diff options
author | t3sserakt <t3ss@posteo.de> | 2024-01-10 11:04:55 +0100 |
---|---|---|
committer | t3sserakt <t3ss@posteo.de> | 2024-01-10 11:04:55 +0100 |
commit | a54d28cd8a4550a5e8345038d451cfd2b936fbba (patch) | |
tree | 085a944a2b2055f77e393a265e13e5b830901951 | |
parent | 1d22f56d16954fb0f1252ae65dfdae6ee69a7ff2 (diff) | |
download | gnunet-a54d28cd8a4550a5e8345038d451cfd2b936fbba.tar.gz gnunet-a54d28cd8a4550a5e8345038d451cfd2b936fbba.zip |
Changed creation of key for kx to be for every notification of transport about a new connected peer.
-rw-r--r-- | src/service/core/gnunet-service-core_kx.c | 106 |
1 files changed, 71 insertions, 35 deletions
diff --git a/src/service/core/gnunet-service-core_kx.c b/src/service/core/gnunet-service-core_kx.c index ca7bccbd9..440c88ca3 100644 --- a/src/service/core/gnunet-service-core_kx.c +++ b/src/service/core/gnunet-service-core_kx.c | |||
@@ -693,6 +693,14 @@ deliver_message (void *cls, const struct GNUNET_MessageHeader *m) | |||
693 | } | 693 | } |
694 | 694 | ||
695 | 695 | ||
696 | static void | ||
697 | do_rekey (void *cls); | ||
698 | |||
699 | |||
700 | static void | ||
701 | sign_ephemeral_key (); | ||
702 | |||
703 | |||
696 | /** | 704 | /** |
697 | * Function called by transport to notify us that | 705 | * Function called by transport to notify us that |
698 | * a peer connected to us (on the network level). | 706 | * a peer connected to us (on the network level). |
@@ -718,33 +726,66 @@ handle_transport_notify_connect (void *cls, | |||
718 | gettext_noop ("# key exchanges initiated"), | 726 | gettext_noop ("# key exchanges initiated"), |
719 | 1, | 727 | 1, |
720 | GNUNET_NO); | 728 | GNUNET_NO); |
721 | kx = GNUNET_new (struct GSC_KeyExchangeInfo); | 729 | for (kx = kx_head; NULL != kx; kx = kx->next) |
722 | kx->mst = GNUNET_MST_create (&deliver_message, kx); | ||
723 | kx->mq = mq; | ||
724 | kx->peer = pid; | ||
725 | kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY; | ||
726 | GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx); | ||
727 | kx->status = GNUNET_CORE_KX_STATE_KEY_SENT; | ||
728 | monitor_notify_all (kx); | ||
729 | GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1); | ||
730 | GNUNET_CRYPTO_hash (&GSC_my_identity, | ||
731 | sizeof(struct GNUNET_PeerIdentity), | ||
732 | &h2); | ||
733 | if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2)) | ||
734 | { | 730 | { |
735 | /* peer with "lower" identity starts KX, otherwise we typically end up | 731 | if (0 == memcmp (pid, kx->peer, sizeof(struct GNUNET_PeerIdentity))) |
736 | with both peers starting the exchange and transmit the 'set key' | 732 | break; |
737 | message twice */ | 733 | } |
738 | send_key (kx); | 734 | if (NULL == kx) |
735 | { | ||
736 | GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key); | ||
737 | sign_ephemeral_key (); | ||
738 | { | ||
739 | struct GNUNET_HashCode eh; | ||
740 | |||
741 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
742 | sizeof(current_ekm.ephemeral_key), | ||
743 | &eh); | ||
744 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
745 | "Starting with ephemeral key %s\n", | ||
746 | GNUNET_h2s (&eh)); | ||
747 | } | ||
748 | kx = GNUNET_new (struct GSC_KeyExchangeInfo); | ||
749 | kx->mst = GNUNET_MST_create (&deliver_message, kx); | ||
750 | kx->mq = mq; | ||
751 | kx->peer = pid; | ||
752 | kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY; | ||
753 | GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx); | ||
754 | kx->status = GNUNET_CORE_KX_STATE_KEY_SENT; | ||
755 | monitor_notify_all (kx); | ||
756 | GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1); | ||
757 | GNUNET_CRYPTO_hash (&GSC_my_identity, | ||
758 | sizeof(struct GNUNET_PeerIdentity), | ||
759 | &h2); | ||
760 | if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2)) | ||
761 | { | ||
762 | /* peer with "lower" identity starts KX, otherwise we typically end up | ||
763 | with both peers starting the exchange and transmit the 'set key' | ||
764 | message twice */ | ||
765 | send_key (kx); | ||
766 | } | ||
767 | else | ||
768 | { | ||
769 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer | ||
770 | * does not start a KX since it sees no reasons to do so */ | ||
771 | kx->retry_set_key_task = | ||
772 | GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, | ||
773 | &set_key_retry_task, | ||
774 | kx); | ||
775 | } | ||
739 | } | 776 | } |
740 | else | 777 | else |
741 | { | 778 | { |
742 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer | 779 | struct GNUNET_TIME_Relative left; |
743 | * does not start a KX since it sees no reasons to do so */ | 780 | |
744 | kx->retry_set_key_task = | 781 | left = GNUNET_TIME_absolute_get_remaining (kx->timeout); |
745 | GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, | 782 | if (0 == left.rel_value_us) |
746 | &set_key_retry_task, | 783 | { |
747 | kx); | 784 | kx->status = GNUNET_CORE_KX_STATE_DOWN; |
785 | } | ||
786 | else | ||
787 | kx->status = GNUNET_CORE_KX_STATE_REKEY_SENT; | ||
788 | do_rekey (NULL); | ||
748 | } | 789 | } |
749 | return kx; | 790 | return kx; |
750 | } | 791 | } |
@@ -1754,6 +1795,12 @@ do_rekey (void *cls) | |||
1754 | { | 1795 | { |
1755 | struct GSC_KeyExchangeInfo *pos; | 1796 | struct GSC_KeyExchangeInfo *pos; |
1756 | 1797 | ||
1798 | (void *) cls; | ||
1799 | if (NULL != rekey_task) | ||
1800 | { | ||
1801 | GNUNET_SCHEDULER_cancel (rekey_task); | ||
1802 | rekey_task = NULL; | ||
1803 | } | ||
1757 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL); | 1804 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL); |
1758 | GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key); | 1805 | GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key); |
1759 | sign_ephemeral_key (); | 1806 | sign_ephemeral_key (); |
@@ -1816,18 +1863,7 @@ GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) | |||
1816 | my_private_key = *pk; | 1863 | my_private_key = *pk; |
1817 | GNUNET_CRYPTO_eddsa_key_get_public (&my_private_key, | 1864 | GNUNET_CRYPTO_eddsa_key_get_public (&my_private_key, |
1818 | &GSC_my_identity.public_key); | 1865 | &GSC_my_identity.public_key); |
1819 | GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key); | 1866 | |
1820 | sign_ephemeral_key (); | ||
1821 | { | ||
1822 | struct GNUNET_HashCode eh; | ||
1823 | |||
1824 | GNUNET_CRYPTO_hash (¤t_ekm.ephemeral_key, | ||
1825 | sizeof(current_ekm.ephemeral_key), | ||
1826 | &eh); | ||
1827 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, | ||
1828 | "Starting with ephemeral key %s\n", | ||
1829 | GNUNET_h2s (&eh)); | ||
1830 | } | ||
1831 | 1867 | ||
1832 | nc = GNUNET_notification_context_create (1); | 1868 | nc = GNUNET_notification_context_create (1); |
1833 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL); | 1869 | rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL); |