summaryrefslogtreecommitdiff
path: root/src/tools/tor-fw-helper/tor-fw-helper.c
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-07-14 14:48:22 -0400
committerNick Mathewson <nickm@torproject.org>2015-07-14 14:48:22 -0400
commitd2cb92332009567ae778b3570e8fd3420c207446 (patch)
tree35757b0b9ea1b0639059b949d9b0767763d3104e /src/tools/tor-fw-helper/tor-fw-helper.c
parenta65e835800b1af2c2a4c215b0c8ab282e14105b2 (diff)
downloadtor-d2cb92332009567ae778b3570e8fd3420c207446.tar.gz
tor-d2cb92332009567ae778b3570e8fd3420c207446.zip
Remove tor-fw-helper code
It did a good idea, but the code-quality of libupnpc and libnatpnp is so dodgy that I'm not really comfortable including them alongside Tor proper. Instead, we'll recommend that people do the pure-go reimplementation instead. Closes ticket 13338.
Diffstat (limited to 'src/tools/tor-fw-helper/tor-fw-helper.c')
-rw-r--r--src/tools/tor-fw-helper/tor-fw-helper.c501
1 files changed, 0 insertions, 501 deletions
diff --git a/src/tools/tor-fw-helper/tor-fw-helper.c b/src/tools/tor-fw-helper/tor-fw-helper.c
deleted file mode 100644
index fdc0e1adea..0000000000
--- a/src/tools/tor-fw-helper/tor-fw-helper.c
+++ /dev/null
@@ -1,501 +0,0 @@
-/* Copyright (c) 2010, Jacob Appelbaum, Steven J. Murdoch.
- * Copyright (c) 2010-2015, The Tor Project, Inc. */
-/* See LICENSE for licensing information */
-
-/**
- * \file tor-fw-helper.c
- * \brief The main wrapper around our firewall helper logic.
- **/
-
-/*
- * tor-fw-helper is a tool for opening firewalls with NAT-PMP and UPnP; this
- * tool is designed to be called by hand or by Tor by way of a exec() at a
- * later date.
- */
-
-#include "orconfig.h"
-#include <stdio.h>
-#include <stdint.h>
-#include <stdlib.h>
-#include <getopt.h>
-#include <time.h>
-#include <string.h>
-#include <assert.h>
-
-#include "container.h"
-
-#ifdef _WIN32
-#include <winsock2.h>
-#endif
-
-#include "tor-fw-helper.h"
-#ifdef NAT_PMP
-#include "tor-fw-helper-natpmp.h"
-#endif
-#ifdef MINIUPNPC
-#include "tor-fw-helper-upnp.h"
-#endif
-
-/** This is our meta storage type - it holds information about each helper
- including the total number of helper backends, function pointers, and helper
- state. */
-typedef struct backends_t {
- /** The total number of backends */
- int n_backends;
- /** The backend functions as an array */
- tor_fw_backend_t backend_ops[MAX_BACKENDS];
- /** The internal backend state */
- void *backend_state[MAX_BACKENDS];
-} backends_t;
-
-/** Initialize each backend helper with the user input stored in <b>options</b>
- * and put the results in the <b>backends</b> struct. */
-static int
-init_backends(tor_fw_options_t *options, backends_t *backends)
-{
- int n_available = 0;
- int i, r, n;
- tor_fw_backend_t *backend_ops_list[MAX_BACKENDS];
- void *data = NULL;
- /* First, build a list of the working backends. */
- n = 0;
-#ifdef MINIUPNPC
- backend_ops_list[n++] = (tor_fw_backend_t *) tor_fw_get_miniupnp_backend();
-#endif
-#ifdef NAT_PMP
- backend_ops_list[n++] = (tor_fw_backend_t *) tor_fw_get_natpmp_backend();
-#endif
- n_available = n;
-
- /* Now, for each backend that might work, try to initialize it.
- * That's how we roll, initialized.
- */
- n = 0;
- for (i=0; i<n_available; ++i) {
- data = calloc(1, backend_ops_list[i]->state_len);
- if (!data) {
- perror("calloc");
- exit(1);
- }
- r = backend_ops_list[i]->init(options, data);
- if (r == 0) {
- backends->backend_ops[n] = *backend_ops_list[i];
- backends->backend_state[n] = data;
- n++;
- } else {
- free(data);
- }
- }
- backends->n_backends = n;
-
- return n;
-}
-
-/** Return the proper commandline switches when the user needs information. */
-static void
-usage(void)
-{
- fprintf(stderr, "tor-fw-helper usage:\n"
- " [-h|--help]\n"
- " [-T|--test-commandline]\n"
- " [-v|--verbose]\n"
- " [-g|--fetch-public-ip]\n"
- " [-p|--forward-port ([<external port>]:<internal port>)]\n");
-}
-
-/** Log commandline options to a hardcoded file <b>tor-fw-helper.log</b> in the
- * current working directory. */
-static int
-log_commandline_options(int argc, char **argv)
-{
- int i, retval;
- FILE *logfile;
- time_t now;
-
- /* Open the log file */
- logfile = fopen("tor-fw-helper.log", "a");
- if (NULL == logfile)
- return -1;
-
- /* Send all commandline arguments to the file */
- now = time(NULL);
- retval = fprintf(logfile, "START: %s\n", ctime(&now));
- for (i = 0; i < argc; i++) {
- retval = fprintf(logfile, "ARG: %d: %s\n", i, argv[i]);
- if (retval < 0)
- goto error;
-
- retval = fprintf(stderr, "ARG: %d: %s\n", i, argv[i]);
- if (retval < 0)
- goto error;
- }
- now = time(NULL);
- retval = fprintf(logfile, "END: %s\n", ctime(&now));
-
- /* Close and clean up */
- retval = fclose(logfile);
- return retval;
-
- /* If there was an error during writing */
- error:
- fclose(logfile);
- return -1;
-}
-
-/** Iterate over over each of the supported <b>backends</b> and attempt to
- * fetch the public ip. */
-static void
-tor_fw_fetch_public_ip(tor_fw_options_t *tor_fw_options,
- backends_t *backends)
-{
- int i;
- int r = 0;
-
- if (tor_fw_options->verbose)
- fprintf(stderr, "V: tor_fw_fetch_public_ip\n");
-
- for (i=0; i<backends->n_backends; ++i) {
- if (tor_fw_options->verbose) {
- fprintf(stderr, "V: running backend_state now: %i\n", i);
- fprintf(stderr, "V: size of backend state: %u\n",
- (int)(backends->backend_ops)[i].state_len);
- fprintf(stderr, "V: backend state name: %s\n",
- (char *)(backends->backend_ops)[i].name);
- }
- r = backends->backend_ops[i].fetch_public_ip(tor_fw_options,
- backends->backend_state[i]);
- fprintf(stderr, "tor-fw-helper: tor_fw_fetch_public_ip backend %s "
- " returned: %i\n", (char *)(backends->backend_ops)[i].name, r);
- }
-}
-
-/** Print a spec-conformant string to stdout describing the results of
- * the TCP port forwarding operation from <b>external_port</b> to
- * <b>internal_port</b>. */
-static void
-tor_fw_helper_report_port_fw_results(uint16_t internal_port,
- uint16_t external_port,
- int succeded,
- const char *message)
-{
- char *report_string = NULL;
-
- tor_asprintf(&report_string, "%s %s %u %u %s %s\n",
- "tor-fw-helper",
- "tcp-forward",
- external_port, internal_port,
- succeded ? "SUCCESS" : "FAIL",
- message);
- fprintf(stdout, "%s", report_string);
- fflush(stdout);
- tor_free(report_string);
-}
-
-#define tor_fw_helper_report_port_fw_fail(i, e, m) \
- tor_fw_helper_report_port_fw_results((i), (e), 0, (m))
-
-#define tor_fw_helper_report_port_fw_success(i, e, m) \
- tor_fw_helper_report_port_fw_results((i), (e), 1, (m))
-
-/** Return a heap-allocated string containing the list of our
- * backends. It can be used in log messages. Be sure to free it
- * afterwards! */
-static char *
-get_list_of_backends_string(backends_t *backends)
-{
- char *backend_names = NULL;
- int i;
- smartlist_t *backend_names_sl = smartlist_new();
-
- assert(backends->n_backends);
-
- for (i=0; i<backends->n_backends; ++i)
- smartlist_add(backend_names_sl, (char *) backends->backend_ops[i].name);
-
- backend_names = smartlist_join_strings(backend_names_sl, ", ", 0, NULL);
- smartlist_free(backend_names_sl);
-
- return backend_names;
-}
-
-/** Iterate over each of the supported <b>backends</b> and attempt to add a
- * port forward for the port stored in <b>tor_fw_options</b>. */
-static void
-tor_fw_add_ports(tor_fw_options_t *tor_fw_options,
- backends_t *backends)
-{
- int i;
- int r = 0;
- int succeeded = 0;
-
- if (tor_fw_options->verbose)
- fprintf(stderr, "V: %s\n", __func__);
-
- /** Loop all ports that need to be forwarded, and try to use our
- * backends for each port. If a backend succeeds, break the loop,
- * report success and get to the next port. If all backends fail,
- * report failure for that port. */
- SMARTLIST_FOREACH_BEGIN(tor_fw_options->ports_to_forward,
- port_to_forward_t *, port_to_forward) {
-
- succeeded = 0;
-
- for (i=0; i<backends->n_backends; ++i) {
- if (tor_fw_options->verbose) {
- fprintf(stderr, "V: running backend_state now: %i\n", i);
- fprintf(stderr, "V: size of backend state: %u\n",
- (int)(backends->backend_ops)[i].state_len);
- fprintf(stderr, "V: backend state name: %s\n",
- (const char *) backends->backend_ops[i].name);
- }
-
- r =
- backends->backend_ops[i].add_tcp_mapping(port_to_forward->internal_port,
- port_to_forward->external_port,
- tor_fw_options->verbose,
- backends->backend_state[i]);
- if (r == 0) { /* backend success */
- tor_fw_helper_report_port_fw_success(port_to_forward->internal_port,
- port_to_forward->external_port,
- backends->backend_ops[i].name);
- succeeded = 1;
- break;
- }
-
- fprintf(stderr, "tor-fw-helper: tor_fw_add_port backend %s "
- "returned: %i\n",
- (const char *) backends->backend_ops[i].name, r);
- }
-
- if (!succeeded) { /* all backends failed */
- char *list_of_backends_str = get_list_of_backends_string(backends);
- char *fail_msg = NULL;
- tor_asprintf(&fail_msg, "All port forwarding backends (%s) failed.",
- list_of_backends_str);
- tor_fw_helper_report_port_fw_fail(port_to_forward->internal_port,
- port_to_forward->external_port,
- fail_msg);
- tor_free(list_of_backends_str);
- tor_free(fail_msg);
- }
-
- } SMARTLIST_FOREACH_END(port_to_forward);
-}
-
-/** Called before we make any calls to network-related functions.
- * (Some operating systems require their network libraries to be
- * initialized.) (from common/compat.c) */
-static int
-tor_fw_helper_network_init(void)
-{
-#ifdef _WIN32
- /* This silly exercise is necessary before windows will allow
- * gethostbyname to work. */
- WSADATA WSAData;
- int r;
- r = WSAStartup(0x101, &WSAData);
- if (r) {
- fprintf(stderr, "E: Error initializing Windows network layer "
- "- code was %d", r);
- return -1;
- }
- /* WSAData.iMaxSockets might show the max sockets we're allowed to use.
- * We might use it to complain if we're trying to be a server but have
- * too few sockets available. */
-#endif
- return 0;
-}
-
-/** Parse the '-p' argument of tor-fw-helper. Its format is
- * [<external port>]:<internal port>, and <external port> is optional.
- * Return NULL if <b>arg</b> was c0rrupted. */
-static port_to_forward_t *
-parse_port(const char *arg)
-{
- smartlist_t *sl = smartlist_new();
- port_to_forward_t *port_to_forward = NULL;
- char *port_str = NULL;
- int ok;
- int port;
-
- smartlist_split_string(sl, arg, ":", 0, 0);
- if (smartlist_len(sl) != 2)
- goto err;
-
- port_to_forward = tor_malloc(sizeof(port_to_forward_t));
- if (!port_to_forward)
- goto err;
-
- port_str = smartlist_get(sl, 0); /* macroify ? */
- port = (int)tor_parse_long(port_str, 10, 1, 65535, &ok, NULL);
- if (!ok && strlen(port_str)) /* ":1555" is valid */
- goto err;
- port_to_forward->external_port = port;
-
- port_str = smartlist_get(sl, 1);
- port = (int)tor_parse_long(port_str, 10, 1, 65535, &ok, NULL);
- if (!ok)
- goto err;
- port_to_forward->internal_port = port;
-
- goto done;
-
- err:
- tor_free(port_to_forward);
-
- done:
- SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp));
- smartlist_free(sl);
-
- return port_to_forward;
-}
-
-/** Report a failure of epic proportions: We didn't manage to
- * initialize any port forwarding backends. */
-static void
-report_full_fail(const smartlist_t *ports_to_forward)
-{
- if (!ports_to_forward)
- return;
-
- SMARTLIST_FOREACH_BEGIN(ports_to_forward,
- const port_to_forward_t *, port_to_forward) {
- tor_fw_helper_report_port_fw_fail(port_to_forward->internal_port,
- port_to_forward->external_port,
- "All backends (NAT-PMP, UPnP) failed "
- "to initialize!"); /* XXX hardcoded */
- } SMARTLIST_FOREACH_END(port_to_forward);
-}
-
-int
-main(int argc, char **argv)
-{
- int r = 0;
- int c = 0;
-
- tor_fw_options_t tor_fw_options;
- backends_t backend_state;
-
- memset(&tor_fw_options, 0, sizeof(tor_fw_options));
- memset(&backend_state, 0, sizeof(backend_state));
-
- // Parse CLI arguments.
- while (1) {
- int option_index = 0;
- static struct option long_options[] =
- {
- {"verbose", 0, 0, 'v'},
- {"help", 0, 0, 'h'},
- {"port", 1, 0, 'p'},
- {"fetch-public-ip", 0, 0, 'g'},
- {"test-commandline", 0, 0, 'T'},
- {0, 0, 0, 0}
- };
-
- c = getopt_long(argc, argv, "vhp:gT",
- long_options, &option_index);
- if (c == -1)
- break;
-
- switch (c) {
- case 'v': tor_fw_options.verbose = 1; break;
- case 'h': tor_fw_options.help = 1; usage(); exit(1); break;
- case 'p': {
- port_to_forward_t *port_to_forward = parse_port(optarg);
- if (!port_to_forward) {
- fprintf(stderr, "E: Failed to parse '%s'.\n", optarg);
- usage();
- exit(1);
- }
-
- /* If no external port was given (it's optional), set it to be
- * equal with the internal port. */
- if (!port_to_forward->external_port) {
- assert(port_to_forward->internal_port);
- if (tor_fw_options.verbose)
- fprintf(stderr, "V: No external port was given. Setting to %u.\n",
- port_to_forward->internal_port);
- port_to_forward->external_port = port_to_forward->internal_port;
- }
-
- if (!tor_fw_options.ports_to_forward)
- tor_fw_options.ports_to_forward = smartlist_new();
-
- smartlist_add(tor_fw_options.ports_to_forward, port_to_forward);
-
- break;
- }
- case 'g': tor_fw_options.fetch_public_ip = 1; break;
- case 'T': tor_fw_options.test_commandline = 1; break;
- case '?': break;
- default : fprintf(stderr, "Unknown option!\n"); usage(); exit(1);
- }
- }
-
- { // Verbose output
-
- if (tor_fw_options.verbose)
- fprintf(stderr, "V: tor-fw-helper version %s\n"
- "V: We were called with the following arguments:\n"
- "V: verbose = %d, help = %d, fetch_public_ip = %u\n",
- tor_fw_version, tor_fw_options.verbose, tor_fw_options.help,
- tor_fw_options.fetch_public_ip);
-
- if (tor_fw_options.verbose && tor_fw_options.ports_to_forward) {
- fprintf(stderr, "V: TCP forwarding:\n");
- SMARTLIST_FOREACH(tor_fw_options.ports_to_forward,
- const port_to_forward_t *, port_to_forward,
- fprintf(stderr, "V: External: %u, Internal: %u\n",
- port_to_forward->external_port,
- port_to_forward->internal_port));
- }
- }
-
- if (tor_fw_options.test_commandline) {
- return log_commandline_options(argc, argv);
- }
-
- // See if the user actually wants us to do something.
- if (!tor_fw_options.fetch_public_ip && !tor_fw_options.ports_to_forward) {
- fprintf(stderr, "E: We require a port to be forwarded or "
- "fetch_public_ip request!\n");
- usage();
- exit(1);
- }
-
- // Initialize networking
- if (tor_fw_helper_network_init())
- exit(1);
-
- // Initalize the various fw-helper backend helpers
- r = init_backends(&tor_fw_options, &backend_state);
- if (!r) { // all backends failed:
- // report our failure
- report_full_fail(tor_fw_options.ports_to_forward);
- fprintf(stderr, "tor-fw-helper: All backends failed.\n");
- exit(1);
- } else { // some backends succeeded:
- fprintf(stderr, "tor-fw-helper: %i NAT traversal helper(s) loaded\n", r);
- }
-
- // Forward TCP ports.
- if (tor_fw_options.ports_to_forward) {
- tor_fw_add_ports(&tor_fw_options, &backend_state);
- }
-
- // Fetch our public IP.
- if (tor_fw_options.fetch_public_ip) {
- tor_fw_fetch_public_ip(&tor_fw_options, &backend_state);
- }
-
- // Cleanup and exit.
- if (tor_fw_options.ports_to_forward) {
- SMARTLIST_FOREACH(tor_fw_options.ports_to_forward,
- port_to_forward_t *, port,
- tor_free(port));
- smartlist_free(tor_fw_options.ports_to_forward);
- }
-
- exit(0);
-}
-