GNUNET_SCHEDULER_TaskIdentifier task;
};
+struct BlacklistCheckContext
+{
+ struct BlacklistCheckContext *prev;
+ struct BlacklistCheckContext *next;
+
+
+ struct GST_BlacklistCheck *blc;
+
+ struct GNUNET_HELLO_Address *address;
+ struct Session *session;
+ struct GNUNET_MessageHeader *msg;
+ struct GNUNET_ATS_Information *ats;
+ uint32_t ats_count;
+};
+
/* globals */
/**
*/
static struct SessionKiller *sk_tail;
+struct BlacklistCheckContext *bc_head;
+struct BlacklistCheckContext *bc_tail;
+
+
/**
* Transmit our HELLO message to the given (connected) neighbour.
*
GNUNET_free(sk);
}
+static void
+cancel_pending_blacklist_checks (const struct GNUNET_HELLO_Address *address, struct Session *session)
+{
+ struct BlacklistCheckContext *blctx;
+ struct BlacklistCheckContext *next;
+ next = bc_head;
+ for (blctx = next; NULL != blctx; blctx = next)
+ {
+ next = blctx->next;
+ if ((NULL != blctx->address) && (0 == GNUNET_HELLO_address_cmp(blctx->address, address)) && (blctx->session == session))
+ {
+ GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx);
+ if (NULL != blctx->blc)
+ {
+ GST_blacklist_test_cancel (blctx->blc);
+ blctx->blc = NULL;
+ }
+ GNUNET_HELLO_address_free (blctx->address);
+ GNUNET_free_non_null (blctx->msg);
+ GNUNET_free_non_null (blctx->ats);
+ GNUNET_free (blctx);
+ }
+ }
+}
+
/**
* Force plugin to terminate session due to communication
* issue.
GNUNET_CONTAINER_DLL_insert(sk_head, sk_tail, sk);
}
+
+
+/**
+ * Black list check result for try_connect call
+ * If connection to the peer is allowed request adddress and
+ *
+ * @param cls blc_ctx bl context
+ * @param peer the peer
+ * @param result the result
+ */
+static void
+connect_bl_check_cont (void *cls,
+ const struct GNUNET_PeerIdentity *peer, int result)
+{
+ struct BlacklistCheckContext *blctx = cls;
+
+ GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx);
+ blctx->blc = NULL;
+
+ if (GNUNET_OK == result)
+ {
+ /* Blacklist allows to speak to this peer, forward CONNECT to neighbours */
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Received CONNECT message from peer `%s' with `%s' %p\n",
+ GNUNET_i2s (peer), GST_plugins_a2s (blctx->address), blctx->session);
+
+ if (GNUNET_OK != GST_neighbours_handle_connect (blctx->msg,
+ &blctx->address->peer))
+ {
+ cancel_pending_blacklist_checks (blctx->address, blctx->session);
+ kill_session (blctx->address->transport_name, blctx->session);
+ }
+ }
+ else
+ {
+ /* Blacklist denies to speak to this peer */
+
+ GNUNET_log(GNUNET_ERROR_TYPE_INFO,
+ "Discarding CONNECT message from `%s' due to denied blacklist check\n",
+ GNUNET_i2s (peer));
+ cancel_pending_blacklist_checks (blctx->address, blctx->session);
+ kill_session (blctx->address->transport_name, blctx->session);
+ }
+
+ if (NULL != blctx->address)
+ GNUNET_HELLO_address_free (blctx->address);
+ GNUNET_free (blctx->msg);
+ GNUNET_free (blctx);
+}
+
+/**
+ * Black list check result for try_connect call
+ * If connection to the peer is allowed request adddress and
+ *
+ * @param cls blc_ctx bl context
+ * @param peer the peer
+ * @param result the result
+ */
+static void
+connect_transport_bl_check_cont (void *cls,
+ const struct GNUNET_PeerIdentity *peer, int result)
+{
+ struct BlacklistCheckContext *blctx = cls;
+
+ GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx);
+ blctx->blc = NULL;
+
+ if (GNUNET_OK == result)
+ {
+ /* Blacklist allows to speak to this transport */
+ GST_ats_add_address(blctx->address, blctx->session, blctx->ats, blctx->ats_count);
+ }
+
+ if (NULL != blctx->address)
+ GNUNET_HELLO_address_free (blctx->address);
+ GNUNET_free (blctx->msg);
+ GNUNET_free (blctx);
+}
+
+
/**
* Function called by the transport for each received message.
*
* @param cls closure, const char* with the name of the plugin we received the message from
- * @param peer (claimed) identity of the other peer
+ * @param address address and (claimed) identity of the other peer
* @param message the message, NULL if we only care about
* learning about the delay until we should receive again
* @param session identifier used for this session (NULL for plugins
* that do not offer bi-directional communication to the sender
* using the same "connection")
- * @param sender_address binary address of the sender (if we established the
- * connection or are otherwise sure of it; should be NULL
- * for inbound TCP/UDP connections since it it not clear
- * that we could establish ourselves a connection to that
- * IP address and get the same system)
- * @param sender_address_len number of bytes in @a sender_address
* @return how long the plugin should wait until receiving more data
* (plugins that do not support this, can ignore the return value)
*/
{
const char *plugin_name = cls;
struct GNUNET_TIME_Relative ret;
+ struct BlacklistCheckContext *blctx;
+ struct GST_BlacklistCheck *blc;
uint16_t type;
ret = GNUNET_TIME_UNIT_ZERO;
if (GNUNET_OK != GST_validation_handle_hello (message))
{
GNUNET_break_op(0);
- kill_session (plugin_name, session);
+ cancel_pending_blacklist_checks (address, session);
}
return ret;
case GNUNET_MESSAGE_TYPE_TRANSPORT_PING:
"Processing `%s' from `%s'\n", "PING", GST_plugins_a2s (address));
if (GNUNET_OK
!= GST_validation_handle_ping (&address->peer, message, address, session))
+ {
+ cancel_pending_blacklist_checks (address, session);
kill_session (plugin_name, session);
+ }
break;
case GNUNET_MESSAGE_TYPE_TRANSPORT_PONG:
GNUNET_log(GNUNET_ERROR_TYPE_DEBUG | GNUNET_ERROR_TYPE_BULK,
if (GNUNET_OK != GST_validation_handle_pong (&address->peer, message))
{
GNUNET_break_op(0);
+ cancel_pending_blacklist_checks (address, session);
kill_session (plugin_name, session);
}
break;
case GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_CONNECT:
- if (GNUNET_OK
- != GST_neighbours_handle_connect (message, &address->peer, address, session))
+ /* Do blacklist check if communication with this peer is allowed */
+ blctx = GNUNET_new (struct BlacklistCheckContext);
+ blctx->address = GNUNET_HELLO_address_copy (address);
+ blctx->session = session;
+ blctx->msg = GNUNET_malloc (ntohs(message->size));
+ memcpy (blctx->msg, message, ntohs(message->size));
+ GNUNET_CONTAINER_DLL_insert (bc_head, bc_tail, blctx);
+ if (NULL != (blc = GST_blacklist_test_allowed (&address->peer, NULL,
+ &connect_bl_check_cont, blctx)))
{
- GNUNET_break_op(0);
- kill_session (plugin_name, session);
+ blctx->blc = blc;
+ }
+
+ blctx = GNUNET_new (struct BlacklistCheckContext);
+ blctx->address = GNUNET_HELLO_address_copy (address);
+ blctx->session = session;
+ blctx->msg = GNUNET_malloc (ntohs(message->size));
+ memcpy (blctx->msg, message, ntohs(message->size));
+ GNUNET_CONTAINER_DLL_insert (bc_head, bc_tail, blctx);
+ if (NULL != (blc = GST_blacklist_test_allowed (&address->peer,
+ address->transport_name, &connect_transport_bl_check_cont, blctx)))
+ {
+ blctx->blc = blc;
}
break;
case GNUNET_MESSAGE_TYPE_TRANSPORT_SESSION_CONNECT_ACK:
- if (GNUNET_OK
- != GST_neighbours_handle_connect_ack (message, &address->peer, address, session))
+ if (GNUNET_OK != GST_neighbours_handle_connect_ack (message,
+ &address->peer, address, session))
{
+ cancel_pending_blacklist_checks (address, session);
kill_session (plugin_name, session);
}
break;
!= GST_neighbours_handle_session_ack (message, &address->peer, address, session))
{
GNUNET_break_op(0);
+ cancel_pending_blacklist_checks (address, session);
kill_session (plugin_name, session);
}
break;
* from the "TransmitFunction".
*
* @param cls closure
- * @param peer which peer was the session for
+ * @param address which address was the session for
* @param session which session is being destoyed
*/
static void
-plugin_env_session_end (void *cls, const struct GNUNET_PeerIdentity *peer,
+plugin_env_session_end (void *cls, const struct GNUNET_HELLO_Address *address,
struct Session *session)
{
- const char *transport_name = cls;
- struct GNUNET_HELLO_Address address;
struct SessionKiller *sk;
- GNUNET_assert(strlen (transport_name) > 0);
- GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Session %p to peer `%s' ended \n",
- session, GNUNET_i2s (peer));
- if (NULL != session)
- GNUNET_log_from(GNUNET_ERROR_TYPE_DEBUG | GNUNET_ERROR_TYPE_BULK,
- "transport-ats", "Telling ATS to destroy session %p from peer %s\n",
- session, GNUNET_i2s (peer));
-
- memset (&address, '\0', sizeof (address));
- address.peer = *peer;
- address.address = NULL;
- address.address_length = 0;
- address.transport_name = transport_name;
- GST_neighbours_session_terminated (peer, session);
+ if (NULL == address)
+ {
+ GNUNET_break (0);
+ return;
+ }
+
+ if (NULL == session)
+ {
+ GNUNET_break (0);
+ return;
+ }
+
+ GNUNET_assert(strlen (address->transport_name) > 0);
+ GNUNET_log(GNUNET_ERROR_TYPE_INFO, "Session %p to peer `%s' ended \n",
+ session, GNUNET_i2s (&address->peer));
+
+ GNUNET_log(GNUNET_ERROR_TYPE_INFO,
+ "Notification from plugin `%s' about terminated %s session %p from peer `%s' address `%s'\n",
+ address->transport_name,
+ GNUNET_HELLO_address_check_option (address,
+ GNUNET_HELLO_ADDRESS_INFO_INBOUND) ? "inbound" : "outbound", session,
+ GNUNET_i2s (&address->peer), GST_plugins_a2s (address));
+
+ GST_neighbours_session_terminated (&address->peer, session);
+
+ GNUNET_log_from(GNUNET_ERROR_TYPE_DEBUG | GNUNET_ERROR_TYPE_BULK,
+ "transport-ats", "Telling ATS to destroy session %p from peer %s\n",
+ session, GNUNET_i2s (&address->peer));
/* Tell ATS that session has ended */
- GNUNET_ATS_address_destroyed (GST_ats, &address, session);
+ GNUNET_ATS_address_destroyed (GST_ats, address, session);
+
+ cancel_pending_blacklist_checks (address, session);
+
for (sk = sk_head; NULL != sk; sk = sk->next)
{
if (sk->session == session)
return;
}
- net = papi->get_network (NULL, session);
+ net = papi->get_network (papi->cls, session);
if (GNUNET_ATS_NET_UNSPECIFIED == net)
{
- GNUNET_log(GNUNET_ERROR_TYPE_ERROR,
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
_("Could not obtain a valid network for `%s' %s (%s)\n"),
GNUNET_i2s (&address->peer), GST_plugins_a2s (address),
address->transport_name);
- GNUNET_break(0);
+ return;
}
ats2[0].type = htonl (GNUNET_ATS_NETWORK_TYPE);
ats2[0].value = htonl (net);
memcpy (&ats2[1], ats, sizeof(struct GNUNET_ATS_Information) * ats_count);
- GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
+ GNUNET_log(GNUNET_ERROR_TYPE_INFO,
"Notifying ATS about peer `%s''s new address `%s' session %p in network %s\n",
GNUNET_i2s (&address->peer),
(0 == address->address_length) ? "<inbound>" : GST_plugins_a2s (address),
}
/**
- * Function that will be called to figure if an address is an loopback,
- * LAN, WAN etc. address
+ * Function that will be called to update metrics for an address
*
* @param cls closure
- * @param peer the peer
- * @param address binary address
- * @param address_len length of the @a address
+ * @param address address to update metrics for
* @param session the session
* @param ats the ats information to update
* @param ats_count the number of @a ats elements
GST_ats_update_metrics (&address->peer, address, session, ats, ats_count);
}
+/**
+ * Black list check result for try_connect call
+ * If connection to the peer is allowed request adddress and
+ *
+ * @param cls blc_ctx bl context
+ * @param peer the peer
+ * @param result the result
+ */
+static void
+plugin_env_session_start_bl_check_cont (void *cls,
+ const struct GNUNET_PeerIdentity *peer, int result)
+{
+ struct BlacklistCheckContext *blctx = cls;
+
+ GNUNET_CONTAINER_DLL_remove (bc_head, bc_tail, blctx);
+ blctx->blc = NULL;
+
+ if (GNUNET_OK == result)
+ {
+ GST_ats_add_address (blctx->address, blctx->session,
+ blctx->ats, blctx->ats_count);
+ }
+ else
+ {
+ cancel_pending_blacklist_checks (blctx->address, blctx->session);
+ kill_session (blctx->address->transport_name, blctx->session);
+ }
+
+ GNUNET_HELLO_address_free (blctx->address);
+ GNUNET_free_non_null (blctx->ats);
+ GNUNET_free (blctx);
+}
+
+
/**
* Plugin tells transport service about a new inbound session
*
struct Session *session, const struct GNUNET_ATS_Information *ats,
uint32_t ats_count)
{
+ struct BlacklistCheckContext *blctx;
+ struct GST_BlacklistCheck *blc;
+ int c;
+
if (NULL == address)
{
GNUNET_break(0);
GNUNET_break(0);
return;
}
-
GNUNET_log(GNUNET_ERROR_TYPE_INFO,
- "Notification from plugin `%s' about new %ssession %p from peer `%s' address `%s'\n",
+ "Notification from plugin `%s' about new %s session %p from peer `%s' address `%s'\n",
address->transport_name,
GNUNET_HELLO_address_check_option (address,
- GNUNET_HELLO_ADDRESS_INFO_INBOUND) ? "inbound " : "",
+ GNUNET_HELLO_ADDRESS_INFO_INBOUND) ? "inbound" : "outbound",
session, GNUNET_i2s (&address->peer), GST_plugins_a2s (address));
- GST_ats_add_address (address, session, ats, ats_count);
+
+ /* Do blacklist check if communication with this peer is allowed */
+ blctx = GNUNET_new (struct BlacklistCheckContext);
+ blctx->address = GNUNET_HELLO_address_copy (address);
+ blctx->session = session;
+ if (ats_count > 0)
+ {
+ blctx->ats = GNUNET_malloc (ats_count * sizeof (struct GNUNET_ATS_Information));
+ for (c = 0; c < ats_count; c++)
+ {
+ blctx->ats[c].type = ats[c].type;
+ blctx->ats[c].value = ats[c].value;
+ }
+ }
+
+ GNUNET_CONTAINER_DLL_insert (bc_head, bc_tail, blctx);
+ if (NULL != (blc = GST_blacklist_test_allowed (&address->peer, address->transport_name,
+ &plugin_env_session_start_bl_check_cont, blctx)))
+ {
+ blctx->blc = blc;
+ }
}
/**
* actually happened.
*
* @param cls closure
+ * @param peer the peer this address is intended for
* @param address address to use (for peer given in address)
* @param session session to use (if available)
* @param bandwidth_out assigned outbound bandwidth for the connection in NBO,
* @param ats_count number of @a ats elements
*/
static void
-ats_request_address_change (void *cls, const struct GNUNET_PeerIdentity *peer,
- const struct GNUNET_HELLO_Address *address, struct Session *session,
+ats_request_address_change (void *cls,
+ const struct GNUNET_PeerIdentity *peer,
+ const struct GNUNET_HELLO_Address *address,
+ struct Session *session,
struct GNUNET_BANDWIDTH_Value32NBO bandwidth_out,
struct GNUNET_BANDWIDTH_Value32NBO bandwidth_in,
- const struct GNUNET_ATS_Information *ats, uint32_t ats_count)
+ const struct GNUNET_ATS_Information *ats,
+ uint32_t ats_count)
{
uint32_t bw_in = ntohl (bandwidth_in.value__);
uint32_t bw_out = ntohl (bandwidth_out.value__);
"Notifying about change for peer `%s' with address `%s' in state `%s' timing out at %s\n",
GNUNET_i2s (peer),
(NULL != address) ? GST_plugins_a2s (address) : "<none>",
- GNUNET_TRANSPORT_p2s (state),
+ GNUNET_TRANSPORT_ps2s (state),
GNUNET_STRINGS_absolute_time_to_string (state_timeout));
GST_clients_broadcast_peer_notification (peer, address, state, state_timeout);
}
+/**
+ * Function called to notify transport users that a neighbour peer changed its
+ * active address.
+ *
+ * @param cls closure
+ * @param peer peer this update is about (never NULL)
+ * @param address address (never NULL)
+ * @param last_validation point in time when last validation was performed
+ * @param valid_until point in time how long address is valid
+ * @param next_validation point in time when next validation will be performed
+ * @param state state of validation notification
+ */
+static void
+validation_changed_notification (void *cls,
+ const struct GNUNET_PeerIdentity *peer,
+ const struct GNUNET_HELLO_Address *address,
+ struct GNUNET_TIME_Absolute last_validation,
+ struct GNUNET_TIME_Absolute valid_until,
+ struct GNUNET_TIME_Absolute next_validation,
+ enum GNUNET_TRANSPORT_ValidationState state)
+{
+ GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
+ "Notifying about change for for validation entry for peer `%s' with address `%s'\n",
+ GNUNET_i2s (peer),
+ (NULL != address) ? GST_plugins_a2s (address) : "<none>");
+
+ GST_clients_broadcast_validation_notification (peer, address,
+ last_validation, valid_until, next_validation, state);
+}
+
/**
* Function called when the service shuts down. Unloads our plugins
* and cancels pending validations.
NULL );
GST_manipulation_init (GST_cfg);
GST_plugins_load (&GST_manipulation_recv,
+ &GST_neighbours_register_quota_notification,
+ &GST_neighbours_unregister_quota_notification,
&plugin_env_address_change_notification,
&plugin_env_session_start,
&plugin_env_session_end,
&plugin_env_address_to_type,
&plugin_env_update_metrics);
- GST_neighbours_start (NULL, &neighbours_connect_notification,
- &neighbours_disconnect_notification, &neighbours_changed_notification,
+ GST_neighbours_start (NULL,
+ &neighbours_connect_notification,
+ &neighbours_disconnect_notification,
+ &neighbours_changed_notification,
(max_fd / 3) * 2);
GST_clients_start (GST_server);
- GST_validation_start ((max_fd / 3));
+ GST_validation_start (&validation_changed_notification, NULL, (max_fd / 3));
}
/**