From 25fe435abf5c20a476ce766f6747f1a94cc6ff31 Mon Sep 17 00:00:00 2001 From: Brian Sipos Date: Mon, 25 Nov 2024 20:56:04 -0500 Subject: [PATCH] Enable dtls use on 22.04 --- README.md | 9 +++++++-- container/Dockerfile | 8 ++++++++ src/udpcl/agent.py | 6 ++++++ 3 files changed, 21 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 5141979..0046ed9 100644 --- a/README.md +++ b/README.md @@ -93,6 +93,11 @@ where `gentype` of "fullvalid" generates valid BPv7 test bundles, and `gencount` The `run.py` commands use the environment `DOCKER` to control the container tool. For example in fedora use the environment `DOCKER="sudo podman"`. +To install prerequisites for python run: +``` +pip3 install '.[container]' +``` + To initialize and start a set of containers: ``` python3 container/run.py --config container/example.yaml delete prep start @@ -100,7 +105,7 @@ python3 container/run.py --config container/example.yaml delete prep start To observe the log of one of the nodes: ``` -docker container exec -it node003 journalctl -f +docker container exec -it node000 journalctl -f ``` To capture traffic across container networks, run similar to: @@ -110,7 +115,7 @@ wireshark -i br-dtnA -i br-dtnB -f 'port 4556 or port 1113 or icmp' -Y 'bpv7' -k To call DBus methods in one of the nodes: ``` -docker container exec -it node003 dbus-send --system --print-reply --dest=org.ietf.dtn.node.udpcl /org/ietf/dtn/udpcl/Agent org.ietf.dtn.udpcl.Agent.pmtud_start string:node002. uint16:4556 +docker container exec -it node000 dbus-send --system --print-reply --dest=org.ietf.dtn.node.udpcl /org/ietf/dtn/udpcl/Agent org.ietf.dtn.udpcl.Agent.pmtud_start string:node002. uint16:4556 ``` To perform an ACME validation exchange between two nodes run the script: diff --git a/container/Dockerfile b/container/Dockerfile index 4596b63..7dde759 100644 --- a/container/Dockerfile +++ b/container/Dockerfile @@ -32,6 +32,14 @@ RUN --mount=type=cache,target=/root/.cache/pip \ pip3 install --upgrade pip && \ pip3 install pip-tools maturin +# Work-around python3-dtls requiring openssl-1.1 but not available on 22.04 +RUN --mount=type=cache,target=/var/cache/apt apt-get update && \ + apt-get install -yq curl && \ + curl -svLO http://archive.ubuntu.com/ubuntu/pool/main/o/openssl/libssl1.1_1.1.1f-1ubuntu2.23_amd64.deb && \ + dpkg -i libssl1.1_*_amd64.deb && \ + apt-get -fy install && \ + rm libssl1.1_*_amd64.deb + COPY pyproject.toml /root/agent/ #RUN --mount=type=cache,target=/root/.cache/pip \ # cd /root/agent && \ diff --git a/src/udpcl/agent.py b/src/udpcl/agent.py index 19c6c2e..b4181bf 100644 --- a/src/udpcl/agent.py +++ b/src/udpcl/agent.py @@ -391,6 +391,9 @@ def listen(self, address, port, opts=None): sock = conv.make_local_socket() self.__logger.info('Listening on %s:%d', conv.local_address, conv.local_port) + if conv.family == socket.AF_INET: + sock.setsockopt(socket.IPPROTO_IP, socket.IP_RECVTOS, 1) + multicast_member = opts.get('multicast_member', []) for item in multicast_member: addr = str(item['addr']) @@ -692,6 +695,9 @@ def _sock_recvfrom(self, sock, *_args, **_kwargs): self.__logger.info('Received %d octets via plain on %s', len(data), conv) + for cmsg_level, cmsg_type, cmsg_data in ancdata: + if (cmsg_level, cmsg_type) == (socket.IPPROTO_IP, socket.IP_TOS): + self.__logger.info('With TOS field %02x', cmsg_data[0]) self._plain_sock[conv.key] = sock self._recv_datagram(sock, data, conv, ip_tos) return True