/*
This file is part of GNUnet
- (C) 2008--2013 Christian Grothoff (and other contributing authors)
+ Copyright (C) 2008--2013 GNUnet e.V.
GNUnet is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
You should have received a copy of the GNU General Public License
along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
*/
#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_transport_service.h"
+#include "gnunet_ats_service.h"
#include "gnunet_testing_lib.h"
#include <sqlite3.h>
#define DEBUG(...) \
LOG (GNUNET_ERROR_TYPE_DEBUG, __VA_ARGS__)
-
-#define LOG_SQLITE_ERROR(ret) \
- LOG (GNUNET_ERROR_TYPE_ERROR, "sqlite error: %s", sqlite3_errstr (ret))
-
-
/**
- * Allow access from the peers read from the whitelist
+ * Log an error message at log-level 'level' that indicates
+ * a failure of the command 'cmd' on file 'filename'
+ * with the message given by strerror(errno).
*/
-#define ACCESS_ALLOW 1
+#define LOG_SQLITE(db, msg, level, cmd) \
+ do { \
+ GNUNET_log_from (level, "sqlite", _("`%s' failed at %s:%d with error: %s\n"), \
+ cmd, __FILE__,__LINE__, sqlite3_errmsg(db)); \
+ if (msg != NULL) \
+ GNUNET_asprintf(msg, _("`%s' failed at %s:%u with error: %s"), cmd, \
+ __FILE__, __LINE__, sqlite3_errmsg(db)); \
+ } while(0)
-/**
- * Deny access from the peers read from the blacklist
- */
-#define ACCESS_DENY 0
/**
* The map to store the peer identities to allow/deny
*/
static struct GNUNET_CONTAINER_MultiPeerMap *map;
-
-/**
- * The map to store the peer identities to allow/deny
- */
-static struct GNUNET_CONTAINER_MultiPeerMap *blacklist_map;
-
/**
* The database connection
*/
static struct sqlite3 *db;
-/**
- * The array of peer identities we read from whitelist/blacklist
- */
-static struct GNUNET_PeerIdentity *ilist;
-
/**
* The blacklist handle we obtain from transport when we register ourselves for
* access control
struct GNUNET_TRANSPORT_Blacklist *bh;
/**
- * The peer ID map
+ * The hostkeys file
*/
-static struct GNUNET_DISK_MapHandle *idmap;
+struct GNUNET_DISK_FileHandle *hostkeys_fd;
/**
- * The hostkeys data
+ * The hostkeys map
*/
-static struct GNUNET_PeerIdentity *hostkeys;
+static struct GNUNET_DISK_MapHandle *hostkeys_map;
/**
- * The number of hostkeys in the hostkeys array
+ * The hostkeys data
*/
-static unsigned int num_hostkeys;
+static void *hostkeys_data;
/**
- * Task for shutdown
+ * Handle to the transport service. This is used for setting link metrics
*/
-static GNUNET_SCHEDULER_TaskIdentifier shutdown_task;
+static struct GNUNET_TRANSPORT_Handle *transport;
/**
- * Are we allowing or denying access from peers
+ * The number of hostkeys in the hostkeys array
*/
-static int mode;
+static unsigned int num_hostkeys;
/**
}
-/**
- * Shutdown task to cleanup our resources and exit.
- *
- * @param cls NULL
- * @param tc scheduler task context
- */
-static void
-do_shutdown (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
-{
- cleanup_map ();
- if (NULL != bh)
- GNUNET_TRANSPORT_blacklist_cancel (bh);
-}
-
-
/**
* Function that decides if a connection is acceptable or not.
*
{
int contains;
- if (NULL != map)
- contains = GNUNET_CONTAINER_multipeermap_contains (map, pid);
- else
- contains = GNUNET_NO;
- if (ACCESS_DENY == mode)
- return (contains) ? GNUNET_SYSERR : GNUNET_OK;
- return (contains) ? GNUNET_OK : GNUNET_SYSERR;
-}
-
-
-/**
- * Setup the access control by reading the given file containing peer identities
- * and then establishing blacklist handler with the peer's transport service
- *
- * @param fname the filename to read the list of peer identities
- * @param cfg the configuration for connecting to the peer's transport service
- */
-static void
-setup_ac (const char *fname, const struct GNUNET_CONFIGURATION_Handle *cfg)
-{
- uint64_t fsize;
- unsigned int npeers;
- unsigned int cnt;
-
- GNUNET_assert (GNUNET_OK != GNUNET_DISK_file_size (fname, &fsize, GNUNET_NO,
- GNUNET_YES));
- if (0 != (fsize % sizeof (struct GNUNET_PeerIdentity)))
+ GNUNET_assert (NULL != map);
+ contains = GNUNET_CONTAINER_multipeermap_contains (map, pid);
+ if (GNUNET_YES == contains)
{
- GNUNET_break (0);
- return;
- }
- npeers = fsize / sizeof (struct GNUNET_PeerIdentity);
- if (0 != npeers)
- {
- map = GNUNET_CONTAINER_multipeermap_create (npeers, GNUNET_YES);
- ilist = GNUNET_malloc_large (fsize);
- GNUNET_assert (fsize == GNUNET_DISK_fn_read (fname, ilist, fsize));
- }
- for (cnt = 0; cnt < npeers; cnt++)
- {
- if (GNUNET_SYSERR == GNUNET_CONTAINER_multipeermap_put (map, &ilist[cnt],
- &ilist[cnt],
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY))
- {
- cleanup_map ();
- GNUNET_free (ilist);
- return;
- }
+ DEBUG ("Permitting `%s'\n", GNUNET_i2s (pid));
+ return GNUNET_OK;
}
- shutdown_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_FOREVER_REL,
- &do_shutdown, NULL);
- bh = GNUNET_TRANSPORT_blacklist (cfg, &check_access, NULL);
+ DEBUG ("Not permitting `%s'\n", GNUNET_i2s (pid));
+ return GNUNET_SYSERR;
}
-/**
- * Function to blacklist a peer
- *
- * @param offset the offset where to find the peer's hostkey in the array of hostkeys
- */
-static void
-blacklist_peer (unsigned int offset)
+static int
+get_identity (unsigned int offset, struct GNUNET_PeerIdentity *id)
{
struct GNUNET_CRYPTO_EddsaPrivateKey private_key;
- struct GNUNET_PeerIdentity id;
-
- (void) memcpy (&private_key, &hostkeys[offset], sizeof (private_key));
- GNUNET_CRYPTO_eddsa_key_get_public (&private_key, &id.public_key);
- GNUNET_break (GNUNET_OK ==
- GNUNET_CONTAINER_multipeermap_put (map, &id, &id,
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
-
+
+ if (offset >= num_hostkeys)
+ return GNUNET_SYSERR;
+ (void) memcpy (&private_key,
+ hostkeys_data + (offset * GNUNET_TESTING_HOSTKEYFILESIZE),
+ GNUNET_TESTING_HOSTKEYFILESIZE);
+ GNUNET_CRYPTO_eddsa_key_get_public (&private_key, &id->public_key);
+ return GNUNET_OK;
}
+
/**
- * Blacklist peer
+ * Whilelist entry
*/
-struct ListRow
+struct WhiteListRow
{
/**
* Next ptr
*/
- struct ListRow *next;
-
+ struct WhiteListRow *next;
+
/**
* The offset where to find the hostkey for the peer
*/
unsigned int id;
-};
+ /**
+ * Latency to be assigned to the link
+ */
+ int latency;
-/**
- * Function to add a peer to the blacklist
- *
- * @param head the head of the list
- * @param id the id of the peer to add
- */
-static void
-listrow_add (struct ListRow *head, unsigned int id)
-{
- struct ListRow *bp;
-
- bp = GNUNET_new (struct ListRow);
- bp->id = id;
- bp->next = head;
- head = bp;
-}
-
-
-/**
- * Add peers in the blacklist to the blacklist map
- */
-static int
-map_populate (struct ListRow *head,
- struct GNUNET_CONTAINER_MultiPeerMap *map,
- const struct GNUNET_PeerIdentity *hostkeys)
-{
- struct ListRow *row;
- int ret;
-
- while (NULL != (row = head))
- {
- if (head->id >= num_hostkeys)
- {
- LOG (GNUNET_ERROR_TYPE_WARNING, "Hostkey index %u out of max range %u\n",
- row->id, num_hostkeys);
- }
- head = row->next;
- ret = GNUNET_CONTAINER_multipeermap_put (blacklist_map, &hostkeys[row->id],
- (void *) &hostkeys[row->id],
- GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_FAST);
- if (GNUNET_OK != ret)
- return GNUNET_SYSERR;
- }
- return GNUNET_OK;
-}
+};
/**
{
char *data_dir;
char *idfile;
- struct GNUNET_DISK_FileHandle *fd;
uint64_t fsize;
-
+
data_dir = NULL;
idfile = NULL;
- fd = NULL;
fsize = 0;
data_dir = GNUNET_OS_installation_get_path (GNUNET_OS_IPK_DATADIR);
GNUNET_asprintf (&idfile, "%s/testing_hostkeys.ecc", data_dir);
GNUNET_free (idfile);
return GNUNET_SYSERR;
}
- fd = GNUNET_DISK_file_open (idfile, GNUNET_DISK_OPEN_READ,
- GNUNET_DISK_PERM_NONE);
- if (NULL == fd)
+ hostkeys_fd = GNUNET_DISK_file_open (idfile, GNUNET_DISK_OPEN_READ,
+ GNUNET_DISK_PERM_NONE);
+ if (NULL == hostkeys_fd)
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "open", idfile);
GNUNET_free (idfile);
}
GNUNET_free (idfile);
idfile = NULL;
- hostkeys = (struct GNUNET_PeerIdentity *)
- GNUNET_DISK_file_map (fd, &idmap, GNUNET_DISK_MAP_TYPE_READ, fsize);
- if (NULL == hostkeys)
- num_hostkeys = fsize / GNUNET_TESTING_HOSTKEYFILESIZE;
+ hostkeys_data = GNUNET_DISK_file_map (hostkeys_fd,
+ &hostkeys_map,
+ GNUNET_DISK_MAP_TYPE_READ,
+ fsize);
+ if (NULL == hostkeys_data)
+ {
+
+ GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "mmap");
+ return GNUNET_SYSERR;
+ }
+ num_hostkeys = fsize / GNUNET_TESTING_HOSTKEYFILESIZE;
return GNUNET_OK;
}
+/**
+ * Function to unload keys
+ */
+static void
+unload_keys ()
+{
+ if (NULL != hostkeys_map)
+ {
+ GNUNET_assert (NULL != hostkeys_data);
+ GNUNET_DISK_file_unmap (hostkeys_map);
+ hostkeys_map = NULL;
+ hostkeys_data = NULL;
+ }
+ if (NULL != hostkeys_fd)
+ {
+ GNUNET_DISK_file_close (hostkeys_fd);
+ hostkeys_fd = NULL;
+ }
+}
+
+
+/**
+ * Shutdown task to cleanup our resources and exit.
+ *
+ * @param cls NULL
+ */
+static void
+do_shutdown (void *cls)
+{
+ if (NULL != transport)
+ {
+ GNUNET_TRANSPORT_disconnect (transport);
+ transport = NULL;
+ }
+ cleanup_map ();
+ unload_keys ();
+ if (NULL != bh)
+ GNUNET_TRANSPORT_blacklist_cancel (bh);
+}
+
+
+/**
+ * Function to read whitelist rows from the database
+ *
+ * @param db the database connection
+ * @param pid the identity of this peer
+ * @param wl_rows where to store the retrieved whitelist rows
+ * @return GNUNET_SYSERR upon error OR the number of rows retrieved
+ */
static int
-db_read_blacklist (sqlite3 *dbfile, unsigned int pid, struct ListRow **blacklist_rows)
+db_read_whitelist (struct sqlite3 *db, int pid, struct WhiteListRow **wl_rows)
{
- static const char *query_bl = "SELECT (id, oid) FROM blacklist WHERE (id == ?);";
- static struct sqlite3_stmt *stmt_bl;
+ static const char *query_wl = "SELECT oid, latency FROM whitelist WHERE (id == ?);";
+ struct sqlite3_stmt *stmt_wl;
+ struct WhiteListRow *lr;
int nrows;
- int peer_id;
int ret;
- if (SQLITE_OK != (ret = sqlite3_prepare_v2 (db, query_bl, -1, &stmt_bl, NULL)))
+ if (SQLITE_OK != (ret = sqlite3_prepare_v2 (db, query_wl, -1, &stmt_wl, NULL)))
{
- LOG_SQLITE_ERROR (ret);
+ LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite3_prepare_v2");
return GNUNET_SYSERR;
}
- if (SQLITE_OK != (ret = sqlite3_bind_int (stmt_bl, 1, pid)))
+ if (SQLITE_OK != (ret = sqlite3_bind_int (stmt_wl, 1, pid)))
{
- LOG_SQLITE_ERROR (ret);
- sqlite3_finalize (stmt_bl);
+ LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite3_bind_int");
+ sqlite3_finalize (stmt_wl);
return GNUNET_SYSERR;
}
nrows = 0;
do
{
- ret = sqlite3_step (stmt_bl);
+ ret = sqlite3_step (stmt_wl);
if (SQLITE_ROW != ret)
break;
- peer_id = sqlite3_column_int (stmt_bl, 1);
- listrow_add (*blacklist_rows, peer_id);
nrows++;
+ lr = GNUNET_new (struct WhiteListRow);
+ lr->id = sqlite3_column_int (stmt_wl, 0);
+ lr->latency = sqlite3_column_int (stmt_wl, 1);
+ lr->next = *wl_rows;
+ *wl_rows = lr;
} while (1);
- sqlite3_finalize (stmt_bl);
- stmt_bl = NULL;
+ sqlite3_finalize (stmt_wl);
return nrows;
}
const struct GNUNET_CONFIGURATION_Handle *c)
{
char *dbfile;
- struct ListRow *blacklist_rows;
+ struct WhiteListRow *wl_head;
+ struct WhiteListRow *wl_entry;
+ struct GNUNET_PeerIdentity identity;
+ struct GNUNET_ATS_Properties prop;
+ struct GNUNET_TIME_Relative delay;
unsigned long long pid;
unsigned int nrows;
int ret;
-
- if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (c, "TESTBED",
- "PEERID", &pid))
+
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_number (c, "TESTBED",
+ "PEERID", &pid))
{
GNUNET_break (0);
return;
}
- if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (c, "TESTBED",
- "UNDERLAY_DB",
+ if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (c, "TESTBED-UNDERLAY",
+ "DBFILE",
&dbfile))
{
GNUNET_break (0);
}
if (SQLITE_OK != (ret = sqlite3_open_v2 (dbfile, &db, SQLITE_OPEN_READONLY, NULL)))
{
- LOG_SQLITE_ERROR (ret);
+ if (NULL != db)
+ {
+ LOG_SQLITE (db, NULL, GNUNET_ERROR_TYPE_ERROR, "sqlite_open_v2");
+ GNUNET_break (SQLITE_OK == sqlite3_close (db));
+ }
+ else
+ LOG (GNUNET_ERROR_TYPE_ERROR, "Cannot open sqlite file %s\n", dbfile);
GNUNET_free (dbfile);
return;
}
DEBUG ("Opened database %s\n", dbfile);
GNUNET_free (dbfile);
dbfile = NULL;
- blacklist_rows = NULL;
- nrows = db_read_blacklist (db, pid, &blacklist_rows);
- if (-1 == nrows)
+ wl_head = NULL;
+ if (GNUNET_OK != load_keys (c))
+ goto close_db;
+
+ transport = GNUNET_TRANSPORT_connect (c, NULL, NULL, NULL, NULL, NULL);
+ if (NULL == transport)
+ {
+ GNUNET_break (0);
+ return;
+ }
+ /* read and process whitelist */
+ nrows = 0;
+ wl_head = NULL;
+ nrows = db_read_whitelist (db, pid, &wl_head);
+ if ((GNUNET_SYSERR == nrows) || (0 == nrows))
+ {
+ GNUNET_TRANSPORT_disconnect (transport);
goto close_db;
- if (nrows > 0)
+ }
+ map = GNUNET_CONTAINER_multipeermap_create (nrows, GNUNET_NO);
+ while (NULL != (wl_entry = wl_head))
{
- blacklist_map = GNUNET_CONTAINER_multipeermap_create (nrows, GNUNET_YES);
- if (GNUNET_OK != load_keys (c))
- {
- goto close_db;
- }
+ wl_head = wl_entry->next;
+ delay.rel_value_us = wl_entry->latency;
+ memset (&prop, 0, sizeof (prop));
+ GNUNET_assert (GNUNET_OK == get_identity (wl_entry->id, &identity));
+ GNUNET_break (GNUNET_OK ==
+ GNUNET_CONTAINER_multipeermap_put (map, &identity, &identity,
+ GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_FAST));
+ DEBUG ("Setting %u ms latency to peer `%s'\n",
+ wl_entry->latency,
+ GNUNET_i2s (&identity));
+ GNUNET_TRANSPORT_set_traffic_metric (transport,
+ &identity,
+ &prop,
+ delay,
+ delay);
+ GNUNET_free (wl_entry);
}
- /* process whitelist */
- GNUNET_break (0); /* TODO */
+ bh = GNUNET_TRANSPORT_blacklist (c, &check_access, NULL);
+ GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
close_db:
- GNUNET_break (GNUNET_OK == sqlite3_close (db));
- return;
+ GNUNET_break (SQLITE_OK == sqlite3_close (db));
}
if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
return 2;
+#ifdef SQLITE_CONFIG_MMAP_SIZE
(void) sqlite3_config (SQLITE_CONFIG_MMAP_SIZE, 512000, 256000000);
+#endif
ret =
(GNUNET_OK ==
- GNUNET_PROGRAM_run (argc, argv, "gnunet-daemon-testbed-underlay",
+ GNUNET_PROGRAM_run (argc, argv, "testbed-underlay",
_
("Daemon to restrict underlay network in testbed deployments"),
options, &run, NULL)) ? 0 : 1;