* IP traffic received on those IPs via the GNUnet mesh
* @author Philipp Toelke
* @author Christian Grothoff
+ *
+ * TODO:
+ * - keep multiple peers/mesh tunnels ready as alternative exits /
+ * recover from tunnel-to-exit failure gracefully
*/
#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_statistics_service.h"
#include "gnunet_constants.h"
#include "gnunet_tun_lib.h"
+#include "gnunet_regex_service.h"
#include "vpn.h"
#include "exit.h"
* Key under which this entry is in the 'destination_map' (only valid
* if 'heap_node != NULL').
*/
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
/**
* Pre-allocated tunnel for this destination, or NULL for none.
/**
* The description of the service (only used for service tunnels).
*/
- GNUNET_HashCode service_descriptor;
+ struct GNUNET_HashCode service_descriptor;
/**
* Peer offering the service.
*/
struct GNUNET_MESH_Tunnel *tunnel;
+ /**
+ * Active query with REGEX to locate exit.
+ */
+ struct GNUNET_REGEX_Search *search;
+
/**
* Active transmission handle, NULL for none.
*/
static void
get_destination_key_from_ip (int af,
const void *address,
- GNUNET_HashCode *key)
+ struct GNUNET_HashCode *key)
{
switch (af)
{
uint16_t source_port,
const void *destination_ip,
uint16_t destination_port,
- GNUNET_HashCode *key)
+ struct GNUNET_HashCode *key)
{
char *off;
- memset (key, 0, sizeof (GNUNET_HashCode));
+ memset (key, 0, sizeof (struct GNUNET_HashCode));
/* the GNUnet hashmap only uses the first sizeof(unsigned int) of the hash,
so we put the ports in there (and hope for few collisions) */
off = (char*) key;
static void
free_tunnel_state (struct TunnelState *ts)
{
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
struct TunnelMessageQueueEntry *tnq;
struct GNUNET_MESH_Tunnel *tunnel;
GNUNET_free (tnq);
}
GNUNET_assert (0 == ts->tmq_length);
- if (NULL != ts->client)
- {
- GNUNET_SERVER_client_drop (ts->client);
- ts->client = NULL;
- }
if (NULL != ts->th)
{
GNUNET_MESH_notify_transmit_ready_cancel (ts->th);
ts->tunnel = NULL;
GNUNET_MESH_tunnel_destroy (tunnel);
}
+ if (NULL != ts->search)
+ {
+ GNUNET_REGEX_search_cancel (ts->search);
+ ts->search = NULL;
+ }
if (GNUNET_SCHEDULER_NO_TASK != ts->destroy_task)
{
GNUNET_SCHEDULER_cancel (ts->destroy_task);
"Peer %s disconnected from tunnel.\n",
GNUNET_i2s (peer));
GNUNET_STATISTICS_update (stats,
- gettext_noop ("# Peers connected to mesh tunnels"),
+ gettext_noop ("# peers connected to mesh tunnels"),
-1, GNUNET_NO);
if (NULL != ts->th)
{
"Peer %s connected to tunnel.\n",
GNUNET_i2s (peer));
GNUNET_STATISTICS_update (stats,
- gettext_noop ("# Peers connected to mesh tunnels"),
+ gettext_noop ("# peers connected to mesh tunnels"),
1, GNUNET_NO);
if (NULL == ts->client)
return; /* nothing to do */
ts->request_id,
ts->af,
&ts->destination_ip);
- GNUNET_SERVER_client_drop (ts->client);
ts->client = NULL;
}
if (NULL != (tnq = ts->tmq_head))
ts->th = GNUNET_MESH_notify_transmit_ready (ts->tunnel,
GNUNET_NO /* cork */,
- 42 /* priority */,
GNUNET_TIME_UNIT_FOREVER_REL,
NULL,
tnq->len,
if (NULL == ts->th)
ts->th = GNUNET_MESH_notify_transmit_ready (ts->tunnel,
GNUNET_NO /* cork */,
- 42 /* priority */,
GNUNET_TIME_UNIT_FOREVER_REL,
NULL,
tnq->len,
}
+/**
+ * Regex has found a potential exit peer for us; consider using it.
+ *
+ * @param cls the 'struct TunnelState'
+ * @param id Peer providing a regex that matches the string.
+ * @param get_path Path of the get request.
+ * @param get_path_length Lenght of get_path.
+ * @param put_path Path of the put request.
+ * @param put_path_length Length of the put_path.
+ */
+static void
+handle_regex_result (void *cls,
+ const struct GNUNET_PeerIdentity *id,
+ const struct GNUNET_PeerIdentity *get_path,
+ unsigned int get_path_length,
+ const struct GNUNET_PeerIdentity *put_path,
+ unsigned int put_path_length)
+{
+ struct TunnelState *ts = cls;
+
+ GNUNET_REGEX_search_cancel (ts->search);
+ ts->search = NULL;
+ ts->tunnel = GNUNET_MESH_tunnel_create (mesh_handle,
+ ts,
+ &tunnel_peer_connect_handler,
+ &tunnel_peer_disconnect_handler,
+ ts);
+ GNUNET_MESH_peer_request_connect_add (ts->tunnel,
+ id);
+}
+
+
/**
* Initialize the given destination entry's mesh tunnel.
*
{
ts->request_id = request_id;
ts->client = client;
- GNUNET_SERVER_client_keep (client);
}
ts->destination = *de;
ts->destination.heap_node = NULL; /* copy is NOT in destination heap */
de->ts = ts;
ts->destination_container = de; /* we are referenced from de */
- ts->tunnel = GNUNET_MESH_tunnel_create (mesh_handle,
- ts,
- &tunnel_peer_connect_handler,
- &tunnel_peer_disconnect_handler,
- ts);
- if (NULL == ts->tunnel)
- {
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Failed to setup mesh tunnel!\n"));
- if (NULL != client)
- GNUNET_SERVER_client_drop (client);
- GNUNET_free (ts);
- return NULL;
- }
if (de->is_service)
{
+ ts->tunnel = GNUNET_MESH_tunnel_create (mesh_handle,
+ ts,
+ &tunnel_peer_connect_handler,
+ &tunnel_peer_disconnect_handler,
+ ts);
+ if (NULL == ts->tunnel)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
+ _("Failed to setup mesh tunnel!\n"));
+ GNUNET_free (ts);
+ return NULL;
+ }
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Creating tunnel to peer %s offering service %s\n",
GNUNET_i2s (&de->details.service_destination.target),
}
else
{
+ char *policy;
+
switch (de->details.exit_destination.af)
{
case AF_INET:
- GNUNET_MESH_peer_request_connect_by_type (ts->tunnel,
- GNUNET_APPLICATION_TYPE_IPV4_GATEWAY);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Creating tunnel to exit peer for %s\n",
- "IPv4");
- break;
+ {
+ char address[GNUNET_TUN_IPV4_REGEXLEN];
+
+ GNUNET_TUN_ipv4toregex (&de->details.exit_destination.ip.v4,
+ "255.255.255.255", address);
+ GNUNET_asprintf (&policy, "%s%s%s",
+ GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX,
+ "4",
+ address);
+ break;
+ }
case AF_INET6:
- GNUNET_MESH_peer_request_connect_by_type (ts->tunnel,
- GNUNET_APPLICATION_TYPE_IPV6_GATEWAY);
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
- "Creating tunnel to exit peer for %s\n",
- "IPv6");
+ {
+ char address[GNUNET_TUN_IPV6_REGEXLEN];
+
+ GNUNET_TUN_ipv6toregex (&de->details.exit_destination.ip.v6,
+ 128, address);
+ GNUNET_asprintf (&policy, "%s%s%s",
+ GNUNET_APPLICATION_TYPE_EXIT_REGEX_PREFIX,
+ "6",
+ address);
break;
+ }
default:
GNUNET_assert (0);
break;
}
- }
+
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Requesting connect by string: %s\n",
+ policy);
+ ts->search = GNUNET_REGEX_search (cfg,
+ policy,
+ &handle_regex_result,
+ ts);
+ GNUNET_free (policy);
+ }
return ts;
}
const void *payload,
size_t payload_length)
{
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
struct TunnelState *ts;
struct TunnelMessageQueueEntry *tnq;
size_t alen;
* @param client NULL
* @param message message we got from the client (VPN tunnel interface)
*/
-static void
+static int
message_token (void *cls GNUNET_UNUSED, void *client GNUNET_UNUSED,
const struct GNUNET_MessageHeader *message)
{
const struct GNUNET_TUN_Layer2PacketHeader *tun;
size_t mlen;
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
struct DestinationEntry *de;
GNUNET_STATISTICS_update (stats,
(mlen < sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader)) )
{
GNUNET_break (0);
- return;
+ return GNUNET_OK;
}
tun = (const struct GNUNET_TUN_Layer2PacketHeader *) &message[1];
mlen -= (sizeof (struct GNUNET_MessageHeader) + sizeof (struct GNUNET_TUN_Layer2PacketHeader));
{
/* blame kernel */
GNUNET_break (0);
- return;
+ return GNUNET_OK;
}
pkt6 = (const struct GNUNET_TUN_IPv6Header *) &tun[1];
get_destination_key_from_ip (AF_INET6,
&pkt6->destination_address,
buf,
sizeof (buf)));
- return;
+ return GNUNET_OK;
}
route_packet (de,
AF_INET6,
{
/* blame kernel */
GNUNET_break (0);
- return;
+ return GNUNET_OK;
}
pkt4 = (struct GNUNET_TUN_IPv4Header *) &tun[1];
get_destination_key_from_ip (AF_INET,
&pkt4->destination_address,
buf,
sizeof (buf)));
- return;
+ return GNUNET_OK;
}
if (pkt4->header_length * 4 != sizeof (struct GNUNET_TUN_IPv4Header))
{
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
_("Received IPv4 packet with options (dropping it)\n"));
- return;
+ return GNUNET_OK;
}
route_packet (de,
AF_INET,
(unsigned int) ntohs (tun->proto));
break;
}
+ return GNUNET_OK;
}
struct in_addr addr;
struct in_addr mask;
struct in_addr rnd;
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
unsigned int tries;
GNUNET_assert (1 == inet_pton (AF_INET, ipv4addr, &addr));
struct in6_addr mask;
struct in6_addr rnd;
int i;
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
unsigned int tries;
GNUNET_assert (1 == inet_pton (AF_INET6, ipv6addr, &addr));
struct in6_addr v6;
void *addr;
struct DestinationEntry *de;
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
struct TunnelState *ts;
/* validate and parse request */
struct in6_addr v6;
void *addr;
struct DestinationEntry *de;
- GNUNET_HashCode key;
+ struct GNUNET_HashCode key;
struct TunnelState *ts;
/* parse request */
*/
static int
cleanup_destination (void *cls,
- const GNUNET_HashCode *key,
+ const struct GNUNET_HashCode *key,
void *value)
{
struct DestinationEntry *de = value;
*/
static int
cleanup_tunnel (void *cls,
- const GNUNET_HashCode *key,
+ const struct GNUNET_HashCode *key,
void *value)
{
struct TunnelState *ts = value;
mesh_handle = NULL;
}
if (NULL != helper_handle)
- {
- GNUNET_HELPER_stop (helper_handle);
+ {
+ GNUNET_HELPER_stop (helper_handle, GNUNET_NO);
helper_handle = NULL;
}
if (NULL != nc)
*/
static int
cleanup_tunnel_client (void *cls,
- const GNUNET_HashCode *key,
+ const struct GNUNET_HashCode *key,
void *value)
{
struct GNUNET_SERVER_Client *client = cls;
struct TunnelState *ts = value;
if (client == ts->client)
- {
- GNUNET_SERVER_client_drop (ts->client);
ts->client = NULL;
- }
return GNUNET_OK;
}
*/
static int
cleanup_destination_client (void *cls,
- const GNUNET_HashCode *key,
+ const struct GNUNET_HashCode *key,
void *value)
{
struct GNUNET_SERVER_Client *client = cls;
if (NULL == (ts = de->ts))
return GNUNET_OK;
if (client == ts->client)
- {
- GNUNET_SERVER_client_drop (ts->client);
ts->client = NULL;
- }
return GNUNET_OK;
}
}
-/**
- * Test if the given AF is supported by this system.
- *
- * @param af to test
- * @return GNUNET_OK if the AF is supported
- */
-static int
-test_af (int af)
-{
- int s;
-
- s = socket (af, SOCK_STREAM, 0);
- if (-1 == s)
- {
- if (EAFNOSUPPORT == errno)
- return GNUNET_NO;
- GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
- "socket");
- return GNUNET_SYSERR;
- }
- close (s);
- return GNUNET_OK;
-}
-
-
/**
* Main function that will be run by the scheduler.
*
char *ipv4mask;
struct in_addr v4;
struct in6_addr v6;
+ char *binary;
+
+ binary = GNUNET_OS_get_libexec_binary_path ("gnunet-helper-vpn");
if (GNUNET_YES !=
- GNUNET_OS_check_helper_binary ("gnunet-helper-vpn"))
+ GNUNET_OS_check_helper_binary (binary, GNUNET_YES, "-d gnunet-vpn - - 169.1.3.3.7 255.255.255.0")) //ipv4 only please!
{
fprintf (stderr,
"`%s' is not SUID, refusing to run.\n",
"gnunet-helper-vpn");
+ GNUNET_free (binary);
global_ret = 1;
return;
}
+ GNUNET_free (binary);
cfg = cfg_;
stats = GNUNET_STATISTICS_create ("vpn", cfg);
if (GNUNET_OK !=
&max_tunnel_mappings))
max_tunnel_mappings = 200;
- destination_map = GNUNET_CONTAINER_multihashmap_create (max_destination_mappings * 2);
+ destination_map = GNUNET_CONTAINER_multihashmap_create (max_destination_mappings * 2, GNUNET_NO);
destination_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
- tunnel_map = GNUNET_CONTAINER_multihashmap_create (max_tunnel_mappings * 2);
+ tunnel_map = GNUNET_CONTAINER_multihashmap_create (max_tunnel_mappings * 2, GNUNET_NO);
tunnel_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
return;
}
vpn_argv[1] = ifname;
- if (GNUNET_OK == test_af (AF_INET6))
+ if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET6))
{
if ( (GNUNET_SYSERR ==
GNUNET_CONFIGURATION_get_value_string (cfg, "vpn", "IPV6ADDR",
vpn_argv[2] = GNUNET_strdup ("-");
vpn_argv[3] = GNUNET_strdup ("-");
}
- if (GNUNET_OK == test_af (AF_INET))
+ if (GNUNET_OK == GNUNET_NETWORK_test_pf (PF_INET))
{
if ( (GNUNET_SYSERR ==
GNUNET_CONFIGURATION_get_value_string (cfg, "vpn", "IPV4ADDR",
vpn_argv[6] = NULL;
mesh_handle =
- GNUNET_MESH_connect (cfg_, 42 /* queue length */, NULL,
+ GNUNET_MESH_connect (cfg_, NULL,
&inbound_tunnel_cb,
&tunnel_cleaner,
mesh_handlers,
types);
- helper_handle = GNUNET_HELPER_start ("gnunet-helper-vpn", vpn_argv,
- &message_token, NULL);
+ helper_handle = GNUNET_HELPER_start (GNUNET_NO,
+ "gnunet-helper-vpn", vpn_argv,
+ &message_token, NULL, NULL);
nc = GNUNET_SERVER_notification_context_create (server, 1);
GNUNET_SERVER_add_handlers (server, service_handlers);
GNUNET_SERVER_disconnect_notify (server, &client_disconnect, NULL);
projects / oweals / gnunet.git / blobdiff