const struct sockaddr *broadcast_addr,
const struct sockaddr *netmask, socklen_t addrlen)
{
+ const static struct in6_addr any6 = IN6ADDR_ANY_INIT;
struct GNUNET_NAT_Handle *h = cls;
const struct sockaddr_in *s4;
const struct sockaddr_in6 *s6;
const void *ip;
char buf[INET6_ADDRSTRLEN];
+ unsigned int i;
+ int have_any;
switch (addr->sa_family)
{
case AF_INET:
+ /* check if we're bound to the "ANY" IP address */
+ have_any = GNUNET_NO;
+ for (i=0;i<h->num_local_addrs;i++)
+ {
+ if (h->local_addrs[i]->sa_family != AF_INET)
+ continue;
+#ifndef INADDR_ANY
+#define INADDR_ANY 0
+#endif
+ if (INADDR_ANY == ((struct sockaddr_in*) h->local_addrs[i])->sin_addr.s_addr)
+ {
+ have_any = GNUNET_YES;
+ break;
+ }
+ }
+ if (GNUNET_NO == have_any)
+ return GNUNET_OK; /* not bound to IP 0.0.0.0 but to specific IP addresses,
+ do not use those from interfaces */
s4 = (struct sockaddr_in *) addr;
ip = &s4->sin_addr;
}
break;
case AF_INET6:
+ /* check if we're bound to the "ANY" IP address */
+ have_any = GNUNET_NO;
+ for (i=0;i<h->num_local_addrs;i++)
+ {
+ if (h->local_addrs[i]->sa_family != AF_INET6)
+ continue;
+ if (0 == memcmp (&any6,
+ &((struct sockaddr_in6*) h->local_addrs[i])->sin6_addr,
+ sizeof (struct in6_addr)))
+ {
+ have_any = GNUNET_YES;
+ break;
+ }
+ }
+ if (GNUNET_NO == have_any)
+ return GNUNET_OK; /* not bound to "ANY" IP (::0) but to specific IP addresses,
+ do not use those from interfaces */
+
s6 = (struct sockaddr_in6 *) addr;
if (IN6_IS_ADDR_LINKLOCAL (&((struct sockaddr_in6 *) addr)->sin6_addr))
{
if ((h->internal_address != NULL) &&
(inet_pton (AF_INET, h->internal_address, &in_addr) != 1))
{
- GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_WARNING,
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_WARNING,
"nat", "INTERNAL_ADDRESS",
_("malformed"));
GNUNET_free (h->internal_address);
binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-server");
if ((h->behind_nat == GNUNET_YES) && (GNUNET_YES == h->enable_nat_server) &&
(GNUNET_YES !=
- GNUNET_OS_check_helper_binary (binary)))
+ GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d 127.0.0.1" ))) // use localhost as source for that one udp-port, ok for testing
{
h->enable_nat_server = GNUNET_NO;
LOG (GNUNET_ERROR_TYPE_WARNING,
binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-client");
if ((GNUNET_YES == h->enable_nat_client) &&
(GNUNET_YES !=
- GNUNET_OS_check_helper_binary (binary)))
+ GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d 127.0.0.1 127.0.0.2 42"))) // none of these parameters are actually used in privilege testing mode
{
h->enable_nat_client = GNUNET_NO;
LOG (GNUNET_ERROR_TYPE_WARNING,