2 This file is part of GNUnet.
3 (C) 2010 Christian Grothoff
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 * @file vpn/gnunet-daemon-vpn.c
24 * @author Philipp Toelke
27 #include "gnunet_getopt_lib.h"
28 #include "gnunet_program_lib.h"
29 #include "gnunet-vpn-packet.h"
30 #include "gnunet_common.h"
31 #include "gnunet_protocols.h"
32 #include "gnunet_applications.h"
33 #include <gnunet_mesh_service.h>
34 #include "gnunet_client_lib.h"
35 #include "gnunet_container_lib.h"
36 #include "gnunet_constants.h"
37 #include <block_dns.h>
38 #include "gnunet-daemon-vpn-helper.h"
39 #include "gnunet-daemon-vpn-dns.h"
40 #include "gnunet-daemon-vpn.h"
41 #include "gnunet-vpn-checksum.h"
43 const struct GNUNET_CONFIGURATION_Handle *cfg;
44 struct GNUNET_MESH_Handle *mesh_handle;
45 struct GNUNET_CONTAINER_MultiHashMap* hashmap;
46 static struct GNUNET_CONTAINER_Heap *heap;
48 struct tunnel_notify_queue
50 struct tunnel_notify_queue* next;
51 struct tunnel_notify_queue* prev;
57 * If there are at least this many address-mappings, old ones will be removed
59 static long long unsigned int max_mappings = 200;
67 * This hashmap contains the mapping from peer, service-descriptor,
68 * source-port and destination-port to a socket
70 static struct GNUNET_CONTAINER_MultiHashMap *udp_connections;
72 GNUNET_SCHEDULER_TaskIdentifier conn_task;
74 GNUNET_SCHEDULER_TaskIdentifier shs_task;
77 * Function scheduled as very last function, cleans up after us
81 cleanup(void* cls __attribute__((unused)), const struct GNUNET_SCHEDULER_TaskContext* tskctx) {
82 GNUNET_assert (0 != (tskctx->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN));
85 cleanup_helper(helper_handle);
87 /* close the connection to the service-dns */
88 if (dns_connection != NULL)
90 GNUNET_CLIENT_disconnect (dns_connection, GNUNET_NO);
91 dns_connection = NULL;
94 if (mesh_handle != NULL)
96 GNUNET_MESH_disconnect(mesh_handle);
99 if (GNUNET_SCHEDULER_NO_TASK != shs_task)
101 GNUNET_SCHEDULER_cancel (shs_task);
102 shs_task = GNUNET_SCHEDULER_NO_TASK;
104 if (GNUNET_SCHEDULER_NO_TASK != conn_task)
106 GNUNET_SCHEDULER_cancel (conn_task);
107 conn_task = GNUNET_SCHEDULER_NO_TASK;
113 * @return the hash of the IP-Address if a mapping exists, NULL otherwise
116 address_mapping_exists(unsigned char addr[]) {
117 GNUNET_HashCode* key = GNUNET_malloc(sizeof(GNUNET_HashCode));
118 unsigned char* k = (unsigned char*)key;
119 memset(key, 0, sizeof(GNUNET_HashCode));
121 for (i = 0; i < 16; i++)
124 if (GNUNET_YES == GNUNET_CONTAINER_multihashmap_contains(hashmap, key))
134 collect_mappings(void* cls __attribute__((unused)), const struct GNUNET_SCHEDULER_TaskContext* tc) {
135 if ( (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN) != 0)
138 struct map_entry* me = GNUNET_CONTAINER_heap_remove_root(heap);
140 /* This is free()ed memory! */
141 me->heap_node = NULL;
143 /* FIXME! GNUNET_MESH_close_tunnel(me->tunnel); */
145 GNUNET_CONTAINER_multihashmap_remove(hashmap, &me->hash, me);
151 send_icmp_response(void* cls, const struct GNUNET_SCHEDULER_TaskContext *tc) {
152 if ( (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN) != 0)
155 struct ip6_icmp* request = cls;
157 struct ip6_icmp* response = alloca(ntohs(request->shdr.size));
158 GNUNET_assert(response != NULL);
159 memset(response, 0, ntohs(request->shdr.size));
161 response->shdr.size = request->shdr.size;
162 response->shdr.type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER);
164 response->tun.flags = 0;
165 response->tun.type = htons(0x86dd);
167 response->ip6_hdr.hoplmt = 255;
168 response->ip6_hdr.paylgth = request->ip6_hdr.paylgth;
169 response->ip6_hdr.nxthdr = 0x3a;
170 response->ip6_hdr.version = 6;
171 memcpy(&response->ip6_hdr.sadr, &request->ip6_hdr.dadr, 16);
172 memcpy(&response->ip6_hdr.dadr, &request->ip6_hdr.sadr, 16);
174 response->icmp_hdr.code = 0;
175 response->icmp_hdr.type = 0x81;
177 /* Magic, more Magic! */
178 response->icmp_hdr.chks = request->icmp_hdr.chks - 0x1;
180 /* Copy the rest of the packet */
181 memcpy(response+1, request+1, ntohs(request->shdr.size) - sizeof(struct ip6_icmp));
183 write_to_helper(response, ntohs(response->shdr.size));
185 GNUNET_free(request);
189 * cls is the pointer to a GNUNET_MessageHeader that is
190 * followed by the service-descriptor and the packet that should be sent;
193 send_pkt_to_peer_notify_callback (void *cls, size_t size, void *buf)
195 struct GNUNET_MESH_Tunnel **tunnel = cls;
196 GNUNET_MESH_tunnel_set_data(*tunnel, NULL);
197 struct GNUNET_MessageHeader *hdr =
198 (struct GNUNET_MessageHeader *) (tunnel + 1);
199 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "send_pkt_to_peer_notify_callback: buf = %x; size = %u;\n", buf, size);
200 GNUNET_assert (size >= ntohs (hdr->size));
201 memcpy (buf, hdr, ntohs (hdr->size));
202 size = ntohs(hdr->size);
203 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Sent!\n");
205 if (NULL != GNUNET_MESH_tunnel_get_head(*tunnel))
207 struct tunnel_notify_queue* element = GNUNET_MESH_tunnel_get_head(*tunnel);
208 struct tunnel_notify_queue* head = GNUNET_MESH_tunnel_get_head(*tunnel);
209 struct tunnel_notify_queue* tail = GNUNET_MESH_tunnel_get_tail(*tunnel);
211 GNUNET_CONTAINER_DLL_remove(head, tail, element);
213 GNUNET_MESH_tunnel_set_head(*tunnel, head);
214 GNUNET_MESH_tunnel_set_tail(*tunnel, tail);
216 struct GNUNET_MESH_TransmitHandle* th = GNUNET_MESH_notify_transmit_ready (*tunnel,
219 GNUNET_TIME_relative_divide
220 (GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
221 (const struct GNUNET_PeerIdentity *)
223 send_pkt_to_peer_notify_callback, element->cls);
224 /* save the handle */
225 GNUNET_MESH_tunnel_set_data(*tunnel, th);
233 port_in_ports (uint64_t ports, uint16_t port)
235 uint16_t *ps = (uint16_t *) & ports;
236 return ps[0] == port || ps[1] == port || ps[2] == port || ps[3] == port;
240 send_pkt_to_peer (void *cls,
241 const struct GNUNET_PeerIdentity *peer,
242 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
244 /* peer == NULL means that all peers in this request are connected */
245 if (peer == NULL) return;
246 struct GNUNET_MESH_Tunnel **tunnel = cls;
247 struct GNUNET_MessageHeader *hdr =
248 (struct GNUNET_MessageHeader *) (tunnel + 1);
250 GNUNET_assert(NULL != tunnel);
251 GNUNET_assert(NULL != *tunnel);
253 if (NULL == GNUNET_MESH_tunnel_get_data(*tunnel))
255 struct GNUNET_MESH_TransmitHandle* th = GNUNET_MESH_notify_transmit_ready (*tunnel,
258 GNUNET_TIME_relative_divide(GNUNET_CONSTANTS_MAX_CORK_DELAY, 2),
259 (const struct GNUNET_PeerIdentity *)NULL,
261 send_pkt_to_peer_notify_callback,
263 GNUNET_MESH_tunnel_set_data(*tunnel, th);
267 struct tunnel_notify_queue* head = GNUNET_MESH_tunnel_get_head(*tunnel);
268 struct tunnel_notify_queue* tail = GNUNET_MESH_tunnel_get_tail(*tunnel);
269 struct tunnel_notify_queue* element = GNUNET_malloc(sizeof *element);
272 element->len = ntohs(hdr->size);
274 GNUNET_CONTAINER_DLL_insert_tail(head, tail, element);
276 GNUNET_MESH_tunnel_set_head(*tunnel, head);
277 GNUNET_MESH_tunnel_set_tail(*tunnel, tail);
282 * Create a new Address from an answer-packet
285 new_ip6addr(unsigned char* buf, const GNUNET_HashCode *peer, const GNUNET_HashCode *service_desc) { /* {{{ */
287 unsigned long long ipv6prefix;
288 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_string(cfg, "vpn", "IPV6ADDR", &ipv6addr));
289 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_number(cfg, "vpn", "IPV6PREFIX", &ipv6prefix));
290 GNUNET_assert(ipv6prefix < 127);
291 ipv6prefix = (ipv6prefix + 7)/8;
293 inet_pton (AF_INET6, ipv6addr, buf);
294 GNUNET_free(ipv6addr);
296 int peer_length = 16 - ipv6prefix - 6;
297 if (peer_length <= 0)
300 int service_length = 16 - ipv6prefix - peer_length;
301 if (service_length <= 0)
304 memcpy(buf+ipv6prefix, service_desc, service_length);
305 memcpy(buf+ipv6prefix+service_length, peer, peer_length);
311 * Create a new Address from an answer-packet
314 new_ip6addr_remote (unsigned char *buf, unsigned char *addr, char addrlen)
317 unsigned long long ipv6prefix;
318 GNUNET_assert (GNUNET_OK ==
319 GNUNET_CONFIGURATION_get_value_string (cfg, "vpn",
322 GNUNET_assert (GNUNET_OK ==
323 GNUNET_CONFIGURATION_get_value_number (cfg, "vpn",
326 GNUNET_assert (ipv6prefix < 127);
327 ipv6prefix = (ipv6prefix + 7) / 8;
329 inet_pton (AF_INET6, ipv6addr, buf);
330 GNUNET_free (ipv6addr);
332 int local_length = 16 - ipv6prefix;
334 memcpy (buf + ipv6prefix, addr, GNUNET_MIN (addrlen, local_length));
339 * Create a new Address from an answer-packet
342 new_ip4addr_remote (unsigned char *buf, unsigned char *addr, char addrlen)
346 GNUNET_assert (GNUNET_OK ==
347 GNUNET_CONFIGURATION_get_value_string (cfg, "vpn",
350 GNUNET_assert (GNUNET_OK ==
351 GNUNET_CONFIGURATION_get_value_string (cfg, "vpn",
355 inet_pton (AF_INET, ipv4addr, buf);
356 int r = inet_pton (AF_INET, ipv4mask, &mask);
358 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "inet_pton: %d; %m; mask: %08x\n", r, mask);
360 GNUNET_free (ipv4addr);
366 mask = (mask ^ (mask - 1)) >> 1;
367 for (c = 0; mask; c++)
374 c = CHAR_BIT * sizeof(mask);
378 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "The mask %s has %d leading 1s.\n", ipv4mask, c);
380 GNUNET_free (ipv4mask);
387 memcpy (buf + c, addr, GNUNET_MIN (addrlen, c));
392 * This gets scheduled with cls pointing to an answer_packet and does everything
393 * needed in order to send it to the helper.
395 * At the moment this means "inventing" and IPv6-Address for .gnunet-services and
396 * doing nothing for "real" services.
399 process_answer(void* cls, const struct GNUNET_SCHEDULER_TaskContext* tc) {
400 if ( (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN) != 0)
403 struct answer_packet* pkt = cls;
404 struct answer_packet_list* list;
406 /* This answer is about a .gnunet-service
408 * It contains an almost complete DNS-Response, we have to fill in the ip
409 * at the offset pkt->addroffset
411 if (pkt->subtype == GNUNET_DNS_ANSWER_TYPE_SERVICE)
413 pkt->subtype = GNUNET_DNS_ANSWER_TYPE_IP;
416 memset(&key, 0, sizeof(GNUNET_HashCode));
418 unsigned char* c = ((unsigned char*)pkt)+ntohs(pkt->addroffset);
419 unsigned char* k = (unsigned char*)&key;
420 new_ip6addr(c, &pkt->service_descr.peer, &pkt->service_descr.service_descriptor);
422 * Copy the newly generated ip-address to the key backwarts (as only the first part is hashed)
425 for (i = 0; i < 16; i++)
428 uint16_t namelen = strlen((char*)pkt->data+12)+1;
430 struct map_entry* value = GNUNET_malloc(sizeof(struct map_entry) + namelen);
431 char* name = (char*)(value +1);
433 value->namelen = namelen;
434 memcpy(name, pkt->data+12, namelen);
436 memcpy(&value->desc, &pkt->service_descr, sizeof(struct GNUNET_vpn_service_descriptor));
438 memset(value->additional_ports, 0, 8192);
440 memcpy(&value->hash, &key, sizeof(GNUNET_HashCode));
443 GNUNET_CONTAINER_multihashmap_contains (hashmap, &key))
445 GNUNET_CONTAINER_multihashmap_put (hashmap, &key, value,
446 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
448 value->heap_node = GNUNET_CONTAINER_heap_insert (heap, value,
449 GNUNET_TIME_absolute_get ().abs_value);
450 if (GNUNET_CONTAINER_heap_get_size(heap) > max_mappings)
451 GNUNET_SCHEDULER_add_now(collect_mappings, NULL);
457 list = GNUNET_malloc(htons(pkt->hdr.size) + 2*sizeof(struct answer_packet_list*));
459 memcpy(&list->pkt, pkt, htons(pkt->hdr.size));
462 else if (pkt->subtype == GNUNET_DNS_ANSWER_TYPE_REV)
465 memset(&key, 0, sizeof key);
466 unsigned char* k = (unsigned char*)&key;
467 unsigned char* s = pkt->data+12;
469 /* Whoever designed the reverse IPv6-lookup is batshit insane */
470 for (i = 0; i < 16; i++)
472 unsigned char c1 = s[(4*i)+1];
473 unsigned char c2 = s[(4*i)+3];
477 k[i] = c1 - 87; /* 87 is the difference between 'a' and 10 */
479 k[i] += 16*(c2 - '0');
481 k[i] += 16*(c2 - 87);
484 struct map_entry* map_entry = GNUNET_CONTAINER_multihashmap_get(hashmap, &key);
485 uint16_t offset = ntohs(pkt->addroffset);
487 if (map_entry == NULL)
493 GNUNET_CONTAINER_heap_update_cost (heap, map_entry->heap_node,
494 GNUNET_TIME_absolute_get ().abs_value);
497 unsigned short namelen = htons(map_entry->namelen);
498 char* name = (char*)(map_entry + 1);
500 list = GNUNET_malloc(2*sizeof(struct answer_packet_list*) + offset + 2 + ntohs(namelen));
502 struct answer_packet* rpkt = &list->pkt;
504 /* The offset points to the first byte belonging to the address */
505 memcpy(rpkt, pkt, offset - 1);
507 rpkt->subtype = GNUNET_DNS_ANSWER_TYPE_IP;
508 rpkt->hdr.size = ntohs(offset + 2 + ntohs(namelen));
510 memcpy(((char*)rpkt)+offset, &namelen, 2);
511 memcpy(((char*)rpkt)+offset+2, name, ntohs(namelen));
514 else if (pkt->subtype == GNUNET_DNS_ANSWER_TYPE_IP)
516 list = GNUNET_malloc(htons(pkt->hdr.size) + 2*sizeof(struct answer_packet_list*));
517 memcpy(&list->pkt, pkt, htons(pkt->hdr.size));
519 else if (pkt->subtype == GNUNET_DNS_ANSWER_TYPE_REMOTE_AAAA)
521 pkt->subtype = GNUNET_DNS_ANSWER_TYPE_IP;
524 memset(&key, 0, sizeof(GNUNET_HashCode));
526 unsigned char* c = ((unsigned char*)pkt)+ntohs(pkt->addroffset);
527 new_ip6addr_remote(c, pkt->addr, pkt->addrsize);
528 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "New mapping to %02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x:%02x%02x\n",
545 unsigned char* k = (unsigned char*)&key;
547 * Copy the newly generated ip-address to the key backwards (as only the first part is used in the hash-table)
550 for (i = 0; i < 16; i++)
553 uint16_t namelen = strlen((char*)pkt->data+12)+1;
555 struct map_entry* value = GNUNET_malloc(sizeof(struct map_entry) + namelen);
556 char* name = (char*)(value +1);
558 value->namelen = namelen;
559 memcpy(name, pkt->data+12, namelen);
561 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Setting addrlen to %d\n", pkt->addrsize);
562 value->addrlen = pkt->addrsize;
563 memcpy(&value->addr, &pkt->addr, pkt->addrsize);
564 memset(value->additional_ports, 0, 8192);
566 memcpy(&value->hash, &key, sizeof(GNUNET_HashCode));
569 GNUNET_CONTAINER_multihashmap_contains (hashmap, &key))
571 GNUNET_CONTAINER_multihashmap_put (hashmap, &key, value,
572 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
573 value->heap_node = GNUNET_CONTAINER_heap_insert (heap, value,
574 GNUNET_TIME_absolute_get ().abs_value);
575 if (GNUNET_CONTAINER_heap_get_size(heap) > max_mappings)
576 GNUNET_SCHEDULER_add_now(collect_mappings, NULL);
581 list = GNUNET_malloc(htons(pkt->hdr.size) + 2*sizeof(struct answer_packet_list*));
583 memcpy(&list->pkt, pkt, htons(pkt->hdr.size));
585 else if (pkt->subtype == GNUNET_DNS_ANSWER_TYPE_REMOTE_A)
587 pkt->subtype = GNUNET_DNS_ANSWER_TYPE_IP;
590 memset(&key, 0, sizeof(GNUNET_HashCode));
592 unsigned char* c = ((unsigned char*)pkt)+ntohs(pkt->addroffset);
593 new_ip4addr_remote(c, pkt->addr, pkt->addrsize);
594 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "New mapping to %d.%d.%d.%d\n",
599 unsigned char* k = (unsigned char*)&key;
601 * Copy the newly generated ip-address to the key backwards (as only the first part is used in the hash-table)
604 for (i = 0; i < 4; i++)
607 uint16_t namelen = strlen((char*)pkt->data+12)+1;
609 struct map_entry* value = GNUNET_malloc(sizeof(struct map_entry) + namelen);
610 char* name = (char*)(value +1);
612 value->namelen = namelen;
613 memcpy(name, pkt->data+12, namelen);
615 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Setting addrlen to %d\n", pkt->addrsize);
616 value->addrlen = pkt->addrsize;
617 memcpy(&value->addr, &pkt->addr, pkt->addrsize);
618 memset(value->additional_ports, 0, 8192);
620 memcpy(&value->hash, &key, sizeof(GNUNET_HashCode));
623 GNUNET_CONTAINER_multihashmap_contains (hashmap, &key))
625 GNUNET_CONTAINER_multihashmap_put (hashmap, &key, value,
626 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY);
627 value->heap_node = GNUNET_CONTAINER_heap_insert (heap, value,
628 GNUNET_TIME_absolute_get ().abs_value);
629 if (GNUNET_CONTAINER_heap_get_size(heap) > max_mappings)
630 GNUNET_SCHEDULER_add_now(collect_mappings, NULL);
635 list = GNUNET_malloc(htons(pkt->hdr.size) + 2*sizeof(struct answer_packet_list*));
637 memcpy(&list->pkt, pkt, htons(pkt->hdr.size));
648 GNUNET_CONTAINER_DLL_insert_after(answer_proc_head, answer_proc_tail, answer_proc_tail, list);
650 schedule_helper_write(GNUNET_TIME_UNIT_FOREVER_REL, NULL);
656 * Sets a bit active in a bitArray.
658 * @param bitArray memory area to set the bit in
659 * @param bitIdx which bit to set
662 setBit (char *bitArray, unsigned int bitIdx)
665 unsigned int targetBit;
667 arraySlot = bitIdx / 8;
668 targetBit = (1L << (bitIdx % 8));
669 bitArray[arraySlot] |= targetBit;
673 * Clears a bit from bitArray.
675 * @param bitArray memory area to set the bit in
676 * @param bitIdx which bit to unset
679 clearBit (char *bitArray, unsigned int bitIdx)
682 unsigned int targetBit;
685 targetBit = (1L << (bitIdx % 8));
686 bitArray[slot] = bitArray[slot] & (~targetBit);
690 * Checks if a bit is active in the bitArray
692 * @param bitArray memory area to set the bit in
693 * @param bitIdx which bit to test
694 * @return GNUNET_YES if the bit is set, GNUNET_NO if not.
697 testBit (char *bitArray, unsigned int bitIdx)
700 unsigned int targetBit;
703 targetBit = (1L << (bitIdx % 8));
704 if (bitArray[slot] & targetBit)
711 * @brief Add the port to the list of additional ports in the map_entry
713 * @param me the map_entry
714 * @param port the port in host-byte-order
717 add_additional_port (struct map_entry *me, uint16_t port)
719 setBit(me->additional_ports, port);
723 receive_udp_back (void *cls __attribute__((unused)), struct GNUNET_MESH_Tunnel* tunnel,
724 void **tunnel_ctx __attribute__((unused)),
725 const struct GNUNET_PeerIdentity *sender __attribute__((unused)),
726 const struct GNUNET_MessageHeader *message,
727 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
729 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
730 struct remote_addr* s = (struct remote_addr*)desc;
731 struct udp_pkt *pkt = (struct udp_pkt *) (desc + 1);
732 const struct GNUNET_PeerIdentity* other = GNUNET_MESH_get_peer(tunnel);
734 size_t size = sizeof(struct ip6_udp) + ntohs(pkt->len) - 1 - sizeof(struct udp_pkt);
736 struct ip6_udp* pkt6 = alloca(size);
738 GNUNET_assert(pkt6 != NULL);
740 if (ntohs(message->type) == GNUNET_MESSAGE_TYPE_SERVICE_UDP_BACK)
741 new_ip6addr(pkt6->ip6_hdr.sadr, &other->hashPubKey, desc);
743 new_ip6addr_remote(pkt6->ip6_hdr.sadr, s->addr, s->addrlen);
745 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Relaying calc:%d gnu:%d udp:%d bytes!\n", size, ntohs(message->size), ntohs(pkt->len));
747 pkt6->shdr.type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER);
748 pkt6->shdr.size = htons(size);
751 pkt6->tun.type = htons(0x86dd);
753 pkt6->ip6_hdr.version = 6;
754 pkt6->ip6_hdr.tclass_h = 0;
755 pkt6->ip6_hdr.tclass_l = 0;
756 pkt6->ip6_hdr.flowlbl = 0;
757 pkt6->ip6_hdr.paylgth = pkt->len;
758 pkt6->ip6_hdr.nxthdr = 0x11;
759 pkt6->ip6_hdr.hoplmt = 0xff;
763 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_string(cfg, "vpn", "IPV6ADDR", &ipv6addr));
764 inet_pton (AF_INET6, ipv6addr, pkt6->ip6_hdr.dadr);
765 GNUNET_free(ipv6addr);
767 memcpy(&pkt6->udp_hdr, pkt, ntohs(pkt->len));
769 GNUNET_HashCode* key = address_mapping_exists(pkt6->ip6_hdr.sadr);
770 GNUNET_assert (key != NULL);
772 struct map_entry *me = GNUNET_CONTAINER_multihashmap_get(hashmap, key);
773 GNUNET_CONTAINER_heap_update_cost (heap, me->heap_node,
774 GNUNET_TIME_absolute_get ().abs_value);
778 GNUNET_assert (me != NULL);
779 if (ntohs(message->type) == GNUNET_MESSAGE_TYPE_SERVICE_UDP_BACK)
781 GNUNET_assert (me->desc.service_type & htonl(GNUNET_DNS_SERVICE_TYPE_UDP));
782 if (!port_in_ports(me->desc.ports, pkt6->udp_hdr.spt) &&
783 !testBit(me->additional_ports, ntohs(pkt6->udp_hdr.spt))) {
784 add_additional_port(me, ntohs(pkt6->udp_hdr.spt));
788 pkt6->udp_hdr.crc = 0;
790 sum = calculate_checksum_update(sum, (uint16_t*)&pkt6->ip6_hdr.sadr, 16);
791 sum = calculate_checksum_update(sum, (uint16_t*)&pkt6->ip6_hdr.dadr, 16);
792 uint32_t tmp = (pkt6->udp_hdr.len & 0xffff);
793 sum = calculate_checksum_update(sum, (uint16_t*)&tmp, 4);
794 tmp = htons(((pkt6->ip6_hdr.nxthdr & 0x00ff)));
795 sum = calculate_checksum_update(sum, (uint16_t*)&tmp, 4);
797 sum = calculate_checksum_update(sum, (uint16_t*)&pkt6->udp_hdr, ntohs(pkt->len));
798 pkt6->udp_hdr.crc = calculate_checksum_end(sum);
800 write_to_helper(pkt6, size);
806 receive_tcp_back (void *cls __attribute__((unused)), struct GNUNET_MESH_Tunnel* tunnel,
807 void **tunnel_ctx __attribute__((unused)),
808 const struct GNUNET_PeerIdentity *sender __attribute__((unused)),
809 const struct GNUNET_MessageHeader *message,
810 const struct GNUNET_TRANSPORT_ATS_Information *atsi __attribute__((unused)))
812 GNUNET_HashCode *desc = (GNUNET_HashCode *) (message + 1);
813 struct remote_addr* s = (struct remote_addr*)desc;
814 struct tcp_pkt *pkt = (struct tcp_pkt *) (desc + 1);
815 const struct GNUNET_PeerIdentity* other = GNUNET_MESH_get_peer(tunnel);
817 size_t pktlen = ntohs(message->size) - sizeof(struct GNUNET_MessageHeader) - sizeof(GNUNET_HashCode);
818 size_t size = pktlen + sizeof(struct ip6_tcp) - 1;
820 struct ip6_tcp* pkt6 = alloca(size);
821 memset(pkt6, 0, size);
823 GNUNET_assert(pkt6 != NULL);
825 if (ntohs(message->type) == GNUNET_MESSAGE_TYPE_SERVICE_TCP_BACK)
826 new_ip6addr(pkt6->ip6_hdr.sadr, &other->hashPubKey, desc);
828 new_ip6addr_remote(pkt6->ip6_hdr.sadr, s->addr, s->addrlen);
830 pkt6->shdr.type = htons(GNUNET_MESSAGE_TYPE_VPN_HELPER);
831 pkt6->shdr.size = htons(size);
834 pkt6->tun.type = htons(0x86dd);
836 pkt6->ip6_hdr.version = 6;
837 pkt6->ip6_hdr.tclass_h = 0;
838 pkt6->ip6_hdr.tclass_l = 0;
839 pkt6->ip6_hdr.flowlbl = 0;
840 pkt6->ip6_hdr.paylgth = htons(pktlen);
841 pkt6->ip6_hdr.nxthdr = 0x06;
842 pkt6->ip6_hdr.hoplmt = 0xff;
846 GNUNET_assert(GNUNET_OK == GNUNET_CONFIGURATION_get_value_string(cfg, "vpn", "IPV6ADDR", &ipv6addr));
847 inet_pton (AF_INET6, ipv6addr, pkt6->ip6_hdr.dadr);
848 GNUNET_free(ipv6addr);
850 memcpy(&pkt6->tcp_hdr, pkt, pktlen);
852 GNUNET_HashCode* key = address_mapping_exists(pkt6->ip6_hdr.sadr);
853 GNUNET_assert (key != NULL);
855 struct map_entry *me = GNUNET_CONTAINER_multihashmap_get(hashmap, key);
856 GNUNET_CONTAINER_heap_update_cost (heap, me->heap_node,
857 GNUNET_TIME_absolute_get ().abs_value);
861 GNUNET_assert (me != NULL);
862 if (ntohs(message->type) == GNUNET_MESSAGE_TYPE_SERVICE_UDP_BACK)
863 GNUNET_assert (me->desc.service_type & htonl(GNUNET_DNS_SERVICE_TYPE_TCP));
865 pkt6->tcp_hdr.crc = 0;
869 calculate_checksum_update (sum, (uint16_t *) & pkt6->ip6_hdr.sadr, 16);
871 calculate_checksum_update (sum, (uint16_t *) & pkt6->ip6_hdr.dadr, 16);
873 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
874 tmp = htonl (((pkt6->ip6_hdr.nxthdr & 0x000000ff)));
875 sum = calculate_checksum_update (sum, (uint16_t *) & tmp, 4);
878 calculate_checksum_update (sum, (uint16_t *) & pkt6->tcp_hdr,
879 ntohs (pkt6->ip6_hdr.paylgth));
880 pkt6->tcp_hdr.crc = calculate_checksum_end (sum);
882 write_to_helper(pkt6, size);
888 * Main function that will be run by the scheduler.
891 * @param args remaining command-line arguments
892 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
893 * @param cfg_ configuration
897 char *const *args __attribute__((unused)),
898 const char *cfgfilep __attribute__((unused)),
899 const struct GNUNET_CONFIGURATION_Handle *cfg_)
901 static const struct GNUNET_MESH_MessageHandler handlers[] = {
902 {receive_udp_back, GNUNET_MESSAGE_TYPE_SERVICE_UDP_BACK, 0},
903 {receive_tcp_back, GNUNET_MESSAGE_TYPE_SERVICE_TCP_BACK, 0},
904 {receive_udp_back, GNUNET_MESSAGE_TYPE_REMOTE_UDP_BACK, 0},
905 {receive_tcp_back, GNUNET_MESSAGE_TYPE_REMOTE_TCP_BACK, 0},
909 static const GNUNET_MESH_ApplicationType types[] = {
910 GNUNET_APPLICATION_TYPE_END
913 mesh_handle = GNUNET_MESH_connect(cfg_,
920 hashmap = GNUNET_CONTAINER_multihashmap_create(65536);
921 heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
922 GNUNET_CONFIGURATION_get_value_number (cfg, "vpn", "MAX_MAPPINGg",
924 udp_connections = GNUNET_CONTAINER_multihashmap_create(65536);
925 conn_task = GNUNET_SCHEDULER_add_now (connect_to_service_dns, NULL);
926 shs_task = GNUNET_SCHEDULER_add_after (conn_task, start_helper_and_schedule, NULL);
927 GNUNET_SCHEDULER_add_delayed(GNUNET_TIME_UNIT_FOREVER_REL, &cleanup, cls);
931 * The main function to obtain template from gnunetd.
933 * @param argc number of arguments from the command line
934 * @param argv command line arguments
935 * @return 0 ok, 1 on error
938 main (int argc, char *const *argv) {
939 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
940 GNUNET_GETOPT_OPTION_END
944 GNUNET_PROGRAM_run (argc,
947 gettext_noop ("help text"),
948 options, &run, NULL)) ? ret : 1;
951 /* end of gnunet-daemon-vpn.c */