aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristian Grothoff <christian@grothoff.org>2019-04-27 16:58:19 +0200
committerChristian Grothoff <christian@grothoff.org>2019-04-27 17:00:44 +0200
commit2656f4ae9535ecbb2972c8b0e84ab31ab51baaf4 (patch)
tree8e152796003497b17393be5ac4199f07d3ff884a
parentf55721359af11939257a757453130e3887226534 (diff)
downloadgnunet-2656f4ae9535ecbb2972c8b0e84ab31ab51baaf4.tar.gz
gnunet-2656f4ae9535ecbb2972c8b0e84ab31ab51baaf4.zip
fix validity vs. monotime
-rw-r--r--src/transport/gnunet-communicator-tcp.c859
-rw-r--r--src/transport/gnunet-communicator-udp.c1104
-rw-r--r--src/transport/gnunet-service-tng.c41
3 files changed, 789 insertions, 1215 deletions
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c
index e9223401f..8ab99700c 100644
--- a/src/transport/gnunet-communicator-tcp.c
+++ b/src/transport/gnunet-communicator-tcp.c
@@ -46,7 +46,8 @@
46 * How long do we believe our addresses to remain up (before 46 * How long do we believe our addresses to remain up (before
47 * the other peer should revalidate). 47 * the other peer should revalidate).
48 */ 48 */
49#define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 4) 49#define ADDRESS_VALIDITY_PERIOD \
50 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 4)
50 51
51/** 52/**
52 * How many messages do we keep at most in the queue to the 53 * How many messages do we keep at most in the queue to the
@@ -84,7 +85,9 @@
84 * Size of the initial key exchange message sent first in both 85 * Size of the initial key exchange message sent first in both
85 * directions. 86 * directions.
86 */ 87 */
87#define INITIAL_KX_SIZE (sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)+sizeof (struct TCPConfirmation)) 88#define INITIAL_KX_SIZE \
89 (sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + \
90 sizeof (struct TCPConfirmation))
88 91
89 92
90/** 93/**
@@ -154,7 +157,6 @@ struct TCPConfirmation
154 * (if receiver persists times by sender). 157 * (if receiver persists times by sender).
155 */ 158 */
156 struct GNUNET_TIME_AbsoluteNBO monotonic_time; 159 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
157
158}; 160};
159 161
160 162
@@ -175,7 +177,7 @@ struct TCPBox
175 /** 177 /**
176 * HMAC for the following encrypted message. Yes, we MUST use 178 * HMAC for the following encrypted message. Yes, we MUST use
177 * mac-then-encrypt here, as we want to hide the message sizes on 179 * mac-then-encrypt here, as we want to hide the message sizes on
178 * the wire (zero plaintext design!). Using CTR mode padding oracle 180 * the wire (zero plaintext design!). Using CTR mode, padding oracle
179 * attacks do not apply. Besides, due to the use of ephemeral keys 181 * attacks do not apply. Besides, due to the use of ephemeral keys
180 * (hopefully with effective replay protection from monotonic time!) 182 * (hopefully with effective replay protection from monotonic time!)
181 * the attacker is limited in using the oracle. 183 * the attacker is limited in using the oracle.
@@ -184,7 +186,6 @@ struct TCPBox
184 186
185 /* followed by as may bytes of payload as indicated in @e header, 187 /* followed by as may bytes of payload as indicated in @e header,
186 excluding the TCPBox itself! */ 188 excluding the TCPBox itself! */
187
188}; 189};
189 190
190 191
@@ -225,7 +226,6 @@ struct TCPRekey
225 * (if receiver persists times by sender). 226 * (if receiver persists times by sender).
226 */ 227 */
227 struct GNUNET_TIME_AbsoluteNBO monotonic_time; 228 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
228
229}; 229};
230 230
231 231
@@ -251,7 +251,6 @@ struct TCPFinish
251 * the attacker is limited in using the oracle. 251 * the attacker is limited in using the oracle.
252 */ 252 */
253 struct GNUNET_ShortHashCode hmac; 253 struct GNUNET_ShortHashCode hmac;
254
255}; 254};
256 255
257 256
@@ -296,7 +295,8 @@ struct Queue
296 struct GNUNET_HashCode out_hmac; 295 struct GNUNET_HashCode out_hmac;
297 296
298 /** 297 /**
299 * Our ephemeral key. Stored here temporarily during rekeying / key generation. 298 * Our ephemeral key. Stored here temporarily during rekeying / key
299 * generation.
300 */ 300 */
301 struct GNUNET_CRYPTO_EcdhePrivateKey ephemeral; 301 struct GNUNET_CRYPTO_EcdhePrivateKey ephemeral;
302 302
@@ -600,10 +600,9 @@ queue_destroy (struct Queue *queue)
600 GNUNET_TRANSPORT_communicator_mq_del (queue->qh); 600 GNUNET_TRANSPORT_communicator_mq_del (queue->qh);
601 queue->qh = NULL; 601 queue->qh = NULL;
602 } 602 }
603 GNUNET_assert (GNUNET_YES == 603 GNUNET_assert (
604 GNUNET_CONTAINER_multipeermap_remove (queue_map, 604 GNUNET_YES ==
605 &queue->target, 605 GNUNET_CONTAINER_multipeermap_remove (queue_map, &queue->target, queue));
606 queue));
607 GNUNET_STATISTICS_set (stats, 606 GNUNET_STATISTICS_set (stats,
608 "# queues active", 607 "# queues active",
609 GNUNET_CONTAINER_multipeermap_size (queue_map), 608 GNUNET_CONTAINER_multipeermap_size (queue_map),
@@ -656,9 +655,7 @@ calculate_hmac (struct GNUNET_HashCode *hmac_secret,
656 buf_size, 655 buf_size,
657 &mac); 656 &mac);
658 /* truncate to `struct GNUNET_ShortHashCode` */ 657 /* truncate to `struct GNUNET_ShortHashCode` */
659 memcpy (smac, 658 memcpy (smac, &mac, sizeof (struct GNUNET_ShortHashCode));
660 &mac,
661 sizeof (struct GNUNET_ShortHashCode));
662 /* ratchet hmac key */ 659 /* ratchet hmac key */
663 GNUNET_CRYPTO_hash (hmac_secret, 660 GNUNET_CRYPTO_hash (hmac_secret,
664 sizeof (struct GNUNET_HashCode), 661 sizeof (struct GNUNET_HashCode),
@@ -677,21 +674,14 @@ queue_finish (struct Queue *queue)
677{ 674{
678 struct TCPFinish fin; 675 struct TCPFinish fin;
679 676
680 memset (&fin, 677 memset (&fin, 0, sizeof (fin));
681 0,
682 sizeof (fin));
683 fin.header.size = htons (sizeof (fin)); 678 fin.header.size = htons (sizeof (fin));
684 fin.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH); 679 fin.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH);
685 calculate_hmac (&queue->out_hmac, 680 calculate_hmac (&queue->out_hmac, &fin, sizeof (fin), &fin.hmac);
686 &fin,
687 sizeof (fin),
688 &fin.hmac);
689 /* if there is any message left in pwrite_buf, we 681 /* if there is any message left in pwrite_buf, we
690 overwrite it (possibly dropping the last message 682 overwrite it (possibly dropping the last message
691 from CORE hard here) */ 683 from CORE hard here) */
692 memcpy (queue->pwrite_buf, 684 memcpy (queue->pwrite_buf, &fin, sizeof (fin));
693 &fin,
694 sizeof (fin));
695 queue->pwrite_off = sizeof (fin); 685 queue->pwrite_off = sizeof (fin);
696 /* This flag will ensure that #queue_write() no longer 686 /* This flag will ensure that #queue_write() no longer
697 notifies CORE about the possibility of sending 687 notifies CORE about the possibility of sending
@@ -711,8 +701,8 @@ queue_finish (struct Queue *queue)
711static void 701static void
712reschedule_queue_timeout (struct Queue *queue) 702reschedule_queue_timeout (struct Queue *queue)
713{ 703{
714 queue->timeout 704 queue->timeout =
715 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); 705 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
716} 706}
717 707
718 708
@@ -733,8 +723,7 @@ queue_read (void *cls);
733 * @param success #GNUNET_OK on success 723 * @param success #GNUNET_OK on success
734 */ 724 */
735static void 725static void
736core_read_finished_cb (void *cls, 726core_read_finished_cb (void *cls, int success)
737 int success)
738{ 727{
739 struct Queue *queue = cls; 728 struct Queue *queue = cls;
740 729
@@ -745,8 +734,7 @@ core_read_finished_cb (void *cls,
745 GNUNET_NO); 734 GNUNET_NO);
746 queue->backpressure--; 735 queue->backpressure--;
747 /* handle deferred queue destruction */ 736 /* handle deferred queue destruction */
748 if ( (queue->destroyed) && 737 if ((queue->destroyed) && (0 == queue->backpressure))
749 (0 == queue->backpressure) )
750 { 738 {
751 GNUNET_free (queue); 739 GNUNET_free (queue);
752 return; 740 return;
@@ -754,11 +742,12 @@ core_read_finished_cb (void *cls,
754 reschedule_queue_timeout (queue); 742 reschedule_queue_timeout (queue);
755 /* possibly unchoke reading, now that CORE made progress */ 743 /* possibly unchoke reading, now that CORE made progress */
756 if (NULL == queue->read_task) 744 if (NULL == queue->read_task)
757 queue->read_task 745 queue->read_task =
758 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_absolute_get_remaining (queue->timeout), 746 GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_absolute_get_remaining (
759 queue->sock, 747 queue->timeout),
760 &queue_read, 748 queue->sock,
761 queue); 749 &queue_read,
750 queue);
762} 751}
763 752
764 753
@@ -818,39 +807,35 @@ setup_cipher (const struct GNUNET_HashCode *dh,
818 gcry_cipher_hd_t *cipher, 807 gcry_cipher_hd_t *cipher,
819 struct GNUNET_HashCode *hmac_key) 808 struct GNUNET_HashCode *hmac_key)
820{ 809{
821 char key[256/8]; 810 char key[256 / 8];
822 char ctr[128/8]; 811 char ctr[128 / 8];
823 812
824 gcry_cipher_open (cipher, 813 gcry_cipher_open (cipher,
825 GCRY_CIPHER_AES256 /* low level: go for speed */, 814 GCRY_CIPHER_AES256 /* low level: go for speed */,
826 GCRY_CIPHER_MODE_CTR, 815 GCRY_CIPHER_MODE_CTR,
827 0 /* flags */); 816 0 /* flags */);
828 GNUNET_assert (GNUNET_YES == 817 GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (key,
829 GNUNET_CRYPTO_kdf (key, 818 sizeof (key),
830 sizeof (key), 819 "TCP-key",
831 "TCP-key", 820 strlen ("TCP-key"),
832 strlen ("TCP-key"), 821 dh,
833 dh, 822 sizeof (*dh),
834 sizeof (*dh), 823 pid,
835 pid, 824 sizeof (*pid),
836 sizeof (*pid), 825 NULL,
837 NULL, 0)); 826 0));
838 gcry_cipher_setkey (*cipher, 827 gcry_cipher_setkey (*cipher, key, sizeof (key));
839 key, 828 GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (ctr,
840 sizeof (key)); 829 sizeof (ctr),
841 GNUNET_assert (GNUNET_YES == 830 "TCP-ctr",
842 GNUNET_CRYPTO_kdf (ctr, 831 strlen ("TCP-ctr"),
843 sizeof (ctr), 832 dh,
844 "TCP-ctr", 833 sizeof (*dh),
845 strlen ("TCP-ctr"), 834 pid,
846 dh, 835 sizeof (*pid),
847 sizeof (*dh), 836 NULL,
848 pid, 837 0));
849 sizeof (*pid), 838 gcry_cipher_setctr (*cipher, ctr, sizeof (ctr));
850 NULL, 0));
851 gcry_cipher_setctr (*cipher,
852 ctr,
853 sizeof (ctr));
854 GNUNET_assert (GNUNET_YES == 839 GNUNET_assert (GNUNET_YES ==
855 GNUNET_CRYPTO_kdf (hmac_key, 840 GNUNET_CRYPTO_kdf (hmac_key,
856 sizeof (struct GNUNET_HashCode), 841 sizeof (struct GNUNET_HashCode),
@@ -860,7 +845,8 @@ setup_cipher (const struct GNUNET_HashCode *dh,
860 sizeof (*dh), 845 sizeof (*dh),
861 pid, 846 pid,
862 sizeof (*pid), 847 sizeof (*pid),
863 NULL, 0)); 848 NULL,
849 0));
864} 850}
865 851
866 852
@@ -876,13 +862,8 @@ setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
876{ 862{
877 struct GNUNET_HashCode dh; 863 struct GNUNET_HashCode dh;
878 864
879 GNUNET_CRYPTO_eddsa_ecdh (my_private_key, 865 GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &dh);
880 ephemeral, 866 setup_cipher (&dh, &my_identity, &queue->in_cipher, &queue->in_hmac);
881 &dh);
882 setup_cipher (&dh,
883 &my_identity,
884 &queue->in_cipher,
885 &queue->in_hmac);
886} 867}
887 868
888 869
@@ -895,8 +876,7 @@ setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
895 * @param rekey the rekey message 876 * @param rekey the rekey message
896 */ 877 */
897static void 878static void
898do_rekey (struct Queue *queue, 879do_rekey (struct Queue *queue, const struct TCPRekey *rekey)
899 const struct TCPRekey *rekey)
900{ 880{
901 struct TcpHandshakeSignature thp; 881 struct TcpHandshakeSignature thp;
902 882
@@ -918,8 +898,7 @@ do_rekey (struct Queue *queue,
918 } 898 }
919 gcry_cipher_close (queue->in_cipher); 899 gcry_cipher_close (queue->in_cipher);
920 queue->rekeyed = GNUNET_YES; 900 queue->rekeyed = GNUNET_YES;
921 setup_in_cipher (&rekey->ephemeral, 901 setup_in_cipher (&rekey->ephemeral, queue);
922 queue);
923} 902}
924 903
925 904
@@ -933,14 +912,11 @@ do_rekey (struct Queue *queue,
933static size_t 912static size_t
934try_handle_plaintext (struct Queue *queue) 913try_handle_plaintext (struct Queue *queue)
935{ 914{
936 const struct GNUNET_MessageHeader *hdr 915 const struct GNUNET_MessageHeader *hdr =
937 = (const struct GNUNET_MessageHeader *) queue->pread_buf; 916 (const struct GNUNET_MessageHeader *) queue->pread_buf;
938 const struct TCPBox *box 917 const struct TCPBox *box = (const struct TCPBox *) queue->pread_buf;
939 = (const struct TCPBox *) queue->pread_buf; 918 const struct TCPRekey *rekey = (const struct TCPRekey *) queue->pread_buf;
940 const struct TCPRekey *rekey 919 const struct TCPFinish *fin = (const struct TCPFinish *) queue->pread_buf;
941 = (const struct TCPRekey *) queue->pread_buf;
942 const struct TCPFinish *fin
943 = (const struct TCPFinish *) queue->pread_buf;
944 struct TCPRekey rekeyz; 920 struct TCPRekey rekeyz;
945 struct TCPFinish finz; 921 struct TCPFinish finz;
946 struct GNUNET_ShortHashCode tmac; 922 struct GNUNET_ShortHashCode tmac;
@@ -956,21 +932,14 @@ try_handle_plaintext (struct Queue *queue)
956 /* Special case: header size excludes box itself! */ 932 /* Special case: header size excludes box itself! */
957 if (ntohs (hdr->size) + sizeof (struct TCPBox) > queue->pread_off) 933 if (ntohs (hdr->size) + sizeof (struct TCPBox) > queue->pread_off)
958 return 0; 934 return 0;
959 calculate_hmac (&queue->in_hmac, 935 calculate_hmac (&queue->in_hmac, &box[1], ntohs (hdr->size), &tmac);
960 &box[1], 936 if (0 != memcmp (&tmac, &box->hmac, sizeof (tmac)))
961 ntohs (hdr->size),
962 &tmac);
963 if (0 != memcmp (&tmac,
964 &box->hmac,
965 sizeof (tmac)))
966 { 937 {
967 GNUNET_break_op (0); 938 GNUNET_break_op (0);
968 queue_finish (queue); 939 queue_finish (queue);
969 return 0; 940 return 0;
970 } 941 }
971 pass_plaintext_to_core (queue, 942 pass_plaintext_to_core (queue, (const void *) &box[1], ntohs (hdr->size));
972 (const void *) &box[1],
973 ntohs (hdr->size));
974 size = ntohs (hdr->size) + sizeof (*box); 943 size = ntohs (hdr->size) + sizeof (*box);
975 break; 944 break;
976 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY: 945 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY:
@@ -983,23 +952,15 @@ try_handle_plaintext (struct Queue *queue)
983 return 0; 952 return 0;
984 } 953 }
985 rekeyz = *rekey; 954 rekeyz = *rekey;
986 memset (&rekeyz.hmac, 955 memset (&rekeyz.hmac, 0, sizeof (rekeyz.hmac));
987 0, 956 calculate_hmac (&queue->in_hmac, &rekeyz, sizeof (rekeyz), &tmac);
988 sizeof (rekeyz.hmac)); 957 if (0 != memcmp (&tmac, &box->hmac, sizeof (tmac)))
989 calculate_hmac (&queue->in_hmac,
990 &rekeyz,
991 sizeof (rekeyz),
992 &tmac);
993 if (0 != memcmp (&tmac,
994 &box->hmac,
995 sizeof (tmac)))
996 { 958 {
997 GNUNET_break_op (0); 959 GNUNET_break_op (0);
998 queue_finish (queue); 960 queue_finish (queue);
999 return 0; 961 return 0;
1000 } 962 }
1001 do_rekey (queue, 963 do_rekey (queue, rekey);
1002 rekey);
1003 size = ntohs (hdr->size); 964 size = ntohs (hdr->size);
1004 break; 965 break;
1005 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH: 966 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH:
@@ -1012,16 +973,9 @@ try_handle_plaintext (struct Queue *queue)
1012 return 0; 973 return 0;
1013 } 974 }
1014 finz = *fin; 975 finz = *fin;
1015 memset (&finz.hmac, 976 memset (&finz.hmac, 0, sizeof (finz.hmac));
1016 0, 977 calculate_hmac (&queue->in_hmac, &rekeyz, sizeof (rekeyz), &tmac);
1017 sizeof (finz.hmac)); 978 if (0 != memcmp (&tmac, &fin->hmac, sizeof (tmac)))
1018 calculate_hmac (&queue->in_hmac,
1019 &rekeyz,
1020 sizeof (rekeyz),
1021 &tmac);
1022 if (0 != memcmp (&tmac,
1023 &fin->hmac,
1024 sizeof (tmac)))
1025 { 979 {
1026 GNUNET_break_op (0); 980 GNUNET_break_op (0);
1027 queue_finish (queue); 981 queue_finish (queue);
@@ -1058,27 +1012,22 @@ queue_read (void *cls)
1058 BUF_SIZE - queue->cread_off); 1012 BUF_SIZE - queue->cread_off);
1059 if (-1 == rcvd) 1013 if (-1 == rcvd)
1060 { 1014 {
1061 if ( (EAGAIN != errno) && 1015 if ((EAGAIN != errno) && (EINTR != errno))
1062 (EINTR != errno) )
1063 { 1016 {
1064 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, 1017 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "recv");
1065 "recv");
1066 queue_finish (queue); 1018 queue_finish (queue);
1067 return; 1019 return;
1068 } 1020 }
1069 /* try again */ 1021 /* try again */
1070 queue->read_task 1022 queue->read_task =
1071 = GNUNET_SCHEDULER_add_read_net (left, 1023 GNUNET_SCHEDULER_add_read_net (left, queue->sock, &queue_read, queue);
1072 queue->sock,
1073 &queue_read,
1074 queue);
1075 return; 1024 return;
1076 } 1025 }
1077 if (0 != rcvd) 1026 if (0 != rcvd)
1078 reschedule_queue_timeout (queue); 1027 reschedule_queue_timeout (queue);
1079 queue->cread_off += rcvd; 1028 queue->cread_off += rcvd;
1080 while ( (queue->pread_off < sizeof (queue->pread_buf)) && 1029 while ((queue->pread_off < sizeof (queue->pread_buf)) &&
1081 (queue->cread_off > 0) ) 1030 (queue->cread_off > 0))
1082 { 1031 {
1083 size_t max = GNUNET_MIN (sizeof (queue->pread_buf) - queue->pread_off, 1032 size_t max = GNUNET_MIN (sizeof (queue->pread_buf) - queue->pread_off,
1084 queue->cread_off); 1033 queue->cread_off);
@@ -1093,14 +1042,14 @@ queue_read (void *cls)
1093 max)); 1042 max));
1094 queue->pread_off += max; 1043 queue->pread_off += max;
1095 total = 0; 1044 total = 0;
1096 while ( (GNUNET_NO == queue->rekeyed) && 1045 while ((GNUNET_NO == queue->rekeyed) &&
1097 (0 != (done = try_handle_plaintext (queue))) ) 1046 (0 != (done = try_handle_plaintext (queue))))
1098 { 1047 {
1099 /* 'done' bytes of plaintext were used, shift buffer */ 1048 /* 'done' bytes of plaintext were used, shift buffer */
1100 GNUNET_assert (done <= queue->pread_off); 1049 GNUNET_assert (done <= queue->pread_off);
1101 /* NOTE: this memmove() could possibly sometimes be 1050 /* NOTE: this memmove() could possibly sometimes be
1102 avoided if we pass 'total' into try_handle_plaintext() 1051 avoided if we pass 'total' into try_handle_plaintext()
1103 and use it at an offset into the buffer there! */ 1052 and use it at an offset into the buffer there! */
1104 memmove (queue->pread_buf, 1053 memmove (queue->pread_buf,
1105 &queue->pread_buf[done], 1054 &queue->pread_buf[done],
1106 queue->pread_off - done); 1055 queue->pread_off - done);
@@ -1117,9 +1066,7 @@ queue_read (void *cls)
1117 max = total; 1066 max = total;
1118 queue->rekeyed = GNUNET_NO; 1067 queue->rekeyed = GNUNET_NO;
1119 } 1068 }
1120 memmove (queue->cread_buf, 1069 memmove (queue->cread_buf, &queue->cread_buf[max], queue->cread_off - max);
1121 &queue->cread_buf[max],
1122 queue->cread_off - max);
1123 queue->cread_off -= max; 1070 queue->cread_off -= max;
1124 } 1071 }
1125 1072
@@ -1131,19 +1078,17 @@ queue_read (void *cls)
1131 if (max_queue_length < queue->backpressure) 1078 if (max_queue_length < queue->backpressure)
1132 { 1079 {
1133 /* continue reading */ 1080 /* continue reading */
1134 queue->read_task 1081 queue->read_task =
1135 = GNUNET_SCHEDULER_add_read_net (left, 1082 GNUNET_SCHEDULER_add_read_net (left, queue->sock, &queue_read, queue);
1136 queue->sock,
1137 &queue_read,
1138 queue);
1139 } 1083 }
1140 return; 1084 return;
1141 } 1085 }
1142 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1086 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1143 "Queue %p was idle for %s, disconnecting\n", 1087 "Queue %p was idle for %s, disconnecting\n",
1144 queue, 1088 queue,
1145 GNUNET_STRINGS_relative_time_to_string (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, 1089 GNUNET_STRINGS_relative_time_to_string (
1146 GNUNET_YES)); 1090 GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT,
1091 GNUNET_YES));
1147 queue_finish (queue); 1092 queue_finish (queue);
1148} 1093}
1149 1094
@@ -1156,8 +1101,7 @@ queue_read (void *cls)
1156 * @return converted bindto specification 1101 * @return converted bindto specification
1157 */ 1102 */
1158static struct sockaddr * 1103static struct sockaddr *
1159tcp_address_to_sockaddr (const char *bindto, 1104tcp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
1160 socklen_t *sock_len)
1161{ 1105{
1162 struct sockaddr *in; 1106 struct sockaddr *in;
1163 unsigned int port; 1107 unsigned int port;
@@ -1165,10 +1109,7 @@ tcp_address_to_sockaddr (const char *bindto,
1165 char *colon; 1109 char *colon;
1166 char *cp; 1110 char *cp;
1167 1111
1168 if (1 == SSCANF (bindto, 1112 if (1 == SSCANF (bindto, "%u%1s", &port, dummy))
1169 "%u%1s",
1170 &port,
1171 dummy))
1172 { 1113 {
1173 /* interpreting value as just a PORT number */ 1114 /* interpreting value as just a PORT number */
1174 if (port > UINT16_MAX) 1115 if (port > UINT16_MAX)
@@ -1178,12 +1119,11 @@ tcp_address_to_sockaddr (const char *bindto,
1178 bindto); 1119 bindto);
1179 return NULL; 1120 return NULL;
1180 } 1121 }
1181 if ( (GNUNET_NO == 1122 if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
1182 GNUNET_NETWORK_test_pf (PF_INET6)) || 1123 (GNUNET_YES ==
1183 (GNUNET_YES == 1124 GNUNET_CONFIGURATION_get_value_yesno (cfg,
1184 GNUNET_CONFIGURATION_get_value_yesno (cfg, 1125 COMMUNICATOR_CONFIG_SECTION,
1185 COMMUNICATOR_CONFIG_SECTION, 1126 "DISABLE_V6")))
1186 "DISABLE_V6")) )
1187 { 1127 {
1188 struct sockaddr_in *i4; 1128 struct sockaddr_in *i4;
1189 1129
@@ -1212,10 +1152,7 @@ tcp_address_to_sockaddr (const char *bindto,
1212 /* interpet value after colon as port */ 1152 /* interpet value after colon as port */
1213 *colon = '\0'; 1153 *colon = '\0';
1214 colon++; 1154 colon++;
1215 if (1 == SSCANF (colon, 1155 if (1 == SSCANF (colon, "%u%1s", &port, dummy))
1216 "%u%1s",
1217 &port,
1218 dummy))
1219 { 1156 {
1220 /* interpreting value as just a PORT number */ 1157 /* interpreting value as just a PORT number */
1221 if (port > UINT16_MAX) 1158 if (port > UINT16_MAX)
@@ -1229,9 +1166,10 @@ tcp_address_to_sockaddr (const char *bindto,
1229 } 1166 }
1230 else 1167 else
1231 { 1168 {
1232 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 1169 GNUNET_log (
1233 "BINDTO specification `%s' invalid: last ':' not followed by number\n", 1170 GNUNET_ERROR_TYPE_ERROR,
1234 bindto); 1171 "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1172 bindto);
1235 GNUNET_free (cp); 1173 GNUNET_free (cp);
1236 return NULL; 1174 return NULL;
1237 } 1175 }
@@ -1245,13 +1183,10 @@ tcp_address_to_sockaddr (const char *bindto,
1245 /* try IPv4 */ 1183 /* try IPv4 */
1246 struct sockaddr_in v4; 1184 struct sockaddr_in v4;
1247 1185
1248 if (1 == inet_pton (AF_INET, 1186 if (1 == inet_pton (AF_INET, cp, &v4))
1249 cp,
1250 &v4))
1251 { 1187 {
1252 v4.sin_port = htons ((uint16_t) port); 1188 v4.sin_port = htons ((uint16_t) port);
1253 in = GNUNET_memdup (&v4, 1189 in = GNUNET_memdup (&v4, sizeof (v4));
1254 sizeof (v4));
1255 *sock_len = sizeof (v4); 1190 *sock_len = sizeof (v4);
1256 GNUNET_free (cp); 1191 GNUNET_free (cp);
1257 return in; 1192 return in;
@@ -1263,19 +1198,15 @@ tcp_address_to_sockaddr (const char *bindto,
1263 const char *start; 1198 const char *start;
1264 1199
1265 start = cp; 1200 start = cp;
1266 if ( ('[' == *cp) && 1201 if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
1267 (']' == cp[strlen (cp)-1]) )
1268 { 1202 {
1269 start++; /* skip over '[' */ 1203 start++; /* skip over '[' */
1270 cp[strlen (cp) -1] = '\0'; /* eat ']' */ 1204 cp[strlen (cp) - 1] = '\0'; /* eat ']' */
1271 } 1205 }
1272 if (1 == inet_pton (AF_INET6, 1206 if (1 == inet_pton (AF_INET6, start, &v6))
1273 start,
1274 &v6))
1275 { 1207 {
1276 v6.sin6_port = htons ((uint16_t) port); 1208 v6.sin6_port = htons ((uint16_t) port);
1277 in = GNUNET_memdup (&v6, 1209 in = GNUNET_memdup (&v6, sizeof (v6));
1278 sizeof (v6));
1279 *sock_len = sizeof (v6); 1210 *sock_len = sizeof (v6);
1280 GNUNET_free (cp); 1211 GNUNET_free (cp);
1281 return in; 1212 return in;
@@ -1298,20 +1229,13 @@ setup_out_cipher (struct Queue *queue)
1298{ 1229{
1299 struct GNUNET_HashCode dh; 1230 struct GNUNET_HashCode dh;
1300 1231
1301 GNUNET_CRYPTO_ecdh_eddsa (&queue->ephemeral, 1232 GNUNET_CRYPTO_ecdh_eddsa (&queue->ephemeral, &queue->target.public_key, &dh);
1302 &queue->target.public_key,
1303 &dh);
1304 /* we don't need the private key anymore, drop it! */ 1233 /* we don't need the private key anymore, drop it! */
1305 memset (&queue->ephemeral, 1234 memset (&queue->ephemeral, 0, sizeof (queue->ephemeral));
1306 0, 1235 setup_cipher (&dh, &queue->target, &queue->out_cipher, &queue->out_hmac);
1307 sizeof (queue->ephemeral));
1308 setup_cipher (&dh,
1309 &queue->target,
1310 &queue->out_cipher,
1311 &queue->out_hmac);
1312 queue->rekey_time = GNUNET_TIME_relative_to_absolute (REKEY_TIME_INTERVAL); 1236 queue->rekey_time = GNUNET_TIME_relative_to_absolute (REKEY_TIME_INTERVAL);
1313 queue->rekey_left_bytes = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, 1237 queue->rekey_left_bytes =
1314 REKEY_MAX_BYTES); 1238 GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, REKEY_MAX_BYTES);
1315} 1239}
1316 1240
1317 1241
@@ -1328,33 +1252,25 @@ inject_rekey (struct Queue *queue)
1328 struct TcpHandshakeSignature thp; 1252 struct TcpHandshakeSignature thp;
1329 1253
1330 GNUNET_assert (0 == queue->pwrite_off); 1254 GNUNET_assert (0 == queue->pwrite_off);
1331 memset (&rekey, 1255 memset (&rekey, 0, sizeof (rekey));
1332 0,
1333 sizeof (rekey));
1334 GNUNET_assert (GNUNET_OK == 1256 GNUNET_assert (GNUNET_OK ==
1335 GNUNET_CRYPTO_ecdhe_key_create2 (&queue->ephemeral)); 1257 GNUNET_CRYPTO_ecdhe_key_create2 (&queue->ephemeral));
1336 rekey.header.type = ntohs (GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY); 1258 rekey.header.type = ntohs (GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY);
1337 rekey.header.size = ntohs (sizeof (rekey)); 1259 rekey.header.size = ntohs (sizeof (rekey));
1338 GNUNET_CRYPTO_ecdhe_key_get_public (&queue->ephemeral, 1260 GNUNET_CRYPTO_ecdhe_key_get_public (&queue->ephemeral, &rekey.ephemeral);
1339 &rekey.ephemeral); 1261 rekey.monotonic_time =
1340 rekey.monotonic_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg)); 1262 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
1341 thp.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_REKEY); 1263 thp.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_REKEY);
1342 thp.purpose.size = htonl (sizeof (thp)); 1264 thp.purpose.size = htonl (sizeof (thp));
1343 thp.sender = my_identity; 1265 thp.sender = my_identity;
1344 thp.receiver = queue->target; 1266 thp.receiver = queue->target;
1345 thp.ephemeral = rekey.ephemeral; 1267 thp.ephemeral = rekey.ephemeral;
1346 thp.monotonic_time = rekey.monotonic_time; 1268 thp.monotonic_time = rekey.monotonic_time;
1347 GNUNET_assert (GNUNET_OK == 1269 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
1348 GNUNET_CRYPTO_eddsa_sign (my_private_key, 1270 &thp.purpose,
1349 &thp.purpose, 1271 &rekey.sender_sig));
1350 &rekey.sender_sig)); 1272 calculate_hmac (&queue->out_hmac, &rekey, sizeof (rekey), &rekey.hmac);
1351 calculate_hmac (&queue->out_hmac, 1273 memcpy (queue->pwrite_buf, &rekey, sizeof (rekey));
1352 &rekey,
1353 sizeof (rekey),
1354 &rekey.hmac);
1355 memcpy (queue->pwrite_buf,
1356 &rekey,
1357 sizeof (rekey));
1358 queue->rekey_state = GNUNET_YES; 1274 queue->rekey_state = GNUNET_YES;
1359} 1275}
1360 1276
@@ -1388,12 +1304,9 @@ queue_write (void *cls)
1388 sent = GNUNET_NETWORK_socket_send (queue->sock, 1304 sent = GNUNET_NETWORK_socket_send (queue->sock,
1389 queue->cwrite_buf, 1305 queue->cwrite_buf,
1390 queue->cwrite_off); 1306 queue->cwrite_off);
1391 if ( (-1 == sent) && 1307 if ((-1 == sent) && (EAGAIN != errno) && (EINTR != errno))
1392 (EAGAIN != errno) &&
1393 (EINTR != errno) )
1394 { 1308 {
1395 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 1309 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
1396 "send");
1397 queue_destroy (queue); 1310 queue_destroy (queue);
1398 return; 1311 return;
1399 } 1312 }
@@ -1405,7 +1318,7 @@ queue_write (void *cls)
1405 &queue->cwrite_buf[usent], 1318 &queue->cwrite_buf[usent],
1406 queue->cwrite_off - usent); 1319 queue->cwrite_off - usent);
1407 reschedule_queue_timeout (queue); 1320 reschedule_queue_timeout (queue);
1408 } 1321 }
1409 /* can we encrypt more? (always encrypt full messages, needed 1322 /* can we encrypt more? (always encrypt full messages, needed
1410 such that #mq_cancel() can work!) */ 1323 such that #mq_cancel() can work!) */
1411 if (queue->cwrite_off + queue->pwrite_off <= BUF_SIZE) 1324 if (queue->cwrite_off + queue->pwrite_off <= BUF_SIZE)
@@ -1423,34 +1336,32 @@ queue_write (void *cls)
1423 queue->cwrite_off += queue->pwrite_off; 1336 queue->cwrite_off += queue->pwrite_off;
1424 queue->pwrite_off = 0; 1337 queue->pwrite_off = 0;
1425 } 1338 }
1426 if ( (GNUNET_YES == queue->rekey_state) && 1339 if ((GNUNET_YES == queue->rekey_state) && (0 == queue->pwrite_off))
1427 (0 == queue->pwrite_off) )
1428 switch_key (queue); 1340 switch_key (queue);
1429 if ( (0 == queue->pwrite_off) && 1341 if ((0 == queue->pwrite_off) &&
1430 ( (0 == queue->rekey_left_bytes) || 1342 ((0 == queue->rekey_left_bytes) ||
1431 (0 == GNUNET_TIME_absolute_get_remaining (queue->rekey_time).rel_value_us) ) ) 1343 (0 ==
1344 GNUNET_TIME_absolute_get_remaining (queue->rekey_time).rel_value_us)))
1432 inject_rekey (queue); 1345 inject_rekey (queue);
1433 if ( (0 == queue->pwrite_off) && 1346 if ((0 == queue->pwrite_off) && (! queue->finishing) &&
1434 (! queue->finishing) && 1347 (queue->mq_awaits_continue))
1435 (queue->mq_awaits_continue) )
1436 { 1348 {
1437 queue->mq_awaits_continue = GNUNET_NO; 1349 queue->mq_awaits_continue = GNUNET_NO;
1438 GNUNET_MQ_impl_send_continue (queue->mq); 1350 GNUNET_MQ_impl_send_continue (queue->mq);
1439 } 1351 }
1440 /* did we just finish writing 'finish'? */ 1352 /* did we just finish writing 'finish'? */
1441 if ( (0 == queue->cwrite_off) && 1353 if ((0 == queue->cwrite_off) && (GNUNET_YES == queue->finishing))
1442 (GNUNET_YES == queue->finishing) )
1443 { 1354 {
1444 queue_destroy (queue); 1355 queue_destroy (queue);
1445 return; 1356 return;
1446 } 1357 }
1447 /* do we care to write more? */ 1358 /* do we care to write more? */
1448 if (0 < queue->cwrite_off) 1359 if (0 < queue->cwrite_off)
1449 queue->write_task 1360 queue->write_task =
1450 = GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, 1361 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
1451 queue->sock, 1362 queue->sock,
1452 &queue_write, 1363 &queue_write,
1453 queue); 1364 queue);
1454} 1365}
1455 1366
1456 1367
@@ -1477,17 +1388,10 @@ mq_send (struct GNUNET_MQ_Handle *mq,
1477 GNUNET_assert (0 == queue->pread_off); 1388 GNUNET_assert (0 == queue->pread_off);
1478 box.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_BOX); 1389 box.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_BOX);
1479 box.header.size = htons (msize); 1390 box.header.size = htons (msize);
1480 calculate_hmac (&queue->out_hmac, 1391 calculate_hmac (&queue->out_hmac, msg, msize, &box.hmac);
1481 msg, 1392 memcpy (&queue->pread_buf[queue->pread_off], &box, sizeof (box));
1482 msize,
1483 &box.hmac);
1484 memcpy (&queue->pread_buf[queue->pread_off],
1485 &box,
1486 sizeof (box));
1487 queue->pread_off += sizeof (box); 1393 queue->pread_off += sizeof (box);
1488 memcpy (&queue->pread_buf[queue->pread_off], 1394 memcpy (&queue->pread_buf[queue->pread_off], msg, msize);
1489 msg,
1490 msize);
1491 queue->pread_off += msize; 1395 queue->pread_off += msize;
1492 GNUNET_assert (NULL != queue->sock); 1396 GNUNET_assert (NULL != queue->sock);
1493 if (NULL == queue->write_task) 1397 if (NULL == queue->write_task)
@@ -1508,8 +1412,7 @@ mq_send (struct GNUNET_MQ_Handle *mq,
1508 * @param impl_state our `struct Queue` 1412 * @param impl_state our `struct Queue`
1509 */ 1413 */
1510static void 1414static void
1511mq_destroy (struct GNUNET_MQ_Handle *mq, 1415mq_destroy (struct GNUNET_MQ_Handle *mq, void *impl_state)
1512 void *impl_state)
1513{ 1416{
1514 struct Queue *queue = impl_state; 1417 struct Queue *queue = impl_state;
1515 1418
@@ -1528,8 +1431,7 @@ mq_destroy (struct GNUNET_MQ_Handle *mq,
1528 * @param impl_state our `struct Queue` 1431 * @param impl_state our `struct Queue`
1529 */ 1432 */
1530static void 1433static void
1531mq_cancel (struct GNUNET_MQ_Handle *mq, 1434mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
1532 void *impl_state)
1533{ 1435{
1534 struct Queue *queue = impl_state; 1436 struct Queue *queue = impl_state;
1535 1437
@@ -1548,8 +1450,7 @@ mq_cancel (struct GNUNET_MQ_Handle *mq,
1548 * @param error error code 1450 * @param error error code
1549 */ 1451 */
1550static void 1452static void
1551mq_error (void *cls, 1453mq_error (void *cls, enum GNUNET_MQ_Error error)
1552 enum GNUNET_MQ_Error error)
1553{ 1454{
1554 struct Queue *queue = cls; 1455 struct Queue *queue = cls;
1555 1456
@@ -1569,30 +1470,28 @@ mq_error (void *cls,
1569 * @param queue queue to boot 1470 * @param queue queue to boot
1570 */ 1471 */
1571static void 1472static void
1572boot_queue (struct Queue *queue, 1473boot_queue (struct Queue *queue, enum GNUNET_TRANSPORT_ConnectionStatus cs)
1573 enum GNUNET_TRANSPORT_ConnectionStatus cs)
1574{ 1474{
1575 queue->nt = GNUNET_NT_scanner_get_type (is, 1475 queue->nt =
1576 queue->address, 1476 GNUNET_NT_scanner_get_type (is, queue->address, queue->address_len);
1577 queue->address_len); 1477 (void) GNUNET_CONTAINER_multipeermap_put (
1578 (void) GNUNET_CONTAINER_multipeermap_put (queue_map, 1478 queue_map,
1579 &queue->target, 1479 &queue->target,
1580 queue, 1480 queue,
1581 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); 1481 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1582 GNUNET_STATISTICS_set (stats, 1482 GNUNET_STATISTICS_set (stats,
1583 "# queues active", 1483 "# queues active",
1584 GNUNET_CONTAINER_multipeermap_size (queue_map), 1484 GNUNET_CONTAINER_multipeermap_size (queue_map),
1585 GNUNET_NO); 1485 GNUNET_NO);
1586 queue->timeout 1486 queue->timeout =
1587 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); 1487 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1588 queue->mq 1488 queue->mq = GNUNET_MQ_queue_for_callbacks (&mq_send,
1589 = GNUNET_MQ_queue_for_callbacks (&mq_send, 1489 &mq_destroy,
1590 &mq_destroy, 1490 &mq_cancel,
1591 &mq_cancel, 1491 queue,
1592 queue, 1492 NULL,
1593 NULL, 1493 &mq_error,
1594 &mq_error, 1494 queue);
1595 queue);
1596 { 1495 {
1597 char *foreign_addr; 1496 char *foreign_addr;
1598 1497
@@ -1602,27 +1501,24 @@ boot_queue (struct Queue *queue,
1602 GNUNET_asprintf (&foreign_addr, 1501 GNUNET_asprintf (&foreign_addr,
1603 "%s-%s", 1502 "%s-%s",
1604 COMMUNICATOR_ADDRESS_PREFIX, 1503 COMMUNICATOR_ADDRESS_PREFIX,
1605 GNUNET_a2s(queue->address, 1504 GNUNET_a2s (queue->address, queue->address_len));
1606 queue->address_len));
1607 break; 1505 break;
1608 case AF_INET6: 1506 case AF_INET6:
1609 GNUNET_asprintf (&foreign_addr, 1507 GNUNET_asprintf (&foreign_addr,
1610 "%s-%s", 1508 "%s-%s",
1611 COMMUNICATOR_ADDRESS_PREFIX, 1509 COMMUNICATOR_ADDRESS_PREFIX,
1612 GNUNET_a2s(queue->address, 1510 GNUNET_a2s (queue->address, queue->address_len));
1613 queue->address_len));
1614 break; 1511 break;
1615 default: 1512 default:
1616 GNUNET_assert (0); 1513 GNUNET_assert (0);
1617 } 1514 }
1618 queue->qh 1515 queue->qh = GNUNET_TRANSPORT_communicator_mq_add (ch,
1619 = GNUNET_TRANSPORT_communicator_mq_add (ch, 1516 &queue->target,
1620 &queue->target, 1517 foreign_addr,
1621 foreign_addr, 1518 0 /* no MTU */,
1622 0 /* no MTU */, 1519 queue->nt,
1623 queue->nt, 1520 cs,
1624 cs, 1521 queue->mq);
1625 queue->mq);
1626 GNUNET_free (foreign_addr); 1522 GNUNET_free (foreign_addr);
1627 } 1523 }
1628} 1524}
@@ -1640,28 +1536,26 @@ boot_queue (struct Queue *queue,
1640 */ 1536 */
1641static void 1537static void
1642transmit_kx (struct Queue *queue, 1538transmit_kx (struct Queue *queue,
1643 const struct GNUNET_CRYPTO_EcdhePublicKey *epub) 1539 const struct GNUNET_CRYPTO_EcdhePublicKey *epub)
1644{ 1540{
1645 struct TcpHandshakeSignature ths; 1541 struct TcpHandshakeSignature ths;
1646 struct TCPConfirmation tc; 1542 struct TCPConfirmation tc;
1647 1543
1648 memcpy (queue->cwrite_buf, 1544 memcpy (queue->cwrite_buf, epub, sizeof (*epub));
1649 epub,
1650 sizeof (*epub));
1651 queue->cwrite_off = sizeof (epub); 1545 queue->cwrite_off = sizeof (epub);
1652 /* compute 'tc' and append in encrypted format to cwrite_buf */ 1546 /* compute 'tc' and append in encrypted format to cwrite_buf */
1653 tc.sender = my_identity; 1547 tc.sender = my_identity;
1654 tc.monotonic_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg)); 1548 tc.monotonic_time =
1549 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
1655 ths.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE); 1550 ths.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE);
1656 ths.purpose.size = htonl (sizeof (ths)); 1551 ths.purpose.size = htonl (sizeof (ths));
1657 ths.sender = my_identity; 1552 ths.sender = my_identity;
1658 ths.receiver = queue->target; 1553 ths.receiver = queue->target;
1659 ths.ephemeral = *epub; 1554 ths.ephemeral = *epub;
1660 ths.monotonic_time = tc.monotonic_time; 1555 ths.monotonic_time = tc.monotonic_time;
1661 GNUNET_assert (GNUNET_OK == 1556 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
1662 GNUNET_CRYPTO_eddsa_sign (my_private_key, 1557 &ths.purpose,
1663 &ths.purpose, 1558 &tc.sender_sig));
1664 &tc.sender_sig));
1665 GNUNET_assert (0 == 1559 GNUNET_assert (0 ==
1666 gcry_cipher_encrypt (queue->out_cipher, 1560 gcry_cipher_encrypt (queue->out_cipher,
1667 &queue->cwrite_buf[queue->cwrite_off], 1561 &queue->cwrite_buf[queue->cwrite_off],
@@ -1685,12 +1579,10 @@ start_initial_kx_out (struct Queue *queue)
1685 struct GNUNET_CRYPTO_EcdhePublicKey epub; 1579 struct GNUNET_CRYPTO_EcdhePublicKey epub;
1686 1580
1687 GNUNET_assert (GNUNET_OK == 1581 GNUNET_assert (GNUNET_OK ==
1688 GNUNET_CRYPTO_ecdhe_key_create2 (&queue->ephemeral)); 1582 GNUNET_CRYPTO_ecdhe_key_create2 (&queue->ephemeral));
1689 GNUNET_CRYPTO_ecdhe_key_get_public (&queue->ephemeral, 1583 GNUNET_CRYPTO_ecdhe_key_get_public (&queue->ephemeral, &epub);
1690 &epub);
1691 setup_out_cipher (queue); 1584 setup_out_cipher (queue);
1692 transmit_kx (queue, 1585 transmit_kx (queue, &epub);
1693 &epub);
1694} 1586}
1695 1587
1696 1588
@@ -1712,19 +1604,18 @@ decrypt_and_check_tc (struct Queue *queue,
1712{ 1604{
1713 struct TcpHandshakeSignature ths; 1605 struct TcpHandshakeSignature ths;
1714 1606
1715 GNUNET_assert (0 == 1607 GNUNET_assert (
1716 gcry_cipher_decrypt (queue->in_cipher, 1608 0 ==
1717 tc, 1609 gcry_cipher_decrypt (queue->in_cipher,
1718 sizeof (*tc), 1610 tc,
1719 &ibuf[sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)], 1611 sizeof (*tc),
1720 sizeof (tc))); 1612 &ibuf[sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)],
1613 sizeof (tc)));
1721 ths.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE); 1614 ths.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE);
1722 ths.purpose.size = htonl (sizeof (ths)); 1615 ths.purpose.size = htonl (sizeof (ths));
1723 ths.sender = tc->sender; 1616 ths.sender = tc->sender;
1724 ths.receiver = my_identity; 1617 ths.receiver = my_identity;
1725 memcpy (&ths.ephemeral, 1618 memcpy (&ths.ephemeral, ibuf, sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
1726 ibuf,
1727 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey));
1728 ths.monotonic_time = tc->monotonic_time; 1619 ths.monotonic_time = tc->monotonic_time;
1729 return GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE, 1620 return GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE,
1730 &ths.purpose, 1621 &ths.purpose,
@@ -1743,9 +1634,7 @@ free_proto_queue (struct ProtoQueue *pq)
1743{ 1634{
1744 GNUNET_NETWORK_socket_close (pq->sock); 1635 GNUNET_NETWORK_socket_close (pq->sock);
1745 GNUNET_free (pq->address); 1636 GNUNET_free (pq->address);
1746 GNUNET_CONTAINER_DLL_remove (proto_head, 1637 GNUNET_CONTAINER_DLL_remove (proto_head, proto_tail, pq);
1747 proto_tail,
1748 pq);
1749 GNUNET_free (pq); 1638 GNUNET_free (pq);
1750} 1639}
1751 1640
@@ -1773,48 +1662,38 @@ proto_read_kx (void *cls)
1773 return; 1662 return;
1774 } 1663 }
1775 rcvd = GNUNET_NETWORK_socket_recv (pq->sock, 1664 rcvd = GNUNET_NETWORK_socket_recv (pq->sock,
1776 &pq->ibuf[pq->ibuf_off], 1665 &pq->ibuf[pq->ibuf_off],
1777 sizeof (pq->ibuf) - pq->ibuf_off); 1666 sizeof (pq->ibuf) - pq->ibuf_off);
1778 if (-1 == rcvd) 1667 if (-1 == rcvd)
1779 { 1668 {
1780 if ( (EAGAIN != errno) && 1669 if ((EAGAIN != errno) && (EINTR != errno))
1781 (EINTR != errno) )
1782 { 1670 {
1783 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, 1671 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "recv");
1784 "recv");
1785 free_proto_queue (pq); 1672 free_proto_queue (pq);
1786 return; 1673 return;
1787 } 1674 }
1788 /* try again */ 1675 /* try again */
1789 pq->read_task = GNUNET_SCHEDULER_add_read_net (left, 1676 pq->read_task =
1790 pq->sock, 1677 GNUNET_SCHEDULER_add_read_net (left, pq->sock, &proto_read_kx, pq);
1791 &proto_read_kx,
1792 pq);
1793 return; 1678 return;
1794 } 1679 }
1795 pq->ibuf_off += rcvd; 1680 pq->ibuf_off += rcvd;
1796 if (pq->ibuf_off > sizeof (pq->ibuf)) 1681 if (pq->ibuf_off > sizeof (pq->ibuf))
1797 { 1682 {
1798 /* read more */ 1683 /* read more */
1799 pq->read_task = GNUNET_SCHEDULER_add_read_net (left, 1684 pq->read_task =
1800 pq->sock, 1685 GNUNET_SCHEDULER_add_read_net (left, pq->sock, &proto_read_kx, pq);
1801 &proto_read_kx,
1802 pq);
1803 return; 1686 return;
1804 } 1687 }
1805 /* we got all the data, let's find out who we are talking to! */ 1688 /* we got all the data, let's find out who we are talking to! */
1806 queue = GNUNET_new (struct Queue); 1689 queue = GNUNET_new (struct Queue);
1807 setup_in_cipher ((const struct GNUNET_CRYPTO_EcdhePublicKey *) pq->ibuf, 1690 setup_in_cipher ((const struct GNUNET_CRYPTO_EcdhePublicKey *) pq->ibuf,
1808 queue); 1691 queue);
1809 if (GNUNET_OK != 1692 if (GNUNET_OK != decrypt_and_check_tc (queue, &tc, pq->ibuf))
1810 decrypt_and_check_tc (queue,
1811 &tc,
1812 pq->ibuf))
1813 { 1693 {
1814 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1694 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1815 "Invalid TCP KX received from %s\n", 1695 "Invalid TCP KX received from %s\n",
1816 GNUNET_a2s (queue->address, 1696 GNUNET_a2s (queue->address, queue->address_len));
1817 queue->address_len));
1818 gcry_cipher_close (queue->in_cipher); 1697 gcry_cipher_close (queue->in_cipher);
1819 GNUNET_free (queue); 1698 GNUNET_free (queue);
1820 free_proto_queue (pq); 1699 free_proto_queue (pq);
@@ -1824,16 +1703,13 @@ proto_read_kx (void *cls)
1824 queue->address_len = pq->address_len; 1703 queue->address_len = pq->address_len;
1825 queue->target = tc.sender; 1704 queue->target = tc.sender;
1826 start_initial_kx_out (queue); 1705 start_initial_kx_out (queue);
1827 boot_queue (queue, 1706 boot_queue (queue, GNUNET_TRANSPORT_CS_INBOUND);
1828 GNUNET_TRANSPORT_CS_INBOUND); 1707 queue->read_task =
1829 queue->read_task 1708 GNUNET_SCHEDULER_add_read_net (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT,
1830 = GNUNET_SCHEDULER_add_read_net (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, 1709 queue->sock,
1831 queue->sock, 1710 &queue_read,
1832 &queue_read, 1711 queue);
1833 queue); 1712 GNUNET_CONTAINER_DLL_remove (proto_head, proto_tail, pq);
1834 GNUNET_CONTAINER_DLL_remove (proto_head,
1835 proto_tail,
1836 pq);
1837 GNUNET_free (pq); 1713 GNUNET_free (pq);
1838} 1714}
1839 1715
@@ -1856,43 +1732,33 @@ listen_cb (void *cls)
1856 listen_task = NULL; 1732 listen_task = NULL;
1857 GNUNET_assert (NULL != listen_sock); 1733 GNUNET_assert (NULL != listen_sock);
1858 addrlen = sizeof (in); 1734 addrlen = sizeof (in);
1859 memset (&in, 1735 memset (&in, 0, sizeof (in));
1860 0,
1861 sizeof (in));
1862 sock = GNUNET_NETWORK_socket_accept (listen_sock, 1736 sock = GNUNET_NETWORK_socket_accept (listen_sock,
1863 (struct sockaddr *) &in, 1737 (struct sockaddr *) &in,
1864 &addrlen); 1738 &addrlen);
1865 if ( (NULL == sock) && 1739 if ((NULL == sock) && ((EMFILE == errno) || (ENFILE == errno)))
1866 ( (EMFILE == errno) ||
1867 (ENFILE == errno) ) )
1868 return; /* system limit reached, wait until connection goes down */ 1740 return; /* system limit reached, wait until connection goes down */
1869 listen_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, 1741 listen_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1870 listen_sock, 1742 listen_sock,
1871 &listen_cb, 1743 &listen_cb,
1872 NULL); 1744 NULL);
1873 if ( (NULL == sock) && 1745 if ((NULL == sock) && ((EAGAIN == errno) || (ENOBUFS == errno)))
1874 ( (EAGAIN == errno) ||
1875 (ENOBUFS == errno) ) )
1876 return; 1746 return;
1877 if (NULL == sock) 1747 if (NULL == sock)
1878 { 1748 {
1879 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 1749 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "accept");
1880 "accept");
1881 return; 1750 return;
1882 } 1751 }
1883 pq = GNUNET_new (struct ProtoQueue); 1752 pq = GNUNET_new (struct ProtoQueue);
1884 pq->address_len = addrlen; 1753 pq->address_len = addrlen;
1885 pq->address = GNUNET_memdup (&in, 1754 pq->address = GNUNET_memdup (&in, addrlen);
1886 addrlen);
1887 pq->timeout = GNUNET_TIME_relative_to_absolute (PROTO_QUEUE_TIMEOUT); 1755 pq->timeout = GNUNET_TIME_relative_to_absolute (PROTO_QUEUE_TIMEOUT);
1888 pq->sock = sock; 1756 pq->sock = sock;
1889 pq->read_task = GNUNET_SCHEDULER_add_read_net (PROTO_QUEUE_TIMEOUT, 1757 pq->read_task = GNUNET_SCHEDULER_add_read_net (PROTO_QUEUE_TIMEOUT,
1890 pq->sock, 1758 pq->sock,
1891 &proto_read_kx, 1759 &proto_read_kx,
1892 pq); 1760 pq);
1893 GNUNET_CONTAINER_DLL_insert (proto_head, 1761 GNUNET_CONTAINER_DLL_insert (proto_head, proto_tail, pq);
1894 proto_tail,
1895 pq);
1896} 1762}
1897 1763
1898 1764
@@ -1919,58 +1785,46 @@ queue_read_kx (void *cls)
1919 return; 1785 return;
1920 } 1786 }
1921 rcvd = GNUNET_NETWORK_socket_recv (queue->sock, 1787 rcvd = GNUNET_NETWORK_socket_recv (queue->sock,
1922 &queue->cread_buf[queue->cread_off], 1788 &queue->cread_buf[queue->cread_off],
1923 BUF_SIZE - queue->cread_off); 1789 BUF_SIZE - queue->cread_off);
1924 if (-1 == rcvd) 1790 if (-1 == rcvd)
1925 { 1791 {
1926 if ( (EAGAIN != errno) && 1792 if ((EAGAIN != errno) && (EINTR != errno))
1927 (EINTR != errno) )
1928 { 1793 {
1929 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, 1794 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "recv");
1930 "recv");
1931 queue_destroy (queue); 1795 queue_destroy (queue);
1932 return; 1796 return;
1933 } 1797 }
1934 queue->read_task = GNUNET_SCHEDULER_add_read_net (left, 1798 queue->read_task =
1935 queue->sock, 1799 GNUNET_SCHEDULER_add_read_net (left, queue->sock, &queue_read_kx, queue);
1936 &queue_read_kx,
1937 queue);
1938 return; 1800 return;
1939 } 1801 }
1940 queue->cread_off += rcvd; 1802 queue->cread_off += rcvd;
1941 if (queue->cread_off < 1803 if (queue->cread_off < INITIAL_KX_SIZE)
1942 INITIAL_KX_SIZE)
1943 { 1804 {
1944 /* read more */ 1805 /* read more */
1945 queue->read_task = GNUNET_SCHEDULER_add_read_net (left, 1806 queue->read_task =
1946 queue->sock, 1807 GNUNET_SCHEDULER_add_read_net (left, queue->sock, &queue_read_kx, queue);
1947 &queue_read_kx,
1948 queue);
1949 return; 1808 return;
1950 } 1809 }
1951 /* we got all the data, let's find out who we are talking to! */ 1810 /* we got all the data, let's find out who we are talking to! */
1952 setup_in_cipher ((const struct GNUNET_CRYPTO_EcdhePublicKey *) queue->cread_buf, 1811 setup_in_cipher ((const struct GNUNET_CRYPTO_EcdhePublicKey *)
1953 queue); 1812 queue->cread_buf,
1954 if (GNUNET_OK != 1813 queue);
1955 decrypt_and_check_tc (queue, 1814 if (GNUNET_OK != decrypt_and_check_tc (queue, &tc, queue->cread_buf))
1956 &tc,
1957 queue->cread_buf))
1958 { 1815 {
1959 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1816 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1960 "Invalid TCP KX received from %s\n", 1817 "Invalid TCP KX received from %s\n",
1961 GNUNET_a2s (queue->address, 1818 GNUNET_a2s (queue->address, queue->address_len));
1962 queue->address_len));
1963 queue_destroy (queue); 1819 queue_destroy (queue);
1964 return; 1820 return;
1965 } 1821 }
1966 if (0 != memcmp (&tc.sender, 1822 if (0 !=
1967 &queue->target, 1823 memcmp (&tc.sender, &queue->target, sizeof (struct GNUNET_PeerIdentity)))
1968 sizeof (struct GNUNET_PeerIdentity)))
1969 { 1824 {
1970 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1825 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1971 "Invalid sender in TCP KX received from %s\n", 1826 "Invalid sender in TCP KX received from %s\n",
1972 GNUNET_a2s (queue->address, 1827 GNUNET_a2s (queue->address, queue->address_len));
1973 queue->address_len));
1974 queue_destroy (queue); 1828 queue_destroy (queue);
1975 return; 1829 return;
1976 } 1830 }
@@ -1979,11 +1833,10 @@ queue_read_kx (void *cls)
1979 reschedule_queue_timeout (queue); 1833 reschedule_queue_timeout (queue);
1980 /* prepare to continue with regular read task immediately */ 1834 /* prepare to continue with regular read task immediately */
1981 memmove (queue->cread_buf, 1835 memmove (queue->cread_buf,
1982 &queue->cread_buf[INITIAL_KX_SIZE], 1836 &queue->cread_buf[INITIAL_KX_SIZE],
1983 queue->cread_off - (INITIAL_KX_SIZE)); 1837 queue->cread_off - (INITIAL_KX_SIZE));
1984 queue->cread_off -= INITIAL_KX_SIZE; 1838 queue->cread_off -= INITIAL_KX_SIZE;
1985 queue->read_task = GNUNET_SCHEDULER_add_now (&queue_read, 1839 queue->read_task = GNUNET_SCHEDULER_add_now (&queue_read, queue);
1986 queue);
1987} 1840}
1988 1841
1989 1842
@@ -2002,12 +1855,11 @@ queue_read_kx (void *cls)
2002 * @param peer identity of the other peer 1855 * @param peer identity of the other peer
2003 * @param address where to send the message, human-readable 1856 * @param address where to send the message, human-readable
2004 * communicator-specific format, 0-terminated, UTF-8 1857 * communicator-specific format, 0-terminated, UTF-8
2005 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is invalid 1858 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is
1859 * invalid
2006 */ 1860 */
2007static int 1861static int
2008mq_init (void *cls, 1862mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2009 const struct GNUNET_PeerIdentity *peer,
2010 const char *address)
2011{ 1863{
2012 struct Queue *queue; 1864 struct Queue *queue;
2013 const char *path; 1865 const char *path;
@@ -2016,37 +1868,31 @@ mq_init (void *cls,
2016 struct GNUNET_NETWORK_Handle *sock; 1868 struct GNUNET_NETWORK_Handle *sock;
2017 1869
2018 if (0 != strncmp (address, 1870 if (0 != strncmp (address,
2019 COMMUNICATOR_ADDRESS_PREFIX "-", 1871 COMMUNICATOR_ADDRESS_PREFIX "-",
2020 strlen (COMMUNICATOR_ADDRESS_PREFIX "-"))) 1872 strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
2021 { 1873 {
2022 GNUNET_break_op (0); 1874 GNUNET_break_op (0);
2023 return GNUNET_SYSERR; 1875 return GNUNET_SYSERR;
2024 } 1876 }
2025 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")]; 1877 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2026 in = tcp_address_to_sockaddr (path, 1878 in = tcp_address_to_sockaddr (path, &in_len);
2027 &in_len);
2028 1879
2029 sock = GNUNET_NETWORK_socket_create (in->sa_family, 1880 sock = GNUNET_NETWORK_socket_create (in->sa_family, SOCK_STREAM, IPPROTO_TCP);
2030 SOCK_STREAM,
2031 IPPROTO_TCP);
2032 if (NULL == sock) 1881 if (NULL == sock)
2033 { 1882 {
2034 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1883 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2035 "socket(%d) failed: %s", 1884 "socket(%d) failed: %s",
2036 in->sa_family, 1885 in->sa_family,
2037 STRERROR (errno)); 1886 STRERROR (errno));
2038 GNUNET_free (in); 1887 GNUNET_free (in);
2039 return GNUNET_SYSERR; 1888 return GNUNET_SYSERR;
2040 } 1889 }
2041 if (GNUNET_OK != 1890 if (GNUNET_OK != GNUNET_NETWORK_socket_connect (sock, in, in_len))
2042 GNUNET_NETWORK_socket_connect (sock,
2043 in,
2044 in_len))
2045 { 1891 {
2046 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1892 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2047 "connect to `%s' failed: %s", 1893 "connect to `%s' failed: %s",
2048 address, 1894 address,
2049 STRERROR (errno)); 1895 STRERROR (errno));
2050 GNUNET_NETWORK_socket_close (sock); 1896 GNUNET_NETWORK_socket_close (sock);
2051 GNUNET_free (in); 1897 GNUNET_free (in);
2052 return GNUNET_SYSERR; 1898 return GNUNET_SYSERR;
@@ -2057,19 +1903,18 @@ mq_init (void *cls,
2057 queue->address = in; 1903 queue->address = in;
2058 queue->address_len = in_len; 1904 queue->address_len = in_len;
2059 queue->sock = sock; 1905 queue->sock = sock;
2060 boot_queue (queue, 1906 boot_queue (queue, GNUNET_TRANSPORT_CS_OUTBOUND);
2061 GNUNET_TRANSPORT_CS_OUTBOUND); 1907 queue->read_task =
2062 queue->read_task 1908 GNUNET_SCHEDULER_add_read_net (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT,
2063 = GNUNET_SCHEDULER_add_read_net (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, 1909 queue->sock,
2064 queue->sock, 1910 &queue_read_kx,
2065 &queue_read_kx, 1911 queue);
2066 queue);
2067 if (NULL == queue) 1912 if (NULL == queue)
2068 { 1913 {
2069 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1914 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
2070 "Failed to setup queue to %s at `%s'\n", 1915 "Failed to setup queue to %s at `%s'\n",
2071 GNUNET_i2s (peer), 1916 GNUNET_i2s (peer),
2072 path); 1917 path);
2073 GNUNET_NETWORK_socket_close (sock); 1918 GNUNET_NETWORK_socket_close (sock);
2074 return GNUNET_NO; 1919 return GNUNET_NO;
2075 } 1920 }
@@ -2088,8 +1933,8 @@ mq_init (void *cls,
2088 */ 1933 */
2089static int 1934static int
2090get_queue_delete_it (void *cls, 1935get_queue_delete_it (void *cls,
2091 const struct GNUNET_PeerIdentity *target, 1936 const struct GNUNET_PeerIdentity *target,
2092 void *value) 1937 void *value)
2093{ 1938{
2094 struct Queue *queue = value; 1939 struct Queue *queue = value;
2095 1940
@@ -2110,8 +1955,8 @@ do_shutdown (void *cls)
2110{ 1955{
2111 if (NULL != nat) 1956 if (NULL != nat)
2112 { 1957 {
2113 GNUNET_NAT_unregister (nat); 1958 GNUNET_NAT_unregister (nat);
2114 nat = NULL; 1959 nat = NULL;
2115 } 1960 }
2116 if (NULL != listen_task) 1961 if (NULL != listen_task)
2117 { 1962 {
@@ -2120,13 +1965,10 @@ do_shutdown (void *cls)
2120 } 1965 }
2121 if (NULL != listen_sock) 1966 if (NULL != listen_sock)
2122 { 1967 {
2123 GNUNET_break (GNUNET_OK == 1968 GNUNET_break (GNUNET_OK == GNUNET_NETWORK_socket_close (listen_sock));
2124 GNUNET_NETWORK_socket_close (listen_sock));
2125 listen_sock = NULL; 1969 listen_sock = NULL;
2126 } 1970 }
2127 GNUNET_CONTAINER_multipeermap_iterate (queue_map, 1971 GNUNET_CONTAINER_multipeermap_iterate (queue_map, &get_queue_delete_it, NULL);
2128 &get_queue_delete_it,
2129 NULL);
2130 GNUNET_CONTAINER_multipeermap_destroy (queue_map); 1972 GNUNET_CONTAINER_multipeermap_destroy (queue_map);
2131 if (NULL != ch) 1973 if (NULL != ch)
2132 { 1974 {
@@ -2135,8 +1977,7 @@ do_shutdown (void *cls)
2135 } 1977 }
2136 if (NULL != stats) 1978 if (NULL != stats)
2137 { 1979 {
2138 GNUNET_STATISTICS_destroy (stats, 1980 GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
2139 GNUNET_NO);
2140 stats = NULL; 1981 stats = NULL;
2141 } 1982 }
2142 if (NULL != my_private_key) 1983 if (NULL != my_private_key)
@@ -2146,8 +1987,8 @@ do_shutdown (void *cls)
2146 } 1987 }
2147 if (NULL != is) 1988 if (NULL != is)
2148 { 1989 {
2149 GNUNET_NT_scanner_done (is); 1990 GNUNET_NT_scanner_done (is);
2150 is = NULL; 1991 is = NULL;
2151 } 1992 }
2152} 1993}
2153 1994
@@ -2190,11 +2031,11 @@ enc_notify_cb (void *cls,
2190 */ 2031 */
2191static void 2032static void
2192nat_address_cb (void *cls, 2033nat_address_cb (void *cls,
2193 void **app_ctx, 2034 void **app_ctx,
2194 int add_remove, 2035 int add_remove,
2195 enum GNUNET_NAT_AddressClass ac, 2036 enum GNUNET_NAT_AddressClass ac,
2196 const struct sockaddr *addr, 2037 const struct sockaddr *addr,
2197 socklen_t addrlen) 2038 socklen_t addrlen)
2198{ 2039{
2199 char *my_addr; 2040 char *my_addr;
2200 struct GNUNET_TRANSPORT_AddressIdentifier *ai; 2041 struct GNUNET_TRANSPORT_AddressIdentifier *ai;
@@ -2204,17 +2045,15 @@ nat_address_cb (void *cls,
2204 enum GNUNET_NetworkType nt; 2045 enum GNUNET_NetworkType nt;
2205 2046
2206 GNUNET_asprintf (&my_addr, 2047 GNUNET_asprintf (&my_addr,
2207 "%s-%s", 2048 "%s-%s",
2208 COMMUNICATOR_ADDRESS_PREFIX, 2049 COMMUNICATOR_ADDRESS_PREFIX,
2209 GNUNET_a2s (addr, 2050 GNUNET_a2s (addr, addrlen));
2210 addrlen)); 2051 nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2211 nt = GNUNET_NT_scanner_get_type (is, 2052 ai =
2212 addr, 2053 GNUNET_TRANSPORT_communicator_address_add (ch,
2213 addrlen); 2054 my_addr,
2214 ai = GNUNET_TRANSPORT_communicator_address_add (ch, 2055 nt,
2215 my_addr, 2056 GNUNET_TIME_UNIT_FOREVER_REL);
2216 nt,
2217 GNUNET_TIME_UNIT_FOREVER_REL);
2218 GNUNET_free (my_addr); 2057 GNUNET_free (my_addr);
2219 *app_ctx = ai; 2058 *app_ctx = ai;
2220 } 2059 }
@@ -2251,9 +2090,9 @@ run (void *cls,
2251 cfg = c; 2090 cfg = c;
2252 if (GNUNET_OK != 2091 if (GNUNET_OK !=
2253 GNUNET_CONFIGURATION_get_value_filename (cfg, 2092 GNUNET_CONFIGURATION_get_value_filename (cfg,
2254 COMMUNICATOR_CONFIG_SECTION, 2093 COMMUNICATOR_CONFIG_SECTION,
2255 "BINDTO", 2094 "BINDTO",
2256 &bindto)) 2095 &bindto))
2257 { 2096 {
2258 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, 2097 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
2259 COMMUNICATOR_CONFIG_SECTION, 2098 COMMUNICATOR_CONFIG_SECTION,
@@ -2262,40 +2101,32 @@ run (void *cls,
2262 } 2101 }
2263 if (GNUNET_OK != 2102 if (GNUNET_OK !=
2264 GNUNET_CONFIGURATION_get_value_number (cfg, 2103 GNUNET_CONFIGURATION_get_value_number (cfg,
2265 COMMUNICATOR_CONFIG_SECTION, 2104 COMMUNICATOR_CONFIG_SECTION,
2266 "MAX_QUEUE_LENGTH", 2105 "MAX_QUEUE_LENGTH",
2267 &max_queue_length)) 2106 &max_queue_length))
2268 max_queue_length = DEFAULT_MAX_QUEUE_LENGTH; 2107 max_queue_length = DEFAULT_MAX_QUEUE_LENGTH;
2269 2108
2270 in = tcp_address_to_sockaddr (bindto, 2109 in = tcp_address_to_sockaddr (bindto, &in_len);
2271 &in_len);
2272 if (NULL == in) 2110 if (NULL == in)
2273 { 2111 {
2274 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2112 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2275 "Failed to setup TCP socket address with path `%s'\n", 2113 "Failed to setup TCP socket address with path `%s'\n",
2276 bindto); 2114 bindto);
2277 GNUNET_free (bindto); 2115 GNUNET_free (bindto);
2278 return; 2116 return;
2279 } 2117 }
2280 listen_sock = GNUNET_NETWORK_socket_create (in->sa_family, 2118 listen_sock =
2281 SOCK_STREAM, 2119 GNUNET_NETWORK_socket_create (in->sa_family, SOCK_STREAM, IPPROTO_TCP);
2282 IPPROTO_TCP);
2283 if (NULL == listen_sock) 2120 if (NULL == listen_sock)
2284 { 2121 {
2285 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, 2122 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "socket");
2286 "socket");
2287 GNUNET_free (in); 2123 GNUNET_free (in);
2288 GNUNET_free (bindto); 2124 GNUNET_free (bindto);
2289 return; 2125 return;
2290 } 2126 }
2291 if (GNUNET_OK != 2127 if (GNUNET_OK != GNUNET_NETWORK_socket_bind (listen_sock, in, in_len))
2292 GNUNET_NETWORK_socket_bind (listen_sock,
2293 in,
2294 in_len))
2295 { 2128 {
2296 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, 2129 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "bind", bindto);
2297 "bind",
2298 bindto);
2299 GNUNET_NETWORK_socket_close (listen_sock); 2130 GNUNET_NETWORK_socket_close (listen_sock);
2300 listen_sock = NULL; 2131 listen_sock = NULL;
2301 GNUNET_free (in); 2132 GNUNET_free (in);
@@ -2306,12 +2137,10 @@ run (void *cls,
2306 thus, get the real IN-address from the socket */ 2137 thus, get the real IN-address from the socket */
2307 sto_len = sizeof (in_sto); 2138 sto_len = sizeof (in_sto);
2308 if (0 != getsockname (GNUNET_NETWORK_get_fd (listen_sock), 2139 if (0 != getsockname (GNUNET_NETWORK_get_fd (listen_sock),
2309 (struct sockaddr *) &in_sto, 2140 (struct sockaddr *) &in_sto,
2310 &sto_len)) 2141 &sto_len))
2311 { 2142 {
2312 memcpy (&in_sto, 2143 memcpy (&in_sto, in, in_len);
2313 in,
2314 in_len);
2315 sto_len = in_len; 2144 sto_len = in_len;
2316 } 2145 }
2317 GNUNET_free (in); 2146 GNUNET_free (in);
@@ -2319,37 +2148,34 @@ run (void *cls,
2319 in = (struct sockaddr *) &in_sto; 2148 in = (struct sockaddr *) &in_sto;
2320 in_len = sto_len; 2149 in_len = sto_len;
2321 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2150 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2322 "Bound to `%s'\n", 2151 "Bound to `%s'\n",
2323 GNUNET_a2s ((const struct sockaddr *) &in_sto, 2152 GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
2324 sto_len)); 2153 stats = GNUNET_STATISTICS_create ("C-TCP", cfg);
2325 stats = GNUNET_STATISTICS_create ("C-TCP", 2154 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
2326 cfg);
2327 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
2328 NULL);
2329 is = GNUNET_NT_scanner_init (); 2155 is = GNUNET_NT_scanner_init ();
2330 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg); 2156 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg);
2331 if (NULL == my_private_key) 2157 if (NULL == my_private_key)
2332 { 2158 {
2333 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2159 GNUNET_log (
2334 _("Transport service is lacking key configuration settings. Exiting.\n")); 2160 GNUNET_ERROR_TYPE_ERROR,
2161 _ (
2162 "Transport service is lacking key configuration settings. Exiting.\n"));
2335 GNUNET_SCHEDULER_shutdown (); 2163 GNUNET_SCHEDULER_shutdown ();
2336 return; 2164 return;
2337 } 2165 }
2338 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, 2166 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, &my_identity.public_key);
2339 &my_identity.public_key);
2340 /* start listening */ 2167 /* start listening */
2341 listen_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, 2168 listen_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2342 listen_sock, 2169 listen_sock,
2343 &listen_cb, 2170 &listen_cb,
2344 NULL); 2171 NULL);
2345 queue_map = GNUNET_CONTAINER_multipeermap_create (10, 2172 queue_map = GNUNET_CONTAINER_multipeermap_create (10, GNUNET_NO);
2346 GNUNET_NO);
2347 ch = GNUNET_TRANSPORT_communicator_connect (cfg, 2173 ch = GNUNET_TRANSPORT_communicator_connect (cfg,
2348 COMMUNICATOR_CONFIG_SECTION, 2174 COMMUNICATOR_CONFIG_SECTION,
2349 COMMUNICATOR_ADDRESS_PREFIX, 2175 COMMUNICATOR_ADDRESS_PREFIX,
2350 GNUNET_TRANSPORT_CC_RELIABLE, 2176 GNUNET_TRANSPORT_CC_RELIABLE,
2351 &mq_init, 2177 &mq_init,
2352 NULL, 2178 NULL,
2353 &enc_notify_cb, 2179 &enc_notify_cb,
2354 NULL); 2180 NULL);
2355 if (NULL == ch) 2181 if (NULL == ch)
@@ -2359,14 +2185,14 @@ run (void *cls,
2359 return; 2185 return;
2360 } 2186 }
2361 nat = GNUNET_NAT_register (cfg, 2187 nat = GNUNET_NAT_register (cfg,
2362 COMMUNICATOR_CONFIG_SECTION, 2188 COMMUNICATOR_CONFIG_SECTION,
2363 IPPROTO_TCP, 2189 IPPROTO_TCP,
2364 1 /* one address */, 2190 1 /* one address */,
2365 (const struct sockaddr **) &in, 2191 (const struct sockaddr **) &in,
2366 &in_len, 2192 &in_len,
2367 &nat_address_cb, 2193 &nat_address_cb,
2368 NULL /* FIXME: support reversal: #5529 */, 2194 NULL /* FIXME: support reversal: #5529 */,
2369 NULL /* closure */); 2195 NULL /* closure */);
2370} 2196}
2371 2197
2372 2198
@@ -2378,28 +2204,25 @@ run (void *cls,
2378 * @return 0 ok, 1 on error 2204 * @return 0 ok, 1 on error
2379 */ 2205 */
2380int 2206int
2381main (int argc, 2207main (int argc, char *const *argv)
2382 char *const *argv)
2383{ 2208{
2384 static const struct GNUNET_GETOPT_CommandLineOption options[] = { 2209 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2385 GNUNET_GETOPT_OPTION_END 2210 GNUNET_GETOPT_OPTION_END};
2386 };
2387 int ret; 2211 int ret;
2388 2212
2389 if (GNUNET_OK != 2213 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
2390 GNUNET_STRINGS_get_utf8_args (argc, argv,
2391 &argc, &argv))
2392 return 2; 2214 return 2;
2393 2215
2394 ret = 2216 ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
2395 (GNUNET_OK == 2217 argv,
2396 GNUNET_PROGRAM_run (argc, argv, 2218 "gnunet-communicator-tcp",
2397 "gnunet-communicator-tcp", 2219 _ ("GNUnet TCP communicator"),
2398 _("GNUnet TCP communicator"), 2220 options,
2399 options, 2221 &run,
2400 &run, 2222 NULL))
2401 NULL)) ? 0 : 1; 2223 ? 0
2402 GNUNET_free ((void*) argv); 2224 : 1;
2225 GNUNET_free ((void *) argv);
2403 return ret; 2226 return ret;
2404} 2227}
2405 2228
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c
index 1db5bba6b..9420b9b5c 100644
--- a/src/transport/gnunet-communicator-udp.c
+++ b/src/transport/gnunet-communicator-udp.c
@@ -66,7 +66,8 @@
66/** 66/**
67 * How often do we scan for changes to our network interfaces? 67 * How often do we scan for changes to our network interfaces?
68 */ 68 */
69#define INTERFACE_SCAN_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) 69#define INTERFACE_SCAN_FREQUENCY \
70 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
70 71
71/** 72/**
72 * How long do we believe our addresses to remain up (before 73 * How long do we believe our addresses to remain up (before
@@ -77,17 +78,17 @@
77/** 78/**
78 * AES key size. 79 * AES key size.
79 */ 80 */
80#define AES_KEY_SIZE (256/8) 81#define AES_KEY_SIZE (256 / 8)
81 82
82/** 83/**
83 * AES (GCM) IV size. 84 * AES (GCM) IV size.
84 */ 85 */
85#define AES_IV_SIZE (96/8) 86#define AES_IV_SIZE (96 / 8)
86 87
87/** 88/**
88 * Size of the GCM tag. 89 * Size of the GCM tag.
89 */ 90 */
90#define GCM_TAG_SIZE (128/8) 91#define GCM_TAG_SIZE (128 / 8)
91 92
92/** 93/**
93 * If we fall below this number of available KCNs, 94 * If we fall below this number of available KCNs,
@@ -202,7 +203,6 @@ struct InitialKX
202 * key derived from the handshake with sequence number zero. 203 * key derived from the handshake with sequence number zero.
203 */ 204 */
204 char gcm_tag[GCM_TAG_SIZE]; 205 char gcm_tag[GCM_TAG_SIZE];
205
206}; 206};
207 207
208 208
@@ -256,7 +256,6 @@ struct UDPAck
256 * CMAC of the base key being acknowledged. 256 * CMAC of the base key being acknowledged.
257 */ 257 */
258 struct GNUNET_HashCode cmac; 258 struct GNUNET_HashCode cmac;
259
260}; 259};
261 260
262 261
@@ -306,7 +305,6 @@ struct UDPBroadcast
306 * #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST 305 * #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
307 */ 306 */
308 struct GNUNET_CRYPTO_EddsaSignature sender_sig; 307 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
309
310}; 308};
311 309
312 310
@@ -334,7 +332,6 @@ struct UDPBox
334 * `struct UdpHandshakeSignature`. 332 * `struct UdpHandshakeSignature`.
335 */ 333 */
336 char gcm_tag[GCM_TAG_SIZE]; 334 char gcm_tag[GCM_TAG_SIZE];
337
338}; 335};
339 336
340 337
@@ -512,7 +509,6 @@ struct SenderAddress
512 * Which network type does this queue use? 509 * Which network type does this queue use?
513 */ 510 */
514 enum GNUNET_NetworkType nt; 511 enum GNUNET_NetworkType nt;
515
516}; 512};
517 513
518 514
@@ -594,7 +590,6 @@ struct ReceiverAddress
594 * Which network type does this queue use? 590 * Which network type does this queue use?
595 */ 591 */
596 enum GNUNET_NetworkType nt; 592 enum GNUNET_NetworkType nt;
597
598}; 593};
599 594
600 595
@@ -769,21 +764,16 @@ bi_destroy (struct BroadcastInterface *bi)
769 if (AF_INET6 == bi->sa->sa_family) 764 if (AF_INET6 == bi->sa->sa_family)
770 { 765 {
771 /* Leave the multicast group */ 766 /* Leave the multicast group */
772 if (GNUNET_OK != 767 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
773 GNUNET_NETWORK_socket_setsockopt 768 IPPROTO_IPV6,
774 (udp_sock, 769 IPV6_LEAVE_GROUP,
775 IPPROTO_IPV6, 770 &bi->mcreq,
776 IPV6_LEAVE_GROUP, 771 sizeof (bi->mcreq)))
777 &bi->mcreq,
778 sizeof (bi->mcreq)))
779 { 772 {
780 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 773 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
781 "setsockopt");
782 } 774 }
783 } 775 }
784 GNUNET_CONTAINER_DLL_remove (bi_head, 776 GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
785 bi_tail,
786 bi);
787 GNUNET_SCHEDULER_cancel (bi->broadcast_task); 777 GNUNET_SCHEDULER_cancel (bi->broadcast_task);
788 GNUNET_free (bi->sa); 778 GNUNET_free (bi->sa);
789 GNUNET_free_non_null (bi->ba); 779 GNUNET_free_non_null (bi->ba);
@@ -802,8 +792,8 @@ receiver_destroy (struct ReceiverAddress *receiver)
802 struct GNUNET_MQ_Handle *mq; 792 struct GNUNET_MQ_Handle *mq;
803 793
804 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 794 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
805 "Disconnecting receiver for peer `%s'\n", 795 "Disconnecting receiver for peer `%s'\n",
806 GNUNET_i2s (&receiver->target)); 796 GNUNET_i2s (&receiver->target));
807 if (NULL != (mq = receiver->mq)) 797 if (NULL != (mq = receiver->mq))
808 { 798 {
809 receiver->mq = NULL; 799 receiver->mq = NULL;
@@ -816,14 +806,13 @@ receiver_destroy (struct ReceiverAddress *receiver)
816 } 806 }
817 GNUNET_assert (GNUNET_YES == 807 GNUNET_assert (GNUNET_YES ==
818 GNUNET_CONTAINER_multipeermap_remove (receivers, 808 GNUNET_CONTAINER_multipeermap_remove (receivers,
819 &receiver->target, 809 &receiver->target,
820 receiver)); 810 receiver));
821 GNUNET_assert (receiver == 811 GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
822 GNUNET_CONTAINER_heap_remove_node (receiver->hn));
823 GNUNET_STATISTICS_set (stats, 812 GNUNET_STATISTICS_set (stats,
824 "# receivers active", 813 "# receivers active",
825 GNUNET_CONTAINER_multipeermap_size (receivers), 814 GNUNET_CONTAINER_multipeermap_size (receivers),
826 GNUNET_NO); 815 GNUNET_NO);
827 GNUNET_free (receiver->address); 816 GNUNET_free (receiver->address);
828 GNUNET_free (receiver->foreign_addr); 817 GNUNET_free (receiver->foreign_addr);
829 GNUNET_free (receiver); 818 GNUNET_free (receiver);
@@ -841,13 +830,10 @@ kce_destroy (struct KeyCacheEntry *kce)
841 struct SharedSecret *ss = kce->ss; 830 struct SharedSecret *ss = kce->ss;
842 831
843 ss->active_kce_count--; 832 ss->active_kce_count--;
844 GNUNET_CONTAINER_DLL_remove (ss->kce_head, 833 GNUNET_CONTAINER_DLL_remove (ss->kce_head, ss->kce_tail, kce);
845 ss->kce_tail, 834 GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multishortmap_remove (key_cache,
846 kce); 835 &kce->kid,
847 GNUNET_assert (GNUNET_YES == 836 kce));
848 GNUNET_CONTAINER_multishortmap_remove (key_cache,
849 &kce->kid,
850 kce));
851 GNUNET_free (kce); 837 GNUNET_free (kce);
852} 838}
853 839
@@ -861,22 +847,23 @@ kce_destroy (struct KeyCacheEntry *kce)
861 */ 847 */
862static void 848static void
863get_kid (const struct GNUNET_HashCode *msec, 849get_kid (const struct GNUNET_HashCode *msec,
864 uint32_t serial, 850 uint32_t serial,
865 struct GNUNET_ShortHashCode *kid) 851 struct GNUNET_ShortHashCode *kid)
866{ 852{
867 uint32_t sid = htonl (serial); 853 uint32_t sid = htonl (serial);
868 854
869 GNUNET_CRYPTO_hkdf (kid, 855 GNUNET_CRYPTO_hkdf (kid,
870 sizeof (*kid), 856 sizeof (*kid),
871 GCRY_MD_SHA512, 857 GCRY_MD_SHA512,
872 GCRY_MD_SHA256, 858 GCRY_MD_SHA256,
873 &sid, 859 &sid,
874 sizeof (sid), 860 sizeof (sid),
875 msec, 861 msec,
876 sizeof (*msec), 862 sizeof (*msec),
877 "UDP-KID", 863 "UDP-KID",
878 strlen ("UDP-KID"), 864 strlen ("UDP-KID"),
879 NULL, 0); 865 NULL,
866 0);
880} 867}
881 868
882 869
@@ -887,8 +874,7 @@ get_kid (const struct GNUNET_HashCode *msec,
887 * @param seq sequence number for the key cache entry 874 * @param seq sequence number for the key cache entry
888 */ 875 */
889static void 876static void
890kce_generate (struct SharedSecret *ss, 877kce_generate (struct SharedSecret *ss, uint32_t seq)
891 uint32_t seq)
892{ 878{
893 struct KeyCacheEntry *kce; 879 struct KeyCacheEntry *kce;
894 880
@@ -896,21 +882,18 @@ kce_generate (struct SharedSecret *ss,
896 kce = GNUNET_new (struct KeyCacheEntry); 882 kce = GNUNET_new (struct KeyCacheEntry);
897 kce->ss = ss; 883 kce->ss = ss;
898 kce->sequence_number = seq; 884 kce->sequence_number = seq;
899 get_kid (&ss->master, 885 get_kid (&ss->master, seq, &kce->kid);
900 seq, 886 GNUNET_CONTAINER_DLL_insert (ss->kce_head, ss->kce_tail, kce);
901 &kce->kid);
902 GNUNET_CONTAINER_DLL_insert (ss->kce_head,
903 ss->kce_tail,
904 kce);
905 ss->active_kce_count++; 887 ss->active_kce_count++;
906 (void) GNUNET_CONTAINER_multishortmap_put (key_cache, 888 (void) GNUNET_CONTAINER_multishortmap_put (
907 &kce->kid, 889 key_cache,
908 kce, 890 &kce->kid,
909 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); 891 kce,
892 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
910 GNUNET_STATISTICS_set (stats, 893 GNUNET_STATISTICS_set (stats,
911 "# KIDs active", 894 "# KIDs active",
912 GNUNET_CONTAINER_multishortmap_size (key_cache), 895 GNUNET_CONTAINER_multishortmap_size (key_cache),
913 GNUNET_NO); 896 GNUNET_NO);
914} 897}
915 898
916 899
@@ -928,30 +911,22 @@ secret_destroy (struct SharedSecret *ss)
928 911
929 if (NULL != (sender = ss->sender)) 912 if (NULL != (sender = ss->sender))
930 { 913 {
931 GNUNET_CONTAINER_DLL_remove (sender->ss_head, 914 GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
932 sender->ss_tail,
933 ss);
934 sender->num_secrets--; 915 sender->num_secrets--;
935 } 916 }
936 if (NULL != (receiver = ss->receiver)) 917 if (NULL != (receiver = ss->receiver))
937 { 918 {
938 GNUNET_CONTAINER_DLL_remove (receiver->ss_head, 919 GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
939 receiver->ss_tail,
940 ss);
941 receiver->num_secrets--; 920 receiver->num_secrets--;
942 receiver->acks_available 921 receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
943 -= (ss->sequence_allowed - ss->sequence_used);
944 } 922 }
945 while (NULL != (kce = ss->kce_head)) 923 while (NULL != (kce = ss->kce_head))
946 kce_destroy (kce); 924 kce_destroy (kce);
947 GNUNET_STATISTICS_update (stats, 925 GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
948 "# Secrets active",
949 -1,
950 GNUNET_NO);
951 GNUNET_STATISTICS_set (stats, 926 GNUNET_STATISTICS_set (stats,
952 "# KIDs active", 927 "# KIDs active",
953 GNUNET_CONTAINER_multishortmap_size (key_cache), 928 GNUNET_CONTAINER_multishortmap_size (key_cache),
954 GNUNET_NO); 929 GNUNET_NO);
955 GNUNET_free (ss); 930 GNUNET_free (ss);
956} 931}
957 932
@@ -965,12 +940,10 @@ secret_destroy (struct SharedSecret *ss)
965static void 940static void
966sender_destroy (struct SenderAddress *sender) 941sender_destroy (struct SenderAddress *sender)
967{ 942{
968 GNUNET_assert (GNUNET_YES == 943 GNUNET_assert (
969 GNUNET_CONTAINER_multipeermap_remove (senders, 944 GNUNET_YES ==
970 &sender->target, 945 GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
971 sender)); 946 GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
972 GNUNET_assert (sender ==
973 GNUNET_CONTAINER_heap_remove_node (sender->hn));
974 GNUNET_STATISTICS_set (stats, 947 GNUNET_STATISTICS_set (stats,
975 "# senders active", 948 "# senders active",
976 GNUNET_CONTAINER_multipeermap_size (senders), 949 GNUNET_CONTAINER_multipeermap_size (senders),
@@ -990,9 +963,9 @@ sender_destroy (struct SenderAddress *sender)
990 */ 963 */
991static void 964static void
992get_iv_key (const struct GNUNET_HashCode *msec, 965get_iv_key (const struct GNUNET_HashCode *msec,
993 uint32_t serial, 966 uint32_t serial,
994 char key[AES_KEY_SIZE], 967 char key[AES_KEY_SIZE],
995 char iv[AES_IV_SIZE]) 968 char iv[AES_IV_SIZE])
996{ 969{
997 uint32_t sid = htonl (serial); 970 uint32_t sid = htonl (serial);
998 char res[AES_KEY_SIZE + AES_IV_SIZE]; 971 char res[AES_KEY_SIZE + AES_IV_SIZE];
@@ -1007,13 +980,10 @@ get_iv_key (const struct GNUNET_HashCode *msec,
1007 sizeof (*msec), 980 sizeof (*msec),
1008 "UDP-IV-KEY", 981 "UDP-IV-KEY",
1009 strlen ("UDP-IV-KEY"), 982 strlen ("UDP-IV-KEY"),
1010 NULL, 0); 983 NULL,
1011 memcpy (key, 984 0);
1012 res, 985 memcpy (key, res, AES_KEY_SIZE);
1013 AES_KEY_SIZE); 986 memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
1014 memcpy (iv,
1015 &res[AES_KEY_SIZE],
1016 AES_IV_SIZE);
1017} 987}
1018 988
1019 989
@@ -1025,10 +995,9 @@ get_iv_key (const struct GNUNET_HashCode *msec,
1025static void 995static void
1026reschedule_sender_timeout (struct SenderAddress *sender) 996reschedule_sender_timeout (struct SenderAddress *sender)
1027{ 997{
1028 sender->timeout 998 sender->timeout =
1029 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); 999 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1030 GNUNET_CONTAINER_heap_update_cost (sender->hn, 1000 GNUNET_CONTAINER_heap_update_cost (sender->hn, sender->timeout.abs_value_us);
1031 sender->timeout.abs_value_us);
1032} 1001}
1033 1002
1034 1003
@@ -1040,10 +1009,10 @@ reschedule_sender_timeout (struct SenderAddress *sender)
1040static void 1009static void
1041reschedule_receiver_timeout (struct ReceiverAddress *receiver) 1010reschedule_receiver_timeout (struct ReceiverAddress *receiver)
1042{ 1011{
1043 receiver->timeout 1012 receiver->timeout =
1044 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); 1013 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1045 GNUNET_CONTAINER_heap_update_cost (receiver->hn, 1014 GNUNET_CONTAINER_heap_update_cost (receiver->hn,
1046 receiver->timeout.abs_value_us); 1015 receiver->timeout.abs_value_us);
1047} 1016}
1048 1017
1049 1018
@@ -1079,12 +1048,9 @@ check_timeouts (void *cls)
1079 break; 1048 break;
1080 sender_destroy (sender); 1049 sender_destroy (sender);
1081 } 1050 }
1082 delay = GNUNET_TIME_relative_min (rt, 1051 delay = GNUNET_TIME_relative_min (rt, st);
1083 st);
1084 if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us) 1052 if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1085 timeout_task = GNUNET_SCHEDULER_add_delayed (delay, 1053 timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1086 &check_timeouts,
1087 NULL);
1088} 1054}
1089 1055
1090 1056
@@ -1106,7 +1072,8 @@ calculate_cmac (struct SharedSecret *ss)
1106 sizeof (ss->master), 1072 sizeof (ss->master),
1107 "UDP-CMAC", 1073 "UDP-CMAC",
1108 strlen ("UDP-CMAC"), 1074 strlen ("UDP-CMAC"),
1109 NULL, 0); 1075 NULL,
1076 0);
1110} 1077}
1111 1078
1112 1079
@@ -1128,15 +1095,17 @@ pass_plaintext_to_core (struct SenderAddress *sender,
1128 while (ntohs (hdr->size) < plaintext_len) 1095 while (ntohs (hdr->size) < plaintext_len)
1129 { 1096 {
1130 GNUNET_STATISTICS_update (stats, 1097 GNUNET_STATISTICS_update (stats,
1131 "# bytes given to core", 1098 "# bytes given to core",
1132 ntohs (hdr->size), 1099 ntohs (hdr->size),
1133 GNUNET_NO); 1100 GNUNET_NO);
1134 (void) GNUNET_TRANSPORT_communicator_receive (ch, 1101 (void)
1135 &sender->target, 1102 GNUNET_TRANSPORT_communicator_receive (ch,
1136 hdr, 1103 &sender->target,
1137 ADDRESS_VALIDITY_PERIOD, 1104 hdr,
1138 NULL /* no flow control possible */, 1105 ADDRESS_VALIDITY_PERIOD,
1139 NULL); 1106 NULL /* no flow control possible */
1107 ,
1108 NULL);
1140 /* move on to next message, if any */ 1109 /* move on to next message, if any */
1141 plaintext_len -= ntohs (hdr->size); 1110 plaintext_len -= ntohs (hdr->size);
1142 if (plaintext_len < sizeof (*hdr)) 1111 if (plaintext_len < sizeof (*hdr))
@@ -1170,16 +1139,9 @@ setup_cipher (const struct GNUNET_HashCode *msec,
1170 GCRY_CIPHER_AES256 /* low level: go for speed */, 1139 GCRY_CIPHER_AES256 /* low level: go for speed */,
1171 GCRY_CIPHER_MODE_GCM, 1140 GCRY_CIPHER_MODE_GCM,
1172 0 /* flags */); 1141 0 /* flags */);
1173 get_iv_key (msec, 1142 get_iv_key (msec, serial, key, iv);
1174 serial, 1143 gcry_cipher_setkey (*cipher, key, sizeof (key));
1175 key, 1144 gcry_cipher_setiv (*cipher, iv, sizeof (iv));
1176 iv);
1177 gcry_cipher_setkey (*cipher,
1178 key,
1179 sizeof (key));
1180 gcry_cipher_setiv (*cipher,
1181 iv,
1182 sizeof (iv));
1183} 1145}
1184 1146
1185 1147
@@ -1205,19 +1167,11 @@ try_decrypt (const struct SharedSecret *ss,
1205{ 1167{
1206 gcry_cipher_hd_t cipher; 1168 gcry_cipher_hd_t cipher;
1207 1169
1208 setup_cipher (&ss->master, 1170 setup_cipher (&ss->master, serial, &cipher);
1209 serial, 1171 GNUNET_assert (
1210 &cipher); 1172 0 ==
1211 GNUNET_assert (0 == 1173 gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1212 gcry_cipher_decrypt (cipher, 1174 if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1213 out_buf,
1214 in_buf_size,
1215 in_buf,
1216 in_buf_size));
1217 if (0 !=
1218 gcry_cipher_checktag (cipher,
1219 tag,
1220 GCM_TAG_SIZE))
1221 { 1175 {
1222 gcry_cipher_close (cipher); 1176 gcry_cipher_close (cipher);
1223 GNUNET_STATISTICS_update (stats, 1177 GNUNET_STATISTICS_update (stats,
@@ -1243,9 +1197,7 @@ setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
1243 struct SharedSecret *ss; 1197 struct SharedSecret *ss;
1244 1198
1245 ss = GNUNET_new (struct SharedSecret); 1199 ss = GNUNET_new (struct SharedSecret);
1246 GNUNET_CRYPTO_eddsa_ecdh (my_private_key, 1200 GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1247 ephemeral,
1248 &ss->master);
1249 return ss; 1201 return ss;
1250} 1202}
1251 1203
@@ -1259,7 +1211,7 @@ setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
1259 */ 1211 */
1260static struct SharedSecret * 1212static struct SharedSecret *
1261setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, 1213setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral,
1262 struct ReceiverAddress *receiver) 1214 struct ReceiverAddress *receiver)
1263{ 1215{
1264 struct SharedSecret *ss; 1216 struct SharedSecret *ss;
1265 1217
@@ -1269,14 +1221,9 @@ setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral,
1269 &ss->master); 1221 &ss->master);
1270 calculate_cmac (ss); 1222 calculate_cmac (ss);
1271 ss->receiver = receiver; 1223 ss->receiver = receiver;
1272 GNUNET_CONTAINER_DLL_insert (receiver->ss_head, 1224 GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1273 receiver->ss_tail,
1274 ss);
1275 receiver->num_secrets++; 1225 receiver->num_secrets++;
1276 GNUNET_STATISTICS_update (stats, 1226 GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1277 "# Secrets active",
1278 1,
1279 GNUNET_NO);
1280 return ss; 1227 return ss;
1281} 1228}
1282 1229
@@ -1303,21 +1250,15 @@ setup_receiver_mq (struct ReceiverAddress *receiver);
1303 * @return #GNUNET_YES to continue to iterate 1250 * @return #GNUNET_YES to continue to iterate
1304 */ 1251 */
1305static int 1252static int
1306handle_ack (void *cls, 1253handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1307 const struct GNUNET_PeerIdentity *pid,
1308 void *value)
1309{ 1254{
1310 const struct UDPAck *ack = cls; 1255 const struct UDPAck *ack = cls;
1311 struct ReceiverAddress *receiver = value; 1256 struct ReceiverAddress *receiver = value;
1312 1257
1313 (void) pid; 1258 (void) pid;
1314 for (struct SharedSecret *ss = receiver->ss_head; 1259 for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1315 NULL != ss;
1316 ss = ss->next)
1317 { 1260 {
1318 if (0 == memcmp (&ack->cmac, 1261 if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof (struct GNUNET_HashCode)))
1319 &ss->cmac,
1320 sizeof (struct GNUNET_HashCode)))
1321 { 1262 {
1322 uint32_t allowed; 1263 uint32_t allowed;
1323 1264
@@ -1326,20 +1267,15 @@ handle_ack (void *cls,
1326 if (allowed > ss->sequence_allowed) 1267 if (allowed > ss->sequence_allowed)
1327 { 1268 {
1328 receiver->acks_available += (allowed - ss->sequence_allowed); 1269 receiver->acks_available += (allowed - ss->sequence_allowed);
1329 if ((allowed - ss->sequence_allowed) 1270 if ((allowed - ss->sequence_allowed) == receiver->acks_available)
1330 == receiver->acks_available)
1331 { 1271 {
1332 /* we just incremented from zero => MTU change! */ 1272 /* we just incremented from zero => MTU change! */
1333 setup_receiver_mq (receiver); 1273 setup_receiver_mq (receiver);
1334 } 1274 }
1335 ss->sequence_allowed = allowed; 1275 ss->sequence_allowed = allowed;
1336 /* move ss to head to avoid discarding it anytime soon! */ 1276 /* move ss to head to avoid discarding it anytime soon! */
1337 GNUNET_CONTAINER_DLL_remove (receiver->ss_head, 1277 GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1338 receiver->ss_tail, 1278 GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1339 ss);
1340 GNUNET_CONTAINER_DLL_insert (receiver->ss_head,
1341 receiver->ss_tail,
1342 ss);
1343 } 1279 }
1344 return GNUNET_NO; 1280 return GNUNET_NO;
1345 } 1281 }
@@ -1361,10 +1297,9 @@ try_handle_plaintext (struct SenderAddress *sender,
1361 const void *buf, 1297 const void *buf,
1362 size_t buf_size) 1298 size_t buf_size)
1363{ 1299{
1364 const struct GNUNET_MessageHeader *hdr 1300 const struct GNUNET_MessageHeader *hdr =
1365 = (const struct GNUNET_MessageHeader *) buf; 1301 (const struct GNUNET_MessageHeader *) buf;
1366 const struct UDPAck *ack 1302 const struct UDPAck *ack = (const struct UDPAck *) buf;
1367 = (const struct UDPAck *) buf;
1368 uint16_t type; 1303 uint16_t type;
1369 1304
1370 if (sizeof (*hdr) > buf_size) 1305 if (sizeof (*hdr) > buf_size)
@@ -1383,17 +1318,13 @@ try_handle_plaintext (struct SenderAddress *sender,
1383 /* There could be more messages after the ACK, handle those as well */ 1318 /* There could be more messages after the ACK, handle those as well */
1384 buf += ntohs (hdr->size); 1319 buf += ntohs (hdr->size);
1385 buf_size -= ntohs (hdr->size); 1320 buf_size -= ntohs (hdr->size);
1386 pass_plaintext_to_core (sender, 1321 pass_plaintext_to_core (sender, buf, buf_size);
1387 buf,
1388 buf_size);
1389 break; 1322 break;
1390 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD: 1323 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD:
1391 /* skip padding */ 1324 /* skip padding */
1392 break; 1325 break;
1393 default: 1326 default:
1394 pass_plaintext_to_core (sender, 1327 pass_plaintext_to_core (sender, buf, buf_size);
1395 buf,
1396 buf_size);
1397 } 1328 }
1398} 1329}
1399 1330
@@ -1411,16 +1342,16 @@ consider_ss_ack (struct SharedSecret *ss)
1411{ 1342{
1412 GNUNET_assert (NULL != ss->sender); 1343 GNUNET_assert (NULL != ss->sender);
1413 /* drop ancient KeyCacheEntries */ 1344 /* drop ancient KeyCacheEntries */
1414 while ( (NULL != ss->kce_head) && 1345 while ((NULL != ss->kce_head) &&
1415 (MAX_SQN_DELTA < ss->kce_head->sequence_number - ss->kce_tail->sequence_number) ) 1346 (MAX_SQN_DELTA <
1347 ss->kce_head->sequence_number - ss->kce_tail->sequence_number))
1416 kce_destroy (ss->kce_tail); 1348 kce_destroy (ss->kce_tail);
1417 if (ss->active_kce_count < KCN_THRESHOLD) 1349 if (ss->active_kce_count < KCN_THRESHOLD)
1418 { 1350 {
1419 struct UDPAck ack; 1351 struct UDPAck ack;
1420 1352
1421 while (ss->active_kce_count < KCN_TARGET) 1353 while (ss->active_kce_count < KCN_TARGET)
1422 kce_generate (ss, 1354 kce_generate (ss, ++ss->sequence_allowed);
1423 ++ss->sequence_allowed);
1424 ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK); 1355 ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK);
1425 ack.header.size = htons (sizeof (ack)); 1356 ack.header.size = htons (sizeof (ack));
1426 ack.sequence_max = htonl (ss->sequence_allowed); 1357 ack.sequence_max = htonl (ss->sequence_allowed);
@@ -1449,18 +1380,17 @@ decrypt_box (const struct UDPBox *box,
1449 char out_buf[box_len - sizeof (*box)]; 1380 char out_buf[box_len - sizeof (*box)];
1450 1381
1451 GNUNET_assert (NULL != ss->sender); 1382 GNUNET_assert (NULL != ss->sender);
1452 if (GNUNET_OK != 1383 if (GNUNET_OK != try_decrypt (ss,
1453 try_decrypt (ss, 1384 box->gcm_tag,
1454 box->gcm_tag, 1385 kce->sequence_number,
1455 kce->sequence_number, 1386 (const char *) &box[1],
1456 (const char *) &box[1], 1387 sizeof (out_buf),
1457 sizeof (out_buf), 1388 out_buf))
1458 out_buf))
1459 { 1389 {
1460 GNUNET_STATISTICS_update (stats, 1390 GNUNET_STATISTICS_update (stats,
1461 "# Decryption failures with valid KCE", 1391 "# Decryption failures with valid KCE",
1462 1, 1392 1,
1463 GNUNET_NO); 1393 GNUNET_NO);
1464 kce_destroy (kce); 1394 kce_destroy (kce);
1465 return; 1395 return;
1466 } 1396 }
@@ -1469,9 +1399,7 @@ decrypt_box (const struct UDPBox *box,
1469 "# bytes decrypted with BOX", 1399 "# bytes decrypted with BOX",
1470 sizeof (out_buf), 1400 sizeof (out_buf),
1471 GNUNET_NO); 1401 GNUNET_NO);
1472 try_handle_plaintext (ss->sender, 1402 try_handle_plaintext (ss->sender, out_buf, sizeof (out_buf));
1473 out_buf,
1474 sizeof (out_buf));
1475 consider_ss_ack (ss); 1403 consider_ss_ack (ss);
1476} 1404}
1477 1405
@@ -1514,10 +1442,8 @@ find_sender_by_address (void *cls,
1514 struct SearchContext *sc = cls; 1442 struct SearchContext *sc = cls;
1515 struct SenderAddress *sender = value; 1443 struct SenderAddress *sender = value;
1516 1444
1517 if ( (sender->address_len == sc->address_len) && 1445 if ((sender->address_len == sc->address_len) &&
1518 (0 == memcmp (sender->address, 1446 (0 == memcmp (sender->address, sc->address, sender->address_len)))
1519 sc->address,
1520 sender->address_len)) )
1521 { 1447 {
1522 sc->sender = sender; 1448 sc->sender = sender;
1523 return GNUNET_NO; /* stop iterating! */ 1449 return GNUNET_NO; /* stop iterating! */
@@ -1543,11 +1469,9 @@ setup_sender (const struct GNUNET_PeerIdentity *target,
1543 socklen_t address_len) 1469 socklen_t address_len)
1544{ 1470{
1545 struct SenderAddress *sender; 1471 struct SenderAddress *sender;
1546 struct SearchContext sc = { 1472 struct SearchContext sc = {.address = address,
1547 .address = address, 1473 .address_len = address_len,
1548 .address_len = address_len, 1474 .sender = NULL};
1549 .sender = NULL
1550 };
1551 1475
1552 GNUNET_CONTAINER_multipeermap_get_multiple (senders, 1476 GNUNET_CONTAINER_multipeermap_get_multiple (senders,
1553 target, 1477 target,
@@ -1560,28 +1484,25 @@ setup_sender (const struct GNUNET_PeerIdentity *target,
1560 } 1484 }
1561 sender = GNUNET_new (struct SenderAddress); 1485 sender = GNUNET_new (struct SenderAddress);
1562 sender->target = *target; 1486 sender->target = *target;
1563 sender->address = GNUNET_memdup (address, 1487 sender->address = GNUNET_memdup (address, address_len);
1564 address_len);
1565 sender->address_len = address_len; 1488 sender->address_len = address_len;
1566 (void) GNUNET_CONTAINER_multipeermap_put (senders, 1489 (void) GNUNET_CONTAINER_multipeermap_put (
1567 &sender->target, 1490 senders,
1568 sender, 1491 &sender->target,
1569 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); 1492 sender,
1493 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1570 GNUNET_STATISTICS_set (stats, 1494 GNUNET_STATISTICS_set (stats,
1571 "# senders active", 1495 "# senders active",
1572 GNUNET_CONTAINER_multipeermap_size (receivers), 1496 GNUNET_CONTAINER_multipeermap_size (receivers),
1573 GNUNET_NO); 1497 GNUNET_NO);
1574 sender->timeout 1498 sender->timeout =
1575 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); 1499 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1576 sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap, 1500 sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1577 sender, 1501 sender,
1578 sender->timeout.abs_value_us); 1502 sender->timeout.abs_value_us);
1579 sender->nt = GNUNET_NT_scanner_get_type (is, 1503 sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
1580 address,
1581 address_len);
1582 if (NULL == timeout_task) 1504 if (NULL == timeout_task)
1583 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, 1505 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
1584 NULL);
1585 return sender; 1506 return sender;
1586} 1507}
1587 1508
@@ -1632,15 +1553,13 @@ sockaddr_to_udpaddr_string (const struct sockaddr *address,
1632 GNUNET_asprintf (&ret, 1553 GNUNET_asprintf (&ret,
1633 "%s-%s", 1554 "%s-%s",
1634 COMMUNICATOR_ADDRESS_PREFIX, 1555 COMMUNICATOR_ADDRESS_PREFIX,
1635 GNUNET_a2s (address, 1556 GNUNET_a2s (address, address_len));
1636 address_len));
1637 break; 1557 break;
1638 case AF_INET6: 1558 case AF_INET6:
1639 GNUNET_asprintf (&ret, 1559 GNUNET_asprintf (&ret,
1640 "%s-%s", 1560 "%s-%s",
1641 COMMUNICATOR_ADDRESS_PREFIX, 1561 COMMUNICATOR_ADDRESS_PREFIX,
1642 GNUNET_a2s (address, 1562 GNUNET_a2s (address, address_len));
1643 address_len));
1644 break; 1563 break;
1645 default: 1564 default:
1646 GNUNET_assert (0); 1565 GNUNET_assert (0);
@@ -1663,11 +1582,10 @@ sock_read (void *cls)
1663 ssize_t rcvd; 1582 ssize_t rcvd;
1664 1583
1665 (void) cls; 1584 (void) cls;
1666 read_task 1585 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1667 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, 1586 udp_sock,
1668 udp_sock, 1587 &sock_read,
1669 &sock_read, 1588 NULL);
1670 NULL);
1671 rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock, 1589 rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1672 buf, 1590 buf,
1673 sizeof (buf), 1591 sizeof (buf),
@@ -1675,8 +1593,7 @@ sock_read (void *cls)
1675 &salen); 1593 &salen);
1676 if (-1 == rcvd) 1594 if (-1 == rcvd)
1677 { 1595 {
1678 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, 1596 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "recv");
1679 "recv");
1680 return; 1597 return;
1681 } 1598 }
1682 1599
@@ -1687,13 +1604,10 @@ sock_read (void *cls)
1687 struct KeyCacheEntry *kce; 1604 struct KeyCacheEntry *kce;
1688 1605
1689 box = (const struct UDPBox *) buf; 1606 box = (const struct UDPBox *) buf;
1690 kce = GNUNET_CONTAINER_multishortmap_get (key_cache, 1607 kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
1691 &box->kid);
1692 if (NULL != kce) 1608 if (NULL != kce)
1693 { 1609 {
1694 decrypt_box (box, 1610 decrypt_box (box, (size_t) rcvd, kce);
1695 (size_t) rcvd,
1696 kce);
1697 return; 1611 return;
1698 } 1612 }
1699 } 1613 }
@@ -1708,9 +1622,7 @@ sock_read (void *cls)
1708 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST); 1622 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST);
1709 uhs.purpose.size = htonl (sizeof (uhs)); 1623 uhs.purpose.size = htonl (sizeof (uhs));
1710 uhs.sender = ub->sender; 1624 uhs.sender = ub->sender;
1711 GNUNET_CRYPTO_hash (&sa, 1625 GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
1712 salen,
1713 &uhs.h_address);
1714 if (GNUNET_OK == 1626 if (GNUNET_OK ==
1715 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST, 1627 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST,
1716 &uhs.purpose, 1628 &uhs.purpose,
@@ -1721,18 +1633,15 @@ sock_read (void *cls)
1721 struct GNUNET_TIME_Absolute expiration; 1633 struct GNUNET_TIME_Absolute expiration;
1722 enum GNUNET_NetworkType nt; 1634 enum GNUNET_NetworkType nt;
1723 1635
1724 addr_s = sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, 1636 addr_s =
1725 salen); 1637 sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
1726 GNUNET_STATISTICS_update (stats, 1638 GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
1727 "# broadcasts received", 1639 /* expire at the broadcast frequency, as then we'll get the next one
1728 1, 1640 * anyway */
1729 GNUNET_NO);
1730 /* expire at the broadcast frequency, as then we'll get the next one anyway */
1731 expiration = GNUNET_TIME_relative_to_absolute (BROADCAST_FREQUENCY); 1641 expiration = GNUNET_TIME_relative_to_absolute (BROADCAST_FREQUENCY);
1732 /* use our own mechanism to determine network type */ 1642 /* use our own mechanism to determine network type */
1733 nt = GNUNET_NT_scanner_get_type (is, 1643 nt =
1734 (const struct sockaddr *) &sa, 1644 GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
1735 salen);
1736 GNUNET_TRANSPORT_application_validate (ah, 1645 GNUNET_TRANSPORT_application_validate (ah,
1737 &ub->sender, 1646 &ub->sender,
1738 expiration, 1647 expiration,
@@ -1749,9 +1658,9 @@ sock_read (void *cls)
1749 if (rcvd < sizeof (struct UDPConfirmation) + sizeof (struct InitialKX)) 1658 if (rcvd < sizeof (struct UDPConfirmation) + sizeof (struct InitialKX))
1750 { 1659 {
1751 GNUNET_STATISTICS_update (stats, 1660 GNUNET_STATISTICS_update (stats,
1752 "# messages dropped (no kid, too small for KX)", 1661 "# messages dropped (no kid, too small for KX)",
1753 1, 1662 1,
1754 GNUNET_NO); 1663 GNUNET_NO);
1755 return; 1664 return;
1756 } 1665 }
1757 1666
@@ -1764,54 +1673,43 @@ sock_read (void *cls)
1764 1673
1765 kx = (const struct InitialKX *) buf; 1674 kx = (const struct InitialKX *) buf;
1766 ss = setup_shared_secret_dec (&kx->ephemeral); 1675 ss = setup_shared_secret_dec (&kx->ephemeral);
1767 if (GNUNET_OK != 1676 if (GNUNET_OK != try_decrypt (ss,
1768 try_decrypt (ss, 1677 kx->gcm_tag,
1769 kx->gcm_tag, 1678 0,
1770 0, 1679 &buf[sizeof (*kx)],
1771 &buf[sizeof (*kx)], 1680 sizeof (pbuf),
1772 sizeof (pbuf), 1681 pbuf))
1773 pbuf))
1774 { 1682 {
1775 GNUNET_free (ss); 1683 GNUNET_free (ss);
1776 GNUNET_STATISTICS_update (stats, 1684 GNUNET_STATISTICS_update (
1777 "# messages dropped (no kid, AEAD decryption failed)", 1685 stats,
1778 1, 1686 "# messages dropped (no kid, AEAD decryption failed)",
1779 GNUNET_NO); 1687 1,
1688 GNUNET_NO);
1780 return; 1689 return;
1781 } 1690 }
1782 uc = (const struct UDPConfirmation *) pbuf; 1691 uc = (const struct UDPConfirmation *) pbuf;
1783 if (GNUNET_OK != 1692 if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
1784 verify_confirmation (&kx->ephemeral,
1785 uc))
1786 { 1693 {
1787 GNUNET_break_op (0); 1694 GNUNET_break_op (0);
1788 GNUNET_free (ss); 1695 GNUNET_free (ss);
1789 GNUNET_STATISTICS_update (stats, 1696 GNUNET_STATISTICS_update (stats,
1790 "# messages dropped (sender signature invalid)", 1697 "# messages dropped (sender signature invalid)",
1791 1, 1698 1,
1792 GNUNET_NO); 1699 GNUNET_NO);
1793 return; 1700 return;
1794 } 1701 }
1795 calculate_cmac (ss); 1702 calculate_cmac (ss);
1796 sender = setup_sender (&uc->sender, 1703 sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
1797 (const struct sockaddr *) &sa,
1798 salen);
1799 ss->sender = sender; 1704 ss->sender = sender;
1800 GNUNET_CONTAINER_DLL_insert (sender->ss_head, 1705 GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
1801 sender->ss_tail,
1802 ss);
1803 sender->num_secrets++; 1706 sender->num_secrets++;
1804 GNUNET_STATISTICS_update (stats, 1707 GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1805 "# Secrets active",
1806 1,
1807 GNUNET_NO);
1808 GNUNET_STATISTICS_update (stats, 1708 GNUNET_STATISTICS_update (stats,
1809 "# messages decrypted without BOX", 1709 "# messages decrypted without BOX",
1810 1, 1710 1,
1811 GNUNET_NO); 1711 GNUNET_NO);
1812 try_handle_plaintext (sender, 1712 try_handle_plaintext (sender, &uc[1], sizeof (pbuf) - sizeof (*uc));
1813 &uc[1],
1814 sizeof (pbuf) - sizeof (*uc));
1815 consider_ss_ack (ss); 1713 consider_ss_ack (ss);
1816 if (sender->num_secrets > MAX_SECRETS) 1714 if (sender->num_secrets > MAX_SECRETS)
1817 secret_destroy (sender->ss_tail); 1715 secret_destroy (sender->ss_tail);
@@ -1827,8 +1725,7 @@ sock_read (void *cls)
1827 * @return converted bindto specification 1725 * @return converted bindto specification
1828 */ 1726 */
1829static struct sockaddr * 1727static struct sockaddr *
1830udp_address_to_sockaddr (const char *bindto, 1728udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
1831 socklen_t *sock_len)
1832{ 1729{
1833 struct sockaddr *in; 1730 struct sockaddr *in;
1834 unsigned int port; 1731 unsigned int port;
@@ -1836,10 +1733,7 @@ udp_address_to_sockaddr (const char *bindto,
1836 char *colon; 1733 char *colon;
1837 char *cp; 1734 char *cp;
1838 1735
1839 if (1 == SSCANF (bindto, 1736 if (1 == SSCANF (bindto, "%u%1s", &port, dummy))
1840 "%u%1s",
1841 &port,
1842 dummy))
1843 { 1737 {
1844 /* interpreting value as just a PORT number */ 1738 /* interpreting value as just a PORT number */
1845 if (port > UINT16_MAX) 1739 if (port > UINT16_MAX)
@@ -1849,12 +1743,11 @@ udp_address_to_sockaddr (const char *bindto,
1849 bindto); 1743 bindto);
1850 return NULL; 1744 return NULL;
1851 } 1745 }
1852 if ( (GNUNET_NO == 1746 if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
1853 GNUNET_NETWORK_test_pf (PF_INET6)) || 1747 (GNUNET_YES ==
1854 (GNUNET_YES == 1748 GNUNET_CONFIGURATION_get_value_yesno (cfg,
1855 GNUNET_CONFIGURATION_get_value_yesno (cfg, 1749 COMMUNICATOR_CONFIG_SECTION,
1856 COMMUNICATOR_CONFIG_SECTION, 1750 "DISABLE_V6")))
1857 "DISABLE_V6")) )
1858 { 1751 {
1859 struct sockaddr_in *i4; 1752 struct sockaddr_in *i4;
1860 1753
@@ -1883,26 +1776,24 @@ udp_address_to_sockaddr (const char *bindto,
1883 /* interpet value after colon as port */ 1776 /* interpet value after colon as port */
1884 *colon = '\0'; 1777 *colon = '\0';
1885 colon++; 1778 colon++;
1886 if (1 == SSCANF (colon, 1779 if (1 == SSCANF (colon, "%u%1s", &port, dummy))
1887 "%u%1s",
1888 &port,
1889 dummy))
1890 { 1780 {
1891 /* interpreting value as just a PORT number */ 1781 /* interpreting value as just a PORT number */
1892 if (port > UINT16_MAX) 1782 if (port > UINT16_MAX)
1893 { 1783 {
1894 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 1784 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1895 "BINDTO specification `%s' invalid: value too large for port\n", 1785 "BINDTO specification `%s' invalid: value too large for port\n",
1896 bindto); 1786 bindto);
1897 GNUNET_free (cp); 1787 GNUNET_free (cp);
1898 return NULL; 1788 return NULL;
1899 } 1789 }
1900 } 1790 }
1901 else 1791 else
1902 { 1792 {
1903 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 1793 GNUNET_log (
1904 "BINDTO specification `%s' invalid: last ':' not followed by number\n", 1794 GNUNET_ERROR_TYPE_ERROR,
1905 bindto); 1795 "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1796 bindto);
1906 GNUNET_free (cp); 1797 GNUNET_free (cp);
1907 return NULL; 1798 return NULL;
1908 } 1799 }
@@ -1916,13 +1807,10 @@ udp_address_to_sockaddr (const char *bindto,
1916 /* try IPv4 */ 1807 /* try IPv4 */
1917 struct sockaddr_in v4; 1808 struct sockaddr_in v4;
1918 1809
1919 if (1 == inet_pton (AF_INET, 1810 if (1 == inet_pton (AF_INET, cp, &v4))
1920 cp,
1921 &v4))
1922 { 1811 {
1923 v4.sin_port = htons ((uint16_t) port); 1812 v4.sin_port = htons ((uint16_t) port);
1924 in = GNUNET_memdup (&v4, 1813 in = GNUNET_memdup (&v4, sizeof (v4));
1925 sizeof (v4));
1926 *sock_len = sizeof (v4); 1814 *sock_len = sizeof (v4);
1927 GNUNET_free (cp); 1815 GNUNET_free (cp);
1928 return in; 1816 return in;
@@ -1934,19 +1822,15 @@ udp_address_to_sockaddr (const char *bindto,
1934 const char *start; 1822 const char *start;
1935 1823
1936 start = cp; 1824 start = cp;
1937 if ( ('[' == *cp) && 1825 if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
1938 (']' == cp[strlen (cp)-1]) )
1939 { 1826 {
1940 start++; /* skip over '[' */ 1827 start++; /* skip over '[' */
1941 cp[strlen (cp) -1] = '\0'; /* eat ']' */ 1828 cp[strlen (cp) - 1] = '\0'; /* eat ']' */
1942 } 1829 }
1943 if (1 == inet_pton (AF_INET6, 1830 if (1 == inet_pton (AF_INET6, start, &v6))
1944 start,
1945 &v6))
1946 { 1831 {
1947 v6.sin6_port = htons ((uint16_t) port); 1832 v6.sin6_port = htons ((uint16_t) port);
1948 in = GNUNET_memdup (&v6, 1833 in = GNUNET_memdup (&v6, sizeof (v6));
1949 sizeof (v6));
1950 *sock_len = sizeof (v6); 1834 *sock_len = sizeof (v6);
1951 GNUNET_free (cp); 1835 GNUNET_free (cp);
1952 return in; 1836 return in;
@@ -1966,32 +1850,22 @@ udp_address_to_sockaddr (const char *bindto,
1966 * @param pad_size number of bytes of padding to append 1850 * @param pad_size number of bytes of padding to append
1967 */ 1851 */
1968static void 1852static void
1969do_pad (gcry_cipher_hd_t out_cipher, 1853do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
1970 char *dgram,
1971 size_t pad_size)
1972{ 1854{
1973 char pad[pad_size]; 1855 char pad[pad_size];
1974 1856
1975 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, 1857 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, pad, sizeof (pad));
1976 pad,
1977 sizeof (pad));
1978 if (sizeof (pad) > sizeof (struct GNUNET_MessageHeader)) 1858 if (sizeof (pad) > sizeof (struct GNUNET_MessageHeader))
1979 { 1859 {
1980 struct GNUNET_MessageHeader hdr = { 1860 struct GNUNET_MessageHeader hdr =
1981 .size = htons (sizeof (pad)), 1861 {.size = htons (sizeof (pad)),
1982 .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) 1862 .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD)};
1983 }; 1863
1984 1864 memcpy (pad, &hdr, sizeof (hdr));
1985 memcpy (pad, 1865 }
1986 &hdr, 1866 GNUNET_assert (
1987 sizeof (hdr)); 1867 0 ==
1988 } 1868 gcry_cipher_encrypt (out_cipher, dgram, sizeof (pad), pad, sizeof (pad)));
1989 GNUNET_assert (0 ==
1990 gcry_cipher_encrypt (out_cipher,
1991 dgram,
1992 sizeof (pad),
1993 pad,
1994 sizeof (pad)));
1995} 1869}
1996 1870
1997 1871
@@ -2027,83 +1901,61 @@ mq_send (struct GNUNET_MQ_Handle *mq,
2027 struct UDPConfirmation uc; 1901 struct UDPConfirmation uc;
2028 struct InitialKX kx; 1902 struct InitialKX kx;
2029 struct GNUNET_CRYPTO_EcdhePrivateKey epriv; 1903 struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2030 char dgram[receiver->mtu + 1904 char dgram[receiver->mtu + sizeof (uc) + sizeof (kx)];
2031 sizeof (uc) +
2032 sizeof (kx)];
2033 size_t dpos; 1905 size_t dpos;
2034 gcry_cipher_hd_t out_cipher; 1906 gcry_cipher_hd_t out_cipher;
2035 struct SharedSecret *ss; 1907 struct SharedSecret *ss;
2036 1908
2037 /* setup key material */ 1909 /* setup key material */
2038 GNUNET_assert (GNUNET_OK == 1910 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdhe_key_create2 (&epriv));
2039 GNUNET_CRYPTO_ecdhe_key_create2 (&epriv)); 1911
2040 1912 ss = setup_shared_secret_enc (&epriv, receiver);
2041 ss = setup_shared_secret_enc (&epriv, 1913 setup_cipher (&ss->master, 0, &out_cipher);
2042 receiver);
2043 setup_cipher (&ss->master,
2044 0,
2045 &out_cipher);
2046 /* compute 'uc' */ 1914 /* compute 'uc' */
2047 uc.sender = my_identity; 1915 uc.sender = my_identity;
2048 uc.monotonic_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg)); 1916 uc.monotonic_time =
1917 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
2049 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE); 1918 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE);
2050 uhs.purpose.size = htonl (sizeof (uhs)); 1919 uhs.purpose.size = htonl (sizeof (uhs));
2051 uhs.sender = my_identity; 1920 uhs.sender = my_identity;
2052 uhs.receiver = receiver->target; 1921 uhs.receiver = receiver->target;
2053 GNUNET_CRYPTO_ecdhe_key_get_public (&epriv, 1922 GNUNET_CRYPTO_ecdhe_key_get_public (&epriv, &uhs.ephemeral);
2054 &uhs.ephemeral);
2055 uhs.monotonic_time = uc.monotonic_time; 1923 uhs.monotonic_time = uc.monotonic_time;
2056 GNUNET_assert (GNUNET_OK == 1924 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
2057 GNUNET_CRYPTO_eddsa_sign (my_private_key, 1925 &uhs.purpose,
2058 &uhs.purpose, 1926 &uc.sender_sig));
2059 &uc.sender_sig));
2060 /* Leave space for kx */ 1927 /* Leave space for kx */
2061 dpos = sizeof (struct GNUNET_CRYPTO_EcdhePublicKey); 1928 dpos = sizeof (struct GNUNET_CRYPTO_EcdhePublicKey);
2062 /* Append encrypted uc to dgram */ 1929 /* Append encrypted uc to dgram */
2063 GNUNET_assert (0 == 1930 GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
2064 gcry_cipher_encrypt (out_cipher, 1931 &dgram[dpos],
2065 &dgram[dpos], 1932 sizeof (uc),
2066 sizeof (uc), 1933 &uc,
2067 &uc, 1934 sizeof (uc)));
2068 sizeof (uc)));
2069 dpos += sizeof (uc); 1935 dpos += sizeof (uc);
2070 /* Append encrypted payload to dgram */ 1936 /* Append encrypted payload to dgram */
2071 GNUNET_assert (0 == 1937 GNUNET_assert (
2072 gcry_cipher_encrypt (out_cipher, 1938 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2073 &dgram[dpos],
2074 msize,
2075 msg,
2076 msize));
2077 dpos += msize; 1939 dpos += msize;
2078 do_pad (out_cipher, 1940 do_pad (out_cipher, &dgram[dpos], sizeof (dgram) - dpos);
2079 &dgram[dpos],
2080 sizeof (dgram) - dpos);
2081 /* Datagram starts with kx */ 1941 /* Datagram starts with kx */
2082 kx.ephemeral = uhs.ephemeral; 1942 kx.ephemeral = uhs.ephemeral;
2083 GNUNET_assert (0 == 1943 GNUNET_assert (
2084 gcry_cipher_gettag (out_cipher, 1944 0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof (kx.gcm_tag)));
2085 kx.gcm_tag,
2086 sizeof (kx.gcm_tag)));
2087 gcry_cipher_close (out_cipher); 1945 gcry_cipher_close (out_cipher);
2088 memcpy (dgram, 1946 memcpy (dgram, &kx, sizeof (kx));
2089 &kx, 1947 if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2090 sizeof (kx)); 1948 dgram,
2091 if (-1 == 1949 sizeof (dgram),
2092 GNUNET_NETWORK_socket_sendto (udp_sock, 1950 receiver->address,
2093 dgram, 1951 receiver->address_len))
2094 sizeof (dgram), 1952 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
2095 receiver->address,
2096 receiver->address_len))
2097 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
2098 "send");
2099 GNUNET_MQ_impl_send_continue (mq); 1953 GNUNET_MQ_impl_send_continue (mq);
2100 return; 1954 return;
2101 } /* End of KX encryption method */ 1955 } /* End of KX encryption method */
2102 1956
2103 /* begin "BOX" encryption method, scan for ACKs from tail! */ 1957 /* begin "BOX" encryption method, scan for ACKs from tail! */
2104 for (struct SharedSecret *ss = receiver->ss_tail; 1958 for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
2105 NULL != ss;
2106 ss = ss->prev)
2107 { 1959 {
2108 if (ss->sequence_used < ss->sequence_allowed) 1960 if (ss->sequence_used < ss->sequence_allowed)
2109 { 1961 {
@@ -2114,37 +1966,24 @@ mq_send (struct GNUNET_MQ_Handle *mq,
2114 1966
2115 box = (struct UDPBox *) dgram; 1967 box = (struct UDPBox *) dgram;
2116 ss->sequence_used++; 1968 ss->sequence_used++;
2117 get_kid (&ss->master, 1969 get_kid (&ss->master, ss->sequence_used, &box->kid);
2118 ss->sequence_used, 1970 setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
2119 &box->kid);
2120 setup_cipher (&ss->master,
2121 ss->sequence_used,
2122 &out_cipher);
2123 /* Append encrypted payload to dgram */ 1971 /* Append encrypted payload to dgram */
2124 dpos = sizeof (struct UDPBox); 1972 dpos = sizeof (struct UDPBox);
2125 GNUNET_assert (0 == 1973 GNUNET_assert (
2126 gcry_cipher_encrypt (out_cipher, 1974 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2127 &dgram[dpos],
2128 msize,
2129 msg,
2130 msize));
2131 dpos += msize; 1975 dpos += msize;
2132 do_pad (out_cipher, 1976 do_pad (out_cipher, &dgram[dpos], sizeof (dgram) - dpos);
2133 &dgram[dpos], 1977 GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
2134 sizeof (dgram) - dpos); 1978 box->gcm_tag,
2135 GNUNET_assert (0 == 1979 sizeof (box->gcm_tag)));
2136 gcry_cipher_gettag (out_cipher,
2137 box->gcm_tag,
2138 sizeof (box->gcm_tag)));
2139 gcry_cipher_close (out_cipher); 1980 gcry_cipher_close (out_cipher);
2140 if (-1 == 1981 if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2141 GNUNET_NETWORK_socket_sendto (udp_sock, 1982 dgram,
2142 dgram, 1983 sizeof (dgram),
2143 sizeof (dgram), 1984 receiver->address,
2144 receiver->address, 1985 receiver->address_len))
2145 receiver->address_len)) 1986 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
2146 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
2147 "send");
2148 GNUNET_MQ_impl_send_continue (mq); 1987 GNUNET_MQ_impl_send_continue (mq);
2149 receiver->acks_available--; 1988 receiver->acks_available--;
2150 if (0 == receiver->acks_available) 1989 if (0 == receiver->acks_available)
@@ -2168,8 +2007,7 @@ mq_send (struct GNUNET_MQ_Handle *mq,
2168 * @param impl_state our `struct ReceiverAddress` 2007 * @param impl_state our `struct ReceiverAddress`
2169 */ 2008 */
2170static void 2009static void
2171mq_destroy (struct GNUNET_MQ_Handle *mq, 2010mq_destroy (struct GNUNET_MQ_Handle *mq, void *impl_state)
2172 void *impl_state)
2173{ 2011{
2174 struct ReceiverAddress *receiver = impl_state; 2012 struct ReceiverAddress *receiver = impl_state;
2175 2013
@@ -2188,8 +2026,7 @@ mq_destroy (struct GNUNET_MQ_Handle *mq,
2188 * @param impl_state our `struct RecvierAddress` 2026 * @param impl_state our `struct RecvierAddress`
2189 */ 2027 */
2190static void 2028static void
2191mq_cancel (struct GNUNET_MQ_Handle *mq, 2029mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
2192 void *impl_state)
2193{ 2030{
2194 /* Cancellation is impossible with UDP; bail */ 2031 /* Cancellation is impossible with UDP; bail */
2195 GNUNET_assert (0); 2032 GNUNET_assert (0);
@@ -2206,8 +2043,7 @@ mq_cancel (struct GNUNET_MQ_Handle *mq,
2206 * @param error error code 2043 * @param error error code
2207 */ 2044 */
2208static void 2045static void
2209mq_error (void *cls, 2046mq_error (void *cls, enum GNUNET_MQ_Error error)
2210 enum GNUNET_MQ_Error error)
2211{ 2047{
2212 struct ReceiverAddress *receiver = cls; 2048 struct ReceiverAddress *receiver = cls;
2213 2049
@@ -2240,16 +2076,14 @@ setup_receiver_mq (struct ReceiverAddress *receiver)
2240 switch (receiver->address->sa_family) 2076 switch (receiver->address->sa_family)
2241 { 2077 {
2242 case AF_INET: 2078 case AF_INET:
2243 base_mtu 2079 base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
2244 = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */ 2080 - sizeof (struct GNUNET_TUN_IPv4Header) /* 20 */
2245 - sizeof (struct GNUNET_TUN_IPv4Header) /* 20 */ 2081 - sizeof (struct GNUNET_TUN_UdpHeader) /* 8 */;
2246 - sizeof (struct GNUNET_TUN_UdpHeader) /* 8 */;
2247 break; 2082 break;
2248 case AF_INET6: 2083 case AF_INET6:
2249 base_mtu 2084 base_mtu = 1280 /* Minimum MTU required by IPv6 */
2250 = 1280 /* Minimum MTU required by IPv6 */ 2085 - sizeof (struct GNUNET_TUN_IPv6Header) /* 40 */
2251 - sizeof (struct GNUNET_TUN_IPv6Header) /* 40 */ 2086 - sizeof (struct GNUNET_TUN_UdpHeader) /* 8 */;
2252 - sizeof (struct GNUNET_TUN_UdpHeader) /* 8 */;
2253 break; 2087 break;
2254 default: 2088 default:
2255 GNUNET_assert (0); 2089 GNUNET_assert (0);
@@ -2258,35 +2092,31 @@ setup_receiver_mq (struct ReceiverAddress *receiver)
2258 if (0 == receiver->acks_available) 2092 if (0 == receiver->acks_available)
2259 { 2093 {
2260 /* MTU based on full KX messages */ 2094 /* MTU based on full KX messages */
2261 receiver->mtu 2095 receiver->mtu = base_mtu - sizeof (struct InitialKX) /* 48 */
2262 = base_mtu 2096 - sizeof (struct UDPConfirmation); /* 104 */
2263 - sizeof (struct InitialKX) /* 48 */
2264 - sizeof (struct UDPConfirmation); /* 104 */
2265 } 2097 }
2266 else 2098 else
2267 { 2099 {
2268 /* MTU based on BOXed messages */ 2100 /* MTU based on BOXed messages */
2269 receiver->mtu 2101 receiver->mtu = base_mtu - sizeof (struct UDPBox);
2270 = base_mtu - sizeof (struct UDPBox);
2271 } 2102 }
2272 /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to 2103 /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
2273 1404 (IPv4 + Box) bytes, depending on circumstances... */ 2104 1404 (IPv4 + Box) bytes, depending on circumstances... */
2274 receiver->mq 2105 receiver->mq = GNUNET_MQ_queue_for_callbacks (&mq_send,
2275 = GNUNET_MQ_queue_for_callbacks (&mq_send, 2106 &mq_destroy,
2276 &mq_destroy, 2107 &mq_cancel,
2277 &mq_cancel, 2108 receiver,
2278 receiver, 2109 NULL,
2279 NULL, 2110 &mq_error,
2280 &mq_error, 2111 receiver);
2281 receiver); 2112 receiver->qh =
2282 receiver->qh 2113 GNUNET_TRANSPORT_communicator_mq_add (ch,
2283 = GNUNET_TRANSPORT_communicator_mq_add (ch, 2114 &receiver->target,
2284 &receiver->target, 2115 receiver->foreign_addr,
2285 receiver->foreign_addr, 2116 receiver->mtu,
2286 receiver->mtu, 2117 receiver->nt,
2287 receiver->nt, 2118 GNUNET_TRANSPORT_CS_OUTBOUND,
2288 GNUNET_TRANSPORT_CS_OUTBOUND, 2119 receiver->mq);
2289 receiver->mq);
2290} 2120}
2291 2121
2292 2122
@@ -2307,19 +2137,17 @@ receiver_setup (const struct GNUNET_PeerIdentity *target,
2307 struct ReceiverAddress *receiver; 2137 struct ReceiverAddress *receiver;
2308 2138
2309 receiver = GNUNET_new (struct ReceiverAddress); 2139 receiver = GNUNET_new (struct ReceiverAddress);
2310 receiver->address = GNUNET_memdup (address, 2140 receiver->address = GNUNET_memdup (address, address_len);
2311 address_len);
2312 receiver->address_len = address_len; 2141 receiver->address_len = address_len;
2313 receiver->target = *target; 2142 receiver->target = *target;
2314 receiver->nt = GNUNET_NT_scanner_get_type (is, 2143 receiver->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
2315 address, 2144 (void) GNUNET_CONTAINER_multipeermap_put (
2316 address_len); 2145 receivers,
2317 (void) GNUNET_CONTAINER_multipeermap_put (receivers, 2146 &receiver->target,
2318 &receiver->target, 2147 receiver,
2319 receiver, 2148 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
2320 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); 2149 receiver->timeout =
2321 receiver->timeout 2150 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
2322 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
2323 receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap, 2151 receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
2324 receiver, 2152 receiver,
2325 receiver->timeout.abs_value_us); 2153 receiver->timeout.abs_value_us);
@@ -2327,13 +2155,12 @@ receiver_setup (const struct GNUNET_PeerIdentity *target,
2327 "# receivers active", 2155 "# receivers active",
2328 GNUNET_CONTAINER_multipeermap_size (receivers), 2156 GNUNET_CONTAINER_multipeermap_size (receivers),
2329 GNUNET_NO); 2157 GNUNET_NO);
2330 receiver->foreign_addr = sockaddr_to_udpaddr_string (receiver->address, 2158 receiver->foreign_addr =
2331 receiver->address_len); 2159 sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
2332 setup_receiver_mq (receiver); 2160 setup_receiver_mq (receiver);
2333 2161
2334 if (NULL == timeout_task) 2162 if (NULL == timeout_task)
2335 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, 2163 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2336 NULL);
2337 return receiver; 2164 return receiver;
2338} 2165}
2339 2166
@@ -2353,12 +2180,11 @@ receiver_setup (const struct GNUNET_PeerIdentity *target,
2353 * @param peer identity of the other peer 2180 * @param peer identity of the other peer
2354 * @param address where to send the message, human-readable 2181 * @param address where to send the message, human-readable
2355 * communicator-specific format, 0-terminated, UTF-8 2182 * communicator-specific format, 0-terminated, UTF-8
2356 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is invalid 2183 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is
2184 * invalid
2357 */ 2185 */
2358static int 2186static int
2359mq_init (void *cls, 2187mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2360 const struct GNUNET_PeerIdentity *peer,
2361 const char *address)
2362{ 2188{
2363 struct ReceiverAddress *receiver; 2189 struct ReceiverAddress *receiver;
2364 const char *path; 2190 const char *path;
@@ -2373,11 +2199,8 @@ mq_init (void *cls,
2373 return GNUNET_SYSERR; 2199 return GNUNET_SYSERR;
2374 } 2200 }
2375 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")]; 2201 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2376 in = udp_address_to_sockaddr (path, 2202 in = udp_address_to_sockaddr (path, &in_len);
2377 &in_len); 2203 receiver = receiver_setup (peer, in, in_len);
2378 receiver = receiver_setup (peer,
2379 in,
2380 in_len);
2381 (void) receiver; 2204 (void) receiver;
2382 return GNUNET_OK; 2205 return GNUNET_OK;
2383} 2206}
@@ -2437,8 +2260,8 @@ do_shutdown (void *cls)
2437{ 2260{
2438 if (NULL != nat) 2261 if (NULL != nat)
2439 { 2262 {
2440 GNUNET_NAT_unregister (nat); 2263 GNUNET_NAT_unregister (nat);
2441 nat = NULL; 2264 nat = NULL;
2442 } 2265 }
2443 while (NULL != bi_head) 2266 while (NULL != bi_head)
2444 bi_destroy (bi_head); 2267 bi_destroy (bi_head);
@@ -2454,17 +2277,14 @@ do_shutdown (void *cls)
2454 } 2277 }
2455 if (NULL != udp_sock) 2278 if (NULL != udp_sock)
2456 { 2279 {
2457 GNUNET_break (GNUNET_OK == 2280 GNUNET_break (GNUNET_OK == GNUNET_NETWORK_socket_close (udp_sock));
2458 GNUNET_NETWORK_socket_close (udp_sock));
2459 udp_sock = NULL; 2281 udp_sock = NULL;
2460 } 2282 }
2461 GNUNET_CONTAINER_multipeermap_iterate (receivers, 2283 GNUNET_CONTAINER_multipeermap_iterate (receivers,
2462 &get_receiver_delete_it, 2284 &get_receiver_delete_it,
2463 NULL); 2285 NULL);
2464 GNUNET_CONTAINER_multipeermap_destroy (receivers); 2286 GNUNET_CONTAINER_multipeermap_destroy (receivers);
2465 GNUNET_CONTAINER_multipeermap_iterate (senders, 2287 GNUNET_CONTAINER_multipeermap_iterate (senders, &get_sender_delete_it, NULL);
2466 &get_sender_delete_it,
2467 NULL);
2468 GNUNET_CONTAINER_multipeermap_destroy (senders); 2288 GNUNET_CONTAINER_multipeermap_destroy (senders);
2469 GNUNET_CONTAINER_multishortmap_destroy (key_cache); 2289 GNUNET_CONTAINER_multishortmap_destroy (key_cache);
2470 GNUNET_CONTAINER_heap_destroy (senders_heap); 2290 GNUNET_CONTAINER_heap_destroy (senders_heap);
@@ -2481,8 +2301,7 @@ do_shutdown (void *cls)
2481 } 2301 }
2482 if (NULL != stats) 2302 if (NULL != stats)
2483 { 2303 {
2484 GNUNET_STATISTICS_destroy (stats, 2304 GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
2485 GNUNET_NO);
2486 stats = NULL; 2305 stats = NULL;
2487 } 2306 }
2488 if (NULL != my_private_key) 2307 if (NULL != my_private_key)
@@ -2515,8 +2334,8 @@ enc_notify_cb (void *cls,
2515 const struct UDPAck *ack; 2334 const struct UDPAck *ack;
2516 2335
2517 (void) cls; 2336 (void) cls;
2518 if ( (ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) || 2337 if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2519 (ntohs (msg->size) != sizeof (struct UDPAck)) ) 2338 (ntohs (msg->size) != sizeof (struct UDPAck)))
2520 { 2339 {
2521 GNUNET_break_op (0); 2340 GNUNET_break_op (0);
2522 return; 2341 return;
@@ -2560,15 +2379,13 @@ nat_address_cb (void *cls,
2560 GNUNET_asprintf (&my_addr, 2379 GNUNET_asprintf (&my_addr,
2561 "%s-%s", 2380 "%s-%s",
2562 COMMUNICATOR_ADDRESS_PREFIX, 2381 COMMUNICATOR_ADDRESS_PREFIX,
2563 GNUNET_a2s (addr, 2382 GNUNET_a2s (addr, addrlen));
2564 addrlen)); 2383 nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2565 nt = GNUNET_NT_scanner_get_type (is, 2384 ai =
2566 addr, 2385 GNUNET_TRANSPORT_communicator_address_add (ch,
2567 addrlen); 2386 my_addr,
2568 ai = GNUNET_TRANSPORT_communicator_address_add (ch, 2387 nt,
2569 my_addr, 2388 GNUNET_TIME_UNIT_FOREVER_REL);
2570 nt,
2571 GNUNET_TIME_UNIT_FOREVER_REL);
2572 GNUNET_free (my_addr); 2389 GNUNET_free (my_addr);
2573 *app_ctx = ai; 2390 *app_ctx = ai;
2574 } 2391 }
@@ -2593,67 +2410,57 @@ ifc_broadcast (void *cls)
2593 struct GNUNET_TIME_Relative delay; 2410 struct GNUNET_TIME_Relative delay;
2594 2411
2595 delay = BROADCAST_FREQUENCY; 2412 delay = BROADCAST_FREQUENCY;
2596 delay.rel_value_us = GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, 2413 delay.rel_value_us =
2597 delay.rel_value_us); 2414 GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, delay.rel_value_us);
2598 bi->broadcast_task 2415 bi->broadcast_task =
2599 = GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY, 2416 GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY, &ifc_broadcast, bi);
2600 &ifc_broadcast, 2417
2601 bi); 2418 switch (bi->sa->sa_family)
2602 2419 {
2603 switch (bi->sa->sa_family) { 2420 case AF_INET: {
2604 case AF_INET: 2421 static int yes = 1;
2605 { 2422 static int no = 0;
2606 static int yes = 1; 2423 ssize_t sent;
2607 static int no = 0; 2424
2608 ssize_t sent; 2425 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
2609 2426 SOL_SOCKET,
2610 if (GNUNET_OK != 2427 SO_BROADCAST,
2611 GNUNET_NETWORK_socket_setsockopt (udp_sock, 2428 &yes,
2612 SOL_SOCKET, 2429 sizeof (int)))
2613 SO_BROADCAST, 2430 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
2614 &yes, 2431 sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2615 sizeof (int))) 2432 &bi->bcm,
2616 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 2433 sizeof (bi->bcm),
2617 "setsockopt"); 2434 bi->ba,
2618 sent = GNUNET_NETWORK_socket_sendto (udp_sock, 2435 bi->salen);
2619 &bi->bcm, 2436 if (-1 == sent)
2620 sizeof (bi->bcm), 2437 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "sendto");
2621 bi->ba, 2438 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
2622 bi->salen); 2439 SOL_SOCKET,
2623 if (-1 == sent) 2440 SO_BROADCAST,
2624 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 2441 &no,
2625 "sendto"); 2442 sizeof (int)))
2626 if (GNUNET_OK != 2443 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
2627 GNUNET_NETWORK_socket_setsockopt (udp_sock, 2444 break;
2628 SOL_SOCKET, 2445 }
2629 SO_BROADCAST, 2446 case AF_INET6: {
2630 &no, 2447 ssize_t sent;
2631 sizeof (int))) 2448 struct sockaddr_in6 dst;
2632 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 2449
2633 "setsockopt"); 2450 dst.sin6_family = AF_INET6;
2634 break; 2451 dst.sin6_port = htons (my_port);
2635 } 2452 dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
2636 case AF_INET6: 2453 dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
2637 { 2454
2638 ssize_t sent; 2455 sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2639 struct sockaddr_in6 dst; 2456 &bi->bcm,
2640 2457 sizeof (bi->bcm),
2641 dst.sin6_family = AF_INET6; 2458 (const struct sockaddr *) &dst,
2642 dst.sin6_port = htons (my_port); 2459 sizeof (dst));
2643 dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr; 2460 if (-1 == sent)
2644 dst.sin6_scope_id = ((struct sockaddr_in6*) bi->ba)->sin6_scope_id; 2461 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "sendto");
2645 2462 break;
2646 sent = GNUNET_NETWORK_socket_sendto (udp_sock, 2463 }
2647 &bi->bcm,
2648 sizeof (bi->bcm),
2649 (const struct sockaddr *)
2650 &dst,
2651 sizeof (dst));
2652 if (-1 == sent)
2653 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
2654 "sendto");
2655 break;
2656 }
2657 default: 2464 default:
2658 GNUNET_break (0); 2465 GNUNET_break (0);
2659 break; 2466 break;
@@ -2669,7 +2476,8 @@ ifc_broadcast (void *cls)
2669 * @param name name of the interface (can be NULL for unknown) 2476 * @param name name of the interface (can be NULL for unknown)
2670 * @param isDefault is this presumably the default interface 2477 * @param isDefault is this presumably the default interface
2671 * @param addr address of this interface (can be NULL for unknown or unassigned) 2478 * @param addr address of this interface (can be NULL for unknown or unassigned)
2672 * @param broadcast_addr the broadcast address (can be NULL for unknown or unassigned) 2479 * @param broadcast_addr the broadcast address (can be NULL for unknown or
2480 * unassigned)
2673 * @param netmask the network mask (can be NULL for unknown or unassigned) 2481 * @param netmask the network mask (can be NULL for unknown or unassigned)
2674 * @param addrlen length of the address 2482 * @param addrlen length of the address
2675 * @return #GNUNET_OK to continue iteration, #GNUNET_SYSERR to abort 2483 * @return #GNUNET_OK to continue iteration, #GNUNET_SYSERR to abort
@@ -2680,7 +2488,8 @@ iface_proc (void *cls,
2680 int isDefault, 2488 int isDefault,
2681 const struct sockaddr *addr, 2489 const struct sockaddr *addr,
2682 const struct sockaddr *broadcast_addr, 2490 const struct sockaddr *broadcast_addr,
2683 const struct sockaddr *netmask, socklen_t addrlen) 2491 const struct sockaddr *netmask,
2492 socklen_t addrlen)
2684{ 2493{
2685 struct BroadcastInterface *bi; 2494 struct BroadcastInterface *bi;
2686 enum GNUNET_NetworkType network; 2495 enum GNUNET_NetworkType network;
@@ -2688,9 +2497,7 @@ iface_proc (void *cls,
2688 2497
2689 (void) cls; 2498 (void) cls;
2690 (void) netmask; 2499 (void) netmask;
2691 network = GNUNET_NT_scanner_get_type (is, 2500 network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2692 addr,
2693 addrlen);
2694 if (GNUNET_NT_LOOPBACK == network) 2501 if (GNUNET_NT_LOOPBACK == network)
2695 { 2502 {
2696 /* Broadcasting on loopback does not make sense */ 2503 /* Broadcasting on loopback does not make sense */
@@ -2700,58 +2507,42 @@ iface_proc (void *cls,
2700 return GNUNET_YES; /* need to know our address! */ 2507 return GNUNET_YES; /* need to know our address! */
2701 for (bi = bi_head; NULL != bi; bi = bi->next) 2508 for (bi = bi_head; NULL != bi; bi = bi->next)
2702 { 2509 {
2703 if ( (bi->salen == addrlen) && 2510 if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
2704 (0 == memcmp (addr,
2705 bi->sa,
2706 addrlen)) )
2707 { 2511 {
2708 bi->found = GNUNET_YES; 2512 bi->found = GNUNET_YES;
2709 return GNUNET_OK; 2513 return GNUNET_OK;
2710 } 2514 }
2711 } 2515 }
2712 2516
2713 if ( (AF_INET6 == addr->sa_family) && 2517 if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
2714 (NULL == broadcast_addr) )
2715 return GNUNET_OK; /* broadcast_addr is required for IPv6! */ 2518 return GNUNET_OK; /* broadcast_addr is required for IPv6! */
2716 if ( (AF_INET6 == addr->sa_family) && 2519 if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
2717 (GNUNET_YES != have_v6_socket) )
2718 return GNUNET_OK; /* not using IPv6 */ 2520 return GNUNET_OK; /* not using IPv6 */
2719 2521
2720 bi = GNUNET_new (struct BroadcastInterface); 2522 bi = GNUNET_new (struct BroadcastInterface);
2721 bi->sa = GNUNET_memdup (addr, 2523 bi->sa = GNUNET_memdup (addr, addrlen);
2722 addrlen);
2723 if (NULL != broadcast_addr) 2524 if (NULL != broadcast_addr)
2724 bi->ba = GNUNET_memdup (broadcast_addr, 2525 bi->ba = GNUNET_memdup (broadcast_addr, addrlen);
2725 addrlen);
2726 bi->salen = addrlen; 2526 bi->salen = addrlen;
2727 bi->found = GNUNET_YES; 2527 bi->found = GNUNET_YES;
2728 bi->bcm.sender = my_identity; 2528 bi->bcm.sender = my_identity;
2729 ubs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST); 2529 ubs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST);
2730 ubs.purpose.size = htonl (sizeof (ubs)); 2530 ubs.purpose.size = htonl (sizeof (ubs));
2731 ubs.sender = my_identity; 2531 ubs.sender = my_identity;
2732 GNUNET_CRYPTO_hash (addr, 2532 GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
2733 addrlen, 2533 GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
2734 &ubs.h_address); 2534 &ubs.purpose,
2735 GNUNET_assert (GNUNET_OK == 2535 &bi->bcm.sender_sig));
2736 GNUNET_CRYPTO_eddsa_sign (my_private_key, 2536 bi->broadcast_task = GNUNET_SCHEDULER_add_now (&ifc_broadcast, bi);
2737 &ubs.purpose, 2537 GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
2738 &bi->bcm.sender_sig)); 2538 if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
2739 bi->broadcast_task = GNUNET_SCHEDULER_add_now (&ifc_broadcast,
2740 bi);
2741 GNUNET_CONTAINER_DLL_insert (bi_head,
2742 bi_tail,
2743 bi);
2744 if ( (AF_INET6 == addr->sa_family) &&
2745 (NULL != broadcast_addr) )
2746 { 2539 {
2747 /* Create IPv6 multicast request */ 2540 /* Create IPv6 multicast request */
2748 const struct sockaddr_in6 *s6 2541 const struct sockaddr_in6 *s6 =
2749 = (const struct sockaddr_in6 *) broadcast_addr; 2542 (const struct sockaddr_in6 *) broadcast_addr;
2750 2543
2751 GNUNET_assert (1 == 2544 GNUNET_assert (
2752 inet_pton (AF_INET6, 2545 1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
2753 "FF05::13B",
2754 &bi->mcreq.ipv6mr_multiaddr));
2755 2546
2756 /* http://tools.ietf.org/html/rfc2553#section-5.2: 2547 /* http://tools.ietf.org/html/rfc2553#section-5.2:
2757 * 2548 *
@@ -2767,16 +2558,13 @@ iface_proc (void *cls,
2767 bi->mcreq.ipv6mr_interface = s6->sin6_scope_id; 2558 bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
2768 2559
2769 /* Join the multicast group */ 2560 /* Join the multicast group */
2770 if (GNUNET_OK != 2561 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
2771 GNUNET_NETWORK_socket_setsockopt 2562 IPPROTO_IPV6,
2772 (udp_sock, 2563 IPV6_JOIN_GROUP,
2773 IPPROTO_IPV6, 2564 &bi->mcreq,
2774 IPV6_JOIN_GROUP, 2565 sizeof (bi->mcreq)))
2775 &bi->mcreq,
2776 sizeof (bi->mcreq)))
2777 { 2566 {
2778 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, 2567 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
2779 "setsockopt");
2780 } 2568 }
2781 } 2569 }
2782 return GNUNET_OK; 2570 return GNUNET_OK;
@@ -2794,24 +2582,18 @@ do_broadcast (void *cls)
2794 struct BroadcastInterface *bin; 2582 struct BroadcastInterface *bin;
2795 2583
2796 (void) cls; 2584 (void) cls;
2797 for (struct BroadcastInterface *bi = bi_head; 2585 for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
2798 NULL != bi;
2799 bi = bi->next)
2800 bi->found = GNUNET_NO; 2586 bi->found = GNUNET_NO;
2801 GNUNET_OS_network_interfaces_list (&iface_proc, 2587 GNUNET_OS_network_interfaces_list (&iface_proc, NULL);
2802 NULL); 2588 for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
2803 for (struct BroadcastInterface *bi = bi_head;
2804 NULL != bi;
2805 bi = bin)
2806 { 2589 {
2807 bin = bi->next; 2590 bin = bi->next;
2808 if (GNUNET_NO == bi->found) 2591 if (GNUNET_NO == bi->found)
2809 bi_destroy (bi); 2592 bi_destroy (bi);
2810 } 2593 }
2811 broadcast_task 2594 broadcast_task = GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY,
2812 = GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY, 2595 &do_broadcast,
2813 &do_broadcast, 2596 NULL);
2814 NULL);
2815} 2597}
2816 2598
2817 2599
@@ -2842,44 +2624,36 @@ run (void *cls,
2842 COMMUNICATOR_CONFIG_SECTION, 2624 COMMUNICATOR_CONFIG_SECTION,
2843 "BINDTO", 2625 "BINDTO",
2844 &bindto)) 2626 &bindto))
2845 { 2627 {
2846 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, 2628 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
2847 COMMUNICATOR_CONFIG_SECTION, 2629 COMMUNICATOR_CONFIG_SECTION,
2848 "BINDTO"); 2630 "BINDTO");
2849 return; 2631 return;
2850 } 2632 }
2851 2633
2852 in = udp_address_to_sockaddr (bindto, 2634 in = udp_address_to_sockaddr (bindto, &in_len);
2853 &in_len);
2854 if (NULL == in) 2635 if (NULL == in)
2855 { 2636 {
2856 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2637 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2857 "Failed to setup UDP socket address with path `%s'\n", 2638 "Failed to setup UDP socket address with path `%s'\n",
2858 bindto); 2639 bindto);
2859 GNUNET_free (bindto); 2640 GNUNET_free (bindto);
2860 return; 2641 return;
2861 } 2642 }
2862 udp_sock = GNUNET_NETWORK_socket_create (in->sa_family, 2643 udp_sock =
2863 SOCK_DGRAM, 2644 GNUNET_NETWORK_socket_create (in->sa_family, SOCK_DGRAM, IPPROTO_UDP);
2864 IPPROTO_UDP);
2865 if (NULL == udp_sock) 2645 if (NULL == udp_sock)
2866 { 2646 {
2867 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, 2647 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "socket");
2868 "socket");
2869 GNUNET_free (in); 2648 GNUNET_free (in);
2870 GNUNET_free (bindto); 2649 GNUNET_free (bindto);
2871 return; 2650 return;
2872 } 2651 }
2873 if (AF_INET6 == in->sa_family) 2652 if (AF_INET6 == in->sa_family)
2874 have_v6_socket = GNUNET_YES; 2653 have_v6_socket = GNUNET_YES;
2875 if (GNUNET_OK != 2654 if (GNUNET_OK != GNUNET_NETWORK_socket_bind (udp_sock, in, in_len))
2876 GNUNET_NETWORK_socket_bind (udp_sock,
2877 in,
2878 in_len))
2879 { 2655 {
2880 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, 2656 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "bind", bindto);
2881 "bind",
2882 bindto);
2883 GNUNET_NETWORK_socket_close (udp_sock); 2657 GNUNET_NETWORK_socket_close (udp_sock);
2884 udp_sock = NULL; 2658 udp_sock = NULL;
2885 GNUNET_free (in); 2659 GNUNET_free (in);
@@ -2893,9 +2667,7 @@ run (void *cls,
2893 (struct sockaddr *) &in_sto, 2667 (struct sockaddr *) &in_sto,
2894 &sto_len)) 2668 &sto_len))
2895 { 2669 {
2896 memcpy (&in_sto, 2670 memcpy (&in_sto, in, in_len);
2897 in,
2898 in_len);
2899 sto_len = in_len; 2671 sto_len = in_len;
2900 } 2672 }
2901 GNUNET_free (in); 2673 GNUNET_free (in);
@@ -2904,8 +2676,7 @@ run (void *cls,
2904 in_len = sto_len; 2676 in_len = sto_len;
2905 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2677 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2906 "Bound to `%s'\n", 2678 "Bound to `%s'\n",
2907 GNUNET_a2s ((const struct sockaddr *) &in_sto, 2679 GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
2908 sto_len));
2909 switch (in->sa_family) 2680 switch (in->sa_family)
2910 { 2681 {
2911 case AF_INET: 2682 case AF_INET:
@@ -2918,29 +2689,26 @@ run (void *cls,
2918 GNUNET_break (0); 2689 GNUNET_break (0);
2919 my_port = 0; 2690 my_port = 0;
2920 } 2691 }
2921 stats = GNUNET_STATISTICS_create ("C-UDP", 2692 stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
2922 cfg); 2693 senders = GNUNET_CONTAINER_multipeermap_create (32, GNUNET_YES);
2923 senders = GNUNET_CONTAINER_multipeermap_create (32, 2694 receivers = GNUNET_CONTAINER_multipeermap_create (32, GNUNET_YES);
2924 GNUNET_YES);
2925 receivers = GNUNET_CONTAINER_multipeermap_create (32,
2926 GNUNET_YES);
2927 senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); 2695 senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2928 receivers_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); 2696 receivers_heap =
2929 key_cache = GNUNET_CONTAINER_multishortmap_create (1024, 2697 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2930 GNUNET_YES); 2698 key_cache = GNUNET_CONTAINER_multishortmap_create (1024, GNUNET_YES);
2931 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, 2699 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
2932 NULL);
2933 is = GNUNET_NT_scanner_init (); 2700 is = GNUNET_NT_scanner_init ();
2934 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg); 2701 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg);
2935 if (NULL == my_private_key) 2702 if (NULL == my_private_key)
2936 { 2703 {
2937 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, 2704 GNUNET_log (
2938 _("Transport service is lacking key configuration settings. Exiting.\n")); 2705 GNUNET_ERROR_TYPE_ERROR,
2706 _ (
2707 "Transport service is lacking key configuration settings. Exiting.\n"));
2939 GNUNET_SCHEDULER_shutdown (); 2708 GNUNET_SCHEDULER_shutdown ();
2940 return; 2709 return;
2941 } 2710 }
2942 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, 2711 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, &my_identity.public_key);
2943 &my_identity.public_key);
2944 /* start reading */ 2712 /* start reading */
2945 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, 2713 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2946 udp_sock, 2714 udp_sock,
@@ -2973,8 +2741,7 @@ run (void *cls,
2973 COMMUNICATOR_CONFIG_SECTION, 2741 COMMUNICATOR_CONFIG_SECTION,
2974 "DISABLE_BROADCAST")) 2742 "DISABLE_BROADCAST"))
2975 { 2743 {
2976 broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, 2744 broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
2977 NULL);
2978 } 2745 }
2979 nat = GNUNET_NAT_register (cfg, 2746 nat = GNUNET_NAT_register (cfg,
2980 COMMUNICATOR_CONFIG_SECTION, 2747 COMMUNICATOR_CONFIG_SECTION,
@@ -2996,28 +2763,25 @@ run (void *cls,
2996 * @return 0 ok, 1 on error 2763 * @return 0 ok, 1 on error
2997 */ 2764 */
2998int 2765int
2999main (int argc, 2766main (int argc, char *const *argv)
3000 char *const *argv)
3001{ 2767{
3002 static const struct GNUNET_GETOPT_CommandLineOption options[] = { 2768 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
3003 GNUNET_GETOPT_OPTION_END 2769 GNUNET_GETOPT_OPTION_END};
3004 };
3005 int ret; 2770 int ret;
3006 2771
3007 if (GNUNET_OK != 2772 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
3008 GNUNET_STRINGS_get_utf8_args (argc, argv,
3009 &argc, &argv))
3010 return 2; 2773 return 2;
3011 2774
3012 ret = 2775 ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
3013 (GNUNET_OK == 2776 argv,
3014 GNUNET_PROGRAM_run (argc, argv, 2777 "gnunet-communicator-udp",
3015 "gnunet-communicator-udp", 2778 _ ("GNUnet UDP communicator"),
3016 _("GNUnet UDP communicator"), 2779 options,
3017 options, 2780 &run,
3018 &run, 2781 NULL))
3019 NULL)) ? 0 : 1; 2782 ? 0
3020 GNUNET_free ((void*) argv); 2783 : 1;
2784 GNUNET_free ((void *) argv);
3021 return ret; 2785 return ret;
3022} 2786}
3023 2787
diff --git a/src/transport/gnunet-service-tng.c b/src/transport/gnunet-service-tng.c
index d3c3defec..3381f886f 100644
--- a/src/transport/gnunet-service-tng.c
+++ b/src/transport/gnunet-service-tng.c
@@ -385,7 +385,7 @@ struct EphemeralConfirmationPS
385 * communicators must protect against replay attacks when using backchannel 385 * communicators must protect against replay attacks when using backchannel
386 * communication! 386 * communication!
387 */ 387 */
388 struct GNUNET_TIME_AbsoluteNBO ephemeral_validity; 388 struct GNUNET_TIME_AbsoluteNBO sender_monotonic_time;
389 389
390 /** 390 /**
391 * Target's peer identity. 391 * Target's peer identity.
@@ -419,22 +419,6 @@ struct TransportBackchannelRequestPayloadP
419 struct GNUNET_CRYPTO_EddsaSignature sender_sig; 419 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
420 420
421 /** 421 /**
422 * How long is this signature over the ephemeral key valid?
423 *
424 * Note that the receiver MUST IGNORE the absolute time, and only interpret
425 * the value as a mononic time and reject "older" values than the last one
426 * observed. This is necessary as we do not want to require synchronized
427 * clocks and may not have a bidirectional communication channel.
428 *
429 * Even with this, there is no real guarantee against replay achieved here,
430 * unless the latest timestamp is persisted. While persistence should be
431 * provided via PEERSTORE, we do not consider the mechanism reliable! Thus,
432 * communicators must protect against replay attacks when using backchannel
433 * communication!
434 */
435 struct GNUNET_TIME_AbsoluteNBO ephemeral_validity;
436
437 /**
438 * Current monotonic time of the sending transport service. Used to 422 * Current monotonic time of the sending transport service. Used to
439 * detect replayed messages. Note that the receiver should remember 423 * detect replayed messages. Note that the receiver should remember
440 * a list of the recently seen timestamps and only reject messages 424 * a list of the recently seen timestamps and only reject messages
@@ -1020,6 +1004,11 @@ struct EphemeralCacheEntry
1020 struct GNUNET_TIME_Absolute ephemeral_validity; 1004 struct GNUNET_TIME_Absolute ephemeral_validity;
1021 1005
1022 /** 1006 /**
1007 * What time was @e sender_sig created
1008 */
1009 struct GNUNET_TIME_Absolute monotime;
1010
1011 /**
1023 * Our ephemeral key. 1012 * Our ephemeral key.
1024 */ 1013 */
1025 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key; 1014 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
@@ -3914,14 +3903,14 @@ expire_ephemerals (void *cls)
3914 * @param private_key[out] set to the private key 3903 * @param private_key[out] set to the private key
3915 * @param ephemeral_key[out] set to the key 3904 * @param ephemeral_key[out] set to the key
3916 * @param ephemeral_sender_sig[out] set to the signature 3905 * @param ephemeral_sender_sig[out] set to the signature
3917 * @param ephemeral_validity[out] set to the validity expiration time 3906 * @param monotime[out] set to the monotime used for the signature
3918 */ 3907 */
3919static void 3908static void
3920lookup_ephemeral (const struct GNUNET_PeerIdentity *pid, 3909lookup_ephemeral (const struct GNUNET_PeerIdentity *pid,
3921 struct GNUNET_CRYPTO_EcdhePrivateKey *private_key, 3910 struct GNUNET_CRYPTO_EcdhePrivateKey *private_key,
3922 struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, 3911 struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key,
3923 struct GNUNET_CRYPTO_EddsaSignature *ephemeral_sender_sig, 3912 struct GNUNET_CRYPTO_EddsaSignature *ephemeral_sender_sig,
3924 struct GNUNET_TIME_Absolute *ephemeral_validity) 3913 struct GNUNET_TIME_Absolute *monotime)
3925{ 3914{
3926 struct EphemeralCacheEntry *ece; 3915 struct EphemeralCacheEntry *ece;
3927 struct EphemeralConfirmationPS ec; 3916 struct EphemeralConfirmationPS ec;
@@ -3938,9 +3927,9 @@ lookup_ephemeral (const struct GNUNET_PeerIdentity *pid,
3938 { 3927 {
3939 ece = GNUNET_new (struct EphemeralCacheEntry); 3928 ece = GNUNET_new (struct EphemeralCacheEntry);
3940 ece->target = *pid; 3929 ece->target = *pid;
3930 ece->monotime = GNUNET_TIME_absolute_get_monotonic (GST_cfg);
3941 ece->ephemeral_validity = 3931 ece->ephemeral_validity =
3942 GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get_monotonic (GST_cfg), 3932 GNUNET_TIME_absolute_add (ece->monotime, EPHEMERAL_VALIDITY);
3943 EPHEMERAL_VALIDITY);
3944 GNUNET_assert (GNUNET_OK == 3933 GNUNET_assert (GNUNET_OK ==
3945 GNUNET_CRYPTO_ecdhe_key_create2 (&ece->private_key)); 3934 GNUNET_CRYPTO_ecdhe_key_create2 (&ece->private_key));
3946 GNUNET_CRYPTO_ecdhe_key_get_public (&ece->private_key, &ece->ephemeral_key); 3935 GNUNET_CRYPTO_ecdhe_key_get_public (&ece->private_key, &ece->ephemeral_key);
@@ -3969,7 +3958,7 @@ lookup_ephemeral (const struct GNUNET_PeerIdentity *pid,
3969 *private_key = ece->private_key; 3958 *private_key = ece->private_key;
3970 *ephemeral_key = ece->ephemeral_key; 3959 *ephemeral_key = ece->ephemeral_key;
3971 *ephemeral_sender_sig = ece->sender_sig; 3960 *ephemeral_sender_sig = ece->sender_sig;
3972 *ephemeral_validity = ece->ephemeral_validity; 3961 *monotime = ece->monotime;
3973} 3962}
3974 3963
3975 3964
@@ -4410,7 +4399,7 @@ handle_communicator_backchannel (
4410{ 4399{
4411 struct TransportClient *tc = cls; 4400 struct TransportClient *tc = cls;
4412 struct GNUNET_CRYPTO_EcdhePrivateKey private_key; 4401 struct GNUNET_CRYPTO_EcdhePrivateKey private_key;
4413 struct GNUNET_TIME_Absolute ephemeral_validity; 4402 struct GNUNET_TIME_Absolute monotime;
4414 struct TransportBackchannelEncapsulationMessage *enc; 4403 struct TransportBackchannelEncapsulationMessage *enc;
4415 struct TransportBackchannelRequestPayloadP ppay; 4404 struct TransportBackchannelRequestPayloadP ppay;
4416 struct BackchannelKeyState key; 4405 struct BackchannelKeyState key;
@@ -4429,14 +4418,12 @@ handle_communicator_backchannel (
4429 &private_key, 4418 &private_key,
4430 &enc->ephemeral_key, 4419 &enc->ephemeral_key,
4431 &ppay.sender_sig, 4420 &ppay.sender_sig,
4432 &ephemeral_validity); 4421 &monotime);
4433 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, 4422 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
4434 &enc->iv, 4423 &enc->iv,
4435 sizeof (enc->iv)); 4424 sizeof (enc->iv));
4436 dh_key_derive_eph_pid (&private_key, &cb->pid, &enc->iv, &key); 4425 dh_key_derive_eph_pid (&private_key, &cb->pid, &enc->iv, &key);
4437 ppay.ephemeral_validity = GNUNET_TIME_absolute_hton (ephemeral_validity); 4426 ppay.monotonic_time = GNUNET_TIME_absolute_hton (monotime);
4438 ppay.monotonic_time =
4439 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (GST_cfg));
4440 mpos = (char *) &enc[1]; 4427 mpos = (char *) &enc[1];
4441 bc_encrypt (&key, &ppay, mpos, sizeof (ppay)); 4428 bc_encrypt (&key, &ppay, mpos, sizeof (ppay));
4442 bc_encrypt (&key, 4429 bc_encrypt (&key,