diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-04-20 19:08:23 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2020-04-20 19:08:23 +0200 |
commit | c20768b8b09fabaa3c2330cde381e894b1f90efb (patch) | |
tree | 62bca41b94c3280a09abbf9db8b50da5f354b691 | |
parent | 424cd50ecd0144b264a547fe149839cf2866c21f (diff) | |
download | gnunet-c20768b8b09fabaa3c2330cde381e894b1f90efb.tar.gz gnunet-c20768b8b09fabaa3c2330cde381e894b1f90efb.zip |
include buffer of 10& of epoch
-rw-r--r-- | src/include/gnunet_revocation_service.h | 6 | ||||
-rw-r--r-- | src/revocation/gnunet-revocation.c | 19 | ||||
-rw-r--r-- | src/revocation/gnunet-service-revocation.c | 24 | ||||
-rw-r--r-- | src/revocation/plugin_block_revocation.c | 12 | ||||
-rw-r--r-- | src/revocation/revocation_api.c | 70 |
5 files changed, 104 insertions, 27 deletions
diff --git a/src/include/gnunet_revocation_service.h b/src/include/gnunet_revocation_service.h index 5c2ce91de..6bd2e88d3 100644 --- a/src/include/gnunet_revocation_service.h +++ b/src/include/gnunet_revocation_service.h | |||
@@ -177,11 +177,13 @@ GNUNET_REVOCATION_revoke_cancel (struct GNUNET_REVOCATION_Handle *h); | |||
177 | * | 177 | * |
178 | * @param pow proof of work | 178 | * @param pow proof of work |
179 | * @param matching_bits how many bits must match (configuration) | 179 | * @param matching_bits how many bits must match (configuration) |
180 | * @return number of epochs valid if the @a pow is acceptable, -1 if not | 180 | * @param epoch_length length of single epoch in configuration |
181 | * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not | ||
181 | */ | 182 | */ |
182 | int | 183 | int |
183 | GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, | 184 | GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, |
184 | unsigned int matching_bits); | 185 | unsigned int matching_bits, |
186 | struct GNUNET_TIME_Relative epoch_length); | ||
185 | 187 | ||
186 | 188 | ||
187 | 189 | ||
diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index 5f3df0ee0..d290d34c7 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c | |||
@@ -347,7 +347,6 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) | |||
347 | struct GNUNET_CRYPTO_EcdsaPublicKey key; | 347 | struct GNUNET_CRYPTO_EcdsaPublicKey key; |
348 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; | 348 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *privkey; |
349 | struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL; | 349 | struct GNUNET_REVOCATION_PowCalculationHandle *ph = NULL; |
350 | int epochs; | ||
351 | 350 | ||
352 | el = NULL; | 351 | el = NULL; |
353 | if (NULL == ego) | 352 | if (NULL == ego) |
@@ -373,19 +372,12 @@ ego_callback (void *cls, const struct GNUNET_IDENTITY_Ego *ego) | |||
373 | GNUNET_free (pow); | 372 | GNUNET_free (pow); |
374 | return; | 373 | return; |
375 | } | 374 | } |
376 | if (0 < (epochs = | 375 | if (GNUNET_YES == |
377 | GNUNET_REVOCATION_check_pow (pow, | 376 | GNUNET_REVOCATION_check_pow (pow, |
378 | (unsigned int) matching_bits))) | 377 | (unsigned int) matching_bits, |
378 | epoch_length)) | ||
379 | { | 379 | { |
380 | struct GNUNET_TIME_Absolute ts; | ||
381 | struct GNUNET_TIME_Relative ttl; | ||
382 | ts = GNUNET_TIME_absolute_ntoh (pow->timestamp); | ||
383 | ttl = GNUNET_TIME_relative_multiply (epoch_length, | ||
384 | epochs); | ||
385 | fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); | 380 | fprintf (stderr, "%s", _ ("Revocation certificate ready\n")); |
386 | fprintf (stderr, "%s %s for %s\n", _ ("Valid from"), | ||
387 | GNUNET_STRINGS_absolute_time_to_string (ts), | ||
388 | GNUNET_STRINGS_relative_time_to_string (ttl, GNUNET_NO)); | ||
389 | if (perform) | 381 | if (perform) |
390 | perform_revocation (pow); | 382 | perform_revocation (pow); |
391 | else | 383 | else |
@@ -499,9 +491,10 @@ run (void *cls, | |||
499 | return; | 491 | return; |
500 | } | 492 | } |
501 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 493 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
502 | if (0 >= | 494 | if (GNUNET_YES != |
503 | GNUNET_REVOCATION_check_pow (&pow, | 495 | GNUNET_REVOCATION_check_pow (&pow, |
504 | (unsigned int) matching_bits)) | 496 | (unsigned int) matching_bits, |
497 | epoch_length)) | ||
505 | { | 498 | { |
506 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; | 499 | struct GNUNET_REVOCATION_PowCalculationHandle *ph; |
507 | ph = GNUNET_REVOCATION_pow_init2 (&pow, | 500 | ph = GNUNET_REVOCATION_pow_init2 (&pow, |
diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 4746a7698..bd35b1055 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c | |||
@@ -129,6 +129,11 @@ static struct GNUNET_SET_ListenHandle *revocation_union_listen_handle; | |||
129 | static unsigned long long revocation_work_required; | 129 | static unsigned long long revocation_work_required; |
130 | 130 | ||
131 | /** | 131 | /** |
132 | * Length of an expiration expoch | ||
133 | */ | ||
134 | static struct GNUNET_TIME_Relative epoch_length; | ||
135 | |||
136 | /** | ||
132 | * Our application ID for set union operations. Must be the | 137 | * Our application ID for set union operations. Must be the |
133 | * same for all (compatible) peers. | 138 | * same for all (compatible) peers. |
134 | */ | 139 | */ |
@@ -167,8 +172,9 @@ new_peer_entry (const struct GNUNET_PeerIdentity *peer) | |||
167 | static int | 172 | static int |
168 | verify_revoke_message (const struct RevokeMessage *rm) | 173 | verify_revoke_message (const struct RevokeMessage *rm) |
169 | { | 174 | { |
170 | if (0 >= GNUNET_REVOCATION_check_pow (&rm->proof_of_work, | 175 | if (GNUNET_YES != GNUNET_REVOCATION_check_pow (&rm->proof_of_work, |
171 | (unsigned int) revocation_work_required)) | 176 | (unsigned int) revocation_work_required, |
177 | epoch_length)) | ||
172 | { | 178 | { |
173 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 179 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
174 | "Proof of work invalid!\n"); | 180 | "Proof of work invalid!\n"); |
@@ -846,6 +852,20 @@ run (void *cls, | |||
846 | GNUNET_free (fn); | 852 | GNUNET_free (fn); |
847 | return; | 853 | return; |
848 | } | 854 | } |
855 | if (GNUNET_OK != | ||
856 | GNUNET_CONFIGURATION_get_value_time (cfg, | ||
857 | "REVOCATION", | ||
858 | "EPOCH_LENGTH", | ||
859 | &epoch_length)) | ||
860 | { | ||
861 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, | ||
862 | "REVOCATION", | ||
863 | "EPOCH_LENGTH"); | ||
864 | GNUNET_SCHEDULER_shutdown (); | ||
865 | GNUNET_free (fn); | ||
866 | return; | ||
867 | } | ||
868 | |||
849 | revocation_set = GNUNET_SET_create (cfg, | 869 | revocation_set = GNUNET_SET_create (cfg, |
850 | GNUNET_SET_OPERATION_UNION); | 870 | GNUNET_SET_OPERATION_UNION); |
851 | revocation_union_listen_handle | 871 | revocation_union_listen_handle |
diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 7c1ec26eb..f384cfe1d 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c | |||
@@ -52,6 +52,7 @@ | |||
52 | struct InternalContext | 52 | struct InternalContext |
53 | { | 53 | { |
54 | unsigned int matching_bits; | 54 | unsigned int matching_bits; |
55 | struct GNUNET_TIME_Relative epoch_length; | ||
55 | }; | 56 | }; |
56 | 57 | ||
57 | 58 | ||
@@ -144,7 +145,8 @@ block_plugin_revocation_evaluate (void *cls, | |||
144 | } | 145 | } |
145 | if (0 >= | 146 | if (0 >= |
146 | GNUNET_REVOCATION_check_pow (&rm->proof_of_work, | 147 | GNUNET_REVOCATION_check_pow (&rm->proof_of_work, |
147 | ic->matching_bits)) | 148 | ic->matching_bits, |
149 | ic->epoch_length)) | ||
148 | { | 150 | { |
149 | GNUNET_break_op (0); | 151 | GNUNET_break_op (0); |
150 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 152 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
@@ -208,6 +210,7 @@ libgnunet_plugin_block_revocation_init (void *cls) | |||
208 | struct GNUNET_BLOCK_PluginFunctions *api; | 210 | struct GNUNET_BLOCK_PluginFunctions *api; |
209 | struct InternalContext *ic; | 211 | struct InternalContext *ic; |
210 | unsigned long long matching_bits; | 212 | unsigned long long matching_bits; |
213 | struct GNUNET_TIME_Relative epoch_length; | ||
211 | 214 | ||
212 | if (GNUNET_OK != | 215 | if (GNUNET_OK != |
213 | GNUNET_CONFIGURATION_get_value_number (cfg, | 216 | GNUNET_CONFIGURATION_get_value_number (cfg, |
@@ -215,6 +218,12 @@ libgnunet_plugin_block_revocation_init (void *cls) | |||
215 | "WORKBITS", | 218 | "WORKBITS", |
216 | &matching_bits)) | 219 | &matching_bits)) |
217 | return NULL; | 220 | return NULL; |
221 | if (GNUNET_OK != | ||
222 | GNUNET_CONFIGURATION_get_value_time (cfg, | ||
223 | "REVOCATION", | ||
224 | "EPOCH_LENGTH", | ||
225 | &epoch_length)) | ||
226 | return NULL; | ||
218 | 227 | ||
219 | api = GNUNET_new (struct GNUNET_BLOCK_PluginFunctions); | 228 | api = GNUNET_new (struct GNUNET_BLOCK_PluginFunctions); |
220 | api->evaluate = &block_plugin_revocation_evaluate; | 229 | api->evaluate = &block_plugin_revocation_evaluate; |
@@ -223,6 +232,7 @@ libgnunet_plugin_block_revocation_init (void *cls) | |||
223 | api->types = types; | 232 | api->types = types; |
224 | ic = GNUNET_new (struct InternalContext); | 233 | ic = GNUNET_new (struct InternalContext); |
225 | ic->matching_bits = (unsigned int) matching_bits; | 234 | ic->matching_bits = (unsigned int) matching_bits; |
235 | ic->epoch_length = epoch_length; | ||
226 | api->cls = ic; | 236 | api->cls = ic; |
227 | return api; | 237 | return api; |
228 | } | 238 | } |
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index 2979e7400..fe600ec7a 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -311,21 +311,41 @@ GNUNET_REVOCATION_revoke (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
311 | GNUNET_MQ_handler_end () | 311 | GNUNET_MQ_handler_end () |
312 | }; | 312 | }; |
313 | unsigned long long matching_bits; | 313 | unsigned long long matching_bits; |
314 | struct GNUNET_TIME_Relative epoch_length; | ||
314 | struct RevokeMessage *rm; | 315 | struct RevokeMessage *rm; |
315 | struct GNUNET_MQ_Envelope *env; | 316 | struct GNUNET_MQ_Envelope *env; |
316 | 317 | ||
317 | if ((GNUNET_OK == | 318 | if ((GNUNET_OK != |
318 | GNUNET_CONFIGURATION_get_value_number (cfg, | 319 | GNUNET_CONFIGURATION_get_value_number (cfg, |
319 | "REVOCATION", | 320 | "REVOCATION", |
320 | "WORKBITS", | 321 | "WORKBITS", |
321 | &matching_bits)) && | 322 | &matching_bits))) |
322 | (0 >= GNUNET_REVOCATION_check_pow (pow, (unsigned int) matching_bits))) | 323 | { |
324 | GNUNET_break (0); | ||
325 | GNUNET_free (h); | ||
326 | return NULL; | ||
327 | } | ||
328 | if ((GNUNET_OK != | ||
329 | GNUNET_CONFIGURATION_get_value_time (cfg, | ||
330 | "REVOCATION", | ||
331 | "EPOCH_LENGTH", | ||
332 | &epoch_length))) | ||
333 | { | ||
334 | GNUNET_break (0); | ||
335 | GNUNET_free (h); | ||
336 | return NULL; | ||
337 | } | ||
338 | if (GNUNET_YES != GNUNET_REVOCATION_check_pow (pow, | ||
339 | (unsigned int) matching_bits, | ||
340 | epoch_length)) | ||
323 | { | 341 | { |
324 | GNUNET_break (0); | 342 | GNUNET_break (0); |
325 | GNUNET_free (h); | 343 | GNUNET_free (h); |
326 | return NULL; | 344 | return NULL; |
327 | } | 345 | } |
328 | 346 | ||
347 | |||
348 | |||
329 | h->mq = GNUNET_CLIENT_connect (cfg, | 349 | h->mq = GNUNET_CLIENT_connect (cfg, |
330 | "revocation", | 350 | "revocation", |
331 | handlers, | 351 | handlers, |
@@ -408,16 +428,21 @@ calculate_score (const struct GNUNET_REVOCATION_PowCalculationHandle *ph) | |||
408 | * @param ts revocation timestamp | 428 | * @param ts revocation timestamp |
409 | * @param pow proof of work value | 429 | * @param pow proof of work value |
410 | * @param matching_bits how many bits must match (configuration) | 430 | * @param matching_bits how many bits must match (configuration) |
411 | * @return number of epochs valid if the @a pow is acceptable, -1 if not | 431 | * @return GNUNET_YES if the @a pow is acceptable, GNUNET_NO if not |
412 | */ | 432 | */ |
413 | int | 433 | int |
414 | GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, | 434 | GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, |
415 | unsigned int difficulty) | 435 | unsigned int difficulty, |
436 | struct GNUNET_TIME_Relative epoch_length) | ||
416 | { | 437 | { |
417 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) | 438 | char buf[sizeof(struct GNUNET_CRYPTO_EcdsaPublicKey) |
418 | + sizeof (uint64_t) | 439 | + sizeof (uint64_t) |
419 | + sizeof (uint64_t)] GNUNET_ALIGN; | 440 | + sizeof (uint64_t)] GNUNET_ALIGN; |
420 | struct GNUNET_HashCode result; | 441 | struct GNUNET_HashCode result; |
442 | struct GNUNET_TIME_Absolute ts; | ||
443 | struct GNUNET_TIME_Absolute exp; | ||
444 | struct GNUNET_TIME_Relative ttl; | ||
445 | struct GNUNET_TIME_Relative buffer; | ||
421 | unsigned int score = 0; | 446 | unsigned int score = 0; |
422 | unsigned int tmp_score = 0; | 447 | unsigned int tmp_score = 0; |
423 | unsigned int epochs; | 448 | unsigned int epochs; |
@@ -434,7 +459,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, | |||
434 | { | 459 | { |
435 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 460 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
436 | "Proof of work signature invalid!\n"); | 461 | "Proof of work signature invalid!\n"); |
437 | return -1; | 462 | return GNUNET_NO; |
438 | } | 463 | } |
439 | 464 | ||
440 | /** | 465 | /** |
@@ -445,7 +470,7 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, | |||
445 | for (unsigned int j = i + 1; j < POW_COUNT; j++) | 470 | for (unsigned int j = i + 1; j < POW_COUNT; j++) |
446 | { | 471 | { |
447 | if (pow->pow[i] == pow->pow[j]) | 472 | if (pow->pow[i] == pow->pow[j]) |
448 | return -1; | 473 | return GNUNET_NO; |
449 | } | 474 | } |
450 | } | 475 | } |
451 | GNUNET_memcpy (&buf[sizeof(uint64_t)], | 476 | GNUNET_memcpy (&buf[sizeof(uint64_t)], |
@@ -471,9 +496,36 @@ GNUNET_REVOCATION_check_pow (const struct GNUNET_REVOCATION_Pow *pow, | |||
471 | } | 496 | } |
472 | score = score / POW_COUNT; | 497 | score = score / POW_COUNT; |
473 | if (score < difficulty) | 498 | if (score < difficulty) |
474 | return -1; | 499 | return GNUNET_NO; |
475 | epochs = score - difficulty; | 500 | epochs = score - difficulty; |
476 | return epochs; | 501 | |
502 | /** | ||
503 | * Check expiration | ||
504 | */ | ||
505 | ts = GNUNET_TIME_absolute_ntoh (pow->timestamp); | ||
506 | ttl = GNUNET_TIME_relative_multiply (epoch_length, | ||
507 | epochs); | ||
508 | /** | ||
509 | * Extend by 10% for unsynchronized clocks | ||
510 | */ | ||
511 | buffer = GNUNET_TIME_relative_divide (epoch_length, | ||
512 | 10); | ||
513 | ts = GNUNET_TIME_absolute_subtract (ts, | ||
514 | buffer); | ||
515 | |||
516 | if (0 != GNUNET_TIME_absolute_get_remaining (ts).rel_value_us) | ||
517 | return GNUNET_NO; /* Not yet valid. */ | ||
518 | /* Revert to actual start time */ | ||
519 | ts = GNUNET_TIME_absolute_add (ts, | ||
520 | buffer); | ||
521 | |||
522 | exp = GNUNET_TIME_absolute_add (ts, ttl); | ||
523 | exp = GNUNET_TIME_absolute_add (exp, | ||
524 | buffer); | ||
525 | |||
526 | if (0 == GNUNET_TIME_absolute_get_remaining (exp).rel_value_us) | ||
527 | return GNUNET_NO; /* expired */ | ||
528 | return GNUNET_YES; | ||
477 | } | 529 | } |
478 | 530 | ||
479 | 531 | ||