[Pkg-privacy-commits] [onioncat] 83/241: ocatipv6.c added. It allows limited IPv6 routing capability. a single keepalive packet is sent after successful connection to remote peer.

Wed Aug 26 16:16:36 UTC 2015

This is an automated email from the git hooks/post-receive script.

intrigeri pushed a commit to branch upstream-master
in repository onioncat.

commit 1b55bd2f4a910dba448bf1643b0636170b74eb62
Author: eagle <eagle at 58e1ccc2-750e-0410-8d0d-f93ca75ab447>
Date:   Wed Dec 3 19:56:24 2008 +0000

    ocatipv6.c added. It allows limited IPv6 routing capability.
    a single keepalive packet is sent after successful connection to remote peer.
    
    
    git-svn-id: https://www.cypherpunk.at/svn/onioncat/trunk@372 58e1ccc2-750e-0410-8d0d-f93ca75ab447
---
 config.h.in         |  3 +++
 configure           | 10 +++++++++
 configure.ac        |  1 +
 src/Makefile.am     |  2 +-
 src/Makefile.in     |  5 +++--
 src/ocat.h          | 11 +++++++++
 src/ocatipv6route.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 src/ocatroute.c     |  5 ++++-
 src/ocatsocks.c     | 17 ++++++++++++--
 9 files changed, 112 insertions(+), 6 deletions(-)

diff --git a/config.h.in b/config.h.in
index 53ef46c..b538ba8 100644
--- a/config.h.in
+++ b/config.h.in
@@ -1,5 +1,8 @@
 /* config.h.in.  Generated from configure.ac by autoheader.  */
 
+/* disable source ip checking */
+#undef CHECK_IPSRC
+
 /* enable debugging */
 #undef DEBUG
 
diff --git a/configure b/configure
index 22581e4..123c595 100755
--- a/configure
+++ b/configure
@@ -1243,6 +1243,7 @@ Optional Features:
   --enable-packet-log     enable packet logging
   --enable-handle-http    enable handling of accidental HTTP requests
   --enable-packet-queue   enable queueuing of packets while connecting setup
+  --disable-check-ipsrc   disable source ip checking before forwarding
   --disable-dependency-tracking  speeds up one-time build
   --enable-dependency-tracking   do not reject slow dependency extractors
 
@@ -2212,6 +2213,15 @@ _ACEOF
 
 fi
 
+# Check whether --enable-check-ipsrc was given.
+if test "${enable_check_ipsrc+set}" = set; then
+  enableval=$enable_check_ipsrc;
+cat >>confdefs.h <<\_ACEOF
+#define CHECK_IPSRC
+_ACEOF
+
+fi
+
 
 # Checks for programs.
 ac_ext=c
diff --git a/configure.ac b/configure.ac
index 39a2085..250c113 100644
--- a/configure.ac
+++ b/configure.ac
@@ -13,6 +13,7 @@ AC_ARG_ENABLE([debug], AC_HELP_STRING([--enable-debug], [enable debugging]), AC_
 AC_ARG_ENABLE([packet-log], AC_HELP_STRING([--enable-packet-log], [enable packet logging]), AC_DEFINE([PACKET_LOG], [], [enable packet logging]))
 AC_ARG_ENABLE([handle-http], AC_HELP_STRING([--enable-handle-http], [enable handling of accidental HTTP requests]), AC_DEFINE([HANDLE_HTTP], [], [enable handling of accidental HTTP requests]))
 AC_ARG_ENABLE([packet-queue], AC_HELP_STRING([--enable-packet-queue], [enable queueuing of packets while connecting setup]), AC_DEFINE([PACKET_QUEUE], [], [enable packet queue]))
+AC_ARG_ENABLE([check-ipsrc], AC_HELP_STRING([--disable-check-ipsrc], [disable source ip checking before forwarding]), AC_DEFINE([CHECK_IPSRC], [], [disable source ip checking]))
 
 # Checks for programs.
 AC_PROG_CC
diff --git a/src/Makefile.am b/src/Makefile.am
index be8b317..9d02e59 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,4 +1,4 @@
 bin_PROGRAMS = ocat
-ocat_SOURCES = ocat.c ocatlog.c ocatroute.c ocatthread.c ocattun.c ocatv6conv.c ocatcompat.c ocatpeer.c ocatsetup.c ocatipv4route.c ocateth.c ocatsocks.c ocatlibe.c ocatctrl.c
+ocat_SOURCES = ocat.c ocatlog.c ocatroute.c ocatthread.c ocattun.c ocatv6conv.c ocatcompat.c ocatpeer.c ocatsetup.c ocatipv4route.c ocateth.c ocatsocks.c ocatlibe.c ocatctrl.c ocatipv6route.c
 include_HEADERS = ocat.h strlcpy.c strlcat.c
 
diff --git a/src/Makefile.in b/src/Makefile.in
index 393ad07..5808c73 100644
--- a/src/Makefile.in
+++ b/src/Makefile.in
@@ -49,7 +49,7 @@ am_ocat_OBJECTS = ocat.$(OBJEXT) ocatlog.$(OBJEXT) ocatroute.$(OBJEXT) \
 	ocatthread.$(OBJEXT) ocattun.$(OBJEXT) ocatv6conv.$(OBJEXT) \
 	ocatcompat.$(OBJEXT) ocatpeer.$(OBJEXT) ocatsetup.$(OBJEXT) \
 	ocatipv4route.$(OBJEXT) ocateth.$(OBJEXT) ocatsocks.$(OBJEXT) \
-	ocatlibe.$(OBJEXT) ocatctrl.$(OBJEXT)
+	ocatlibe.$(OBJEXT) ocatctrl.$(OBJEXT) ocatipv6route.$(OBJEXT)
 ocat_OBJECTS = $(am_ocat_OBJECTS)
 ocat_LDADD = $(LDADD)
 DEFAULT_INCLUDES = -I. at am__isrc@ -I$(top_builddir)
@@ -153,7 +153,7 @@ sysconfdir = @sysconfdir@
 target_alias = @target_alias@
 top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
-ocat_SOURCES = ocat.c ocatlog.c ocatroute.c ocatthread.c ocattun.c ocatv6conv.c ocatcompat.c ocatpeer.c ocatsetup.c ocatipv4route.c ocateth.c ocatsocks.c ocatlibe.c ocatctrl.c
+ocat_SOURCES = ocat.c ocatlog.c ocatroute.c ocatthread.c ocattun.c ocatv6conv.c ocatcompat.c ocatpeer.c ocatsetup.c ocatipv4route.c ocateth.c ocatsocks.c ocatlibe.c ocatctrl.c ocatipv6route.c
 include_HEADERS = ocat.h strlcpy.c strlcat.c
 all: all-am
 
@@ -226,6 +226,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocatctrl.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocateth.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocatipv4route.Po at am__quote@
+ at AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocatipv6route.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocatlibe.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocatlog.Po at am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote at ./$(DEPDIR)/ocatpeer.Po at am__quote@
diff --git a/src/ocat.h b/src/ocat.h
index 5afa840..7607cc3 100644
--- a/src/ocat.h
+++ b/src/ocat.h
@@ -247,6 +247,14 @@ typedef struct IPv4Route
    struct in6_addr gw;
 } IPv4Route_t;
 
+//! IPv6 routing table entry
+typedef struct IPv6Route
+{
+   struct in6_addr dest;
+   int prefixlen;
+   struct in6_addr gw;
+} IPv6Route_t;
+
 //! IPv6 pseudo header used for checksum calculation
 struct ip6_psh
 {
@@ -436,6 +444,9 @@ void socks_queue(const struct in6_addr *, int);
 void oe_close(int);
 int oe_remtr(char *);
 
+/* ocatipv6route.c */
+struct in6_addr *ipv6_lookup_route(const struct in6_addr *);
+
 
 #endif
 
diff --git a/src/ocatipv6route.c b/src/ocatipv6route.c
new file mode 100644
index 0000000..2eaf679
--- /dev/null
+++ b/src/ocatipv6route.c
@@ -0,0 +1,64 @@
+/* Copyright 2008 Bernhard R. Fischer, Daniel Haslinger.
+ *
+ * This file is part of OnionCat.
+ *
+ * OnionCat is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, version 3 of the License.
+ *
+ * OnionCat is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with OnionCat. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+/*! @file
+ *  This file contains functions for managing IPv6 routing and
+ *  forwarding.
+ *
+ *  @author Bernhard R. Fischer <rahra _at_ cypherpunk at>
+ *  @version 2008/09/03-01
+ */
+
+#include "config.h"
+
+#include <netinet/in.h>
+
+#include "ocat.h"
+
+
+/*! IPv6 Routing table. Each entry contains 3 values:
+ *  destination network, prefix length, gateway
+ */
+static IPv6Route_t v6route_[] =
+{
+   // enter static IPv6 routes here for each host! (prefix lengths are not supported yet)
+   //
+   // sample entry
+   // route 3001::1 via fd87:d87e:eb43:1e53:0c75:2a27:72dc:c9a8
+   //
+   //{{{{0x30,0x01,0,0,0,0,0,0,0,0,0,0,0,0,0,1}}}, 0, {{{0xfd,0x87,0xd8,0x7e,0xeb,0x43,0x1e,0x53,0x0c,0x75,0x2a,0x27,0x72,0xdc,0xc9,0xa8}}}},
+
+   // do NOT remove this entry, it terminates the array!
+   {IN6ADDR_ANY_INIT, 0, IN6ADDR_ANY_INIT}
+};
+
+
+/*! Lookup IPv6 route. 
+ */
+struct in6_addr *ipv6_lookup_route(const struct in6_addr *dest)
+{
+   int i;
+
+   for (i = 0; !IN6_IS_ADDR_UNSPECIFIED(&v6route_[i].dest); i++)
+      if (IN6_ARE_ADDR_EQUAL(&v6route_[i].dest, dest))
+      {
+         log_debug("IPv6 route found");
+         return &v6route_[i].gw;
+      }
+   return NULL;
+}
+
diff --git a/src/ocatroute.c b/src/ocatroute.c
index fd4b08b..f546fe5 100644
--- a/src/ocatroute.c
+++ b/src/ocatroute.c
@@ -792,13 +792,16 @@ void packet_forwarder(void)
             continue;
          }
 
+#ifndef CHECK_IPSRC
          if (!check_tor_prefix((struct ip6_hdr*) &buf[4]))
          {
             log_msg(LOG_ERR, "dropping frame");
             continue;
          }
+#endif
 
-         dest = &((struct ip6_hdr*) &buf[4])->ip6_dst;
+         if (!(dest = ipv6_lookup_route(&((struct ip6_hdr*) &buf[4])->ip6_dst)))
+            dest = &((struct ip6_hdr*) &buf[4])->ip6_dst;
       }
       else if (*((uint32_t*) buf) == CNF(fhd_key[IPV4_KEY]))
       {
diff --git a/src/ocatsocks.c b/src/ocatsocks.c
index 645d54d..684cbf9 100644
--- a/src/ocatsocks.c
+++ b/src/ocatsocks.c
@@ -65,8 +65,7 @@ int socks_connect(const SocksQueue_t *sq)
    int fd, t, len;
    char buf[FRAME_SIZE], onion[ONION_NAME_SIZE];
    SocksHdr_t *shdr = (SocksHdr_t*) buf;
-
-   log_debug("called");
+   OcatPeer_t *peer;
 
    memset(&in, 0, sizeof(in));
    in.sin_family = AF_INET;
@@ -128,6 +127,20 @@ int socks_connect(const SocksQueue_t *sq)
 
    insert_peer(fd, sq, time(NULL) - t);
 
+   // Send first keepalive immediately
+   lock_peers();
+   if ((peer = search_peer(&sq->addr)))
+      lock_peer(peer);
+   else
+      log_msg(LOG_EMERG, "newly inserted peer not found, fd = %d", fd);
+   unlock_peers();
+   if (peer)
+   {
+      send_keepalive(peer);
+      unlock_peer(peer);
+   }
+
+   // return new file descriptor
    return fd;
 }
 

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-privacy/packages/onioncat.git

