/*
This file is part of GNUnet.
- Copyright (C) 2016 GNUnet e.V.
+ Copyright (C) 2016, 2017 GNUnet e.V.
- GNUnet is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published
- by the Free Software Foundation; either version 3, or (at your
- option) any later version.
+ GNUnet is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Affero General Public License as published
+ by the Free Software Foundation, either version 3 of the License,
+ or (at your option) any later version.
GNUnet is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+ Affero General Public License for more details.
+
+ You should have received a copy of the GNU Affero General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
- You should have received a copy of the GNU General Public License
- along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
- Boston, MA 02110-1301, USA.
+ SPDX-License-Identifier: AGPL3.0-or-later
*/
/**
* @brief network address translation traversal service
* @author Christian Grothoff
*
- * The purpose of this service is to enable transports to
+ * The purpose of this service is to enable transports to
* traverse NAT routers, by providing traversal options and
* knowledge about the local network topology.
*
* TODO:
- * - implement UPnPC/PMP-based NAT traversal
- * - implement autoconfig
- * - implement NEW logic for external IP detection
+ * - migrate test cases to new NAT service
+ * - add new traceroute-based logic for external IP detection
+ *
+ * - implement & test STUN processing to classify NAT;
+ * basically, open port & try different methods.
*/
#include "platform.h"
#include <math.h>
#include "gnunet_protocols.h"
#include "gnunet_signatures.h"
#include "gnunet_statistics_service.h"
+#include "gnunet_resolver_service.h"
#include "gnunet_nat_service.h"
+#include "gnunet-service-nat.h"
+#include "gnunet-service-nat_externalip.h"
#include "gnunet-service-nat_stun.h"
+#include "gnunet-service-nat_mini.h"
#include "gnunet-service-nat_helper.h"
#include "nat.h"
#include <gcrypt.h>
*/
#define SCAN_FREQ GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 15)
+/**
+ * How long do we wait until we forcefully terminate autoconfiguration?
+ */
+#define AUTOCONFIG_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
+
+/**
+ * How often do we scan for changes in how our external (dyndns) hostname resolves?
+ */
+#define DYNDNS_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 7)
+
+
+/**
+ * Information we track per client address.
+ */
+struct ClientAddress
+{
+ /**
+ * Network address used by the client.
+ */
+ struct sockaddr_storage ss;
+
+ /**
+ * Handle to active UPnP request where we asked upnpc to open
+ * a port at the NAT. NULL if we do not have such a request
+ * pending.
+ */
+ struct GNUNET_NAT_MiniHandle *mh;
+
+};
+
+
+/**
+ * List of local addresses this system has.
+ */
+struct LocalAddressList
+{
+ /**
+ * This is a linked list.
+ */
+ struct LocalAddressList *next;
+
+ /**
+ * Previous entry.
+ */
+ struct LocalAddressList *prev;
+
+ /**
+ * Context for a gnunet-helper-nat-server used to listen
+ * for ICMP messages to this client for connection reversal.
+ */
+ struct HelperContext *hc;
+
+ /**
+ * The address itself (i.e. `struct sockaddr_in` or `struct
+ * sockaddr_in6`, in the respective byte order).
+ */
+ struct sockaddr_storage addr;
+
+ /**
+ * Address family. (FIXME: redundant, addr.ss_family! Remove!?)
+ */
+ int af;
+
+ /**
+ * #GNUNET_YES if we saw this one in the previous iteration,
+ * but not in the current iteration and thus might need to
+ * remove it at the end.
+ */
+ int old;
+
+ /**
+ * What type of address is this?
+ */
+ enum GNUNET_NAT_AddressClass ac;
+
+};
+
/**
* Internal data structure we track for each of our clients.
* Kept in a DLL.
*/
struct ClientHandle *next;
-
+
/**
* Kept in a DLL.
*/
/**
* Underlying handle for this client with the service.
- */
+ */
struct GNUNET_SERVICE_Client *client;
/**
/**
* Array of addresses used by the service.
*/
- struct sockaddr **addrs;
-
+ struct ClientAddress *caddrs;
+
/**
- * What does this client care about?
+ * External DNS name and port given by user due to manual
+ * hole punching. Special DNS name 'AUTO' is used to indicate
+ * desire for automatic determination of the external IP
+ * (instead of DNS or manual configuration, i.e. to be used
+ * if the IP keeps changing and we have no DynDNS, but we do
+ * have a hole punched).
*/
- enum GNUNET_NAT_RegisterFlags flags;
+ char *hole_external;
/**
- * Is any of the @e addrs in a reserved subnet for NAT?
+ * Name of the configuration section this client cares about.
*/
- int natted_address;
-
+ char *section_name;
+
/**
- * Port we would like as we are configured to use this one for
- * advertising (in addition to the one we are binding to).
+ * Task for periodically re-running the @e ext_dns DNS lookup.
*/
- uint16_t adv_port;
+ struct GNUNET_SCHEDULER_Task *ext_dns_task;
/**
- * Number of addresses that this service is bound to.
+ * Handle for (DYN)DNS lookup of our external IP as given in
+ * @e hole_external.
*/
- uint16_t num_addrs;
-
+ struct GNUNET_RESOLVER_RequestHandle *ext_dns;
+
/**
- * Client's IPPROTO, e.g. IPPROTO_UDP or IPPROTO_TCP.
+ * Handle for monitoring external IP changes.
*/
- uint8_t proto;
+ struct GN_ExternalIPMonitor *external_monitor;
-};
+ /**
+ * DLL of external IP addresses as given in @e hole_external.
+ */
+ struct LocalAddressList *ext_addr_head;
+ /**
+ * DLL of external IP addresses as given in @e hole_external.
+ */
+ struct LocalAddressList *ext_addr_tail;
-/**
- * List of local addresses this system has.
- */
-struct LocalAddressList
-{
/**
- * This is a linked list.
+ * Port number we found in @e hole_external.
*/
- struct LocalAddressList *next;
+ uint16_t ext_dns_port;
/**
- * Previous entry.
+ * What does this client care about?
*/
- struct LocalAddressList *prev;
+ enum GNUNET_NAT_RegisterFlags flags;
/**
- * The address itself (i.e. `struct sockaddr_in` or `struct
- * sockaddr_in6`, in the respective byte order).
+ * Is any of the @e caddrs in a reserved subnet for NAT?
*/
- struct sockaddr_storage addr;
+ int natted_address;
/**
- * Address family.
+ * Number of addresses that this service is bound to.
+ * Length of the @e caddrs array.
*/
- int af;
+ uint16_t num_caddrs;
/**
- * What type of address is this?
+ * Client's IPPROTO, e.g. IPPROTO_UDP or IPPROTO_TCP.
*/
- enum GNUNET_NAT_AddressClass ac;
-
+ uint8_t proto;
+
};
{
/**
* Kept in a DLL.
- */
+ */
struct StunExternalIP *next;
/**
* Kept in a DLL.
- */
+ */
struct StunExternalIP *prev;
/**
struct GNUNET_SCHEDULER_Task *timeout_task;
/**
- * Our external IP address as reported by the
+ * Our external IP address as reported by the
* STUN server.
*/
struct sockaddr_in external_addr;
/**
- * Address of the reporting STUN server. Used to
+ * Address of the reporting STUN server. Used to
* detect when a STUN server changes its opinion
* to more quickly remove stale results.
*/
*/
static struct GNUNET_TIME_Relative stun_stale_timeout;
+/**
+ * How often do we scan for changes in how our external (dyndns) hostname resolves?
+ */
+static struct GNUNET_TIME_Relative dyndns_frequency;
+
/**
* Handle to our current configuration.
*/
* Head of client DLL.
*/
static struct ClientHandle *ch_head;
-
+
/**
* Tail of client DLL.
*/
/**
* Kept in a DLL.
- */
+ */
static struct StunExternalIP *se_head;
/**
* Kept in a DLL.
- */
+ */
static struct StunExternalIP *se_tail;
+/**
+ * Is UPnP enabled? #GNUNET_YES if enabled, #GNUNET_NO if disabled,
+ * #GNUNET_SYSERR if configuration enabled but binary is unavailable.
+ */
+int enable_upnp;
+
+
+/**
+ * Remove and free an entry from the #lal_head DLL.
+ *
+ * @param lal entry to free
+ */
+static void
+free_lal (struct LocalAddressList *lal)
+{
+ GNUNET_CONTAINER_DLL_remove (lal_head,
+ lal_tail,
+ lal);
+ if (NULL != lal->hc)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_MESSAGE,
+ "Lost NATed local address %s, stopping NAT server\n",
+ GNUNET_a2s ((const struct sockaddr *) &lal->addr,
+ sizeof (struct sockaddr_in)));
+
+ GN_stop_gnunet_nat_server_ (lal->hc);
+ lal->hc = NULL;
+ }
+ GNUNET_free (lal);
+}
+
/**
* Free the DLL starting at #lal_head.
- */
+ */
static void
destroy_lal ()
{
struct LocalAddressList *lal;
while (NULL != (lal = lal_head))
- {
- GNUNET_CONTAINER_DLL_remove (lal_head,
- lal_tail,
- lal);
- GNUNET_free (lal);
- }
+ free_lal (lal);
}
#endif
default:
GNUNET_break (0);
- return GNUNET_SYSERR;
+ return GNUNET_SYSERR;
}
if (alen > left)
{
GNUNET_break (0);
- return GNUNET_SYSERR;
+ return GNUNET_SYSERR;
}
- }
- return GNUNET_OK;
+ off += alen;
+ left -= alen;
+ }
+ if (left != ntohs (message->str_len))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ return GNUNET_OK;
}
uint8_t bits)
{
struct in_addr net;
-
+
+ if (0 == ip->s_addr)
+ return GNUNET_YES;
if (0 == bits)
return GNUNET_YES;
GNUNET_assert (1 == inet_pton (AF_INET,
struct in6_addr net;
struct in6_addr mask;
unsigned int off;
-
+
if (0 == bits)
return GNUNET_YES;
GNUNET_assert (1 == inet_pton (AF_INET6,
network,
&net));
memset (&mask, 0, sizeof (mask));
+ if (0 == GNUNET_memcmp (&mask,
+ ip))
+ return GNUNET_YES;
off = 0;
while (bits > 8)
{
/**
- * Handler for #GNUNET_MESSAGE_TYPE_NAT_REGISTER message from client.
- * We remember the client for updates upon future NAT events.
- *
- * @param cls client who sent the message
- * @param message the message received
+ * Closure for #ifc_proc.
*/
-static void
-handle_register (void *cls,
- const struct GNUNET_NAT_RegisterMessage *message)
+struct IfcProcContext
{
- struct ClientHandle *ch = cls;
- const char *off;
- size_t left;
- if ( (0 != ch->proto) ||
- (NULL != ch->addrs) )
- {
- /* double registration not allowed */
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Received REGISTER message from client\n");
- ch->flags = message->flags;
- ch->proto = message->proto;
- ch->adv_port = ntohs (message->adv_port);
- ch->num_addrs = ntohs (message->adv_port);
- ch->addrs = GNUNET_new_array (ch->num_addrs,
- struct sockaddr *);
- left = ntohs (message->header.size) - sizeof (*message);
- off = (const char *) &message[1];
- for (unsigned int i=0;i<ch->num_addrs;i++)
- {
- size_t alen;
- const struct sockaddr *sa = (const struct sockaddr *) off;
+ /**
+ * Head of DLL of local addresses.
+ */
+ struct LocalAddressList *lal_head;
- if (sizeof (sa_family_t) > left)
- {
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- switch (sa->sa_family)
- {
- case AF_INET:
- {
- const struct sockaddr_in *s4 = (const struct sockaddr_in *) sa;
-
- alen = sizeof (struct sockaddr_in);
- if (is_nat_v4 (&s4->sin_addr))
- ch->natted_address = GNUNET_YES;
- }
- break;
- case AF_INET6:
- {
- const struct sockaddr_in6 *s6 = (const struct sockaddr_in6 *) sa;
-
- alen = sizeof (struct sockaddr_in6);
- if (is_nat_v6 (&s6->sin6_addr))
- ch->natted_address = GNUNET_YES;
- }
- break;
-#if AF_UNIX
- case AF_UNIX:
- alen = sizeof (struct sockaddr_un);
- break;
-#endif
- default:
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- GNUNET_assert (alen <= left);
- ch->addrs[i] = GNUNET_malloc (alen);
- GNUNET_memcpy (ch->addrs[i],
- sa,
- alen);
- off += alen;
- }
- GNUNET_SERVICE_client_continue (ch->client);
-}
+ /**
+ * Tail of DLL of local addresses.
+ */
+ struct LocalAddressList *lal_tail;
+
+};
/**
- * Check validity of #GNUNET_MESSAGE_TYPE_NAT_HANDLE_STUN message from
- * client.
+ * Callback function invoked for each interface found. Adds them
+ * to our new address list.
*
- * @param cls client who sent the message
- * @param message the message received
- * @return #GNUNET_OK if message is well-formed
+ * @param cls a `struct IfcProcContext *`
+ * @param name name of the interface (can be NULL for unknown)
+ * @param isDefault is this presumably the default interface
+ * @param addr address of this interface (can be NULL for unknown or unassigned)
+ * @param broadcast_addr the broadcast address (can be NULL for unknown or unassigned)
+ * @param netmask the network mask (can be NULL for unknown or unassigned)
+ * @param addrlen length of the address
+ * @return #GNUNET_OK to continue iteration, #GNUNET_SYSERR to abort
*/
static int
-check_stun (void *cls,
- const struct GNUNET_NAT_HandleStunMessage *message)
+ifc_proc (void *cls,
+ const char *name,
+ int isDefault,
+ const struct sockaddr *addr,
+ const struct sockaddr *broadcast_addr,
+ const struct sockaddr *netmask,
+ socklen_t addrlen)
{
- size_t sa_len = ntohs (message->sender_addr_size);
- size_t expect = sa_len + ntohs (message->payload_size);
-
- if (ntohs (message->header.size) - sizeof (*message) != expect)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- if (sa_len < sizeof (sa_family_t))
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
-}
-
+ struct IfcProcContext *ifc_ctx = cls;
+ struct LocalAddressList *lal;
+ size_t alen;
+ const struct in_addr *ip4;
+ const struct in6_addr *ip6;
+ enum GNUNET_NAT_AddressClass ac;
-/**
- * Notify all clients about our external IP address
- * as reported by the STUN server.
- *
+ switch (addr->sa_family)
+ {
+ case AF_INET:
+ alen = sizeof (struct sockaddr_in);
+ ip4 = &((const struct sockaddr_in *) addr)->sin_addr;
+ if (match_ipv4 ("127.0.0.0", ip4, 8))
+ ac = GNUNET_NAT_AC_LOOPBACK;
+ else if (is_nat_v4 (ip4))
+ ac = GNUNET_NAT_AC_LAN;
+ else
+ ac = GNUNET_NAT_AC_GLOBAL;
+ break;
+ case AF_INET6:
+ alen = sizeof (struct sockaddr_in6);
+ ip6 = &((const struct sockaddr_in6 *) addr)->sin6_addr;
+ if (match_ipv6 ("::1", ip6, 128))
+ ac = GNUNET_NAT_AC_LOOPBACK;
+ else if (is_nat_v6 (ip6))
+ ac = GNUNET_NAT_AC_LAN;
+ else
+ ac = GNUNET_NAT_AC_GLOBAL;
+ if ( (ip6->s6_addr[11] == 0xFF) &&
+ (ip6->s6_addr[12] == 0xFE) )
+ {
+ /* contains a MAC, be extra careful! */
+ ac |= GNUNET_NAT_AC_PRIVATE;
+ }
+ break;
+#if AF_UNIX
+ case AF_UNIX:
+ GNUNET_break (0);
+ return GNUNET_OK;
+#endif
+ default:
+ GNUNET_break (0);
+ return GNUNET_OK;
+ }
+ lal = GNUNET_malloc (sizeof (*lal));
+ lal->af = addr->sa_family;
+ lal->ac = ac;
+ GNUNET_memcpy (&lal->addr,
+ addr,
+ alen);
+ GNUNET_CONTAINER_DLL_insert (ifc_ctx->lal_head,
+ ifc_ctx->lal_tail,
+ lal);
+ return GNUNET_OK;
+}
+
+
+/**
+ * Notify client about a change in the list of addresses this peer
+ * has.
+ *
+ * @param ac address class of the entry in the list that changed
+ * @param ch client to contact
+ * @param add #GNUNET_YES to add, #GNUNET_NO to remove
+ * @param addr the address that changed
+ * @param addr_len number of bytes in @a addr
+ */
+static void
+notify_client (enum GNUNET_NAT_AddressClass ac,
+ struct ClientHandle *ch,
+ int add,
+ const void *addr,
+ size_t addr_len)
+{
+ struct GNUNET_MQ_Envelope *env;
+ struct GNUNET_NAT_AddressChangeNotificationMessage *msg;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Notifying client about %s of IP %s\n",
+ add ? "addition" : "removal",
+ GNUNET_a2s (addr,
+ addr_len));
+ env = GNUNET_MQ_msg_extra (msg,
+ addr_len,
+ GNUNET_MESSAGE_TYPE_NAT_ADDRESS_CHANGE);
+ msg->add_remove = htonl (add);
+ msg->addr_class = htonl (ac);
+ GNUNET_memcpy (&msg[1],
+ addr,
+ addr_len);
+ GNUNET_MQ_send (ch->mq,
+ env);
+}
+
+
+/**
+ * Check if we should bother to notify this client about this
+ * address change, and if so, do it.
+ *
+ * @param delta the entry in the list that changed
+ * @param ch client to check
+ * @param add #GNUNET_YES to add, #GNUNET_NO to remove
+ */
+static void
+check_notify_client (struct LocalAddressList *delta,
+ struct ClientHandle *ch,
+ int add)
+{
+ size_t alen;
+ struct sockaddr_in v4;
+ struct sockaddr_in6 v6;
+
+ if (0 == (ch->flags & GNUNET_NAT_RF_ADDRESSES))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Not notifying client as it does not care about addresses\n");
+ return;
+ }
+ switch (delta->af)
+ {
+ case AF_INET:
+ alen = sizeof (struct sockaddr_in);
+ GNUNET_memcpy (&v4,
+ &delta->addr,
+ alen);
+
+ /* Check for client notifications */
+ for (unsigned int i=0;i<ch->num_caddrs;i++)
+ {
+ const struct sockaddr_in *c4;
+
+ if (AF_INET != ch->caddrs[i].ss.ss_family)
+ continue; /* IPv4 not relevant */
+ c4 = (const struct sockaddr_in *) &ch->caddrs[i].ss;
+ if ( match_ipv4 ("127.0.0.1", &c4->sin_addr, 8) &&
+ (0 != c4->sin_addr.s_addr) &&
+ (! match_ipv4 ("127.0.0.1", &v4.sin_addr, 8)) )
+ continue; /* bound to loopback, but this is not loopback */
+ if ( (! match_ipv4 ("127.0.0.1", &c4->sin_addr, 8) ) &&
+ match_ipv4 ("127.0.0.1", &v4.sin_addr, 8) )
+ continue; /* bound to non-loopback, but this is loopback */
+ if ( (0 != (delta->ac & GNUNET_NAT_AC_EXTERN)) &&
+ (0 != c4->sin_addr.s_addr) &&
+ (! is_nat_v4 (&v4.sin_addr)) )
+ continue; /* based on external-IP, but this IP is not
+ from private address range. */
+ if ( (0 != GNUNET_memcmp (&v4.sin_addr,
+ &c4->sin_addr)) &&
+ (0 != c4->sin_addr.s_addr) &&
+ (! is_nat_v4 (&c4->sin_addr)) )
+ continue; /* this IP is not from private address range,
+ and IP does not match. */
+
+ /* OK, IP seems relevant, notify client */
+ if (0 == htons (v4.sin_port))
+ v4.sin_port = c4->sin_port;
+ notify_client (delta->ac,
+ ch,
+ add,
+ &v4,
+ alen);
+ }
+ break;
+ case AF_INET6:
+ alen = sizeof (struct sockaddr_in6);
+ GNUNET_memcpy (&v6,
+ &delta->addr,
+ alen);
+ for (unsigned int i=0;i<ch->num_caddrs;i++)
+ {
+ const struct sockaddr_in6 *c6;
+
+ if (AF_INET6 != ch->caddrs[i].ss.ss_family)
+ continue; /* IPv4 not relevant */
+ c6 = (const struct sockaddr_in6 *) &ch->caddrs[i].ss;
+ if ( match_ipv6 ("::1", &c6->sin6_addr, 128) &&
+ (0 != GNUNET_memcmp (&c6->sin6_addr,
+ &in6addr_any)) &&
+ (! match_ipv6 ("::1", &v6.sin6_addr, 128)) )
+ continue; /* bound to loopback, but this is not loopback */
+ if ( (! match_ipv6 ("::1", &c6->sin6_addr, 128) ) &&
+ match_ipv6 ("::1", &v6.sin6_addr, 128) )
+ continue; /* bound to non-loopback, but this is loopback */
+ if ( (0 != (delta->ac & GNUNET_NAT_AC_EXTERN)) &&
+ (0 != GNUNET_memcmp (&c6->sin6_addr,
+ &in6addr_any)) &&
+ (! is_nat_v6 (&v6.sin6_addr)) )
+ continue; /* based on external-IP, but this IP is not
+ from private address range. */
+ if ( (0 != GNUNET_memcmp (&v6.sin6_addr,
+ &c6->sin6_addr)) &&
+ (0 != GNUNET_memcmp (&c6->sin6_addr,
+ &in6addr_any)) &&
+ (! is_nat_v6 (&c6->sin6_addr)) )
+ continue; /* this IP is not from private address range,
+ and IP does not match. */
+ if ( (match_ipv6 ("fe80::", &c6->sin6_addr, 10)) &&
+ (0 != GNUNET_memcmp (&c6->sin6_addr,
+ &in6addr_any)) &&
+ (0 != GNUNET_memcmp (&v6.sin6_addr,
+ &c6->sin6_addr)) &&
+ (0 == (delta->ac & GNUNET_NAT_AC_EXTERN)) )
+ continue; /* client bound to link-local, and the other address
+ does not match and is not an external IP */
+
+ /* OK, IP seems relevant, notify client */
+ if (0 == htons (v6.sin6_port))
+ v6.sin6_port = c6->sin6_port;
+ notify_client (delta->ac,
+ ch,
+ add,
+ &v6,
+ alen);
+ }
+ break;
+ default:
+ GNUNET_break (0);
+ return;
+ }
+}
+
+
+/**
+ * Notify all clients about a change in the list
+ * of addresses this peer has.
+ *
+ * @param delta the entry in the list that changed
+ * @param add #GNUNET_YES to add, #GNUNET_NO to remove
+ */
+static void
+notify_clients (struct LocalAddressList *delta,
+ int add)
+{
+ for (struct ClientHandle *ch = ch_head;
+ NULL != ch;
+ ch = ch->next)
+ check_notify_client (delta,
+ ch,
+ add);
+}
+
+
+/**
+ * Tell relevant client about a change in our external
+ * IPv4 address.
+ *
+ * @param cls client to check if it cares and possibly notify
+ * @param v4 the external address that changed
+ * @param add #GNUNET_YES to add, #GNUNET_NO to remove
+ */
+static void
+notify_client_external_ipv4_change (void *cls,
+ const struct in_addr *v4,
+ int add)
+{
+ struct ClientHandle *ch = cls;
+ struct sockaddr_in sa;
+ int have_v4;
+
+ /* (0) check if this impacts 'hole_external' */
+ if ( (NULL != ch->hole_external) &&
+ (0 == strcasecmp (ch->hole_external,
+ "AUTO")) )
+ {
+ struct LocalAddressList lal;
+ struct sockaddr_in *s4;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Detected eternal IP, can now back-fill AUTO:%u in hole punching specification of `%s'\n",
+ (unsigned int) ch->ext_dns_port,
+ ch->section_name);
+ memset (&lal, 0, sizeof (lal));
+ s4 = (struct sockaddr_in *) &lal.addr;
+ s4->sin_family = AF_INET;
+ s4->sin_port = htons (ch->ext_dns_port);
+ s4->sin_addr = *v4;
+ lal.af = AF_INET;
+ lal.ac = GNUNET_NAT_AC_GLOBAL | GNUNET_NAT_AC_MANUAL;
+ check_notify_client (&lal,
+ ch,
+ add);
+ }
+
+ /* (1) check if client cares. */
+ if (! ch->natted_address)
+ return;
+ have_v4 = GNUNET_NO;
+ for (unsigned int i=0;i<ch->num_caddrs;i++)
+ {
+ const struct sockaddr_storage *ss = &ch->caddrs[i].ss;
+
+ if (AF_INET != ss->ss_family)
+ continue;
+ have_v4 = GNUNET_YES;
+ break;
+ }
+ if (GNUNET_NO == have_v4)
+ return; /* IPv6-only */
+
+ /* (2) build address info */
+ memset (&sa,
+ 0,
+ sizeof (sa));
+ sa.sin_family = AF_INET;
+ sa.sin_addr = *v4;
+ sa.sin_port = htons (0);
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Detected eternal IP %s, notifying client of external IP (without port)\n",
+ GNUNET_a2s ((const struct sockaddr *) &sa,
+ sizeof (sa)));
+ /* (3) notify client of change */
+ notify_client (is_nat_v4 (v4)
+ ? GNUNET_NAT_AC_EXTERN | GNUNET_NAT_AC_LAN
+ : GNUNET_NAT_AC_EXTERN | GNUNET_NAT_AC_GLOBAL,
+ ch,
+ add,
+ &sa,
+ sizeof (sa));
+}
+
+
+/**
+ * We got a connection reversal request from another peer.
+ * Notify applicable clients.
+ *
+ * @param cls closure with the `struct LocalAddressList`
+ * @param ra IP address of the peer who wants us to connect to it
+ */
+static void
+reversal_callback (void *cls,
+ const struct sockaddr_in *ra)
+{
+ struct LocalAddressList *lal = cls;
+ const struct sockaddr_in *l4;
+
+ GNUNET_assert (AF_INET == lal->af);
+ l4 = (const struct sockaddr_in *) &lal->addr;
+ for (struct ClientHandle *ch = ch_head;
+ NULL != ch;
+ ch = ch->next)
+ {
+ struct GNUNET_NAT_ConnectionReversalRequestedMessage *crrm;
+ struct GNUNET_MQ_Envelope *env;
+ int match;
+
+ /* Check if client is in applicable range for ICMP NAT traversal
+ for this local address */
+ if (! ch->natted_address)
+ continue;
+ match = GNUNET_NO;
+ for (unsigned int i=0;i<ch->num_caddrs;i++)
+ {
+ struct ClientAddress *ca = &ch->caddrs[i];
+ const struct sockaddr_in *c4;
+
+ if (AF_INET != ca->ss.ss_family)
+ continue;
+ c4 = (const struct sockaddr_in *) &ca->ss;
+ if ( (0 != c4->sin_addr.s_addr) &&
+ (l4->sin_addr.s_addr != c4->sin_addr.s_addr) )
+ continue;
+ match = GNUNET_YES;
+ break;
+ }
+ if (! match)
+ continue;
+
+ /* Notify applicable client about connection reversal request */
+ env = GNUNET_MQ_msg_extra (crrm,
+ sizeof (struct sockaddr_in),
+ GNUNET_MESSAGE_TYPE_NAT_CONNECTION_REVERSAL_REQUESTED);
+ GNUNET_memcpy (&crrm[1],
+ ra,
+ sizeof (struct sockaddr_in));
+ GNUNET_MQ_send (ch->mq,
+ env);
+ }
+}
+
+
+/**
+ * Task we run periodically to scan for network interfaces.
+ *
+ * @param cls NULL
+ */
+static void
+run_scan (void *cls)
+{
+ struct IfcProcContext ifc_ctx;
+ int found;
+ int have_nat;
+ struct LocalAddressList *lnext;
+
+ scan_task = GNUNET_SCHEDULER_add_delayed (SCAN_FREQ,
+ &run_scan,
+ NULL);
+ memset (&ifc_ctx,
+ 0,
+ sizeof (ifc_ctx));
+ GNUNET_OS_network_interfaces_list (&ifc_proc,
+ &ifc_ctx);
+ /* remove addresses that disappeared */
+ for (struct LocalAddressList *lal = lal_head;
+ NULL != lal;
+ lal = lnext)
+ {
+ lnext = lal->next;
+ found = GNUNET_NO;
+ for (struct LocalAddressList *pos = ifc_ctx.lal_head;
+ NULL != pos;
+ pos = pos->next)
+ {
+ if ( (pos->af == lal->af) &&
+ (0 == memcmp (&lal->addr,
+ &pos->addr,
+ (AF_INET == lal->af)
+ ? sizeof (struct sockaddr_in)
+ : sizeof (struct sockaddr_in6))) )
+ {
+ found = GNUNET_YES;
+ }
+ }
+ if (GNUNET_NO == found)
+ {
+ notify_clients (lal,
+ GNUNET_NO);
+ free_lal (lal);
+ }
+ }
+
+ /* add addresses that appeared */
+ have_nat = GNUNET_NO;
+ for (struct LocalAddressList *pos = ifc_ctx.lal_head;
+ NULL != pos;
+ pos = ifc_ctx.lal_head)
+ {
+ found = GNUNET_NO;
+ if (GNUNET_NAT_AC_LAN == (GNUNET_NAT_AC_LAN & pos->ac))
+ have_nat = GNUNET_YES;
+ for (struct LocalAddressList *lal = lal_head;
+ NULL != lal;
+ lal = lal->next)
+ {
+ if ( (pos->af == lal->af) &&
+ (0 == memcmp (&lal->addr,
+ &pos->addr,
+ (AF_INET == lal->af)
+ ? sizeof (struct sockaddr_in)
+ : sizeof (struct sockaddr_in6))) )
+ found = GNUNET_YES;
+ }
+ GNUNET_CONTAINER_DLL_remove (ifc_ctx.lal_head,
+ ifc_ctx.lal_tail,
+ pos);
+ if (GNUNET_YES == found)
+ {
+ GNUNET_free (pos);
+ }
+ else
+ {
+ notify_clients (pos,
+ GNUNET_YES);
+ GNUNET_CONTAINER_DLL_insert (lal_head,
+ lal_tail,
+ pos);
+ if ( (AF_INET == pos->af) &&
+ (NULL == pos->hc) &&
+ (0 != (GNUNET_NAT_AC_LAN & pos->ac)) )
+ {
+ const struct sockaddr_in *s4
+ = (const struct sockaddr_in *) &pos->addr;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Found NATed local address %s, starting NAT server\n",
+ GNUNET_a2s ((const struct sockaddr *) &pos->addr,
+ sizeof (*s4)));
+ pos->hc = GN_start_gnunet_nat_server_ (&s4->sin_addr,
+ &reversal_callback,
+ pos);
+ }
+ }
+ }
+ GN_nat_status_changed (have_nat);
+}
+
+
+/**
+ * Function called whenever our set of external addresses
+ * as created by `upnpc` changes.
+ *
+ * @param cls closure with our `struct ClientHandle *`
+ * @param add_remove #GNUNET_YES to mean the new public IP address, #GNUNET_NO to mean
+ * the previous (now invalid) one, #GNUNET_SYSERR indicates an error
+ * @param addr either the previous or the new public IP address
+ * @param addrlen actual length of the @a addr
+ * @param result #GNUNET_NAT_ERROR_SUCCESS on success, otherwise the specific error code
+ */
+static void
+upnp_addr_change_cb (void *cls,
+ int add_remove,
+ const struct sockaddr *addr,
+ socklen_t addrlen,
+ enum GNUNET_NAT_StatusCode result)
+{
+ struct ClientHandle *ch = cls;
+ enum GNUNET_NAT_AddressClass ac;
+
+ switch (result)
+ {
+ case GNUNET_NAT_ERROR_SUCCESS:
+ GNUNET_assert (NULL != addr);
+ break;
+ case GNUNET_NAT_ERROR_UPNPC_FAILED:
+ case GNUNET_NAT_ERROR_UPNPC_TIMEOUT:
+ case GNUNET_NAT_ERROR_IPC_FAILURE:
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Running upnpc failed: %d\n",
+ result);
+ return;
+ case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_NOT_FOUND:
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "external-ip binary not found\n");
+ return;
+ case GNUNET_NAT_ERROR_UPNPC_NOT_FOUND:
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "upnpc binary not found\n");
+ return;
+ case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_FAILED:
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "external-ip binary could not be run\n");
+ return;
+ case GNUNET_NAT_ERROR_UPNPC_PORTMAP_FAILED:
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "upnpc failed to create port mapping\n");
+ return;
+ case GNUNET_NAT_ERROR_EXTERNAL_IP_UTILITY_OUTPUT_INVALID:
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Invalid output from upnpc\n");
+ return;
+ case GNUNET_NAT_ERROR_EXTERNAL_IP_ADDRESS_INVALID:
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Invalid address returned by upnpc\n");
+ return;
+ default:
+ GNUNET_break (0); /* should not be possible */
+ return;
+ }
+ switch (addr->sa_family)
+ {
+ case AF_INET:
+ ac = is_nat_v4 (&((const struct sockaddr_in *) addr)->sin_addr)
+ ? GNUNET_NAT_AC_LAN
+ : GNUNET_NAT_AC_EXTERN;
+ break;
+ case AF_INET6:
+ ac = is_nat_v6 (&((const struct sockaddr_in6 *) addr)->sin6_addr)
+ ? GNUNET_NAT_AC_LAN
+ : GNUNET_NAT_AC_EXTERN;
+ break;
+ default:
+ GNUNET_break (0);
+ return;
+ }
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "upnp external address %s: %s\n",
+ add_remove ? "added" : "removed",
+ GNUNET_a2s (addr,
+ addrlen));
+ notify_client (ac,
+ ch,
+ add_remove,
+ addr,
+ addrlen);
+}
+
+
+/**
+ * Resolve the `hole_external` name to figure out our
+ * external address from a manually punched hole. The
+ * port number has already been parsed, this task is
+ * responsible for periodically doing a DNS lookup.
+ *
+ * @param ch client handle to act upon
+ */
+static void
+dyndns_lookup (void *cls);
+
+
+/**
+ * Our (external) hostname was resolved. Update lists of
+ * current external IPs (note that DNS may return multiple
+ * addresses!) and notify client accordingly.
+ *
+ * @param cls the `struct ClientHandle`
+ * @param addr NULL on error, otherwise result of DNS lookup
+ * @param addrlen number of bytes in @a addr
+ */
+static void
+process_external_ip (void *cls,
+ const struct sockaddr *addr,
+ socklen_t addrlen)
+{
+ struct ClientHandle *ch = cls;
+ struct LocalAddressList *lal;
+ struct sockaddr_storage ss;
+ struct sockaddr_in *v4;
+ struct sockaddr_in6 *v6;
+
+ if (NULL == addr)
+ {
+ struct LocalAddressList *laln;
+
+ ch->ext_dns = NULL;
+ ch->ext_dns_task
+ = GNUNET_SCHEDULER_add_delayed (dyndns_frequency,
+ &dyndns_lookup,
+ ch);
+ /* Current iteration is over, remove 'old' IPs now */
+ for (lal = ch->ext_addr_head; NULL != lal; lal = laln)
+ {
+ laln = lal->next;
+ if (GNUNET_YES == lal->old)
+ {
+ GNUNET_CONTAINER_DLL_remove (ch->ext_addr_head,
+ ch->ext_addr_tail,
+ lal);
+ check_notify_client (lal,
+ ch,
+ GNUNET_NO);
+ GNUNET_free (lal);
+ }
+ }
+ return;
+ }
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Got IP `%s' for external address `%s'\n",
+ GNUNET_a2s (addr,
+ addrlen),
+ ch->hole_external);
+
+ /* build sockaddr storage with port number */
+ memset (&ss,
+ 0,
+ sizeof (ss));
+ GNUNET_memcpy (&ss,
+ addr,
+ addrlen);
+ switch (addr->sa_family)
+ {
+ case AF_INET:
+ v4 = (struct sockaddr_in *) &ss;
+ v4->sin_port = htons (ch->ext_dns_port);
+ break;
+ case AF_INET6:
+ v6 = (struct sockaddr_in6 *) &ss;
+ v6->sin6_port = htons (ch->ext_dns_port);
+ break;
+ default:
+ GNUNET_break (0);
+ return;
+ }
+ /* See if 'ss' matches any of our known addresses */
+ for (lal = ch->ext_addr_head; NULL != lal; lal = lal->next)
+ {
+ if (GNUNET_NO == lal->old)
+ continue; /* already processed, skip */
+ if ( (addr->sa_family == lal->addr.ss_family) &&
+ (0 == memcmp (&ss,
+ &lal->addr,
+ addrlen)) )
+ {
+ /* Address unchanged, remember so we do not remove */
+ lal->old = GNUNET_NO;
+ return; /* done here */
+ }
+ }
+ /* notify client, and remember IP for later removal! */
+ lal = GNUNET_new (struct LocalAddressList);
+ lal->addr = ss;
+ lal->af = ss.ss_family;
+ lal->ac = GNUNET_NAT_AC_GLOBAL | GNUNET_NAT_AC_MANUAL;
+ GNUNET_CONTAINER_DLL_insert (ch->ext_addr_head,
+ ch->ext_addr_tail,
+ lal);
+ check_notify_client (lal,
+ ch,
+ GNUNET_YES);
+}
+
+
+/**
+ * Resolve the `hole_external` name to figure out our
+ * external address from a manually punched hole. The
+ * port number has already been parsed, this task is
+ * responsible for periodically doing a DNS lookup.
+ *
+ * @param ch client handle to act upon
+ */
+static void
+dyndns_lookup (void *cls)
+{
+ struct ClientHandle *ch = cls;
+ struct LocalAddressList *lal;
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Performing DNS lookup for punched hole given for `%s' as `%s:%u'\n",
+ ch->section_name,
+ ch->hole_external,
+ (unsigned int) ch->ext_dns_port);
+ for (lal = ch->ext_addr_head; NULL != lal; lal = lal->next)
+ lal->old = GNUNET_YES;
+ ch->ext_dns_task = NULL;
+ ch->ext_dns = GNUNET_RESOLVER_ip_get (ch->hole_external,
+ AF_UNSPEC,
+ GNUNET_TIME_UNIT_MINUTES,
+ &process_external_ip,
+ ch);
+}
+
+
+/**
+ * Resolve the `hole_external` name to figure out our
+ * external address from a manually punched hole. The
+ * given name may be "AUTO" in which case we should use
+ * the IP address(es) we have from upnpc or other methods.
+ * The name can also be an IP address, in which case we
+ * do not need to do DNS resolution. Finally, we also
+ * need to parse the port number.
+ *
+ * @param ch client handle to act upon
+ */
+static void
+lookup_hole_external (struct ClientHandle *ch)
+{
+ char *port;
+ unsigned int pnum;
+ struct sockaddr_in *s4;
+ struct LocalAddressList *lal;
+
+ port = strrchr (ch->hole_external, ':');
+ if (NULL == port)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Malformed punched hole specification `%s' (lacks port)\n"),
+ ch->hole_external);
+ return;
+ }
+ if ( (1 != sscanf (port + 1,
+ "%u",
+ &pnum)) ||
+ (pnum > 65535) )
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Invalid port number in punched hole specification `%s' (lacks port)\n"),
+ port + 1);
+ return;
+ }
+ ch->ext_dns_port = (uint16_t) pnum;
+ *port = '\0';
+
+ lal = GNUNET_new (struct LocalAddressList);
+ if ('[' == *ch->hole_external)
+ {
+ struct sockaddr_in6 *s6 = (struct sockaddr_in6 *) &lal->addr;
+
+ s6->sin6_family = AF_INET6;
+ if (']' != (ch->hole_external[strlen(ch->hole_external)-1]))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Malformed punched hole specification `%s' (lacks `]')\n"),
+ ch->hole_external);
+ GNUNET_free (lal);
+ return;
+ }
+ ch->hole_external[strlen(ch->hole_external)-1] = '\0';
+ if (1 != inet_pton (AF_INET6,
+ ch->hole_external + 1,
+ &s6->sin6_addr))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Malformed punched hole specification `%s' (IPv6 address invalid)"),
+ ch->hole_external + 1);
+ GNUNET_free (lal);
+ return;
+ }
+ s6->sin6_port = htons (ch->ext_dns_port);
+ lal->af = AF_INET6;
+ lal->ac = GNUNET_NAT_AC_GLOBAL | GNUNET_NAT_AC_MANUAL;
+ GNUNET_CONTAINER_DLL_insert (ch->ext_addr_head,
+ ch->ext_addr_tail,
+ lal);
+ check_notify_client (lal,
+ ch,
+ GNUNET_YES);
+ return;
+ }
+
+ s4 = (struct sockaddr_in *) &lal->addr;
+ s4->sin_family = AF_INET;
+ if (1 == inet_pton (AF_INET,
+ ch->hole_external,
+ &s4->sin_addr))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "IPv4 punched hole given for `%s' via `%s:%u'\n",
+ ch->section_name,
+ ch->hole_external,
+ (unsigned int) ch->ext_dns_port);
+ s4->sin_port = htons (ch->ext_dns_port);
+ lal->af = AF_INET;
+ lal->ac = GNUNET_NAT_AC_GLOBAL | GNUNET_NAT_AC_MANUAL;
+ GNUNET_CONTAINER_DLL_insert (ch->ext_addr_head,
+ ch->ext_addr_tail,
+ lal);
+ check_notify_client (lal,
+ ch,
+ GNUNET_YES);
+ return;
+ }
+ if (0 == strcasecmp (ch->hole_external,
+ "AUTO"))
+ {
+ /* handled in #notify_client_external_ipv4_change() */
+ GNUNET_free (lal);
+ return;
+ }
+ /* got a DNS name, trigger lookup! */
+ GNUNET_free (lal);
+ ch->ext_dns_task
+ = GNUNET_SCHEDULER_add_now (&dyndns_lookup,
+ ch);
+}
+
+
+/**
+ * Handler for #GNUNET_MESSAGE_TYPE_NAT_REGISTER message from client.
+ * We remember the client for updates upon future NAT events.
+ *
+ * @param cls client who sent the message
+ * @param message the message received
+ */
+static void
+handle_register (void *cls,
+ const struct GNUNET_NAT_RegisterMessage *message)
+{
+ struct ClientHandle *ch = cls;
+ const char *off;
+ size_t left;
+
+ if ( (0 != ch->proto) ||
+ (NULL != ch->caddrs) )
+ {
+ /* double registration not allowed */
+ GNUNET_break (0);
+ GNUNET_SERVICE_client_drop (ch->client);
+ return;
+ }
+ ch->flags = message->flags;
+ ch->proto = message->proto;
+ ch->num_caddrs = ntohs (message->num_addrs);
+ ch->caddrs = GNUNET_new_array (ch->num_caddrs,
+ struct ClientAddress);
+ left = ntohs (message->header.size) - sizeof (*message);
+ off = (const char *) &message[1];
+ for (unsigned int i=0;i<ch->num_caddrs;i++)
+ {
+ const struct sockaddr *sa = (const struct sockaddr *) off;
+ size_t alen;
+ uint16_t port;
+ int is_nat;
+
+ if (sizeof (sa_family_t) > left)
+ {
+ GNUNET_break (0);
+ GNUNET_SERVICE_client_drop (ch->client);
+ return;
+ }
+ is_nat = GNUNET_NO;
+ switch (sa->sa_family)
+ {
+ case AF_INET:
+ {
+ struct sockaddr_in s4;
+
+ GNUNET_memcpy (&s4,
+ off,
+ sizeof (struct sockaddr_in));
+ alen = sizeof (struct sockaddr_in);
+ if (is_nat_v4 (&s4.sin_addr))
+ is_nat = GNUNET_YES;
+ port = ntohs (s4.sin_port);
+ }
+ break;
+ case AF_INET6:
+ {
+ struct sockaddr_in6 s6;
+
+ GNUNET_memcpy (&s6,
+ off,
+ sizeof (struct sockaddr_in6));
+ alen = sizeof (struct sockaddr_in6);
+ if (is_nat_v6 (&s6.sin6_addr))
+ is_nat = GNUNET_YES;
+ port = ntohs (s6.sin6_port);
+ }
+ break;
+#if AF_UNIX
+ case AF_UNIX:
+ alen = sizeof (struct sockaddr_un);
+ port = 0;
+ break;
+#endif
+ default:
+ GNUNET_break (0);
+ GNUNET_SERVICE_client_drop (ch->client);
+ return;
+ }
+ /* store address */
+ GNUNET_assert (alen <= left);
+ GNUNET_assert (alen <= sizeof (struct sockaddr_storage));
+ GNUNET_memcpy (&ch->caddrs[i].ss,
+ off,
+ alen);
+
+ /* If applicable, try UPNPC NAT punching */
+ if ( (is_nat) &&
+ (enable_upnp) &&
+ ( (IPPROTO_TCP == ch->proto) ||
+ (IPPROTO_UDP == ch->proto) ) )
+ {
+ ch->natted_address = GNUNET_YES;
+ ch->caddrs[i].mh
+ = GNUNET_NAT_mini_map_start (port,
+ IPPROTO_TCP == ch->proto,
+ &upnp_addr_change_cb,
+ ch);
+ }
+
+ off += alen;
+ }
+
+ ch->section_name
+ = GNUNET_strndup (off,
+ ntohs (message->str_len));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Received REGISTER message from client for subsystem `%s'\n",
+ ch->section_name);
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_string (cfg,
+ ch->section_name,
+ "HOLE_EXTERNAL",
+ &ch->hole_external))
+ lookup_hole_external (ch);
+
+ /* Actually send IP address list to client */
+ for (struct LocalAddressList *lal = lal_head;
+ NULL != lal;
+ lal = lal->next)
+ {
+ check_notify_client (lal,
+ ch,
+ GNUNET_YES);
+ }
+ /* Also consider IPv4 determined by `external-ip` */
+ ch->external_monitor
+ = GN_external_ipv4_monitor_start (¬ify_client_external_ipv4_change,
+ ch);
+ GNUNET_SERVICE_client_continue (ch->client);
+}
+
+
+/**
+ * Check validity of #GNUNET_MESSAGE_TYPE_NAT_HANDLE_STUN message from
+ * client.
+ *
+ * @param cls client who sent the message
+ * @param message the message received
+ * @return #GNUNET_OK if message is well-formed
+ */
+static int
+check_stun (void *cls,
+ const struct GNUNET_NAT_HandleStunMessage *message)
+{
+ size_t sa_len = ntohs (message->sender_addr_size);
+ size_t expect = sa_len + ntohs (message->payload_size);
+
+ if (ntohs (message->header.size) - sizeof (*message) != expect)
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ if (sa_len < sizeof (sa_family_t))
+ {
+ GNUNET_break (0);
+ return GNUNET_SYSERR;
+ }
+ return GNUNET_OK;
+}
+
+
+/**
+ * Notify all clients about our external IP address
+ * as reported by the STUN server.
+ *
* @param ip the external IP
* @param add #GNUNET_YES to add, #GNUNET_NO to remove
*/
struct sockaddr_in v4;
struct GNUNET_NAT_AddressChangeNotificationMessage *msg;
struct GNUNET_MQ_Envelope *env;
-
+
if (! ch->natted_address)
continue;
v4 = *ip;
- v4.sin_port = htons (ch->adv_port);
+ v4.sin_port = htons (0);
env = GNUNET_MQ_msg_extra (msg,
sizeof (v4),
GNUNET_MESSAGE_TYPE_NAT_ADDRESS_CHANGE);
msg->add_remove = htonl ((int32_t) add);
- msg->addr_class = htonl (GNUNET_NAT_AC_GLOBAL_EXTERN |
+ msg->addr_class = htonl (GNUNET_NAT_AC_EXTERN |
GNUNET_NAT_AC_GLOBAL);
GNUNET_memcpy (&msg[1],
&v4,
GNUNET_NAT_stun_handle_packet_ (payload,
payload_size,
&external_addr))
- {
+ {
/* We now know that a server at "sa" claims that
- we are visible at IP "external_addr".
+ we are visible at IP "external_addr".
We should (for some fixed period of time) tell
all of our clients that listen to a NAT'ed address
&se->stun_server_addr,
sa_len)) )
continue; /* different STUN server */
- if (0 != memcmp (&external_addr,
- &se->external_addr,
- sizeof (struct sockaddr_in)))
+ if (0 != GNUNET_memcmp (&external_addr,
+ &se->external_addr))
{
/* external IP changed, update! */
notify_clients_stun_change (&se->external_addr,
GNUNET_NO);
}
GNUNET_SERVICE_client_continue (ch->client);
-}
-
-
-/**
- * Check validity of
- * #GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL message from
- * client.
- *
- * @param cls client who sent the message
- * @param message the message received
- * @return #GNUNET_OK if message is well-formed
- */
-static int
-check_request_connection_reversal (void *cls,
- const struct GNUNET_NAT_RequestConnectionReversalMessage *message)
-{
- size_t expect;
-
- expect = ntohs (message->local_addr_size)
- + ntohs (message->remote_addr_size);
- if (ntohs (message->header.size) - sizeof (*message) != expect)
- {
- GNUNET_break (0);
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
-}
-
-
-/**
- * Handler for #GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL
- * message from client.
- *
- * @param cls client who sent the message
- * @param message the message received
- */
-static void
-handle_request_connection_reversal (void *cls,
- const struct GNUNET_NAT_RequestConnectionReversalMessage *message)
-{
- struct ClientHandle *ch = cls;
- const char *buf = (const char *) &message[1];
- size_t local_sa_len = ntohs (message->local_addr_size);
- size_t remote_sa_len = ntohs (message->remote_addr_size);
- const struct sockaddr *local_sa = (const struct sockaddr *) &buf[0];
- const struct sockaddr *remote_sa = (const struct sockaddr *) &buf[local_sa_len];
- const struct sockaddr_in *l4 = NULL;
- const struct sockaddr_in *r4;
- int ret;
-
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Received REQUEST CONNECTION REVERSAL message from client\n");
- switch (local_sa->sa_family)
- {
- case AF_INET:
- if (local_sa_len != sizeof (struct sockaddr_in))
- {
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- l4 = (const struct sockaddr_in *) local_sa;
- break;
- case AF_INET6:
- if (local_sa_len != sizeof (struct sockaddr_in6))
- {
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Connection reversal for IPv6 not supported yet\n"));
- ret = GNUNET_SYSERR;
- break;
- default:
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- switch (remote_sa->sa_family)
- {
- case AF_INET:
- if (remote_sa_len != sizeof (struct sockaddr_in))
- {
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- r4 = (const struct sockaddr_in *) remote_sa;
- ret = GN_request_connection_reversal (&l4->sin_addr,
- ntohs (l4->sin_port),
- &r4->sin_addr);
- break;
- case AF_INET6:
- if (remote_sa_len != sizeof (struct sockaddr_in6))
- {
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Connection reversal for IPv6 not supported yet\n"));
- ret = GNUNET_SYSERR;
- break;
- default:
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- if (GNUNET_OK != ret)
- GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
- _("Connection reversal request failed\n"));
- GNUNET_SERVICE_client_continue (ch->client);
-}
-
-
-/**
- * Check validity of #GNUNET_MESSAGE_TYPE_NAT_REQUEST_AUTO_CFG message
- * from client.
- *
- * @param cls client who sent the message
- * @param message the message received
- * @return #GNUNET_OK if message is well-formed
- */
-static int
-check_autoconfig_request (void *cls,
- const struct GNUNET_NAT_AutoconfigRequestMessage *message)
-{
- return GNUNET_OK; /* checked later */
-}
-
-
-/**
- * Handler for #GNUNET_MESSAGE_TYPE_NAT_REQUEST_AUTO_CFG message from
- * client.
- *
- * @param cls client who sent the message
- * @param message the message received
- */
-static void
-handle_autoconfig_request (void *cls,
- const struct GNUNET_NAT_AutoconfigRequestMessage *message)
-{
- struct ClientHandle *ch = cls;
- size_t left = ntohs (message->header.size) - sizeof (*message);
- struct GNUNET_CONFIGURATION_Handle *c;
-
- c = GNUNET_CONFIGURATION_create ();
- if (GNUNET_OK !=
- GNUNET_CONFIGURATION_deserialize (c,
- (const char *) &message[1],
- left,
- GNUNET_NO))
- {
- GNUNET_break (0);
- GNUNET_SERVICE_client_drop (ch->client);
- return;
- }
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Received REQUEST_AUTO_CONFIG message from client\n");
- // FIXME: actually handle request...
- GNUNET_CONFIGURATION_destroy (c);
- GNUNET_SERVICE_client_continue (ch->client);
-}
-
-
-/**
- * Task run during shutdown.
- *
- * @param cls unused
- */
-static void
-shutdown_task (void *cls)
-{
- struct StunExternalIP *se;
-
- while (NULL != (se = se_head))
- {
- GNUNET_CONTAINER_DLL_remove (se_head,
- se_tail,
- se);
- GNUNET_SCHEDULER_cancel (se->timeout_task);
- GNUNET_free (se);
- }
- if (NULL != scan_task)
- {
- GNUNET_SCHEDULER_cancel (scan_task);
- scan_task = NULL;
- }
- if (NULL != stats)
- {
- GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
- stats = NULL;
- }
- destroy_lal ();
-}
-
-
-/**
- * Closure for #ifc_proc.
- */
-struct IfcProcContext
-{
-
- /**
- * Head of DLL of local addresses.
- */
- struct LocalAddressList *lal_head;
-
- /**
- * Tail of DLL of local addresses.
- */
- struct LocalAddressList *lal_tail;
-
-};
+}
/**
- * Callback function invoked for each interface found. Adds them
- * to our new address list.
+ * Check validity of
+ * #GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL message from
+ * client.
*
- * @param cls a `struct IfcProcContext *`
- * @param name name of the interface (can be NULL for unknown)
- * @param isDefault is this presumably the default interface
- * @param addr address of this interface (can be NULL for unknown or unassigned)
- * @param broadcast_addr the broadcast address (can be NULL for unknown or unassigned)
- * @param netmask the network mask (can be NULL for unknown or unassigned)
- * @param addrlen length of the address
- * @return #GNUNET_OK to continue iteration, #GNUNET_SYSERR to abort
+ * @param cls client who sent the message
+ * @param message the message received
+ * @return #GNUNET_OK if message is well-formed
*/
static int
-ifc_proc (void *cls,
- const char *name,
- int isDefault,
- const struct sockaddr *addr,
- const struct sockaddr *broadcast_addr,
- const struct sockaddr *netmask,
- socklen_t addrlen)
+check_request_connection_reversal (void *cls,
+ const struct GNUNET_NAT_RequestConnectionReversalMessage *message)
{
- struct IfcProcContext *ifc_ctx = cls;
- struct LocalAddressList *lal;
- size_t alen;
- const struct in_addr *ip4;
- const struct in6_addr *ip6;
- enum GNUNET_NAT_AddressClass ac;
+ size_t expect;
- switch (addr->sa_family)
+ expect = ntohs (message->local_addr_size)
+ + ntohs (message->remote_addr_size);
+ if (ntohs (message->header.size) - sizeof (*message) != expect)
{
- case AF_INET:
- alen = sizeof (struct sockaddr_in);
- ip4 = &((const struct sockaddr_in *) addr)->sin_addr;
- if (match_ipv4 ("127.0.0.0", ip4, 8))
- ac = GNUNET_NAT_AC_LOOPBACK;
- else if (is_nat_v4 (ip4))
- ac = GNUNET_NAT_AC_LAN;
- else
- ac = GNUNET_NAT_AC_GLOBAL;
- break;
- case AF_INET6:
- alen = sizeof (struct sockaddr_in6);
- ip6 = &((const struct sockaddr_in6 *) addr)->sin6_addr;
- if (match_ipv6 ("::1", ip6, 128))
- ac = GNUNET_NAT_AC_LOOPBACK;
- else if (is_nat_v6 (ip6))
- ac = GNUNET_NAT_AC_LAN;
- else
- ac = GNUNET_NAT_AC_GLOBAL;
- if ( (ip6->s6_addr[11] == 0xFF) &&
- (ip6->s6_addr[12] == 0xFE) )
- {
- /* contains a MAC, be extra careful! */
- ac |= GNUNET_NAT_AC_PRIVATE;
- }
- break;
-#if AF_UNIX
- case AF_UNIX:
- GNUNET_break (0);
- return GNUNET_OK;
-#endif
- default:
GNUNET_break (0);
- return GNUNET_OK;
+ return GNUNET_SYSERR;
}
- lal = GNUNET_malloc (sizeof (*lal));
- lal->af = addr->sa_family;
- lal->ac = ac;
- GNUNET_memcpy (&lal->addr,
- addr,
- alen);
- GNUNET_CONTAINER_DLL_insert (ifc_ctx->lal_head,
- ifc_ctx->lal_tail,
- lal);
return GNUNET_OK;
}
/**
- * Notify client about a change in the list
- * of addresses this peer has.
+ * Handler for #GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL
+ * message from client.
*
- * @param delta the entry in the list that changed
- * @param ch client to contact
- * @param add #GNUNET_YES to add, #GNUNET_NO to remove
- * @param addr the address that changed
- * @param addr_len number of bytes in @a addr
+ * @param cls client who sent the message
+ * @param message the message received
*/
static void
-notify_client (struct LocalAddressList *delta,
- struct ClientHandle *ch,
- int add,
- const void *addr,
- size_t addr_len)
+handle_request_connection_reversal (void *cls,
+ const struct GNUNET_NAT_RequestConnectionReversalMessage *message)
{
- struct GNUNET_MQ_Envelope *env;
- struct GNUNET_NAT_AddressChangeNotificationMessage *msg;
-
- env = GNUNET_MQ_msg_extra (msg,
- addr_len,
- GNUNET_MESSAGE_TYPE_NAT_ADDRESS_CHANGE);
- msg->add_remove = htonl (add);
- msg->addr_class = htonl (delta->ac);
- GNUNET_memcpy (&msg[1],
- addr,
- addr_len);
- GNUNET_MQ_send (ch->mq,
- env);
-}
-
+ struct ClientHandle *ch = cls;
+ const char *buf = (const char *) &message[1];
+ size_t local_sa_len = ntohs (message->local_addr_size);
+ size_t remote_sa_len = ntohs (message->remote_addr_size);
+ struct sockaddr_in l4;
+ struct sockaddr_in r4;
+ int ret;
-/**
- * Notify all clients about a change in the list
- * of addresses this peer has.
- *
- * @param delta the entry in the list that changed
- * @param add #GNUNET_YES to add, #GNUNET_NO to remove
- */
-static void
-notify_clients (struct LocalAddressList *delta,
- int add)
-{
- for (struct ClientHandle *ch = ch_head;
- NULL != ch;
- ch = ch->next)
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Received REQUEST CONNECTION REVERSAL message from client\n");
+ if (local_sa_len != sizeof (struct sockaddr_in))
{
- size_t alen;
- struct sockaddr_in v4;
- struct sockaddr_in6 v6;
-
- if (0 == (ch->flags & GNUNET_NAT_RF_ADDRESSES))
- continue;
- switch (delta->af)
- {
- case AF_INET:
- alen = sizeof (struct sockaddr_in);
- GNUNET_memcpy (&v4,
- &delta->addr,
- alen);
- for (unsigned int i=0;i<ch->num_addrs;i++)
- {
- const struct sockaddr_in *c4;
-
- if (AF_INET != ch->addrs[i]->sa_family)
- continue; /* IPv4 not relevant */
- c4 = (const struct sockaddr_in *) ch->addrs[i];
- v4.sin_port = c4->sin_port;
- notify_client (delta,
- ch,
- add,
- &v4,
- alen);
- }
- break;
- case AF_INET6:
- alen = sizeof (struct sockaddr_in6);
- GNUNET_memcpy (&v6,
- &delta->addr,
- alen);
- for (unsigned int i=0;i<ch->num_addrs;i++)
- {
- const struct sockaddr_in6 *c6;
-
- if (AF_INET6 != ch->addrs[i]->sa_family)
- continue; /* IPv4 not relevant */
- c6 = (const struct sockaddr_in6 *) ch->addrs[i];
- v6.sin6_port = c6->sin6_port;
- notify_client (delta,
- ch,
- add,
- &v6,
- alen);
- }
- break;
- default:
- GNUNET_break (0);
- continue;
- }
+ GNUNET_break_op (0);
+ GNUNET_SERVICE_client_drop (ch->client);
+ return;
+ }
+ if (remote_sa_len != sizeof (struct sockaddr_in))
+ {
+ GNUNET_break_op (0);
+ GNUNET_SERVICE_client_drop (ch->client);
+ return;
}
+ GNUNET_memcpy (&l4,
+ buf,
+ sizeof (struct sockaddr_in));
+ GNUNET_break_op (AF_INET == l4.sin_family);
+ buf += sizeof (struct sockaddr_in);
+ GNUNET_memcpy (&r4,
+ buf,
+ sizeof (struct sockaddr_in));
+ GNUNET_break_op (AF_INET == r4.sin_family);
+ ret = GN_request_connection_reversal (&l4.sin_addr,
+ ntohs (l4.sin_port),
+ &r4.sin_addr);
+ if (GNUNET_OK != ret)
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ _("Connection reversal request failed\n"));
+ GNUNET_SERVICE_client_continue (ch->client);
}
/**
- * Task we run periodically to scan for network interfaces.
+ * Task run during shutdown.
*
- * @param cls NULL
- */
+ * @param cls unused
+ */
static void
-run_scan (void *cls)
+shutdown_task (void *cls)
{
- struct IfcProcContext ifc_ctx;
- int found;
-
- scan_task = GNUNET_SCHEDULER_add_delayed (SCAN_FREQ,
- &run_scan,
- NULL);
- memset (&ifc_ctx,
- 0,
- sizeof (ifc_ctx));
- GNUNET_OS_network_interfaces_list (&ifc_proc,
- &ifc_ctx);
- for (struct LocalAddressList *lal = lal_head;
- NULL != lal;
- lal = lal->next)
+ struct StunExternalIP *se;
+
+ while (NULL != (se = se_head))
{
- found = GNUNET_NO;
- for (struct LocalAddressList *pos = ifc_ctx.lal_head;
- NULL != pos;
- pos = pos->next)
- {
- if ( (pos->af == lal->af) &&
- (0 == memcmp (&lal->addr,
- &pos->addr,
- (AF_INET == lal->af)
- ? sizeof (struct sockaddr_in)
- : sizeof (struct sockaddr_in6))) )
- found = GNUNET_YES;
- }
- if (GNUNET_NO == found)
- notify_clients (lal,
- GNUNET_NO);
+ GNUNET_CONTAINER_DLL_remove (se_head,
+ se_tail,
+ se);
+ GNUNET_SCHEDULER_cancel (se->timeout_task);
+ GNUNET_free (se);
}
-
- for (struct LocalAddressList *pos = ifc_ctx.lal_head;
- NULL != pos;
- pos = pos->next)
+ GN_nat_status_changed (GNUNET_NO);
+ if (NULL != scan_task)
{
- found = GNUNET_NO;
- for (struct LocalAddressList *lal = lal_head;
- NULL != lal;
- lal = lal->next)
- {
- if ( (pos->af == lal->af) &&
- (0 == memcmp (&lal->addr,
- &pos->addr,
- (AF_INET == lal->af)
- ? sizeof (struct sockaddr_in)
- : sizeof (struct sockaddr_in6))) )
- found = GNUNET_YES;
- }
- if (GNUNET_NO == found)
- notify_clients (pos,
- GNUNET_YES);
+ GNUNET_SCHEDULER_cancel (scan_task);
+ scan_task = NULL;
+ }
+ if (NULL != stats)
+ {
+ GNUNET_STATISTICS_destroy (stats,
+ GNUNET_NO);
+ stats = NULL;
}
-
destroy_lal ();
- lal_head = ifc_ctx.lal_head;
- lal_tail = ifc_ctx.lal_tail;
}
/**
- * Handle network size estimate clients.
+ * Setup NAT service.
*
* @param cls closure
* @param c configuration to use
"STUN_STALE",
&stun_stale_timeout))
stun_stale_timeout = GNUNET_TIME_UNIT_HOURS;
+
+ /* Check for UPnP */
+ enable_upnp
+ = GNUNET_CONFIGURATION_get_value_yesno (cfg,
+ "NAT",
+ "ENABLE_UPNP");
+ if (GNUNET_YES == enable_upnp)
+ {
+ /* check if it works */
+ if (GNUNET_SYSERR ==
+ GNUNET_OS_check_helper_binary ("upnpc",
+ GNUNET_NO,
+ NULL))
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ _("UPnP enabled in configuration, but UPnP client `upnpc` command not found, disabling UPnP\n"));
+ enable_upnp = GNUNET_SYSERR;
+ }
+ }
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (cfg,
+ "nat",
+ "DYNDNS_FREQUENCY",
+ &dyndns_frequency))
+ dyndns_frequency = DYNDNS_FREQUENCY;
+
GNUNET_SCHEDULER_add_shutdown (&shutdown_task,
NULL);
stats = GNUNET_STATISTICS_create ("nat",
void *internal_cls)
{
struct ClientHandle *ch = internal_cls;
+ struct LocalAddressList *lal;
GNUNET_CONTAINER_DLL_remove (ch_head,
ch_tail,
ch);
- for (unsigned int i=0;i<ch->num_addrs;i++)
- GNUNET_free_non_null (ch->addrs[i]);
- GNUNET_free_non_null (ch->addrs);
+ for (unsigned int i=0;i<ch->num_caddrs;i++)
+ {
+ if (NULL != ch->caddrs[i].mh)
+ {
+ GNUNET_NAT_mini_map_stop (ch->caddrs[i].mh);
+ ch->caddrs[i].mh = NULL;
+ }
+ }
+ GNUNET_free_non_null (ch->caddrs);
+ while (NULL != (lal = ch->ext_addr_head))
+ {
+ GNUNET_CONTAINER_DLL_remove (ch->ext_addr_head,
+ ch->ext_addr_tail,
+ lal);
+ GNUNET_free (lal);
+ }
+ if (NULL != ch->ext_dns_task)
+ {
+ GNUNET_SCHEDULER_cancel (ch->ext_dns_task);
+ ch->ext_dns_task = NULL;
+ }
+ if (NULL != ch->external_monitor)
+ {
+ GN_external_ipv4_monitor_stop (ch->external_monitor);
+ ch->external_monitor = NULL;
+ }
+ if (NULL != ch->ext_dns)
+ {
+ GNUNET_RESOLVER_request_cancel (ch->ext_dns);
+ ch->ext_dns = NULL;
+ }
+ GNUNET_free_non_null (ch->hole_external);
+ GNUNET_free_non_null (ch->section_name);
GNUNET_free (ch);
}
GNUNET_MESSAGE_TYPE_NAT_REQUEST_CONNECTION_REVERSAL,
struct GNUNET_NAT_RequestConnectionReversalMessage,
NULL),
- GNUNET_MQ_hd_var_size (autoconfig_request,
- GNUNET_MESSAGE_TYPE_NAT_REQUEST_AUTO_CFG,
- struct GNUNET_NAT_AutoconfigRequestMessage,
- NULL),
GNUNET_MQ_handler_end ());