Re: [Help-gnunet] nsswitch not resolving VPN records

help-gnunet

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnunet] nsswitch not resolving VPN records

From:	Ivan Vilata-i-Balaguer
Subject:	Re: [Help-gnunet] nsswitch not resolving VPN records
Date:	Fri, 24 Feb 2017 14:04:13 +0100
User-agent:	Mutt/1.7.2 (2016-11-26)

Christian Grothoff (2017-02-23 23:08:44 +0100) wrote:

> Dear Ivan,
> 
> First of all, 0.10.1-4 is like 3+ years old, so I'm likely to have
> forgotten about some of the 350+ issues we've fixed since.  Generally,
> we right now recommend people (especially devs) to use the code from
> Git, even though that's naturally somewhat unstable.  That said, I
> just had reason to test the VPN resolution logic, and for me it works
> right now (in Git master).

Oh, so you probably fixed this issue already upstream.

> Anyway, about your specific problem: When the gnunet-service-gns gets
> a 'VPN' record and is expected to produce an 'A' (or 'AAAA') record,
> it must talk to gnunet-service-vpn to obtain the IPv4/IPv6 address.
> You can do the same kind of operation using the 'gnunet-vpn'
> command-line tool (specify info from VPN record, it should return the
> IP).  If gnunet-service-vpn is
> 
> * not running (even though it should be started automatically),
> * not working (i.e. interface not up, SUID gnunet-helper-vpn not
>   properly installed)
> * or somehow not accessible (access control policy on UNIX domain
>   socket, iptables blocking TCP port, etc)
> 
> it will block/retry until VPN becomes available (which of course usually
> means "never" in the 3 cases above).
> 
> To diagnose, you might try running 'gnunet-vpn' with the matching
> information from the VPN record as the same user that executes
> gnunet-service-gns.  If that works, eh, well, then I don't know and
> would have to start debugging (but I don't debug 0.10.1 anymore).

Ok, so I got:

    $ gnunet-gns -u www.gnu -t VPN
    www.gnu:
    Got `VPN' record: 6 XXXXXXXX bcd

So I ran:

    $ gnunet-vpn -t -p XXXXXXXX -s bcd -V

But the program got stuck there.  Actually there was no
``gnunet-service-vpn`` running and ``gnunet-helper-vpn`` was not SUID,
so I enabled the SUID bit.  I even enabled the PL/VPN system service
with ``gnunet-setup`` for the ``gnunet`` user, but still the same
result.

Anyway, I get from your initial paragraph that it makes no sense trying
to work around issues in such an old release that may have been fixed
later.  I'll try to build a newer version when I find more time!

BTW, are you planning to launch some stable release soon?

Thanks a lot for your help!

-- 
Ivan Vilata i Balaguer

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnunet] nsswitch not resolving VPN records, Ivan Vilata-i-Balaguer, 2017/02/22
- Re: [Help-gnunet] nsswitch not resolving VPN records, Christian Grothoff, 2017/02/23
  - Re: [Help-gnunet] nsswitch not resolving VPN records, Ivan Vilata-i-Balaguer <=
    - Re: [Help-gnunet] nsswitch not resolving VPN records, Christian Grothoff, 2017/02/24

Prev by Date: Re: [Help-gnunet] Building a new censorship circumvention tool: what do we need to know?
Next by Date: Re: [Help-gnunet] Building a new censorship circumvention tool: what do we need to know?
Previous by thread: Re: [Help-gnunet] nsswitch not resolving VPN records
Next by thread: Re: [Help-gnunet] nsswitch not resolving VPN records
Index(es):
- Date
- Thread