((unsigned char *) hash) + sizeof (unsigned int), 0,
231 sizeof (GNUNET_HashCode) - sizeof (unsigned int));
235 * cls is the pointer to a GNUNET_MessageHeader that is
236 * followed by the service-descriptor and the udp-packet that should be sent;
239 send_udp_to_peer_notify_callback (void *cls, size_t size, void *buf)
241 struct GNUNET_MESH_Tunnel **tunnel = cls;
243 GNUNET_MESH_tunnel_set_data (*tunnel, NULL);
244 struct GNUNET_MessageHeader *hdr =
245 (struct GNUNET_MessageHeader *) (tunnel + 1);
246 GNUNET_assert (size >= ntohs (hdr->size));
247 memcpy (buf, hdr, ntohs (hdr->size));
248 size = ntohs (hdr->size);
250 if (NULL != GNUNET_MESH_tunnel_get_head (*tunnel))
252 struct tunnel_notify_queue *element = GNUNET_MESH_tunnel_get_head (*tunnel);
253 struct tunnel_notify_queue *head = GNUNET_MESH_tunnel_get_head (*tunnel);
254 struct tunnel_notify_queue *tail = GNUNET_MESH_tunnel_get_tail (*tunnel);
256 GNUNET_CONTAINER_DLL_remove (head, tail, element);
258 GNUNET_MESH_tunnel_set_head (*tunnel, head);
259 GNUNET_MESH_tunnel_set_tail (*tunnel, tail);
261 struct GNUNET_MESH_TransmitHandle *th =
262 GNUNET_MESH_notify_transmit_ready (*tunnel,
265 GNUNET_TIME_relative_divide
266 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
267 (const struct GNUNET_PeerIdentity *)
269 send_udp_to_peer_notify_callback,
272 /* save the handle */
273 GNUNET_MESH_tunnel_set_data (*tunnel, th);
274 GNUNET_free (element);
283 * @brief Handles an UDP-Packet received from the helper.
285 * @param udp A pointer to the Packet
286 * @param dadr The IP-Destination-address
287 * @param addrlen The length of the address
288 * @param version 4 or 6
291 udp_from_helper (struct udp_pkt *udp, unsigned char *dadr, size_t addrlen)
293 struct redirect_info u_i;
294 struct GNUNET_MESH_Tunnel *tunnel;
296 struct GNUNET_MessageHeader *msg;
298 memset (&u_i, 0, sizeof (struct redirect_info));
300 memcpy (&u_i.addr, dadr, addrlen);
304 /* get tunnel and service-descriptor from this */
305 GNUNET_HashCode hash;
307 hash_redirect_info (&hash, &u_i, addrlen);
309 struct redirect_state *state =
310 GNUNET_CONTAINER_multihashmap_get (udp_connections, &hash);
312 /* Mark this connection as freshly used */
313 GNUNET_CONTAINER_heap_update_cost (udp_connections_heap, state->heap_node,
314 GNUNET_TIME_absolute_get ().abs_value);
316 tunnel = state->tunnel;
318 if (state->type == SERVICE)
320 /* check if spt == serv.remote if yes: set spt = serv.myport ("nat") */
321 if (ntohs (udp->spt) == state->serv->remote_port)
323 udp->spt = htons (state->serv->my_port);
327 /* otherwise the answer came from a different port (tftp does this)
328 * add this new port to the list of all services, so that the packets
329 * coming back from the client to this new port will be routed correctly
331 struct redirect_service *serv =
332 GNUNET_malloc (sizeof (struct redirect_service));
333 memcpy (serv, state->serv, sizeof (struct redirect_service));
334 serv->my_port = ntohs (udp->spt);
335 serv->remote_port = ntohs (udp->spt);
336 uint16_t *desc = alloca (sizeof (GNUNET_HashCode) + 2);
338 memcpy ((GNUNET_HashCode *) (desc + 1), &state->desc,
339 sizeof (GNUNET_HashCode));
340 *desc = ntohs (udp->spt);
341 GNUNET_assert (GNUNET_OK ==
342 GNUNET_CONTAINER_multihashmap_put (udp_services,
345 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
351 /* send udp-packet back */
353 sizeof (struct GNUNET_MessageHeader) + sizeof (GNUNET_HashCode) +
355 struct GNUNET_MESH_Tunnel **ctunnel =
356 GNUNET_malloc (sizeof (struct GNUNET_MESH_TUNNEL *) + len);
358 msg = (struct GNUNET_MessageHeader *) (ctunnel + 1);
359 msg->size = htons (len);
361 htons (state->type ==
362 SERVICE ? GNUNET_MESSAGE_TYPE_VPN_SERVICE_UDP_BACK :
363 GNUNET_MESSAGE_TYPE_VPN_REMOTE_UDP_BACK);
364 GNUNET_HashCode *desc = (GNUNET_HashCode *) (msg + 1);
366 if (state->type == SERVICE)
367 memcpy (desc, &state->desc, sizeof (GNUNET_HashCode));
369 memcpy (desc, &state->remote, sizeof (struct remote_addr));
370 void *_udp = desc + 1;
372 memcpy (_udp, udp, ntohs (udp->len));
374 if (NULL == GNUNET_MESH_tunnel_get_data (tunnel))
376 /* No notify is pending */
377 struct GNUNET_MESH_TransmitHandle *th =
378 GNUNET_MESH_notify_transmit_ready (tunnel,
381 GNUNET_TIME_relative_divide
382 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
383 (const struct GNUNET_PeerIdentity *)
385 send_udp_to_peer_notify_callback,
388 /* save the handle */
389 GNUNET_MESH_tunnel_set_data (tunnel, th);
393 struct tunnel_notify_queue *head = GNUNET_MESH_tunnel_get_head (tunnel);
394 struct tunnel_notify_queue *tail = GNUNET_MESH_tunnel_get_tail (tunnel);
396 struct tunnel_notify_queue *element =
397 GNUNET_malloc (sizeof (struct tunnel_notify_queue));
398 element->cls = ctunnel;
401 GNUNET_CONTAINER_DLL_insert_tail (head, tail, element);
402 GNUNET_MESH_tunnel_set_head (tunnel, head);
403 GNUNET_MESH_tunnel_set_tail (tunnel, tail);
408 * @brief Handles a TCP-Packet received from the helper.
410 * @param tcp A pointer to the Packet
411 * @param dadr The IP-Destination-address
412 * @param addrlen The length of the address
413 * @param version 4 or 6
414 * @param pktlen the length of the packet, including its header
417 tcp_from_helper (struct tcp_pkt *tcp, unsigned char *dadr, size_t addrlen,
420 struct redirect_info u_i;
421 struct GNUNET_MESH_Tunnel *tunnel;
423 struct GNUNET_MessageHeader *msg;
425 memset (&u_i, 0, sizeof (struct redirect_info));
427 memcpy (&u_i.addr, dadr, addrlen);
430 /* get tunnel and service-descriptor from this */
431 GNUNET_HashCode hash;
433 hash_redirect_info (&hash, &u_i, addrlen);
435 struct redirect_state *state =
436 GNUNET_CONTAINER_multihashmap_get (tcp_connections, &hash);
440 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
441 "No mapping for this connection; hash is %x\n",
442 *((uint32_t *) & hash));
446 /* Mark this connection as freshly used */
447 GNUNET_CONTAINER_heap_update_cost (tcp_connections_heap, state->heap_node,
448 GNUNET_TIME_absolute_get ().abs_value);
450 tunnel = state->tunnel;
452 if (state->type == SERVICE)
454 /* check if spt == serv.remote if yes: set spt = serv.myport ("nat") */
455 if (ntohs (tcp->spt) == state->serv->remote_port)
457 tcp->spt = htons (state->serv->my_port);
461 // This is an illegal packet.
466 /* send tcp-packet back */
468 sizeof (struct GNUNET_MessageHeader) + sizeof (GNUNET_HashCode) + pktlen;
469 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "len: %d\n", pktlen);
470 struct GNUNET_MESH_Tunnel **ctunnel =
471 GNUNET_malloc (sizeof (struct GNUNET_MESH_TUNNEL *) + len);
473 msg = (struct GNUNET_MessageHeader *) (ctunnel + 1);
474 msg->size = htons (len);
476 htons (state->type ==
477 SERVICE ? GNUNET_MESSAGE_TYPE_VPN_SERVICE_TCP_BACK :
478 GNUNET_MESSAGE_TYPE_VPN_REMOTE_TCP_BACK);
479 GNUNET_HashCode *desc = (GNUNET_HashCode *) (msg + 1);
481 if (state->type == SERVICE)
482 memcpy (desc, &state->desc, sizeof (GNUNET_HashCode));
484 memcpy (desc, &state->remote, sizeof (struct remote_addr));
485 void *_tcp = desc + 1;
487 memcpy (_tcp, tcp, pktlen);
489 if (NULL == GNUNET_MESH_tunnel_get_data (tunnel))
491 /* No notify is pending */
492 struct GNUNET_MESH_TransmitHandle *th =
493 GNUNET_MESH_notify_transmit_ready (tunnel,
496 GNUNET_TIME_relative_divide
497 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
498 (const struct GNUNET_PeerIdentity *)
501 send_udp_to_peer_notify_callback,
504 /* save the handle */
505 GNUNET_MESH_tunnel_set_data (tunnel, th);
509 struct tunnel_notify_queue *head = GNUNET_MESH_tunnel_get_head (tunnel);
510 struct tunnel_notify_queue *tail = GNUNET_MESH_tunnel_get_tail (tunnel);
512 struct tunnel_notify_queue *element =
513 GNUNET_malloc (sizeof (struct tunnel_notify_queue));
514 element->cls = ctunnel;
517 GNUNET_CONTAINER_DLL_insert_tail (head, tail, element);
518 GNUNET_MESH_tunnel_set_head (tunnel, head);
519 GNUNET_MESH_tunnel_set_tail (tunnel, tail);
525 * Receive packets from the helper-process
528 message_token (void *cls __attribute__ ((unused)), void *client
529 __attribute__ ((unused)),
530 const struct GNUNET_MessageHeader *message)
532 GNUNET_assert (ntohs (message->type) == GNUNET_MESSAGE_TYPE_VPN_HELPER);
534 struct tun_pkt *pkt_tun = (struct tun_pkt *) message;
536 /* ethertype is ipv6 */
537 if (ntohs (pkt_tun->tun.type) == 0x86dd)
539 struct ip6_pkt *pkt6 = (struct ip6_pkt *) pkt_tun;
541 if (IPPROTO_UDP == pkt6->ip6_hdr.nxthdr)
542 udp_from_helper (&((struct ip6_udp *) pkt6)->udp_hdr,
543 (unsigned char *) &pkt6->ip6_hdr.dadr, 16);
544 else if (IPPROTO_TCP == pkt6->ip6_hdr.nxthdr)
545 tcp_from_helper (&((struct ip6_tcp *) pkt6)->tcp_hdr,
546 (unsigned char *) &pkt6->ip6_hdr.dadr, 16,
547 ntohs (pkt6->ip6_hdr.paylgth));
549 else if (ntohs (pkt_tun->tun.type) == 0x0800)
551 struct ip_pkt *pkt4 = (struct ip_pkt *) pkt_tun;
552 uint32_t tmp = pkt4->ip_hdr.dadr;
554 if (IPPROTO_UDP == pkt4->ip_hdr.proto)
555 udp_from_helper (&((struct ip_udp *) pkt4)->udp_hdr,
556 (unsigned char *) &tmp, 4);
557 else if (IPPROTO_TCP == pkt4->ip_hdr.proto)
559 size_t pktlen = ntohs (pkt4->ip_hdr.tot_lngth);
561 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "tot: %d\n", pktlen);
562 pktlen -= 4 * pkt4->ip_hdr.hdr_lngth;
563 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "-hdr: %d\n", pktlen);
564 tcp_from_helper (&((struct ip_tcp *) pkt4)->tcp_hdr,
565 (unsigned char *) &tmp, 4, pktlen);
575 * Reads the configuration servicecfg and populates udp_services
578 * @param section name of section in config, equal to hostname
581 read_service_conf (void *cls __attribute__ ((unused)), const char *section)
583 if ((strlen (section) < 8) ||
584 (0 != strcmp (".gnunet.", section + (strlen (section) - 8))))
587 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Parsing dns-name %d %s %s\n",
588 strlen (section), section, section + (strlen (section) - 8));
594 uint16_t *desc = alloca (sizeof (GNUNET_HashCode) + 2);
596 GNUNET_CRYPTO_hash (section, strlen (section) + 1,
597 (GNUNET_HashCode *) (desc + 1));
608 GNUNET_CONFIGURATION_get_value_string (cfg, section, "UDP_REDIRECTS",
611 else if (proto == TCP &&
613 GNUNET_CONFIGURATION_get_value_string (cfg, section,
614 "TCP_REDIRECTS", &cpy)))
617 for (redirect = strtok (cpy, " "); redirect != NULL;
618 redirect = strtok (NULL, " "))
620 if (NULL == (hostname = strstr (redirect, ":")))
622 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
623 "Warning: option %s is not formatted correctly!\n",
629 if (NULL == (hostport = strstr (hostname, ":")))
631 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
632 "Warning: option %s is not formatted correctly!\n",
639 int local_port = atoi (redirect);
641 if (!((local_port > 0) && (local_port < 65536)))
642 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
643 "Warning: %s is not a correct port.", redirect);
647 struct redirect_service *serv =
648 GNUNET_malloc (sizeof (struct redirect_service));
649 serv->my_port = local_port;
651 if (0 == strcmp ("localhost4", hostname))
657 GNUNET_assert (GNUNET_OK ==
658 GNUNET_CONFIGURATION_get_value_string (cfg, "exit",
661 GNUNET_assert (1 == inet_pton (AF_INET, ip4addr, serv->v4.ip4address));
662 GNUNET_free (ip4addr);
664 else if (0 == strcmp ("localhost6", hostname))
670 GNUNET_assert (GNUNET_OK ==
671 GNUNET_CONFIGURATION_get_value_string (cfg, "exit",
674 GNUNET_assert (1 == inet_pton (AF_INET6, ip6addr, serv->v6.ip6address));
675 GNUNET_free (ip6addr);
679 struct addrinfo* res;
680 struct addrinfo hints;
682 hints.ai_flags |= AI_NUMERICHOST;
684 int ret = getaddrinfo(hostname, NULL, NULL, &res);
688 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No addresses found for %s!\n", hostname);
694 struct addrinfo* c = res;
698 if (c->ai_family == AF_INET)
701 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Found %s as address for %s\n", inet_ntop(c->ai_family, &((struct sockaddr_in *)(c->ai_addr))->sin_addr, (char*)&buf, 256), hostname);
702 memcpy(serv->v4.ip4address, &((struct sockaddr_in *)(c->ai_addr))->sin_addr, 4);
704 else if (c->ai_family == AF_INET6)
707 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Found %s as address for %s\n", inet_ntop(c->ai_family, &((struct sockaddr_in6*)(c->ai_addr))->sin6_addr, (char*)&buf, 256), hostname);
708 memcpy(serv->v6.ip6address, &((struct sockaddr_in6 *)(c->ai_addr))->sin6_addr, 16);
719 serv->remote_port = atoi (hostport);
721 GNUNET_assert (GNUNET_OK ==
722 GNUNET_CONTAINER_multihashmap_put (udp_services,
725 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
727 GNUNET_assert (GNUNET_OK ==
728 GNUNET_CONTAINER_multihashmap_put (tcp_services,
731 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
736 proto = (proto == UDP) ? TCP : UDP;
738 while (proto != UDP);
742 * Start the helper-process
744 * If cls != NULL it is assumed that this function is called as a result of a dying
745 * helper. cls is then taken as handle to the old helper and is cleaned up.
748 start_helper_and_schedule (void *cls,
749 const struct GNUNET_SCHEDULER_TaskContext *tc)
751 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
755 cleanup_helper (cls);
765 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IFNAME", &ifname))
767 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
768 "No entry 'IFNAME' in configuration!\n");
773 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6ADDR",
776 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
777 "No entry 'IPV6ADDR' in configuration!\n");
782 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6PREFIX",
785 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
786 "No entry 'IPV6PREFIX' in configuration!\n");
791 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4ADDR",
794 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
795 "No entry 'IPV4ADDR' in configuration!\n");
800 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4MASK",
803 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
804 "No entry 'IPV4MASK' in configuration!\n");
809 * Messages get passed to the function message_token
810 * When the helper dies, this function will be called again with the
811 * helper_handle as cls.
814 start_helper (ifname, ipv6addr, ipv6prefix, ipv4addr, ipv4mask,
815 "exit-gnunet", start_helper_and_schedule, message_token,
818 GNUNET_free (ipv6addr);
819 GNUNET_free (ipv6prefix);
820 GNUNET_free (ipv4addr);
821 GNUNET_free (ipv4mask);
822 GNUNET_free (ifname);
826 prepare_ipv4_packet (size_t len, uint16_t pktlen, void *payload,
827 uint16_t protocol, void *ipaddress, void *tunnel,
828 struct redirect_state *state, struct ip_pkt *pkt4)
832 pkt4->shdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
833 pkt4->shdr.size = htons (len);
835 pkt4->tun.type = htons (0x0800);
837 memcpy (&pkt4->data, payload, pktlen);
839 pkt4->ip_hdr.version = 4;
840 pkt4->ip_hdr.hdr_lngth = 5;
841 pkt4->ip_hdr.diff_serv = 0;
842 pkt4->ip_hdr.tot_lngth = htons (20 + pktlen);
843 pkt4->ip_hdr.ident = 0;
844 pkt4->ip_hdr.flags = 0;
845 pkt4->ip_hdr.frag_off = 0;
846 pkt4->ip_hdr.ttl = 255;
847 pkt4->ip_hdr.proto = protocol;
848 pkt4->ip_hdr.chks = 0; /* Will be calculated later */
850 memcpy (&tmp, ipaddress, 4);
851 pkt4->ip_hdr.dadr = tmp;
853 /* Generate a new src-address */
857 GNUNET_assert (GNUNET_OK ==
858 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4ADDR",
860 GNUNET_assert (GNUNET_OK ==
861 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV4MASK",
863 inet_pton (AF_INET, ipv4addr, &tmp);
864 inet_pton (AF_INET, ipv4mask, &tmp2);
865 GNUNET_free (ipv4addr);
866 GNUNET_free (ipv4mask);
868 /* This should be a noop */
871 tmp |= ntohl (*((uint32_t *) tunnel)) & (~tmp2);
873 pkt4->ip_hdr.sadr = tmp;
875 memcpy (&state->redirect_info.addr, &tmp, 4);
876 if (IPPROTO_UDP == protocol)
878 struct ip_udp *pkt4_udp = (struct ip_udp *) pkt4;
880 state->redirect_info.pt = pkt4_udp->udp_hdr.spt;
882 pkt4_udp->udp_hdr.crc = 0; /* Optional for IPv4 */
884 else if (IPPROTO_TCP == protocol)
886 struct ip_tcp *pkt4_tcp = (struct ip_tcp *) pkt4;
888 state->redirect_info.pt = pkt4_tcp->tcp_hdr.spt;
890 pkt4_tcp->tcp_hdr.crc = 0;
893 tmp = pkt4->ip_hdr.sadr;
894 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
895 tmp = pkt4->ip_hdr.dadr;
896 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
898 tmp = (protocol << 16) | (0xffff & pktlen);
900 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "line: %08x, %x \n", tmp,
905 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
908 calculate_checksum_update (sum, (uint16_t *) & pkt4_tcp->tcp_hdr,
910 pkt4_tcp->tcp_hdr.crc = calculate_checksum_end (sum);
914 calculate_ip_checksum ((uint16_t *) & pkt4->ip_hdr, 5 * 4);
918 prepare_ipv6_packet (size_t len, uint16_t pktlen, void *payload,
919 uint16_t protocol, void *ipaddress, void *tunnel,
920 struct redirect_state *state, struct ip6_pkt *pkt6)
924 pkt6->shdr.type = htons (GNUNET_MESSAGE_TYPE_VPN_HELPER);
925 pkt6->shdr.size = htons (len);
928 pkt6->tun.type = htons (0x86dd);
930 memcpy (&pkt6->data, payload, pktlen);
932 pkt6->ip6_hdr.version = 6;
933 pkt6->ip6_hdr.nxthdr = protocol;
934 pkt6->ip6_hdr.paylgth = htons (pktlen);
935 pkt6->ip6_hdr.hoplmt = 64;
937 memcpy (pkt6->ip6_hdr.dadr, ipaddress, 16);
939 /* Generate a new src-address
940 * This takes as much from the address of the tunnel as fits into
943 unsigned long long ipv6prefix;
945 GNUNET_assert (GNUNET_OK ==
946 GNUNET_CONFIGURATION_get_value_string (cfg, "exit", "IPV6ADDR",
948 GNUNET_assert (GNUNET_OK ==
949 GNUNET_CONFIGURATION_get_value_number (cfg, "exit",
952 GNUNET_assert (ipv6prefix < 127);
953 ipv6prefix = (ipv6prefix + 7) / 8;
955 inet_pton (AF_INET6, ipv6addr, &pkt6->ip6_hdr.sadr);
956 GNUNET_free (ipv6addr);
958 if (ipv6prefix < (16 - sizeof (void *)))
959 ipv6prefix = 16 - sizeof (void *);
961 unsigned int offset = ipv6prefix - (16 - sizeof (void *));
963 memcpy ((((char *) &pkt6->ip6_hdr.sadr)) + ipv6prefix,
964 ((char *) &tunnel) + offset, 16 - ipv6prefix);
966 /* copy the needed information into the state */
967 memcpy (&state->redirect_info.addr, &pkt6->ip6_hdr.sadr, 16);
969 if (IPPROTO_UDP == protocol)
971 struct ip6_udp *pkt6_udp = (struct ip6_udp *) pkt6;
973 state->redirect_info.pt = pkt6_udp->udp_hdr.spt;
975 pkt6_udp->udp_hdr.crc = 0;
979 calculate_checksum_update (sum, (uint16_t *) & pkt6_udp->ip6_hdr.sadr,
982 calculate_checksum_update (sum, (uint16_t *) & pkt6_udp->ip6_hdr.dadr,
984 tmp = (htons (pktlen) & 0xffff);
985 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
986 tmp = htons (((pkt6_udp->ip6_hdr.nxthdr & 0x00ff)));
987 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
990 calculate_checksum_update (sum, (uint16_t *) & pkt6_udp->udp_hdr,
991 ntohs (pkt6_udp->udp_hdr.len));
992 pkt6_udp->udp_hdr.crc = calculate_checksum_end (sum);
994 else if (IPPROTO_TCP == protocol)
996 struct ip6_tcp *pkt6_tcp = (struct ip6_tcp *) pkt6;
998 state->redirect_info.pt = pkt6_tcp->tcp_hdr.spt;
1000 pkt6_tcp->tcp_hdr.crc = 0;
1004 calculate_checksum_update (sum, (uint16_t *) & pkt6->ip6_hdr.sadr, 16);
1006 calculate_checksum_update (sum, (uint16_t *) & pkt6->ip6_hdr.dadr, 16);
1007 tmp = htonl (pktlen);
1008 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
1009 tmp = htonl (((pkt6->ip6_hdr.nxthdr & 0x000000ff)));
1010 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
1013 calculate_checksum_update (sum, (uint16_t *) & pkt6_tcp->tcp_hdr,
1014 ntohs (pkt6->ip6_hdr.paylgth));
1015 pkt6_tcp->tcp_hdr.crc = calculate_checksum_end (sum);
1020 * The messages are one GNUNET_HashCode for the service followed by a struct tcp_pkt
1023 receive_tcp_service (void *cls
1024 __attribute__ ((unused)),
1025 struct GNUNET_MESH_Tunnel *tunnel, void **tunnel_ctx
1026 __attribute__ ((unused)),
1027 const struct GNUNET_PeerIdentity *sender
1028 __attribute__ ((unused)),
1029 const struct GNUNET_MessageHeader *message,
1030 const struct GNUNET_TRANSPORT_ATS_Information *atsi
1031 __attribute__ ((unused)))
1033 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Received TCP-Packet\n");
1034 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1035 struct tcp_pkt *pkt = (struct tcp_pkt *) (desc + 1);
1037 ntohs (message->size) - sizeof (struct GNUNET_MessageHeader) -
1038 sizeof (GNUNET_HashCode);
1040 /** Get the configuration from the services-hashmap.
1042 * Which service is needed only depends on the service-descriptor and the
1045 uint16_t *tcp_desc = alloca (sizeof (GNUNET_HashCode) + 2);
1047 memcpy (tcp_desc + 1, desc, sizeof (GNUNET_HashCode));
1048 *tcp_desc = ntohs (pkt->dpt);
1049 struct redirect_service *serv =
1050 GNUNET_CONTAINER_multihashmap_get (tcp_services,
1051 (GNUNET_HashCode *) tcp_desc);
1055 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "No service found for TCP dpt %d!\n",
1060 pkt->dpt = htons (serv->remote_port);
1063 * At this point it would be possible to check against some kind of ACL.
1069 /* Prepare the state.
1070 * This will be saved in the hashmap, so that the receiving procedure knows
1071 * through which tunnel this connection has to be routed.
1073 struct redirect_state *state = GNUNET_malloc (sizeof (struct redirect_state));
1075 state->tunnel = tunnel;
1077 state->type = SERVICE;
1078 state->hashmap = tcp_connections;
1079 memcpy (&state->desc, desc, sizeof (GNUNET_HashCode));
1082 sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1083 sizeof (struct ip6_hdr) + pkt_len;
1086 memset (buf, 0, len);
1088 switch (serv->version)
1091 prepare_ipv4_packet (len, pkt_len, pkt, IPPROTO_TCP,
1092 &serv->v4.ip4address, tunnel, state,
1093 (struct ip_pkt *) buf);
1096 prepare_ipv6_packet (len, pkt_len, pkt, IPPROTO_TCP,
1097 &serv->v6.ip6address, tunnel, state,
1098 (struct ip6_pkt *) buf);
1106 hash_redirect_info (&state->hash, &state->redirect_info,
1107 serv->version == 4 ? 4 : 16);
1110 GNUNET_CONTAINER_multihashmap_contains (tcp_connections, &state->hash))
1112 GNUNET_CONTAINER_multihashmap_put (tcp_connections, &state->hash, state,
1113 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1116 GNUNET_CONTAINER_heap_insert (tcp_connections_heap, state,
1117 GNUNET_TIME_absolute_get ().abs_value);
1119 if (GNUNET_CONTAINER_heap_get_size (tcp_connections_heap) >
1120 max_tcp_connections)
1121 GNUNET_SCHEDULER_add_now (collect_connections, tcp_connections_heap);
1124 GNUNET_free (state);
1126 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1131 receive_tcp_remote (void *cls
1132 __attribute__ ((unused)), struct GNUNET_MESH_Tunnel *tunnel,
1134 __attribute__ ((unused)),
1135 const struct GNUNET_PeerIdentity *sender
1136 __attribute__ ((unused)),
1137 const struct GNUNET_MessageHeader *message,
1138 const struct GNUNET_TRANSPORT_ATS_Information *atsi
1139 __attribute__ ((unused)))
1141 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1142 struct tcp_pkt *pkt = (struct tcp_pkt *) (desc + 1);
1143 struct remote_addr *s = (struct remote_addr *) desc;
1147 ntohs (message->size) - sizeof (struct GNUNET_MessageHeader) -
1148 sizeof (GNUNET_HashCode);
1150 struct redirect_state *state = GNUNET_malloc (sizeof (struct redirect_state));
1152 state->tunnel = tunnel;
1153 state->type = REMOTE;
1154 state->hashmap = tcp_connections;
1155 memcpy (&state->remote, s, sizeof (struct remote_addr));
1158 sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1159 sizeof (struct ip6_hdr) + pkt_len;
1162 memset (buf, 0, len);
1167 prepare_ipv4_packet (len, pkt_len, pkt, IPPROTO_TCP,
1168 &s->addr, tunnel, state, (struct ip_pkt *) buf);
1171 prepare_ipv6_packet (len, pkt_len, pkt, IPPROTO_TCP,
1172 &s->addr, tunnel, state, (struct ip6_pkt *) buf);
1175 GNUNET_free (state);
1176 return GNUNET_SYSERR;
1179 hash_redirect_info (&state->hash, &state->redirect_info, s->addrlen);
1181 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Packet from remote; hash is %x\n",
1182 *((uint32_t *) & state->hash));
1185 GNUNET_CONTAINER_multihashmap_contains (tcp_connections, &state->hash))
1187 GNUNET_CONTAINER_multihashmap_put (tcp_connections, &state->hash, state,
1188 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1191 GNUNET_CONTAINER_heap_insert (tcp_connections_heap, state,
1192 GNUNET_TIME_absolute_get ().abs_value);
1194 if (GNUNET_CONTAINER_heap_get_size (tcp_connections_heap) >
1195 max_tcp_connections)
1196 GNUNET_SCHEDULER_add_now (collect_connections, tcp_connections_heap);
1199 GNUNET_free (state);
1201 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1207 receive_udp_remote (void *cls
1208 __attribute__ ((unused)), struct GNUNET_MESH_Tunnel *tunnel,
1210 __attribute__ ((unused)),
1211 const struct GNUNET_PeerIdentity *sender
1212 __attribute__ ((unused)),
1213 const struct GNUNET_MessageHeader *message,
1214 const struct GNUNET_TRANSPORT_ATS_Information *atsi
1215 __attribute__ ((unused)))
1217 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1218 struct udp_pkt *pkt = (struct udp_pkt *) (desc + 1);
1219 struct remote_addr *s = (struct remote_addr *) desc;
1223 GNUNET_assert (ntohs (pkt->len) ==
1224 ntohs (message->size) - sizeof (struct GNUNET_MessageHeader) -
1225 sizeof (GNUNET_HashCode));
1227 /* Prepare the state.
1228 * This will be saved in the hashmap, so that the receiving procedure knows
1229 * through which tunnel this connection has to be routed.
1231 struct redirect_state *state = GNUNET_malloc (sizeof (struct redirect_state));
1233 state->tunnel = tunnel;
1234 state->hashmap = udp_connections;
1235 state->type = REMOTE;
1236 memcpy (&state->remote, s, sizeof (struct remote_addr));
1239 sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1240 sizeof (struct ip6_hdr) + ntohs (pkt->len);
1243 memset (buf, 0, len);
1248 prepare_ipv4_packet (len, ntohs (pkt->len), pkt, IPPROTO_UDP,
1249 &s->addr, tunnel, state, (struct ip_pkt *) buf);
1252 prepare_ipv6_packet (len, ntohs (pkt->len), pkt, IPPROTO_UDP,
1253 &s->addr, tunnel, state, (struct ip6_pkt *) buf);
1260 hash_redirect_info (&state->hash, &state->redirect_info, s->addrlen);
1263 GNUNET_CONTAINER_multihashmap_contains (udp_connections, &state->hash))
1265 GNUNET_CONTAINER_multihashmap_put (udp_connections, &state->hash, state,
1266 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1269 GNUNET_CONTAINER_heap_insert (udp_connections_heap, state,
1270 GNUNET_TIME_absolute_get ().abs_value);
1272 if (GNUNET_CONTAINER_heap_get_size (udp_connections_heap) >
1273 max_udp_connections)
1274 GNUNET_SCHEDULER_add_now (collect_connections, udp_connections_heap);
1277 GNUNET_free (state);
1279 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1284 * The messages are one GNUNET_HashCode for the service, followed by a struct udp_pkt
1287 receive_udp_service (void *cls
1288 __attribute__ ((unused)),
1289 struct GNUNET_MESH_Tunnel *tunnel, void **tunnel_ctx
1290 __attribute__ ((unused)),
1291 const struct GNUNET_PeerIdentity *sender
1292 __attribute__ ((unused)),
1293 const struct GNUNET_MessageHeader *message,
1294 const struct GNUNET_TRANSPORT_ATS_Information *atsi
1295 __attribute__ ((unused)))
1297 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
1298 struct udp_pkt *pkt = (struct udp_pkt *) (desc + 1);
1300 GNUNET_assert (ntohs (pkt->len) ==
1301 ntohs (message->size) - sizeof (struct GNUNET_MessageHeader) -
1302 sizeof (GNUNET_HashCode));
1304 /* Get the configuration from the hashmap */
1305 uint16_t *udp_desc = alloca (sizeof (GNUNET_HashCode) + 2);
1307 memcpy (udp_desc + 1, desc, sizeof (GNUNET_HashCode));
1308 *udp_desc = ntohs (pkt->dpt);
1309 struct redirect_service *serv =
1310 GNUNET_CONTAINER_multihashmap_get (udp_services,
1311 (GNUNET_HashCode *) udp_desc);
1315 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "No service found for UDP dpt %d!\n",
1320 pkt->dpt = htons (serv->remote_port);
1323 * At this point it would be possible to check against some kind of ACL.
1329 /* Prepare the state.
1330 * This will be saved in the hashmap, so that the receiving procedure knows
1331 * through which tunnel this connection has to be routed.
1333 struct redirect_state *state = GNUNET_malloc (sizeof (struct redirect_state));
1335 state->tunnel = tunnel;
1337 state->type = SERVICE;
1338 state->hashmap = udp_connections;
1339 memcpy (&state->desc, desc, sizeof (GNUNET_HashCode));
1342 sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
1343 sizeof (struct ip6_hdr) + ntohs (pkt->len);
1346 memset (buf, 0, len);
1348 switch (serv->version)
1351 prepare_ipv4_packet (len, ntohs (pkt->len), pkt, IPPROTO_UDP,
1352 &serv->v4.ip4address, tunnel, state,
1353 (struct ip_pkt *) buf);
1356 prepare_ipv6_packet (len, ntohs (pkt->len), pkt, IPPROTO_UDP,
1357 &serv->v6.ip6address, tunnel, state,
1358 (struct ip6_pkt *) buf);
1366 hash_redirect_info (&state->hash, &state->redirect_info,
1367 serv->version == 4 ? 4 : 16);
1370 GNUNET_CONTAINER_multihashmap_contains (udp_connections, &state->hash))
1372 GNUNET_CONTAINER_multihashmap_put (udp_connections, &state->hash, state,
1373 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
1376 GNUNET_CONTAINER_heap_insert (udp_connections_heap, state,
1377 GNUNET_TIME_absolute_get ().abs_value);
1379 if (GNUNET_CONTAINER_heap_get_size (udp_connections_heap) >
1380 max_udp_connections)
1381 GNUNET_SCHEDULER_add_now (collect_connections, udp_connections_heap);
1384 GNUNET_free (state);
1386 (void) GNUNET_DISK_file_write (helper_handle->fh_to_helper, buf, len);
1394 int handler_idx, app_idx;
1396 udp = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_UDP");
1397 tcp = GNUNET_CONFIGURATION_get_value_yesno (cfg, "exit", "ENABLE_TCP");
1399 static struct GNUNET_MESH_MessageHandler handlers[] = {
1400 {receive_udp_service, GNUNET_MESSAGE_TYPE_VPN_SERVICE_UDP, 0},
1401 {receive_tcp_service, GNUNET_MESSAGE_TYPE_VPN_SERVICE_TCP, 0},
1407 static GNUNET_MESH_ApplicationType apptypes[] = {
1408 GNUNET_APPLICATION_TYPE_END,
1409 GNUNET_APPLICATION_TYPE_END,
1410 GNUNET_APPLICATION_TYPE_END
1416 if (GNUNET_YES == udp)
1418 handlers[handler_idx].callback = receive_udp_remote;
1419 handlers[handler_idx].expected_size = 0;
1420 handlers[handler_idx].type = GNUNET_MESSAGE_TYPE_VPN_REMOTE_UDP;
1421 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_INTERNET_UDP_GATEWAY;
1426 if (GNUNET_YES == tcp)
1428 handlers[handler_idx].callback = receive_tcp_remote;
1429 handlers[handler_idx].expected_size = 0;
1430 handlers[handler_idx].type = GNUNET_MESSAGE_TYPE_VPN_REMOTE_TCP;
1431 apptypes[app_idx] = GNUNET_APPLICATION_TYPE_INTERNET_TCP_GATEWAY;
1436 mesh_handle = GNUNET_MESH_connect (cfg, NULL, NULL, handlers, apptypes);
1441 * @brief Main function that will be run by the scheduler.
1443 * @param cls closure
1444 * @param args remaining command-line arguments
1445 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
1446 * @param cfg_ configuration
1449 run (void *cls, char *const *args __attribute__ ((unused)), const char *cfgfile
1450 __attribute__ ((unused)), const struct GNUNET_CONFIGURATION_Handle *cfg_)
1456 udp_connections = GNUNET_CONTAINER_multihashmap_create (65536);
1457 udp_connections_heap =
1458 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
1459 tcp_connections = GNUNET_CONTAINER_multihashmap_create (65536);
1460 tcp_connections_heap =
1461 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
1462 udp_services = GNUNET_CONTAINER_multihashmap_create (65536);
1463 tcp_services = GNUNET_CONTAINER_multihashmap_create (65536);
1466 GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_UDP_CONNECTIONS",
1467 &max_udp_connections))
1468 max_udp_connections = 1024;
1470 GNUNET_CONFIGURATION_get_value_number (cfg, "exit", "MAX_TCP_CONNECTIONS",
1471 &max_tcp_connections))
1472 max_tcp_connections = 256;
1473 GNUNET_CONFIGURATION_iterate_sections (cfg, read_service_conf, NULL);
1474 GNUNET_SCHEDULER_add_now (start_helper_and_schedule, NULL);
1475 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
1482 * @param argc number of arguments from the command line
1483 * @param argv command line arguments
1484 * @return 0 ok, 1 on error
1487 main (int argc, char *const *argv)
1489 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
1490 GNUNET_GETOPT_OPTION_END
1493 return (GNUNET_OK ==
1494 GNUNET_PROGRAM_run (argc, argv, "gnunet-daemon-exit",
1495 gettext_noop ("Daemon to run to provide an IP exit node for the VPN"),
1496 options, &run, NULL)) ? ret : 1;
1500 /* end of gnunet-daemon-exit.c */
projects / oweals / gnunet.git / blob