2 This file is part of GNUnet.
3 (C) 2010 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file vpn/gnunet-daemon-exit.c
24 * @author Philipp Toelke
27 #include <gnunet_common.h>
28 #include <gnunet_program_lib.h>
29 #include <gnunet_protocols.h>
30 #include <gnunet_mesh_service.h>
31 #include <gnunet_constants.h>
34 #include "gnunet-vpn-packet.h"
35 #include "gnunet-helper-vpn-api.h"
36 #include "gnunet-vpn-checksum.h"
39 * The handle to the configuration used throughout the process
41 static const struct GNUNET_CONFIGURATION_Handle *cfg;
44 * The handle to the service-configuration
46 static struct GNUNET_CONFIGURATION_Handle *servicecfg;
49 * The handle to the helper
51 struct GNUNET_VPN_HELPER_Handle *helper_handle;
61 static struct GNUNET_MESH_Handle *mesh_handle;
64 * This hashmap contains the mapping from peer, service-descriptor,
65 * source-port and destination-port to a socket
67 static struct GNUNET_CONTAINER_MultiHashMap *udp_connections;
70 * This struct is saved into the services-hashmap
97 * The source-address of this connection. When a packet to this address is
98 * received, this tunnel is used to forward it. ipv4-addresses will be put
99 * here left-aligned */
102 * The source-port of this connection
108 * This struct is saved into udp_connections;
112 struct GNUNET_MESH_Tunnel *tunnel;
113 GNUNET_HashCode desc;
114 struct udp_service *serv;
117 * The source-address and -port of this connection
119 struct udp_info udp_info;
123 * This hashmap saves interesting things about the configured services
125 static struct GNUNET_CONTAINER_MultiHashMap *udp_services;
128 * Function that frees everything from a hashmap
131 free_iterate(void* cls, const GNUNET_HashCode* hash, void* value)
138 * Function scheduled as very last function, cleans up after us
141 cleanup(void* cls, const struct GNUNET_SCHEDULER_TaskContext* tskctx) {
142 GNUNET_assert (0 != (tskctx->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN));
144 GNUNET_CONTAINER_multihashmap_iterate(udp_connections,
148 if (mesh_handle != NULL)
150 GNUNET_MESH_disconnect(mesh_handle);
156 * cls is the pointer to a GNUNET_MessageHeader that is
157 * followed by the service-descriptor and the udp-packet that should be sent;
160 send_udp_to_peer_notify_callback (void *cls, size_t size, void *buf)
162 struct GNUNET_MessageHeader *hdr = cls;
163 GNUNET_assert (size >= ntohs (hdr->size));
164 memcpy (buf, hdr, ntohs (hdr->size));
165 size = ntohs(hdr->size);
171 * Receive packets from the helper-process
174 message_token (void *cls,
175 void *client, const struct GNUNET_MessageHeader *message)
177 GNUNET_assert (ntohs (message->type) == GNUNET_MESSAGE_TYPE_VPN_HELPER);
179 struct tun_pkt *pkt_tun = (struct tun_pkt *) message;
181 struct GNUNET_MessageHeader *msg;
182 struct GNUNET_MESH_Tunnel *tunnel;
187 memset(&u_i, 0, sizeof(struct udp_info));
189 unsigned int version;
191 /* ethertype is ipv6 */
192 if (ntohs (pkt_tun->tun.type) == 0x86dd)
194 struct ip6_udp *pkt6 = (struct ip6_udp*)pkt_tun;
195 if (pkt6->ip6_hdr.nxthdr != 0x11) return;
196 /* lookup in udp_connections for dpt/dadr*/
197 memcpy(&u_i.addr, pkt6->ip6_hdr.dadr, 16);
198 udp = &pkt6->udp_hdr;
201 else if (ntohs(pkt_tun->tun.type) == 0x0800)
203 struct ip_udp *pkt4 = (struct ip_udp*)pkt_tun;
204 if (pkt4->ip_hdr.proto != 0x11) return;
205 uint32_t tmp = pkt4->ip_hdr.dadr;
206 memcpy(&u_i.addr, &tmp, 4);
207 udp = &pkt4->udp_hdr;
217 /* get tunnel and service-descriptor from this*/
218 GNUNET_HashCode hash;
219 GNUNET_CRYPTO_hash(&u_i, sizeof(struct udp_info), &hash);
220 struct udp_state *state = GNUNET_CONTAINER_multihashmap_get(udp_connections, &hash);
222 tunnel = state->tunnel;
224 /* check if spt == serv.remote if yes: set spt = serv.myport*/
225 if (ntohs(udp->spt) == state->serv->remote_port)
227 udp->spt = htons(state->serv->my_port);
231 struct udp_service *serv = GNUNET_malloc(sizeof(struct udp_service));
232 memcpy(serv, state->serv, sizeof(struct udp_service));
233 serv->my_port = ntohs(udp->spt);
234 serv->remote_port = ntohs(udp->spt);
235 uint16_t *desc = alloca (sizeof (GNUNET_HashCode) + 2);
236 memcpy((GNUNET_HashCode *) (desc + 1), &state->desc, sizeof(GNUNET_HashCode));
237 *desc = ntohs(udp->spt);
238 GNUNET_HashCode hash;
239 GNUNET_CRYPTO_hash (desc, sizeof (GNUNET_HashCode) + 2, &hash);
240 GNUNET_assert (GNUNET_OK ==
241 GNUNET_CONTAINER_multihashmap_put (udp_services,
243 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
246 /* send udp-packet back */
247 len = sizeof(struct GNUNET_MessageHeader) + sizeof(GNUNET_HashCode) + ntohs(udp->len);
248 msg = GNUNET_malloc(len);
249 msg->size = htons(len);
250 msg->type = htons(GNUNET_MESSAGE_TYPE_SERVICE_UDP_BACK);
251 GNUNET_HashCode *desc = (GNUNET_HashCode*)(msg+1);
252 memcpy(desc, &state->desc, sizeof(GNUNET_HashCode));
254 memcpy(_udp, udp, ntohs(udp->len));
256 GNUNET_MESH_notify_transmit_ready (tunnel,
259 GNUNET_TIME_relative_divide(GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
261 send_udp_to_peer_notify_callback,
266 * Reads the configuration servicecfg and populates udp_services
269 read_service_conf (void *cls, const char *section, const char *option,
272 GNUNET_HashCode hash;
273 uint16_t *desc = alloca (sizeof (GNUNET_HashCode) + 2);
274 GNUNET_CRYPTO_hash (section, strlen (section) + 1,
275 (GNUNET_HashCode *) (desc + 1));
277 if (0 == strcmp ("UDP_REDIRECTS", option))
280 char *value_ = alloca (strlen (value) + 1);
281 memcpy (value_, value, strlen (value) + 1);
282 char *token = strtok_r (value_, " ", &saveptr);
283 while (NULL != token)
287 char *itoken = strtok_r (token, ":", &isaveptr);
288 GNUNET_assert (NULL != itoken);
289 int local_port = atoi (itoken);
290 GNUNET_assert ((local_port > 0) && (local_port < 65536));
293 GNUNET_CRYPTO_hash (desc, sizeof (GNUNET_HashCode) + 2, &hash);
295 struct udp_service *serv =
296 GNUNET_malloc (sizeof (struct udp_service));
297 memset (serv, 0, sizeof (struct udp_service));
298 serv->my_port = local_port;
300 itoken = strtok_r (NULL, ":", &isaveptr);
301 GNUNET_assert (NULL != itoken);
302 if (0 == strcmp ("localhost4", itoken))
307 GNUNET_assert (GNUNET_OK ==
308 GNUNET_CONFIGURATION_get_value_string (cfg,
313 inet_pton (AF_INET, ip4addr,
314 serv->v4.ip4address));
315 GNUNET_free (ip4addr);
317 else if (0 == strcmp ("localhost6", itoken))
322 GNUNET_assert (GNUNET_OK ==
323 GNUNET_CONFIGURATION_get_value_string (cfg,
328 inet_pton (AF_INET6, ip6addr,
329 serv->v6.ip6address));
330 GNUNET_free (ip6addr);
334 // Lookup, yadayadayada
338 itoken = strtok_r (NULL, ":", &isaveptr);
339 GNUNET_assert (NULL != itoken);
340 serv->remote_port = atoi (itoken);
342 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Store with key1 %x\n",
343 *((unsigned long long *) (desc + 1)));
344 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Store with key2 %x\n",
345 *((unsigned long long *) &hash));
346 GNUNET_assert (GNUNET_OK ==
347 GNUNET_CONTAINER_multihashmap_put (udp_services,
349 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
351 token = strtok_r (NULL, " ", &saveptr);
357 * Start the helper-process
359 * If cls != NULL it is assumed that this function is called as a result of a dying
360 * helper. cls is then taken as handle to the old helper and is cleaned up.
363 start_helper_and_schedule(void *cls,
364 const struct GNUNET_SCHEDULER_TaskContext *tc) {
365 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
378 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IFNAME", &ifname))
380 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IFNAME' in configuration!\n");
384 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV6ADDR", &ipv6addr))
386 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV6ADDR' in configuration!\n");
390 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV6PREFIX", &ipv6prefix))
392 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV6PREFIX' in configuration!\n");
396 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV4ADDR", &ipv4addr))
398 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV4ADDR' in configuration!\n");
402 if (GNUNET_SYSERR == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV4MASK", &ipv4mask))
404 GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "No entry 'IPV4MASK' in configuration!\n");
409 * Messages get passed to the function message_token
410 * When the helper dies, this function will be called again with the
411 * helper_handle as cls.
413 helper_handle = start_helper(ifname,
419 start_helper_and_schedule,
424 GNUNET_free(ipv6addr);
425 GNUNET_free(ipv6prefix);
426 GNUNET_free(ipv4addr);
427 GNUNET_free(ipv4mask);
432 * The messages are one GNUNET_HashCode for the service, followed by a struct udp_pkt
435 receive_udp_service (void *cls,
436 struct GNUNET_MESH_Tunnel *tunnel,
438 const struct GNUNET_MessageHeader *message,
439 const struct GNUNET_TRANSPORT_ATS_Information *atsi)
441 GNUNET_HashCode hash;
442 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
443 struct udp_pkt *pkt = (struct udp_pkt *) (desc + 1);
444 struct ip6_udp *pkt6;
447 GNUNET_assert (ntohs (pkt->len) ==
448 ntohs (message->size) -
449 sizeof (struct GNUNET_MessageHeader) -
450 sizeof (GNUNET_HashCode));
452 /* Get the configuration from the hashmap */
453 uint16_t *udp_desc = alloca(sizeof(GNUNET_HashCode)+2);
454 memcpy(udp_desc + 1, desc, sizeof(GNUNET_HashCode));
455 *udp_desc = ntohs(pkt->dpt);
456 GNUNET_CRYPTO_hash(udp_desc, sizeof(GNUNET_HashCode)+2, &hash);
457 struct udp_service *serv = GNUNET_CONTAINER_multihashmap_get(udp_services, &hash);
460 GNUNET_log(GNUNET_ERROR_TYPE_INFO, "No service found for dpt %d!\n", *udp_desc);
464 pkt->dpt = htons(serv->remote_port);
465 /* FIXME -> check acl etc */
471 /* Prepare the state.
472 * This will be saved in the hashmap, so that the receiving procedure knows
473 * through which tunnel this connection has to be routed.
475 struct udp_state *state = GNUNET_malloc (sizeof (struct udp_state));
476 memset(state, 0, sizeof(struct udp_state));
477 state->tunnel = tunnel;
479 memcpy(&state->desc, desc, sizeof(GNUNET_HashCode));
481 switch (serv->version)
484 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
485 sizeof (struct ip_hdr) + ntohs (pkt->len);
487 memset (pkt4, 0, len);
490 pkt4->shdr.type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER);
491 pkt4->shdr.size = htons(len);
493 pkt4->tun.type = htons(0x0800);
495 memcpy(&pkt4->udp_hdr, pkt, ntohs(pkt->len));
497 pkt4->ip_hdr.version = 4;
498 pkt4->ip_hdr.hdr_lngth = 5;
499 pkt4->ip_hdr.diff_serv = 0;
500 pkt4->ip_hdr.tot_lngth = htons(20 + ntohs(pkt->len));
501 pkt4->ip_hdr.ident = 0;
502 pkt4->ip_hdr.flags = 0;
503 pkt4->ip_hdr.frag_off = 0;
504 pkt4->ip_hdr.ttl = 255;
505 pkt4->ip_hdr.proto = 0x11; /* UDP */
506 pkt4->ip_hdr.chks = 0; /* Will be calculated later*/
508 memcpy(&tmp, &serv->v4.ip4address, 4);
509 pkt4->ip_hdr.dadr = tmp;
511 /* Generate a new src-address */
514 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV4ADDR", &ipv4addr));
515 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV4MASK", &ipv4mask));
516 inet_pton(AF_INET, ipv4addr, &tmp);
517 inet_pton(AF_INET, ipv4mask, &tmp2);
518 GNUNET_free(ipv4addr);
519 GNUNET_free(ipv4mask);
521 /* This should be a noop */
524 tmp |= ntohl(*((uint32_t*)tunnel)) & (~tmp2);
526 pkt4->ip_hdr.sadr = tmp;
528 memcpy(&state->udp_info.addr, &tmp, 4);
529 state->udp_info.pt = pkt4->udp_hdr.spt;
531 pkt4->udp_hdr.crc = 0; /* Optional for IPv4 */
533 pkt4->ip_hdr.chks = calculate_ip_checksum((uint16_t*)&pkt4->ip_hdr, 5*4);
537 len = sizeof (struct GNUNET_MessageHeader) + sizeof (struct pkt_tun) +
538 sizeof (struct ip6_hdr) + ntohs (pkt->len);
541 memset (pkt6, 0, len);
544 pkt6->shdr.type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER);
545 pkt6->shdr.size = htons(len);
547 pkt6->tun.type = htons(0x86dd);
549 memcpy (&pkt6->udp_hdr, pkt, ntohs (pkt->len));
551 pkt6->ip6_hdr.version = 6;
552 pkt6->ip6_hdr.nxthdr = 0x11; //UDP
553 pkt6->ip6_hdr.paylgth = pkt->len;
554 pkt6->ip6_hdr.hoplmt = 64;
556 memcpy(pkt6->ip6_hdr.dadr, &serv->v6.ip6address, 16);
558 /* Generate a new src-address
559 * This takes as much from the address of the tunnel as fits into
562 unsigned long long ipv6prefix;
563 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_string(cfg, "exit", "IPV6ADDR", &ipv6addr));
564 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_number(cfg, "exit", "IPV6PREFIX", &ipv6prefix));
565 GNUNET_assert(ipv6prefix < 127);
566 ipv6prefix = (ipv6prefix + 7)/8;
568 inet_pton (AF_INET6, ipv6addr, &pkt6->ip6_hdr.sadr);
569 GNUNET_free(ipv6addr);
571 if (ipv6prefix < (16 - sizeof(void*)))
572 ipv6prefix = 16 - sizeof(void*);
574 unsigned int offset = ipv6prefix - (16-sizeof(void*));
575 memcpy((((char*)&pkt6->ip6_hdr.sadr))+ipv6prefix, ((char*)&tunnel)+offset, 16 - ipv6prefix);
577 /* copy the needed information into the state */
578 memcpy(&state->udp_info.addr, &pkt6->ip6_hdr.sadr, 16);
579 state->udp_info.pt = pkt6->udp_hdr.spt;
581 pkt6->udp_hdr.crc = 0;
583 sum = calculate_checksum_update(sum, (uint16_t*)&pkt6->ip6_hdr.sadr, 16);
584 sum = calculate_checksum_update(sum, (uint16_t*)&pkt6->ip6_hdr.dadr, 16);
585 tmp = (pkt6->udp_hdr.len & 0xffff);
586 sum = calculate_checksum_update(sum, (uint16_t*)&tmp, 4);
587 tmp = htons(((pkt6->ip6_hdr.nxthdr & 0x00ff)));
588 sum = calculate_checksum_update(sum, (uint16_t*)&tmp, 4);
590 sum = calculate_checksum_update(sum, (uint16_t*)&pkt6->udp_hdr, ntohs(pkt6->udp_hdr.len));
591 pkt6->udp_hdr.crc = calculate_checksum_end(sum);
599 GNUNET_CRYPTO_hash (&state->udp_info, sizeof(struct udp_info), &hash);
602 GNUNET_CONTAINER_multihashmap_contains (udp_connections, &hash))
603 GNUNET_CONTAINER_multihashmap_put (udp_connections, &hash, state,
604 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
608 (void)GNUNET_DISK_file_write(helper_handle->fh_to_helper, buf, len);
613 * @brief Main function that will be run by the scheduler.
616 * @param args remaining command-line arguments
617 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
618 * @param cfg_ configuration
624 const struct GNUNET_CONFIGURATION_Handle *cfg_)
626 const static struct GNUNET_MESH_MessageHandler handlers[] = {
627 {receive_udp_service, GNUNET_MESSAGE_TYPE_SERVICE_UDP, 0},
630 mesh_handle = GNUNET_MESH_connect(cfg_,
636 udp_connections = GNUNET_CONTAINER_multihashmap_create(65536);
637 udp_services = GNUNET_CONTAINER_multihashmap_create(65536);
640 GNUNET_CONFIGURATION_get_value_filename(cfg, "dns", "SERVICES", &services);
641 servicecfg = GNUNET_CONFIGURATION_create();
642 if (GNUNET_OK == GNUNET_CONFIGURATION_parse(servicecfg, services))
644 GNUNET_log(GNUNET_ERROR_TYPE_INFO, "Parsing services %s\n", services);
645 GNUNET_CONFIGURATION_iterate(servicecfg, read_service_conf, NULL);
647 if (NULL != services)
648 GNUNET_free(services);
650 GNUNET_SCHEDULER_add_now (start_helper_and_schedule, NULL);
651 GNUNET_SCHEDULER_add_delayed(GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
655 * The main function to obtain template from gnunetd.
657 * @param argc number of arguments from the command line
658 * @param argv command line arguments
659 * @return 0 ok, 1 on error
662 main (int argc, char *const *argv) {
663 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
664 GNUNET_GETOPT_OPTION_END
668 GNUNET_PROGRAM_run (argc,
671 gettext_noop ("help text"),
672 options, &run, NULL)) ? ret : 1;
675 /* end of gnunet-daemon-exit.c */