#define HOSTNAME_RESOLVE_TIMEOUT GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 1)
+/**
+ * How often do we check a STUN server ?
+ */
+#define STUN_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 2)
+
+
/**
* Where did the given local address originate from?
* To be used for debugging as well as in the future
* given in the configuration (i.e. hole-punched DynDNS setup).
*/
LAL_EXTERNAL_IP,
-
+
/**
* Address was obtained by an external STUN server
*/
};
+/**
+ * List of STUN servers
+ */
+struct StunServerList
+{
+
+ /**
+ * Doubly-linked list.
+ */
+ struct StunServerList *next;
+
+ /**
+ * Doubly-linked list.
+ */
+ struct StunServerList *prev;
+
+ /**
+ * Address
+ */
+ char * address;
+
+ /**
+ * Server Port
+ */
+ uint16_t port;
+
+};
+
+
/**
* Handle for active NAT registrations.
*/
*/
uint16_t adv_port;
+ /**
+ * Should we use STUN ?
+ */
+ int use_stun;
+
+ /**
+ * How often should we check STUN ?
+ */
+ struct GNUNET_TIME_Relative stun_frequency;
+
+ /**
+ * STUN socket
+ */
+ struct GNUNET_NETWORK_Handle* socket;
+
+ /*
+ * Am I waiting for a STUN response ?
+ */
+ int waiting_stun;
+
+ /**
+ * STUN request task
+ */
+ struct GNUNET_SCHEDULER_Task * stun_task;
+
+ /**
+ * Head of List of STUN servers
+ */
+ struct StunServerList *stun_servers_head;
+
+ /**
+ * Tail of List of STUN servers
+ */
+ struct StunServerList *stun_servers_tail;
+
+ /**
+ * Actual STUN Server
+ */
+ struct StunServerList *actual_stun_server;
+
};
start_gnunet_nat_server (struct GNUNET_NAT_Handle *h);
+
+
+/**
+ * Call task to process STUN
+ *
+ * @param cls handle to NAT
+ * @param tc TaskContext
+ */
+
+static void
+process_stun (void *cls,
+ const struct GNUNET_SCHEDULER_TaskContext *tc);
+
+
/**
* Remove all addresses from the list of 'local' addresses
* that originated from the given source.
}
+/**
+ * Length of the interface names returned from os_network.c.
+ * (in that file, hardcoded at 11).
+ */
+#define IF_NAME_LEN 11
+
+
/**
* Add the IP of our network interface to the list of
* our IP addresses.
* @return #GNUNET_OK to continue iterating
*/
static int
-process_interfaces (void *cls, const char *name, int isDefault,
+process_interfaces (void *cls,
+ const char *name,
+ int isDefault,
const struct sockaddr *addr,
const struct sockaddr *broadcast_addr,
- const struct sockaddr *netmask, socklen_t addrlen)
+ const struct sockaddr *netmask,
+ socklen_t addrlen)
{
const static struct in6_addr any6 = IN6ADDR_ANY_INIT;
struct GNUNET_NAT_Handle *h = cls;
char buf[INET6_ADDRSTRLEN];
unsigned int i;
int have_any;
+ char *tun_if;
+
+ /* skip virtual interfaces created by GNUnet-vpn */
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_string (h->cfg,
+ "vpn",
+ "IFNAME",
+ &tun_if))
+ {
+ if (0 == strncasecmp (name,
+ tun_if,
+ IF_NAME_LEN))
+ {
+ GNUNET_free (tun_if);
+ return GNUNET_OK;
+ }
+ }
+ /* skip virtual interfaces created by GNUnet-dns */
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_string (h->cfg,
+ "dns",
+ "IFNAME",
+ &tun_if))
+ {
+ if (0 == strncasecmp (name,
+ tun_if,
+ IF_NAME_LEN))
+ {
+ GNUNET_free (tun_if);
+ return GNUNET_OK;
+ }
+ }
+ /* skip virtual interfaces created by GNUnet-exit */
+ if (GNUNET_OK ==
+ GNUNET_CONFIGURATION_get_value_string (h->cfg,
+ "exit",
+ "TUN_IFNAME",
+ &tun_if))
+ {
+ if (0 == strncasecmp (name,
+ tun_if,
+ IF_NAME_LEN))
+ {
+ GNUNET_free (tun_if);
+ return GNUNET_OK;
+ }
+ }
+
switch (addr->sa_family)
{
}
+
+/**
+ * Callback if the STun request have a error
+ *
+ * @param cls the NAT handle
+ * @param result , the status
+ */
+static void
+stun_request_callback(void *cls,
+ enum GNUNET_NAT_StatusCode result)
+{
+
+ struct GNUNET_NAT_Handle *h = cls;
+
+ if(NULL == cls)
+ return;
+
+ h->waiting_stun = GNUNET_NO;
+
+ if(result != GNUNET_OK)
+ {
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ "Error processing a STUN request");
+ }
+
+};
+
+/**
+ * CHECK if is a valid STUN packet sending to GNUNET_NAT_stun_handle_packet.
+ * It also check if it can handle the packet based on the NAT handler.
+ * You don't need to call anything else to check if the packet is valid,
+ *
+ * @param cls the NAT handle
+ * @param data, packet
+ * @param len, packet length
+ *
+ * @return #GNUNET_NO if it can't decode, #GNUNET_YES if is a packet
+ */
+int
+GNUNET_NAT_is_valid_stun_packet(void *cls, const void *data, size_t len)
+{
+ struct GNUNET_NAT_Handle *h = cls;
+ struct sockaddr_in answer;
+
+ /* We are not expecting a STUN message*/
+ if(!h->waiting_stun)
+ return GNUNET_NO;
+
+ /*We dont have STUN installed*/
+ if(!h->use_stun)
+ return GNUNET_NO;
+
+ /* Empty the answer structure */
+ memset(&answer, 0, sizeof(struct sockaddr_in));
+
+ /*Lets handle the packet*/
+ int valid = GNUNET_NAT_stun_handle_packet(data,len, &answer);
+ if(valid)
+ {
+ LOG (GNUNET_ERROR_TYPE_INFO,
+ "Stun server returned IP %s , with port %d \n", inet_ntoa(answer.sin_addr), ntohs(answer.sin_port));
+ /* ADD IP AS VALID*/
+ add_to_address_list (h, LAL_EXTERNAL_IP, (const struct sockaddr *) &answer,
+ sizeof (struct sockaddr_in));
+ h->waiting_stun = GNUNET_NO;
+ return GNUNET_YES;
+ }
+ else
+ {
+ return GNUNET_NO;
+ }
+
+
+
+}
+
+/**
+ * Task to do a STUN request
+ *
+ * @param cls the NAT handle
+ * @param tc scheduler context
+ */
+static void
+process_stun (void *cls,
+ const struct GNUNET_SCHEDULER_TaskContext *tc)
+{
+ struct GNUNET_NAT_Handle *h = cls;
+
+ h->stun_task = NULL;
+
+
+
+ struct StunServerList* elem = h->actual_stun_server;
+
+ /* Make the request */
+ LOG (GNUNET_ERROR_TYPE_INFO,
+ "I will request the stun server %s:%i !\n", elem->address, elem->port);
+
+ if(GNUNET_OK == GNUNET_NAT_stun_make_request(elem->address, elem->port, h->socket, &stun_request_callback, NULL))
+ {
+ h->waiting_stun = GNUNET_YES;
+ }
+ else
+ {
+ LOG (GNUNET_ERROR_TYPE_ERROR,
+ "STUN request failed %s:%i !\n", elem->address, elem->port);
+ }
+
+ h->stun_task =
+ GNUNET_SCHEDULER_add_delayed (h->stun_frequency,
+ &process_stun, h);
+
+ /* Set actual Server*/
+ if(elem->next)
+ {
+ h->actual_stun_server = elem->next;
+ }
+ else
+ {
+ h->actual_stun_server = h->stun_servers_head;
+ }
+
+}
+
+
+
/**
* Task to do a lookup on our hostname for IP addresses.
*
* @param address_callback function to call everytime the public IP address changes
* @param reversal_callback function to call if someone wants connection reversal from us
* @param callback_cls closure for callbacks
+ * @param sock used socket
* @return NULL on error, otherwise handle that can be used to unregister
*/
struct GNUNET_NAT_Handle *
const socklen_t *addrlens,
GNUNET_NAT_AddressCallback address_callback,
GNUNET_NAT_ReversalCallback reversal_callback,
- void *callback_cls)
+ void *callback_cls,
+ struct GNUNET_NETWORK_Handle* sock )
{
struct GNUNET_NAT_Handle *h;
struct in_addr in_addr;
h->enable_upnp = GNUNET_NO;
}
+ /* STUN */
+ h->use_stun =
+ GNUNET_CONFIGURATION_get_value_yesno (cfg, "nat",
+ "USE_STUN");
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (cfg, "nat", "STUN_FREQUENCY",
+ &h->stun_frequency))
+ h->stun_frequency = STUN_FREQUENCY;
+
+
/* Check if NAT was hole-punched */
if ((NULL != h->address_callback) &&
(NULL != h->external_address) &&
h->dns_task = GNUNET_SCHEDULER_add_now (&resolve_dns, h);
h->enable_nat_server = GNUNET_NO;
h->enable_upnp = GNUNET_NO;
+ h->use_stun = GNUNET_NO;
}
else
{
"No external IP address given to add to our list of addresses\n");
}
+ /* ENABLE STUN ONLY ON UDP*/
+ if(!is_tcp && (NULL != sock) && h->use_stun )
+ {
+ h->socket = sock;
+ h->actual_stun_server = NULL;
+
+ /* Lets process the servers*/
+ char *stun_servers;
+
+ size_t urls;
+ int pos;
+ size_t pos_port;
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_string (cfg, "nat", "STUN_SERVERS",
+ &stun_servers))
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_WARNING,
+ "nat", "STUN_SERVERS");
+ }
+
+ urls = 0;
+ h->stun_servers_head = NULL;
+ h->stun_servers_tail = NULL;
+ h->actual_stun_server = NULL;
+ if (strlen (stun_servers) > 0)
+ {
+ pos = strlen (stun_servers) - 1;
+ pos_port = 0;
+ while (pos >= 0)
+ {
+ if (stun_servers[pos] == ':')
+ {
+ pos_port = pos + 1;
+ }
+ if ((stun_servers[pos] == ' ') || (0 == pos))
+ {
+
+ /*Check if we do have a port*/
+ if((0 == pos_port) || (pos_port <= pos))
+ {
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ "STUN server format mistake\n");
+ break;
+ }
+
+ urls++;
+
+ struct StunServerList* ml = GNUNET_new (struct StunServerList);
+
+ ml->next = NULL;
+ ml->prev = NULL;
+
+ ml->port = atoi(&stun_servers[pos_port]);
+ stun_servers[pos_port-1] = '\0';
+
+ /* Remove trailing space */
+ if(stun_servers[pos] == ' ')
+ ml->address = GNUNET_strdup (&stun_servers[pos + 1]);
+ else
+ ml->address = GNUNET_strdup (&stun_servers[pos]);
+
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Found STUN server %s port %i !!!\n", ml->address, ml->port);
+
+ GNUNET_CONTAINER_DLL_insert (h->stun_servers_head, h->stun_servers_tail, ml);
+ /* Make sure that we STOP if is the last one*/
+ if(0== pos)
+ break;
+ }
+
+ pos--;
+ }
+ }
+ if (urls == 0)
+ {
+ GNUNET_log_config_missing (GNUNET_ERROR_TYPE_WARNING,
+ "nat", "STUN_SERVERS");
+ }
+ else
+ {
+ /* Set the actual STUN server*/
+ h->actual_stun_server = h->stun_servers_head;
+ }
+
+ h->stun_task = GNUNET_SCHEDULER_add_now(&process_stun,
+ h);
+ }
+
+
/* Test for SUID binaries */
binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-nat-server");
if ((h->behind_nat == GNUNET_YES) && (GNUNET_YES == h->enable_nat_server) &&
GNUNET_SCHEDULER_cancel (h->dns_task);
h->dns_task = NULL;
}
+ if (NULL != h->stun_task)
+ {
+ GNUNET_SCHEDULER_cancel (h->stun_task);
+ h->stun_task = NULL;
+ }
if (NULL != h->server_proc)
{
if (0 != GNUNET_OS_process_kill (h->server_proc, GNUNET_TERM_SIG))
}
}
LOG (GNUNET_ERROR_TYPE_WARNING,
- "Asked to validate one of my addresses and validation failed!\n");
+ "Asked to validate one of my addresses (%s) and validation failed!\n",
+ GNUNET_a2s (addr,
+ addrlen));
return GNUNET_NO;
}