diff options
author | Christian Grothoff <christian@grothoff.org> | 2014-12-14 22:15:55 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2014-12-14 22:15:55 +0000 |
commit | 6c8fa85819a2b02b3c4a175a08c1779283eda209 (patch) | |
tree | 3d635a2aa58f321fbb8779b6e086113558dc1c52 /src/fs/fs_publish.c | |
parent | 6d7c1dd00a193fc054d1f1588ae7c98dc95b6257 (diff) | |
download | gnunet-6c8fa85819a2b02b3c4a175a08c1779283eda209.tar.gz gnunet-6c8fa85819a2b02b3c4a175a08c1779283eda209.zip |
fix key management issue with LOC signing identified in #3559
Diffstat (limited to 'src/fs/fs_publish.c')
-rw-r--r-- | src/fs/fs_publish.c | 148 |
1 files changed, 124 insertions, 24 deletions
diff --git a/src/fs/fs_publish.c b/src/fs/fs_publish.c index beeab8b12..a8a9a220f 100644 --- a/src/fs/fs_publish.c +++ b/src/fs/fs_publish.c | |||
@@ -823,6 +823,116 @@ hash_for_index_cb (void *cls, | |||
823 | 823 | ||
824 | 824 | ||
825 | /** | 825 | /** |
826 | * We've computed the CHK/LOC URI, now publish the KSKs (if applicable). | ||
827 | * | ||
828 | * @param pc publishing context to do this for | ||
829 | */ | ||
830 | static void | ||
831 | publish_kblocks (struct GNUNET_FS_PublishContext *pc) | ||
832 | { | ||
833 | struct GNUNET_FS_FileInformation *p; | ||
834 | |||
835 | p = pc->fi_pos; | ||
836 | /* upload of "p" complete, publish KBlocks! */ | ||
837 | if (NULL != p->keywords) | ||
838 | { | ||
839 | pc->ksk_pc = GNUNET_FS_publish_ksk (pc->h, | ||
840 | p->keywords, | ||
841 | p->meta, | ||
842 | p->chk_uri, | ||
843 | &p->bo, | ||
844 | pc->options, | ||
845 | &publish_kblocks_cont, pc); | ||
846 | } | ||
847 | else | ||
848 | { | ||
849 | publish_kblocks_cont (pc, p->chk_uri, NULL); | ||
850 | } | ||
851 | } | ||
852 | |||
853 | |||
854 | /** | ||
855 | * Process the response (or lack thereof) from | ||
856 | * the "fs" service to our LOC sign request. | ||
857 | * | ||
858 | * @param cls closure (of type `struct GNUNET_FS_PublishContext *`) | ||
859 | * @param msg the response we got | ||
860 | */ | ||
861 | static void | ||
862 | process_signature_response (void *cls, | ||
863 | const struct GNUNET_MessageHeader *msg) | ||
864 | { | ||
865 | struct GNUNET_FS_PublishContext *pc = cls; | ||
866 | const struct ResponseLocSignatureMessage *sig; | ||
867 | struct GNUNET_FS_FileInformation *p; | ||
868 | |||
869 | p = pc->fi_pos; | ||
870 | if (NULL == msg) | ||
871 | { | ||
872 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
873 | _("Can not create LOC URI. Will continue with CHK instead.\n")); | ||
874 | publish_kblocks (pc); | ||
875 | return; | ||
876 | } | ||
877 | if (sizeof (struct ResponseLocSignatureMessage) != | ||
878 | ntohs (msg->size)) | ||
879 | { | ||
880 | GNUNET_break (0); | ||
881 | publish_kblocks (pc); | ||
882 | return; | ||
883 | } | ||
884 | sig = (const struct ResponseLocSignatureMessage *) msg; | ||
885 | p->chk_uri->type = GNUNET_FS_URI_LOC; | ||
886 | /* p->data.loc.fi kept from CHK before */ | ||
887 | p->chk_uri->data.loc.peer = sig->peer; | ||
888 | p->chk_uri->data.loc.expirationTime = GNUNET_TIME_absolute_ntoh (sig->expiration_time); | ||
889 | p->chk_uri->data.loc.contentSignature = sig->signature; | ||
890 | GNUNET_FS_file_information_sync_ (p); | ||
891 | GNUNET_FS_publish_sync_ (pc); | ||
892 | publish_kblocks (pc); | ||
893 | } | ||
894 | |||
895 | |||
896 | /** | ||
897 | * We're publishing without anonymity. Contact the FS service | ||
898 | * to create a signed LOC URI for further processing, then | ||
899 | * continue with KSKs. | ||
900 | * | ||
901 | * @param pc the publishing context do to this for | ||
902 | */ | ||
903 | static void | ||
904 | create_loc_uri (struct GNUNET_FS_PublishContext *pc) | ||
905 | { | ||
906 | struct RequestLocSignatureMessage req; | ||
907 | struct GNUNET_FS_FileInformation *p; | ||
908 | |||
909 | if (NULL == pc->client) | ||
910 | pc->client = GNUNET_CLIENT_connect ("fs", pc->h->cfg); | ||
911 | if (NULL == pc->client) | ||
912 | { | ||
913 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | ||
914 | _("Can not create LOC URI. Will continue with CHK instead.\n")); | ||
915 | publish_kblocks (pc); | ||
916 | return; | ||
917 | } | ||
918 | p = pc->fi_pos; | ||
919 | req.header.size = htons (sizeof (struct RequestLocSignatureMessage)); | ||
920 | req.header.type = htons (GNUNET_MESSAGE_TYPE_FS_REQUEST_LOC_SIGN); | ||
921 | req.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_PEER_PLACEMENT); | ||
922 | req.expiration_time = GNUNET_TIME_absolute_hton (p->bo.expiration_time); | ||
923 | req.chk = p->chk_uri->data.chk.chk; | ||
924 | req.file_length = GNUNET_htonll (p->chk_uri->data.chk.file_length); | ||
925 | GNUNET_break (GNUNET_YES == | ||
926 | GNUNET_CLIENT_transmit_and_get_response (pc->client, | ||
927 | &req.header, | ||
928 | GNUNET_TIME_UNIT_FOREVER_REL, | ||
929 | GNUNET_YES, | ||
930 | &process_signature_response, | ||
931 | pc)); | ||
932 | } | ||
933 | |||
934 | |||
935 | /** | ||
826 | * Main function that performs the upload. | 936 | * Main function that performs the upload. |
827 | * | 937 | * |
828 | * @param cls `struct GNUNET_FS_PublishContext *` identifies the upload | 938 | * @param cls `struct GNUNET_FS_PublishContext *` identifies the upload |
@@ -835,7 +945,6 @@ GNUNET_FS_publish_main_ (void *cls, | |||
835 | struct GNUNET_FS_PublishContext *pc = cls; | 945 | struct GNUNET_FS_PublishContext *pc = cls; |
836 | struct GNUNET_FS_ProgressInfo pi; | 946 | struct GNUNET_FS_ProgressInfo pi; |
837 | struct GNUNET_FS_FileInformation *p; | 947 | struct GNUNET_FS_FileInformation *p; |
838 | struct GNUNET_FS_Uri *loc; | ||
839 | char *fn; | 948 | char *fn; |
840 | 949 | ||
841 | pc->upload_task = GNUNET_SCHEDULER_NO_TASK; | 950 | pc->upload_task = GNUNET_SCHEDULER_NO_TASK; |
@@ -875,13 +984,17 @@ GNUNET_FS_publish_main_ (void *cls, | |||
875 | p = p->dir; | 984 | p = p->dir; |
876 | if (fn != NULL) | 985 | if (fn != NULL) |
877 | { | 986 | { |
878 | GNUNET_asprintf (&p->emsg, _("Recursive upload failed at `%s': %s"), fn, | 987 | GNUNET_asprintf (&p->emsg, |
988 | _("Recursive upload failed at `%s': %s"), | ||
989 | fn, | ||
879 | p->emsg); | 990 | p->emsg); |
880 | GNUNET_free (fn); | 991 | GNUNET_free (fn); |
881 | } | 992 | } |
882 | else | 993 | else |
883 | { | 994 | { |
884 | GNUNET_asprintf (&p->emsg, _("Recursive upload failed: %s"), p->emsg); | 995 | GNUNET_asprintf (&p->emsg, |
996 | _("Recursive upload failed: %s"), | ||
997 | p->emsg); | ||
885 | } | 998 | } |
886 | pi.status = GNUNET_FS_STATUS_PUBLISH_ERROR; | 999 | pi.status = GNUNET_FS_STATUS_PUBLISH_ERROR; |
887 | pi.value.publish.eta = GNUNET_TIME_UNIT_FOREVER_REL; | 1000 | pi.value.publish.eta = GNUNET_TIME_UNIT_FOREVER_REL; |
@@ -897,31 +1010,18 @@ GNUNET_FS_publish_main_ (void *cls, | |||
897 | { | 1010 | { |
898 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 1011 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
899 | "File upload complete, now publishing KSK blocks.\n"); | 1012 | "File upload complete, now publishing KSK blocks.\n"); |
900 | if (0 == p->bo.anonymity_level) | ||
901 | { | ||
902 | /* zero anonymity, box CHK URI in LOC URI */ | ||
903 | loc = GNUNET_FS_uri_loc_create (p->chk_uri, | ||
904 | pc->h->cfg, | ||
905 | p->bo.expiration_time); | ||
906 | GNUNET_FS_uri_destroy (p->chk_uri); | ||
907 | p->chk_uri = loc; | ||
908 | GNUNET_FS_file_information_sync_ (p); | ||
909 | } | ||
910 | GNUNET_FS_publish_sync_ (pc); | 1013 | GNUNET_FS_publish_sync_ (pc); |
911 | /* upload of "p" complete, publish KBlocks! */ | 1014 | |
912 | if (NULL != p->keywords) | 1015 | if ( (0 == p->bo.anonymity_level) && |
1016 | (GNUNET_YES != | ||
1017 | GNUNET_FS_uri_test_loc (p->chk_uri)) ) | ||
913 | { | 1018 | { |
914 | pc->ksk_pc = GNUNET_FS_publish_ksk (pc->h, | 1019 | /* zero anonymity, box CHK URI in LOC URI */ |
915 | p->keywords, | 1020 | create_loc_uri (pc); |
916 | p->meta, | ||
917 | p->chk_uri, | ||
918 | &p->bo, | ||
919 | pc->options, | ||
920 | &publish_kblocks_cont, pc); | ||
921 | } | 1021 | } |
922 | else | 1022 | else |
923 | { | 1023 | { |
924 | publish_kblocks_cont (pc, p->chk_uri, NULL); | 1024 | publish_kblocks (pc); |
925 | } | 1025 | } |
926 | return; | 1026 | return; |
927 | } | 1027 | } |
@@ -1320,7 +1420,7 @@ fip_signal_stop (void *cls, | |||
1320 | pc->skip_next_fi_callback = GNUNET_YES; | 1420 | pc->skip_next_fi_callback = GNUNET_YES; |
1321 | GNUNET_FS_file_information_inspect (fi, &fip_signal_stop, pc); | 1421 | GNUNET_FS_file_information_inspect (fi, &fip_signal_stop, pc); |
1322 | } | 1422 | } |
1323 | if (fi->serialization != NULL) | 1423 | if (NULL != fi->serialization) |
1324 | { | 1424 | { |
1325 | GNUNET_FS_remove_sync_file_ (pc->h, GNUNET_FS_SYNC_PATH_FILE_INFO, | 1425 | GNUNET_FS_remove_sync_file_ (pc->h, GNUNET_FS_SYNC_PATH_FILE_INFO, |
1326 | fi->serialization); | 1426 | fi->serialization); |