const struct sockaddr *broadcast_addr,
const struct sockaddr *netmask, socklen_t addrlen)
{
+ const static struct in6_addr any6 = IN6ADDR_ANY_INIT;
struct GNUNET_NAT_Handle *h = cls;
const struct sockaddr_in *s4;
const struct sockaddr_in6 *s6;
const void *ip;
char buf[INET6_ADDRSTRLEN];
+ unsigned int i;
+ int have_any;
switch (addr->sa_family)
{
case AF_INET:
+ /* check if we're bound to the "ANY" IP address */
+ have_any = GNUNET_NO;
+ for (i=0;i<h->num_local_addrs;i++)
+ {
+ if (h->local_addrs[i]->sa_family != AF_INET)
+ continue;
+#ifndef INADDR_ANY
+#define INADDR_ANY 0
+#endif
+ if (INADDR_ANY == ((struct sockaddr_in*) h->local_addrs[i])->sin_addr.s_addr)
+ {
+ have_any = GNUNET_YES;
+ break;
+ }
+ }
+ if (GNUNET_NO == have_any)
+ return GNUNET_OK; /* not bound to IP 0.0.0.0 but to specific IP addresses,
+ do not use those from interfaces */
s4 = (struct sockaddr_in *) addr;
ip = &s4->sin_addr;
}
break;
case AF_INET6:
+ /* check if we're bound to the "ANY" IP address */
+ have_any = GNUNET_NO;
+ for (i=0;i<h->num_local_addrs;i++)
+ {
+ if (h->local_addrs[i]->sa_family != AF_INET6)
+ continue;
+ if (0 == memcmp (&any6,
+ &((struct sockaddr_in6*) h->local_addrs[i])->sin6_addr,
+ sizeof (struct in6_addr)))
+ {
+ have_any = GNUNET_YES;
+ break;
+ }
+ }
+ if (GNUNET_NO == have_any)
+ return GNUNET_OK; /* not bound to "ANY" IP (::0) but to specific IP addresses,
+ do not use those from interfaces */
+
s6 = (struct sockaddr_in6 *) addr;
if (IN6_IS_ADDR_LINKLOCAL (&((struct sockaddr_in6 *) addr)->sin6_addr))
{
if (0 != GNUNET_OS_process_kill (h->server_proc, SIGTERM))
GNUNET_log_from_strerror (GNUNET_ERROR_TYPE_WARNING, "nat", "kill");
GNUNET_OS_process_wait (h->server_proc);
- GNUNET_OS_process_close (h->server_proc);
+ GNUNET_OS_process_destroy (h->server_proc);
h->server_proc = NULL;
GNUNET_DISK_pipe_close (h->server_stdout);
h->server_stdout = NULL;
h->server_stdout_handle = NULL;
/* now try to restart it */
- h->server_retry_delay =
- GNUNET_TIME_relative_multiply (h->server_retry_delay, 2);
- h->server_retry_delay =
- GNUNET_TIME_relative_max (GNUNET_TIME_UNIT_HOURS,
- h->server_retry_delay);
+ h->server_retry_delay = GNUNET_TIME_STD_BACKOFF (h->server_retry_delay);
h->server_read_task =
GNUNET_SCHEDULER_add_delayed (h->server_retry_delay,
&restart_nat_server, h);
static void
start_gnunet_nat_server (struct GNUNET_NAT_Handle *h)
{
+ char *binary;
+
if ((h->behind_nat == GNUNET_YES) && (h->enable_nat_server == GNUNET_YES) &&
(h->internal_address != NULL) &&
(NULL !=
LOG (GNUNET_ERROR_TYPE_DEBUG, "Starting `%s' at `%s'\n",
"gnunet-helper-nat-server", h->internal_address);
/* Start the server process */
+ binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-server");
h->server_proc =
- GNUNET_OS_start_process (GNUNET_NO, NULL, h->server_stdout,
- "gnunet-helper-nat-server",
+ GNUNET_OS_start_process (GNUNET_NO, 0, NULL, h->server_stdout,
+ binary,
"gnunet-helper-nat-server",
h->internal_address, NULL);
+ GNUNET_free (binary);
if (h->server_proc == NULL)
{
LOG (GNUNET_ERROR_TYPE_WARNING, "nat", _("Failed to start %s\n"),
struct GNUNET_NAT_Handle *h;
struct in_addr in_addr;
unsigned int i;
+ char *binary;
LOG (GNUNET_ERROR_TYPE_DEBUG,
"Registered with NAT service at port %u with %u IP bound local addresses\n",
if ((h->internal_address != NULL) &&
(inet_pton (AF_INET, h->internal_address, &in_addr) != 1))
{
- LOG (GNUNET_ERROR_TYPE_WARNING, "nat",
- _("Malformed %s `%s' given in configuration!\n"), "INTERNAL_ADDRESS",
- h->internal_address);
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_WARNING,
+ "nat", "INTERNAL_ADDRESS",
+ _("malformed"));
GNUNET_free (h->internal_address);
h->internal_address = NULL;
}
}
/* Test for SUID binaries */
+ binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-server");
if ((h->behind_nat == GNUNET_YES) && (GNUNET_YES == h->enable_nat_server) &&
(GNUNET_YES !=
- GNUNET_OS_check_helper_binary ("gnunet-helper-nat-server")))
+ GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d 127.0.0.1" ))) // use localhost as source for that one udp-port, ok for testing
{
h->enable_nat_server = GNUNET_NO;
LOG (GNUNET_ERROR_TYPE_WARNING,
("Configuration requires `%s', but binary is not installed properly (SUID bit not set). Option disabled.\n"),
"gnunet-helper-nat-server");
}
+ GNUNET_free (binary);
+ binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-client");
if ((GNUNET_YES == h->enable_nat_client) &&
(GNUNET_YES !=
- GNUNET_OS_check_helper_binary ("gnunet-helper-nat-client")))
+ GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d 127.0.0.1 127.0.0.2 42"))) // none of these parameters are actually used in privilege testing mode
{
h->enable_nat_client = GNUNET_NO;
LOG (GNUNET_ERROR_TYPE_WARNING,
("Configuration requires `%s', but binary is not installed properly (SUID bit not set). Option disabled.\n"),
"gnunet-helper-nat-client");
}
-
+ GNUNET_free (binary);
start_gnunet_nat_server (h);
/* FIXME: add support for UPnP, etc */
if (0 != GNUNET_OS_process_kill (h->server_proc, SIGTERM))
GNUNET_log_from_strerror (GNUNET_ERROR_TYPE_WARNING, "nat", "kill");
GNUNET_OS_process_wait (h->server_proc);
- GNUNET_OS_process_close (h->server_proc);
+ GNUNET_OS_process_destroy (h->server_proc);
h->server_proc = NULL;
GNUNET_DISK_pipe_close (h->server_stdout);
h->server_stdout = NULL;
char inet4[INET_ADDRSTRLEN];
char port_as_string[6];
struct GNUNET_OS_Process *proc;
+ char *binary;
if (GNUNET_YES != h->enable_nat_client)
return GNUNET_NO; /* not permitted / possible */
LOG (GNUNET_ERROR_TYPE_DEBUG,
_("Running gnunet-helper-nat-client %s %s %u\n"), h->internal_address,
inet4, (unsigned int) h->adv_port);
+ binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-client");
proc =
- GNUNET_OS_start_process (GNUNET_NO,
- NULL, NULL, "gnunet-helper-nat-client",
+ GNUNET_OS_start_process (GNUNET_NO, 0, NULL, NULL,
+ binary,
"gnunet-helper-nat-client", h->internal_address,
inet4, port_as_string, NULL);
+ GNUNET_free (binary);
if (NULL == proc)
return GNUNET_SYSERR;
/* we know that the gnunet-helper-nat-client will terminate virtually
* instantly */
GNUNET_OS_process_wait (proc);
- GNUNET_OS_process_close (proc);
+ GNUNET_OS_process_destroy (proc);
return GNUNET_OK;
}