[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r17128: {torvm} Pass control port config and other kernel cmdline options in (torvm/trunk/build/win32/src/torvm-w32)



Author: coderman
Date: 2008-10-16 11:20:50 -0400 (Thu, 16 Oct 2008)
New Revision: 17128

Modified:
   torvm/trunk/build/win32/src/torvm-w32/torvm.c
Log:
Pass control port config and other kernel cmdline options in a cleaner fashion.

Modified: torvm/trunk/build/win32/src/torvm-w32/torvm.c
===================================================================
--- torvm/trunk/build/win32/src/torvm-w32/torvm.c	2008-10-16 09:20:47 UTC (rev 17127)
+++ torvm/trunk/build/win32/src/torvm-w32/torvm.c	2008-10-16 15:20:50 UTC (rev 17128)
@@ -11,9 +11,16 @@
 #define WIN_DRV_DIR    "C:\\WINDOWS\\system32\\drivers"
 #define TOR_TAP_NAME   "Tor VM Tap32"
 #define TOR_TAP_SVC    "tortap91"
+/* TODO: network config defaults via vmconfig.h and runtime configuration */
+#define TOR_TAP_NET    "255.255.255.252"  /* mask 255.255.255.252 or CIDR /30 */
+#define TOR_TAP_VMIP   "10.10.10.1" 
+#define TOR_TAP_HOSTIP "10.10.10.2" 
+#define TOR_TAP_DNS1   "4.2.2.4"
+#define TOR_TAP_DNS2   "4.2.2.2"
 #define TOR_CAP_SYS    "tornpf.sys"
 #define TOR_HDD_FILE   "hdd.img"
 #define QEMU_DEF_MEM   32
+#define CAP_MTU        1480
 
 BOOL buildpath (const TCHAR *dirname,
                 TCHAR **fullpath);
@@ -895,23 +902,46 @@
 
 BOOL configtap(void)
 {
-  LPSTR cmd;
-  cmd = "\"netsh.exe\" interface ip set address \"" TOR_TAP_NAME "\" static 10.10.10.2 255.255.255.252 10.10.10.1 1";
+  const DWORD  cmdlen = 1024;
+  LPTSTR cmd;
+  LPTSTR netsh = "netsh.exe";
+
+  cmd = malloc(cmdlen);
+
+  snprintf (cmd, cmdlen,
+            "\"%s\" interface ip set address \"%s\" static %s %s %s 1",
+            netsh,
+            TOR_TAP_NAME,
+            TOR_TAP_HOSTIP,
+            TOR_TAP_NET,
+            TOR_TAP_VMIP);
   ldebug ("Tap config cmd: %s", cmd);
   if (! runcommand(cmd)) {
+    free (cmd);
     return FALSE;
   }
-  cmd = "\"netsh.exe\" interface ip set dns \"" TOR_TAP_NAME "\" static 4.2.2.2";
-  ldebug ("Tap config cmd: %s", cmd);
+  snprintf (cmd, cmdlen,
+            "\"%s\" interface ip set dns  \"%s\" static %s",
+            netsh,
+            TOR_TAP_NAME,
+            TOR_TAP_DNS1);
+  ldebug ("Tap dns config cmd: %s", cmd);
   if (! runcommand(cmd)) {
+    free (cmd);
     return FALSE;
   }
-  cmd = "\"netsh.exe\" interface ip add dns \"" TOR_TAP_NAME "\" 4.2.2.4";
-  ldebug ("Tap config cmd: %s", cmd);
+  snprintf (cmd, cmdlen,
+            "\"%s\" interface ip add dns  \"%s\" %s",
+            netsh,
+            TOR_TAP_NAME,
+            TOR_TAP_DNS2);
+  ldebug ("Tap dns2 config cmd: %s", cmd);
   if (! runcommand(cmd)) {
+    free (cmd);
     return FALSE;
   }
   ldebug ("Tap config complete.");
+  free (cmd);
   return TRUE;
 }
 
@@ -1377,38 +1407,48 @@
                    char **               cmdline)
 {
 /* DHCPSVR DHCPNAME LEASE ISDHCP CTLSOCK HASHPW */
-  *cmdline = malloc(4096);
+  const DWORD  cmdlen = 4096;
+  *cmdline = malloc(cmdlen);
   const char * basecmds = "quiet loglevel=0 clocksource=hpet";
   const char * dbgcmds  = "loglevel=9 clocksource=hpet DEBUGINIT";
+  /* control port password is "password"
+   * TODO: use Crypto API to collect entropy for ephemeral password generation
+   */
+  char * ctlpass = "16:6407E39581A121B26051A360CA8BB1535C73877C894E7B6EC554422789";
+
   if (noinit) {
-    snprintf (*cmdline, 4095,
+    snprintf (*cmdline, cmdlen -1,
               "%s NOINIT",
               basecmds);
   }
   else {
     if (brif->isdhcp == FALSE) {
-      snprintf (*cmdline, 4095,
-                "%s IP=%s MASK=%s GW=%s MAC=%s MTU=1480 PRIVIP=10.10.10.1",
+      snprintf (*cmdline, cmdlen -1,
+                "%s IP=%s MASK=%s GW=%s MAC=%s MTU=%d PRIVIP=%s CTLSOCK=%s:9051 HASHPW=%s",
                 usedebug ? dbgcmds : basecmds,
                 brif->ipaddr,
                 brif->netmask,
                 brif->gateway,
-                brif->macaddr);
+                brif->macaddr,
+                CAP_MTU,
+                TOR_TAP_VMIP,
+                TOR_TAP_VMIP,
+                ctlpass);
     }
     else {
-      snprintf (*cmdline, 4095,
-                "%s IP=%s MASK=%s GW=%s MAC=%s MTU=1480 PRIVIP=10.10.10.1 ISDHCP DHCPSVR=%s DHCPNAME=%s CTLSOCK=10.10.10.1:9051 HASHPW=%s",
+      snprintf (*cmdline, cmdlen -1,
+                "%s IP=%s MASK=%s GW=%s MAC=%s MTU=%d PRIVIP=%s ISDHCP DHCPSVR=%s DHCPNAME=%s CTLSOCK=%s:9051 HASHPW=%s",
                 usedebug ? dbgcmds : basecmds,
                 brif->ipaddr,
                 brif->netmask,
                 brif->gateway,
                 brif->macaddr,
+                CAP_MTU,
+                TOR_TAP_VMIP,
                 brif->dhcpsvr,
                 brif->dhcpname,
-                /* control port password is "password"
-                 * TODO: use Crypto API to collect entropy for ephemeral password generation
-                 */
-                "16:6407E39581A121B26051A360CA8BB1535C73877C894E7B6EC554422789");
+                TOR_TAP_VMIP,
+                ctlpass);
     }
   }
   return TRUE;
@@ -1978,6 +2018,10 @@
     goto shutdown;
   }
 
+  /* TODO: once the pcap bridge is up we can re-enable the firewall IF we
+   * add an exception for the control port on the Tap adapter.
+   */
+
   waitforit(&pi);
 
   linfo ("Tor VM closed, restoring host network and services.");
@@ -1988,7 +2032,7 @@
       lerror ("Unable to re-enable windows firewall.");
     }
   }
- /* TEMP: leave for now ....
+ /* TODO: leave for now, perhaps as default unless running from removable media?
   if (! uninstalltap()) {
     lerror ("Unable to remove TAP-Win32 device.");
   }