[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r35808 - gnunet/src/gns
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r35808 - gnunet/src/gns |
|
Date: |
Tue, 26 May 2015 10:54:05 +0200 |
Author: grothoff
Date: 2015-05-26 10:54:05 +0200 (Tue, 26 May 2015)
New Revision: 35808
Modified:
gnunet/src/gns/Makefile.am
gnunet/src/gns/gns.conf.in
gnunet/src/gns/gnunet-gns-import.c
gnunet/src/gns/gnunet-service-gns.c
Log:
-document subsystem aliases, add gns-intercept alias for GNS DNS interception,
support gns-intercept alias for GNS DNS interception
Modified: gnunet/src/gns/Makefile.am
===================================================================
--- gnunet/src/gns/Makefile.am 2015-05-26 08:53:22 UTC (rev 35807)
+++ gnunet/src/gns/Makefile.am 2015-05-26 08:54:05 UTC (rev 35808)
@@ -103,7 +103,7 @@
$(top_builddir)/src/identity/libgnunetidentity.la \
$(top_builddir)/src/rest/libgnunetrest.la \
$(top_builddir)/src/util/libgnunetutil.la $(XLIBS) \
- $(LTLIBINTL) -ljansson -lmicrohttpd
+ $(LTLIBINTL) -ljansson -lmicrohttpd
libgnunet_plugin_rest_gns_la_LDFLAGS = \
$(GN_PLUGIN_LDFLAGS)
@@ -198,6 +198,7 @@
gnunet_service_gns_LDADD = \
-lm \
$(top_builddir)/src/gnsrecord/libgnunetgnsrecord.la \
+ $(top_builddir)/src/identity/libgnunetidentity.la \
$(top_builddir)/src/revocation/libgnunetrevocation.la \
$(top_builddir)/src/statistics/libgnunetstatistics.la \
$(top_builddir)/src/util/libgnunetutil.la \
@@ -261,4 +262,3 @@
TESTS = $(check_SCRIPTS)
endif
endif
-
Modified: gnunet/src/gns/gns.conf.in
===================================================================
--- gnunet/src/gns/gns.conf.in 2015-05-26 08:53:22 UTC (rev 35807)
+++ gnunet/src/gns/gns.conf.in 2015-05-26 08:54:05 UTC (rev 35808)
@@ -25,8 +25,6 @@
# PREFIX = valgrind --leak-check=full --track-origins=yes
-# Setting this option enables hijacking DNS queries using iptables.
-# DNS_ROOT = KEY
[gns-proxy]
BINARY = gnunet-gns-proxy
Modified: gnunet/src/gns/gnunet-gns-import.c
===================================================================
--- gnunet/src/gns/gnunet-gns-import.c 2015-05-26 08:53:22 UTC (rev 35807)
+++ gnunet/src/gns/gnunet-gns-import.c 2015-05-26 08:54:05 UTC (rev 35808)
@@ -265,6 +265,7 @@
GNUNET_NAMESTORE_zone_iterator_next (list_it);
}
+
/**
* Get master-zone, short-zone and private-zone keys.
*
@@ -435,11 +436,16 @@
if (0 != run_process_and_wait (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
NULL, NULL, &st, &code,
"gnunet-identity",
- "gnunet-identity", "-e", "short-zone", "-s", "gns-proxy", NULL))
+ "gnunet-identity", "-e", "master-zone", "-s", "gns-proxy", NULL))
return;
if (0 != run_process_and_wait (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
NULL, NULL, &st, &code,
"gnunet-identity",
+ "gnunet-identity", "-e", "master-zone", "-s", "gns-intercept", NULL))
+ return;
+
+ if (0 != run_process_and_wait (GNUNET_NO, GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
NULL, NULL, &st, &code,
+ "gnunet-identity",
"gnunet-identity", "-e", "private-zone", "-s", "gns-private", NULL))
return;
Modified: gnunet/src/gns/gnunet-service-gns.c
===================================================================
--- gnunet/src/gns/gnunet-service-gns.c 2015-05-26 08:53:22 UTC (rev 35807)
+++ gnunet/src/gns/gnunet-service-gns.c 2015-05-26 08:54:05 UTC (rev 35808)
@@ -30,6 +30,7 @@
#include "gnunet_dht_service.h"
#include "gnunet_namecache_service.h"
#include "gnunet_namestore_service.h"
+#include "gnunet_identity_service.h"
#include "gnunet_gns_service.h"
#include "gnunet_statistics_service.h"
#include "gns.h"
@@ -149,6 +150,17 @@
static struct GNUNET_NAMECACHE_Handle *namecache_handle;
/**
+ * Our handle to the identity service
+ */
+static struct GNUNET_IDENTITY_Handle *identity_handle;
+
+/**
+ * Our handle to the identity operation to find the master zone
+ * for intercepted queries.
+ */
+static struct GNUNET_IDENTITY_Operation *identity_op;
+
+/**
* Handle to iterate over our authoritative zone in namestore
*/
static struct GNUNET_NAMESTORE_ZoneIterator *namestore_iter;
@@ -266,6 +278,16 @@
}
GNS_interceptor_done ();
+ if (NULL != identity_op)
+ {
+ GNUNET_IDENTITY_cancel (identity_op);
+ identity_op = NULL;
+ }
+ if (NULL != identity_handle)
+ {
+ GNUNET_IDENTITY_disconnect (identity_handle);
+ identity_handle = NULL;
+ }
GNS_resolver_done ();
GNS_shorten_done ();
while (NULL != (ma = ma_head))
@@ -836,6 +858,54 @@
/**
+ * Method called to inform about the ego to be used for the master zone
+ * for DNS interceptions.
+ *
+ * This function is only called ONCE, and 'NULL' being passed in
+ * @a ego does indicate that interception is not configured.
+ * If @a ego is non-NULL, we should start to intercept DNS queries
+ * and resolve ".gnu" queries using the given ego as the master zone.
+ *
+ * @param cls closure, our `const struct GNUNET_CONFIGURATION_Handle *c`
+ * @param ego ego handle
+ * @param ctx context for application to store data for this ego
+ * (during the lifetime of this process, initially NULL)
+ * @param name name assigned by the user for this ego,
+ * NULL if the user just deleted the ego and it
+ * must thus no longer be used
+ */
+static void
+identity_intercept_cb (void *cls,
+ struct GNUNET_IDENTITY_Ego *ego,
+ void **ctx,
+ const char *name)
+{
+ const struct GNUNET_CONFIGURATION_Handle *cfg = cls;
+ struct GNUNET_CRYPTO_EcdsaPublicKey dns_root;
+
+ identity_op = NULL;
+ if (NULL == ego)
+ {
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ _("No ego configured for `%s`\n"),
+ "gns-intercept");
+ return;
+ }
+ GNUNET_IDENTITY_ego_get_public_key (ego,
+ &dns_root);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "DNS hijacking enabled. Connecting to DNS service.\n");
+ if (GNUNET_SYSERR ==
+ GNS_interceptor_init (&dns_root, cfg))
+ {
+ GNUNET_break (0);
+ GNUNET_SCHEDULER_add_now (&shutdown_task, NULL);
+ return;
+ }
+}
+
+
+/**
* Process GNS requests.
*
* @param cls closure
@@ -843,7 +913,8 @@
* @param c configuration to use
*/
static void
-run (void *cls, struct GNUNET_SERVER_Handle *server,
+run (void *cls,
+ struct GNUNET_SERVER_Handle *server,
const struct GNUNET_CONFIGURATION_Handle *c)
{
static const struct GNUNET_SERVER_MessageHandler handlers[] = {
@@ -850,9 +921,7 @@
{ &handle_lookup, NULL, GNUNET_MESSAGE_TYPE_GNS_LOOKUP, 0},
{NULL, NULL, 0, 0}
};
- struct GNUNET_CRYPTO_EcdsaPublicKey dns_root;
unsigned long long max_parallel_bg_queries = 0;
- char *dns_root_name;
v6_enabled = GNUNET_NETWORK_test_pf (PF_INET6);
v4_enabled = GNUNET_NETWORK_test_pf (PF_INET);
@@ -907,34 +976,21 @@
return;
}
- if (GNUNET_OK ==
- GNUNET_CONFIGURATION_get_value_string (c, "gns", "DNS_ROOT",
- &dns_root_name))
+ identity_handle = GNUNET_IDENTITY_connect (c,
+ NULL,
+ NULL);
+ if (NULL == identity_handle)
{
- if (GNUNET_OK !=
- GNUNET_CRYPTO_ecdsa_public_key_from_string (dns_root_name,
- strlen (dns_root_name),
- &dns_root))
- {
- GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
- "gns",
- "DNS_ROOT",
- _("valid public key required"));
- GNUNET_SCHEDULER_add_now (&shutdown_task, NULL);
- GNUNET_free (dns_root_name);
- return;
- }
GNUNET_log (GNUNET_ERROR_TYPE_INFO,
- "DNS hijacking with root `%s' enabled. Connecting to DNS
service.\n",
- dns_root_name);
- GNUNET_free (dns_root_name);
- if (GNUNET_SYSERR ==
- GNS_interceptor_init (&dns_root, c))
- {
- GNUNET_SCHEDULER_add_now (&shutdown_task, NULL);
- return;
- }
+ "Could not connect to identity service!\n");
}
+ else
+ {
+ identity_op = GNUNET_IDENTITY_get (identity_handle,
+ "gns-intercept",
+ &identity_intercept_cb,
+ (void *) c);
+ }
GNS_resolver_init (namecache_handle,
dht_handle,
c,
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r35808 - gnunet/src/gns,
gnunet <=