diff options
| author | Martin Schanzenbach <schanzen@gnunet.org> | 2024-03-10 16:40:34 +0100 |
|---|---|---|
| committer | t3serakt <t3ss@posteo.de> | 2024-04-10 20:14:52 +0200 |
| commit | ff5d84193b7f30be9c059476525faae38e02f782 (patch) | |
| tree | 3e9b7f73c04ecc6ad2538b55d816bf8a95f26ebf | |
| parent | b78c86f54c3121f189b2735358519c76250481ac (diff) | |
| download | gnunet-ff5d84193b7f30be9c059476525faae38e02f782.tar.gz gnunet-ff5d84193b7f30be9c059476525faae38e02f782.zip | |
transport: fix communicator rekey issues
| -rw-r--r-- | src/service/transport/gnunet-communicator-udp.c | 45 |
1 files changed, 23 insertions, 22 deletions
diff --git a/src/service/transport/gnunet-communicator-udp.c b/src/service/transport/gnunet-communicator-udp.c index 1fc641aed..3d8e980ed 100644 --- a/src/service/transport/gnunet-communicator-udp.c +++ b/src/service/transport/gnunet-communicator-udp.c | |||
| @@ -1490,8 +1490,8 @@ add_acks (struct SharedSecret *ss, int acks_to_add) | |||
| 1490 | 1490 | ||
| 1491 | /* move ss to head to avoid discarding it anytime soon! */ | 1491 | /* move ss to head to avoid discarding it anytime soon! */ |
| 1492 | 1492 | ||
| 1493 | GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss); | 1493 | // GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss); |
| 1494 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); | 1494 | // GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); |
| 1495 | } | 1495 | } |
| 1496 | 1496 | ||
| 1497 | 1497 | ||
| @@ -1701,7 +1701,7 @@ try_handle_plaintext (struct SenderAddress *sender, | |||
| 1701 | ss_rekey->override_available_acks = GNUNET_YES; | 1701 | ss_rekey->override_available_acks = GNUNET_YES; |
| 1702 | // FIXME | 1702 | // FIXME |
| 1703 | kce_generate_cb (ss_rekey); | 1703 | kce_generate_cb (ss_rekey); |
| 1704 | /*ss_rekey->sender->kce_task = GNUNET_SCHEDULER_add_delayed ( | 1704 | /* ss_rekey->sender->kce_task = GNUNET_SCHEDULER_add_delayed ( |
| 1705 | WORKING_QUEUE_INTERVALL, | 1705 | WORKING_QUEUE_INTERVALL, |
| 1706 | kce_generate_cb, | 1706 | kce_generate_cb, |
| 1707 | ss_rekey);*/ | 1707 | ss_rekey);*/ |
| @@ -1709,13 +1709,10 @@ try_handle_plaintext (struct SenderAddress *sender, | |||
| 1709 | buf_pos += ntohs (hdr->size); | 1709 | buf_pos += ntohs (hdr->size); |
| 1710 | bytes_remaining -= ntohs (hdr->size); | 1710 | bytes_remaining -= ntohs (hdr->size); |
| 1711 | pass_plaintext_to_core (sender, buf_pos, bytes_remaining); | 1711 | pass_plaintext_to_core (sender, buf_pos, bytes_remaining); |
| 1712 | if (sender->num_secrets > MAX_SECRETS) | 1712 | if (0 == purge_secrets (sender->ss_tail)) |
| 1713 | { | 1713 | { |
| 1714 | if (0 == purge_secrets (sender->ss_tail)) | 1714 | // No secret purged. Delete oldest. |
| 1715 | { | 1715 | secret_destroy (sender->ss_tail); |
| 1716 | // No secret purged. Delete oldest. | ||
| 1717 | secret_destroy (sender->ss_tail); | ||
| 1718 | } | ||
| 1719 | } | 1716 | } |
| 1720 | break; | 1717 | break; |
| 1721 | case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK: | 1718 | case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK: |
| @@ -2191,13 +2188,10 @@ sock_read (void *cls) | |||
| 2191 | 1, | 2188 | 1, |
| 2192 | GNUNET_NO); | 2189 | GNUNET_NO); |
| 2193 | try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc)); | 2190 | try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc)); |
| 2194 | if (sender->num_secrets > MAX_SECRETS) | 2191 | if (0 == purge_secrets (sender->ss_tail)) |
| 2195 | { | 2192 | { |
| 2196 | if (0 == purge_secrets (sender->ss_tail)) | 2193 | // No secret purged. Delete oldest. |
| 2197 | { | 2194 | secret_destroy (sender->ss_tail); |
| 2198 | // No secret purged. Delete oldest. | ||
| 2199 | secret_destroy (sender->ss_tail); | ||
| 2200 | } | ||
| 2201 | } | 2195 | } |
| 2202 | } | 2196 | } |
| 2203 | } | 2197 | } |
| @@ -2395,13 +2389,10 @@ send_msg_with_kx (const struct GNUNET_MessageHeader *msg, struct | |||
| 2395 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&uhs.ephemeral, NULL, | 2389 | GNUNET_CRYPTO_ecdhe_elligator_decoding (&uhs.ephemeral, NULL, |
| 2396 | &repr); | 2390 | &repr); |
| 2397 | 2391 | ||
| 2398 | if (receiver->num_secrets > MAX_SECRETS) | 2392 | if (0 == purge_secrets (receiver->ss_tail)) |
| 2399 | { | 2393 | { |
| 2400 | if (0 == purge_secrets (receiver->ss_tail)) | 2394 | // No secret purged. Delete oldest. |
| 2401 | { | 2395 | secret_destroy (receiver->ss_tail); |
| 2402 | // No secret purged. Delete oldest. | ||
| 2403 | secret_destroy (receiver->ss_tail); | ||
| 2404 | } | ||
| 2405 | } | 2396 | } |
| 2406 | 2397 | ||
| 2407 | setup_cipher (&ss->master, 0, &out_cipher); | 2398 | setup_cipher (&ss->master, 0, &out_cipher); |
| @@ -2554,13 +2545,20 @@ mq_send_d (struct GNUNET_MQ_Handle *mq, | |||
| 2554 | } | 2545 | } |
| 2555 | } | 2546 | } |
| 2556 | /* begin "BOX" encryption method, scan for ACKs from tail! */ | 2547 | /* begin "BOX" encryption method, scan for ACKs from tail! */ |
| 2557 | for (ss = receiver->ss_tail; NULL != ss; ss = ss->prev) | 2548 | ss = receiver->ss_tail; |
| 2549 | struct SharedSecret *ss_tmp; | ||
| 2550 | while (NULL != ss) | ||
| 2558 | { | 2551 | { |
| 2559 | size_t payload_len = sizeof(struct UDPBox) + receiver->d_mtu; | 2552 | size_t payload_len = sizeof(struct UDPBox) + receiver->d_mtu; |
| 2553 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
| 2554 | "Considering SS %s sequence used: %u sequence allowed: %u bytes sent: %lu.\n", | ||
| 2555 | GNUNET_h2s (&ss->master), ss->sequence_used, | ||
| 2556 | ss->sequence_allowed, ss->bytes_sent); | ||
| 2560 | if (ss->sequence_used >= ss->sequence_allowed) | 2557 | if (ss->sequence_used >= ss->sequence_allowed) |
| 2561 | { | 2558 | { |
| 2562 | // GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2559 | // GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| 2563 | // "Skipping ss because no acks to use.\n"); | 2560 | // "Skipping ss because no acks to use.\n"); |
| 2561 | ss = ss->prev; | ||
| 2564 | continue; | 2562 | continue; |
| 2565 | } | 2563 | } |
| 2566 | if (ss->bytes_sent >= rekey_max_bytes) | 2564 | if (ss->bytes_sent >= rekey_max_bytes) |
| @@ -2568,6 +2566,9 @@ mq_send_d (struct GNUNET_MQ_Handle *mq, | |||
| 2568 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2566 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
| 2569 | "Skipping ss because rekey bytes reached.\n"); | 2567 | "Skipping ss because rekey bytes reached.\n"); |
| 2570 | // FIXME cleanup ss with too many bytes sent! | 2568 | // FIXME cleanup ss with too many bytes sent! |
| 2569 | ss_tmp = ss->prev; | ||
| 2570 | secret_destroy (ss); | ||
| 2571 | ss = ss_tmp; | ||
| 2571 | continue; | 2572 | continue; |
| 2572 | } | 2573 | } |
| 2573 | if (ss->bytes_sent > rekey_max_bytes * 0.7) | 2574 | if (ss->bytes_sent > rekey_max_bytes * 0.7) |