diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-04-13 22:57:06 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-04-14 10:01:24 +0200 |
commit | af90492d9f86b3bcce93a8459383744939318bc3 (patch) | |
tree | f1302668151763b247f0044691516343f3508209 /src/reclaim/gnunet-service-reclaim.c | |
parent | 38f1f248ac9666bd24655ef4b55ec38b909715ad (diff) | |
download | gnunet-af90492d9f86b3bcce93a8459383744939318bc3.tar.gz gnunet-af90492d9f86b3bcce93a8459383744939318bc3.zip |
RECLAIM: refactor revoke
Diffstat (limited to 'src/reclaim/gnunet-service-reclaim.c')
-rw-r--r-- | src/reclaim/gnunet-service-reclaim.c | 581 |
1 files changed, 80 insertions, 501 deletions
diff --git a/src/reclaim/gnunet-service-reclaim.c b/src/reclaim/gnunet-service-reclaim.c index fa3236af4..2c74193d1 100644 --- a/src/reclaim/gnunet-service-reclaim.c +++ b/src/reclaim/gnunet-service-reclaim.c | |||
@@ -210,12 +210,12 @@ struct IdpClient { | |||
210 | /** | 210 | /** |
211 | * Head of DLL of ticket revocation ops | 211 | * Head of DLL of ticket revocation ops |
212 | */ | 212 | */ |
213 | struct TicketRevocationHandle *revoke_op_head; | 213 | struct TicketRevocationOperation *revoke_op_head; |
214 | 214 | ||
215 | /** | 215 | /** |
216 | * Tail of DLL of ticket revocation ops | 216 | * Tail of DLL of ticket revocation ops |
217 | */ | 217 | */ |
218 | struct TicketRevocationHandle *revoke_op_tail; | 218 | struct TicketRevocationOperation *revoke_op_tail; |
219 | 219 | ||
220 | /** | 220 | /** |
221 | * Head of DLL of ticket issue ops | 221 | * Head of DLL of ticket issue ops |
@@ -350,26 +350,16 @@ struct TicketAttributeUpdateEntry { | |||
350 | /** | 350 | /** |
351 | * Ticket revocation request handle | 351 | * Ticket revocation request handle |
352 | */ | 352 | */ |
353 | struct TicketRevocationHandle { | 353 | struct TicketRevocationOperation { |
354 | /** | 354 | /** |
355 | * DLL | 355 | * DLL |
356 | */ | 356 | */ |
357 | struct TicketRevocationHandle *prev; | 357 | struct TicketRevocationOperation *prev; |
358 | 358 | ||
359 | /** | 359 | /** |
360 | * DLL | 360 | * DLL |
361 | */ | 361 | */ |
362 | struct TicketRevocationHandle *next; | 362 | struct TicketRevocationOperation *next; |
363 | |||
364 | /** | ||
365 | * Attribute updates | ||
366 | */ | ||
367 | struct TicketAttributeUpdateEntry *attr_updates_head; | ||
368 | |||
369 | /** | ||
370 | * Attribute updates | ||
371 | */ | ||
372 | struct TicketAttributeUpdateEntry *attr_updates_tail; | ||
373 | 363 | ||
374 | /** | 364 | /** |
375 | * Client connection | 365 | * Client connection |
@@ -377,39 +367,9 @@ struct TicketRevocationHandle { | |||
377 | struct IdpClient *client; | 367 | struct IdpClient *client; |
378 | 368 | ||
379 | /** | 369 | /** |
380 | * Attributes to reissue | 370 | * Revocation handle |
381 | */ | 371 | */ |
382 | struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs; | 372 | struct RECLAIM_TICKETS_RevokeHandle *rh; |
383 | |||
384 | /** | ||
385 | * Attributes to revoke | ||
386 | */ | ||
387 | struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *rvk_attrs; | ||
388 | |||
389 | /** | ||
390 | * Issuer Key | ||
391 | */ | ||
392 | struct GNUNET_CRYPTO_EcdsaPrivateKey identity; | ||
393 | |||
394 | /** | ||
395 | * Ticket to issue | ||
396 | */ | ||
397 | struct GNUNET_RECLAIM_Ticket ticket; | ||
398 | |||
399 | /** | ||
400 | * QueueEntry | ||
401 | */ | ||
402 | struct GNUNET_NAMESTORE_QueueEntry *ns_qe; | ||
403 | |||
404 | /** | ||
405 | * Namestore iterator | ||
406 | */ | ||
407 | struct GNUNET_NAMESTORE_ZoneIterator *ns_it; | ||
408 | |||
409 | /** | ||
410 | * Offset | ||
411 | */ | ||
412 | uint32_t offset; | ||
413 | 373 | ||
414 | /** | 374 | /** |
415 | * request id | 375 | * request id |
@@ -472,7 +432,8 @@ struct EgoEntry { | |||
472 | /** | 432 | /** |
473 | * Cleanup task | 433 | * Cleanup task |
474 | */ | 434 | */ |
475 | static void cleanup () | 435 | static void |
436 | cleanup () | ||
476 | { | 437 | { |
477 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); | 438 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Cleaning up\n"); |
478 | 439 | ||
@@ -495,37 +456,18 @@ static void cleanup () | |||
495 | * | 456 | * |
496 | * @param cls NULL | 457 | * @param cls NULL |
497 | */ | 458 | */ |
498 | static void do_shutdown (void *cls) | 459 | static void |
460 | do_shutdown (void *cls) | ||
499 | { | 461 | { |
500 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Shutting down...\n"); | 462 | GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Shutting down...\n"); |
501 | cleanup (); | 463 | cleanup (); |
502 | } | 464 | } |
503 | 465 | ||
504 | static int create_sym_key_from_ecdh ( | ||
505 | const struct GNUNET_HashCode *new_key_hash, | ||
506 | struct GNUNET_CRYPTO_SymmetricSessionKey *skey, | ||
507 | struct GNUNET_CRYPTO_SymmetricInitializationVector *iv) | ||
508 | { | ||
509 | struct GNUNET_CRYPTO_HashAsciiEncoded new_key_hash_str; | ||
510 | |||
511 | GNUNET_CRYPTO_hash_to_enc (new_key_hash, &new_key_hash_str); | ||
512 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Creating symmetric rsa key from %s\n", | ||
513 | (char *)&new_key_hash_str); | ||
514 | static const char ctx_key[] = "gnuid-aes-ctx-key"; | ||
515 | GNUNET_CRYPTO_kdf (skey, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), | ||
516 | new_key_hash, sizeof (struct GNUNET_HashCode), ctx_key, | ||
517 | strlen (ctx_key), NULL, 0); | ||
518 | static const char ctx_iv[] = "gnuid-aes-ctx-iv"; | ||
519 | GNUNET_CRYPTO_kdf ( | ||
520 | iv, sizeof (struct GNUNET_CRYPTO_SymmetricInitializationVector), | ||
521 | new_key_hash, sizeof (struct GNUNET_HashCode), ctx_iv, strlen (ctx_iv), | ||
522 | NULL, 0); | ||
523 | return GNUNET_OK; | ||
524 | } | ||
525 | 466 | ||
526 | static void send_ticket_result (const struct IdpClient *client, uint32_t r_id, | 467 | static void |
527 | const struct GNUNET_RECLAIM_Ticket *ticket, | 468 | send_ticket_result (const struct IdpClient *client, uint32_t r_id, |
528 | uint32_t success) | 469 | const struct GNUNET_RECLAIM_Ticket *ticket, |
470 | uint32_t success) | ||
529 | { | 471 | { |
530 | struct TicketResultMessage *irm; | 472 | struct TicketResultMessage *irm; |
531 | struct GNUNET_MQ_Envelope *env; | 473 | struct GNUNET_MQ_Envelope *env; |
@@ -544,9 +486,9 @@ static void send_ticket_result (const struct IdpClient *client, uint32_t r_id, | |||
544 | GNUNET_MQ_send (client->mq, env); | 486 | GNUNET_MQ_send (client->mq, env); |
545 | } | 487 | } |
546 | 488 | ||
547 | static void issue_ticket_result_cb (void *cls, | 489 | static void |
548 | struct GNUNET_RECLAIM_Ticket *ticket, | 490 | issue_ticket_result_cb (void *cls, struct GNUNET_RECLAIM_Ticket *ticket, |
549 | uint32_t success, const char *emsg) | 491 | int32_t success, const char *emsg) |
550 | { | 492 | { |
551 | struct TicketIssueOperation *tio = cls; | 493 | struct TicketIssueOperation *tio = cls; |
552 | if (GNUNET_OK != success) { | 494 | if (GNUNET_OK != success) { |
@@ -563,8 +505,8 @@ static void issue_ticket_result_cb (void *cls, | |||
563 | GNUNET_free (tio); | 505 | GNUNET_free (tio); |
564 | } | 506 | } |
565 | 507 | ||
566 | static int check_issue_ticket_message (void *cls, | 508 | static int |
567 | const struct IssueTicketMessage *im) | 509 | check_issue_ticket_message (void *cls, const struct IssueTicketMessage *im) |
568 | { | 510 | { |
569 | uint16_t size; | 511 | uint16_t size; |
570 | 512 | ||
@@ -576,8 +518,8 @@ static int check_issue_ticket_message (void *cls, | |||
576 | return GNUNET_OK; | 518 | return GNUNET_OK; |
577 | } | 519 | } |
578 | 520 | ||
579 | static void handle_issue_ticket_message (void *cls, | 521 | static void |
580 | const struct IssueTicketMessage *im) | 522 | handle_issue_ticket_message (void *cls, const struct IssueTicketMessage *im) |
581 | { | 523 | { |
582 | struct TicketIssueOperation *tio; | 524 | struct TicketIssueOperation *tio; |
583 | struct IdpClient *idp = cls; | 525 | struct IdpClient *idp = cls; |
@@ -600,394 +542,26 @@ static void handle_issue_ticket_message (void *cls, | |||
600 | * Revocation | 542 | * Revocation |
601 | **********************************************************/ | 543 | **********************************************************/ |
602 | 544 | ||
603 | /** | 545 | static void |
604 | * Cleanup revoke handle | 546 | revoke_result_cb (void *cls, int32_t success) |
605 | * | ||
606 | * @param rh the ticket revocation handle | ||
607 | */ | ||
608 | static void cleanup_revoke_ticket_handle (struct TicketRevocationHandle *rh) | ||
609 | { | ||
610 | if (NULL != rh->attrs) | ||
611 | GNUNET_RECLAIM_ATTRIBUTE_list_destroy (rh->attrs); | ||
612 | if (NULL != rh->rvk_attrs) | ||
613 | GNUNET_RECLAIM_ATTRIBUTE_list_destroy (rh->rvk_attrs); | ||
614 | if (NULL != rh->ns_qe) | ||
615 | GNUNET_NAMESTORE_cancel (rh->ns_qe); | ||
616 | if (NULL != rh->ns_it) | ||
617 | GNUNET_NAMESTORE_zone_iteration_stop (rh->ns_it); | ||
618 | GNUNET_free (rh); | ||
619 | } | ||
620 | |||
621 | static int | ||
622 | serialize_authz_record (const struct GNUNET_RECLAIM_Ticket *ticket, | ||
623 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs, | ||
624 | struct GNUNET_CRYPTO_EcdhePrivateKey **ecdh_privkey, | ||
625 | char **result) | ||
626 | { | ||
627 | struct GNUNET_CRYPTO_EcdhePublicKey ecdh_pubkey; | ||
628 | struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le; | ||
629 | struct GNUNET_CRYPTO_SymmetricSessionKey skey; | ||
630 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | ||
631 | struct GNUNET_HashCode new_key_hash; | ||
632 | ssize_t enc_size; | ||
633 | char *enc_keyinfo; | ||
634 | char *buf; | ||
635 | char *write_ptr; | ||
636 | char attrs_str_len; | ||
637 | char *label; | ||
638 | |||
639 | GNUNET_assert (NULL != attrs->list_head); | ||
640 | attrs_str_len = 0; | ||
641 | for (le = attrs->list_head; NULL != le; le = le->next) { | ||
642 | attrs_str_len += 15 + 1; // TODO propery calculate | ||
643 | } | ||
644 | buf = GNUNET_malloc (attrs_str_len); | ||
645 | write_ptr = buf; | ||
646 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Writing attributes\n"); | ||
647 | for (le = attrs->list_head; NULL != le; le = le->next) { | ||
648 | label = | ||
649 | GNUNET_STRINGS_data_to_string_alloc (&le->claim->id, sizeof (uint64_t)); | ||
650 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Adding attribute to record: %s\n", | ||
651 | label); | ||
652 | |||
653 | GNUNET_memcpy (write_ptr, label, strlen (label)); | ||
654 | write_ptr[strlen (label)] = ','; | ||
655 | write_ptr += strlen (label) + 1; | ||
656 | GNUNET_free (label); | ||
657 | } | ||
658 | write_ptr--; | ||
659 | write_ptr[0] = '\0'; // replace last , with a 0-terminator | ||
660 | // ECDH keypair E = eG | ||
661 | *ecdh_privkey = GNUNET_CRYPTO_ecdhe_key_create (); | ||
662 | GNUNET_CRYPTO_ecdhe_key_get_public (*ecdh_privkey, &ecdh_pubkey); | ||
663 | enc_keyinfo = GNUNET_malloc (attrs_str_len); | ||
664 | // Derived key K = H(eB) | ||
665 | GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_ecdh_ecdsa (*ecdh_privkey, | ||
666 | &ticket->audience, | ||
667 | &new_key_hash)); | ||
668 | create_sym_key_from_ecdh (&new_key_hash, &skey, &iv); | ||
669 | enc_size = GNUNET_CRYPTO_symmetric_encrypt (buf, attrs_str_len, &skey, &iv, | ||
670 | enc_keyinfo); | ||
671 | *result = | ||
672 | GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + enc_size); | ||
673 | GNUNET_memcpy (*result, &ecdh_pubkey, | ||
674 | sizeof (struct GNUNET_CRYPTO_EcdhePublicKey)); | ||
675 | GNUNET_memcpy (*result + sizeof (struct GNUNET_CRYPTO_EcdhePublicKey), | ||
676 | enc_keyinfo, enc_size); | ||
677 | GNUNET_free (enc_keyinfo); | ||
678 | GNUNET_free (buf); | ||
679 | return sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + enc_size; | ||
680 | } | ||
681 | |||
682 | /** | ||
683 | * Send revocation result | ||
684 | * | ||
685 | * @param rh ticket revocation handle | ||
686 | * @param success GNUNET_OK if successful result | ||
687 | */ | ||
688 | static void send_revocation_finished (struct TicketRevocationHandle *rh, | ||
689 | uint32_t success) | ||
690 | { | 547 | { |
548 | struct TicketRevocationOperation *rop = cls; | ||
691 | struct GNUNET_MQ_Envelope *env; | 549 | struct GNUNET_MQ_Envelope *env; |
692 | struct RevokeTicketResultMessage *trm; | 550 | struct RevokeTicketResultMessage *trm; |
693 | 551 | ||
694 | GNUNET_break (TKT_database->delete_ticket (TKT_database->cls, &rh->ticket)); | 552 | rop->rh = NULL; |
695 | |||
696 | env = GNUNET_MQ_msg (trm, GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT); | 553 | env = GNUNET_MQ_msg (trm, GNUNET_MESSAGE_TYPE_RECLAIM_REVOKE_TICKET_RESULT); |
697 | trm->id = htonl (rh->r_id); | 554 | trm->id = htonl (rop->r_id); |
698 | trm->success = htonl (success); | 555 | trm->success = htonl (success); |
699 | GNUNET_MQ_send (rh->client->mq, env); | 556 | GNUNET_MQ_send (rop->client->mq, env); |
700 | GNUNET_CONTAINER_DLL_remove (rh->client->revoke_op_head, | 557 | GNUNET_CONTAINER_DLL_remove (rop->client->revoke_op_head, |
701 | rh->client->revoke_op_tail, rh); | 558 | rop->client->revoke_op_tail, rop); |
702 | } | 559 | GNUNET_free (rop); |
703 | |||
704 | /** | ||
705 | * Process ticket from database | ||
706 | * | ||
707 | * @param cls struct TicketIterationProcResult | ||
708 | * @param ticket the ticket | ||
709 | * @param attrs the attributes | ||
710 | */ | ||
711 | static void | ||
712 | ticket_reissue_proc (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket, | ||
713 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs); | ||
714 | |||
715 | static void revocation_reissue_tickets (struct TicketRevocationHandle *rh); | ||
716 | |||
717 | static void reissue_next (void *cls) | ||
718 | { | ||
719 | struct TicketRevocationHandle *rh = cls; | ||
720 | revocation_reissue_tickets (rh); | ||
721 | } | 560 | } |
722 | 561 | ||
723 | static void reissue_ticket_cont (void *cls, int32_t success, const char *emsg) | ||
724 | { | ||
725 | struct TicketRevocationHandle *rh = cls; | ||
726 | |||
727 | rh->ns_qe = NULL; | ||
728 | if (GNUNET_SYSERR == success) { | ||
729 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "%s\n", "Unknown Error\n"); | ||
730 | send_revocation_finished (rh, GNUNET_SYSERR); | ||
731 | cleanup_revoke_ticket_handle (rh); | ||
732 | return; | ||
733 | } | ||
734 | rh->offset++; | ||
735 | GNUNET_SCHEDULER_add_now (&reissue_next, rh); | ||
736 | } | ||
737 | |||
738 | /** | ||
739 | * Process ticket from database | ||
740 | * | ||
741 | * @param cls struct TicketIterationProcResult | ||
742 | * @param ticket the ticket | ||
743 | * @param attrs the attributes | ||
744 | */ | ||
745 | static void | ||
746 | ticket_reissue_proc (void *cls, const struct GNUNET_RECLAIM_Ticket *ticket, | ||
747 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs) | ||
748 | { | ||
749 | struct TicketRevocationHandle *rh = cls; | ||
750 | struct TicketAttributeUpdateEntry *tue; | ||
751 | struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le; | ||
752 | struct GNUNET_CRYPTO_EcdhePrivateKey *ecdhe_privkey; | ||
753 | struct GNUNET_GNSRECORD_Data code_record[1]; | ||
754 | int reissue_ticket; | ||
755 | size_t authz_record_len; | ||
756 | char *authz_record_data; | ||
757 | char *label; | ||
758 | |||
759 | if (NULL == ticket) { | ||
760 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Iteration done\n"); | ||
761 | return; | ||
762 | } | ||
763 | |||
764 | if (0 == memcmp (&ticket->audience, &rh->ticket.audience, | ||
765 | sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey))) { | ||
766 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
767 | "Do not reissue for this identity.!\n"); | ||
768 | label = GNUNET_STRINGS_data_to_string_alloc (&rh->ticket.rnd, | ||
769 | sizeof (uint64_t)); | ||
770 | // Delete record | ||
771 | rh->ns_qe = GNUNET_NAMESTORE_records_store (nsh, &rh->identity, label, 0, | ||
772 | NULL, &reissue_ticket_cont, rh); | ||
773 | |||
774 | GNUNET_free (label); | ||
775 | return; | ||
776 | } | ||
777 | 562 | ||
778 | /* | 563 | static int |
779 | * Check if any attribute of this ticket intersects with a rollover attribute | 564 | check_revoke_ticket_message (void *cls, const struct RevokeTicketMessage *im) |
780 | */ | ||
781 | reissue_ticket = GNUNET_NO; | ||
782 | for (le = attrs->list_head; NULL != le; le = le->next) { | ||
783 | for (tue = rh->attr_updates_head; NULL != tue; tue = tue->next) { | ||
784 | if (tue->old_id == le->claim->id) { | ||
785 | reissue_ticket = GNUNET_YES; | ||
786 | le->claim->id = tue->new_id; | ||
787 | } | ||
788 | } | ||
789 | } | ||
790 | |||
791 | if (GNUNET_NO == reissue_ticket) { | ||
792 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Skipping ticket.\n"); | ||
793 | |||
794 | rh->offset++; | ||
795 | GNUNET_SCHEDULER_add_now (&reissue_next, rh); | ||
796 | return; | ||
797 | } | ||
798 | |||
799 | // Create new ABE key for RP | ||
800 | |||
801 | /* If this is the RP we want to revoke attributes of, the do so */ | ||
802 | |||
803 | // TODO rename function | ||
804 | authz_record_len = serialize_authz_record (ticket, attrs, &ecdhe_privkey, | ||
805 | &authz_record_data); | ||
806 | code_record[0].data = authz_record_data; | ||
807 | code_record[0].data_size = authz_record_len; | ||
808 | code_record[0].expiration_time = GNUNET_TIME_UNIT_DAYS.rel_value_us; | ||
809 | code_record[0].record_type = GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR_REF; | ||
810 | code_record[0].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; | ||
811 | |||
812 | label = GNUNET_STRINGS_data_to_string_alloc (&ticket->rnd, sizeof (uint64_t)); | ||
813 | // Publish record | ||
814 | rh->ns_qe = GNUNET_NAMESTORE_records_store ( | ||
815 | nsh, &rh->identity, label, 1, code_record, &reissue_ticket_cont, rh); | ||
816 | GNUNET_free (ecdhe_privkey); | ||
817 | GNUNET_free (label); | ||
818 | GNUNET_free (authz_record_data); | ||
819 | } | ||
820 | |||
821 | /* Prototype for below function */ | ||
822 | static void attr_reenc_cont (void *cls, int32_t success, const char *emsg); | ||
823 | |||
824 | static void revocation_reissue_tickets (struct TicketRevocationHandle *rh) | ||
825 | { | ||
826 | int ret; | ||
827 | /* Done, issue new keys */ | ||
828 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
829 | "Revocation Phase III: Reissuing Tickets\n"); | ||
830 | if (GNUNET_SYSERR == (ret = TKT_database->iterate_tickets ( | ||
831 | TKT_database->cls, &rh->ticket.identity, GNUNET_NO, | ||
832 | rh->offset, &ticket_reissue_proc, rh))) { | ||
833 | GNUNET_break (0); | ||
834 | } | ||
835 | if (GNUNET_NO == ret) { | ||
836 | send_revocation_finished (rh, GNUNET_OK); | ||
837 | cleanup_revoke_ticket_handle (rh); | ||
838 | return; | ||
839 | } | ||
840 | } | ||
841 | |||
842 | /** | ||
843 | * Failed to check for attribute | ||
844 | */ | ||
845 | static void check_attr_error (void *cls) | ||
846 | { | ||
847 | struct TicketRevocationHandle *rh = cls; | ||
848 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
849 | "Unable to check for existing attribute\n"); | ||
850 | rh->ns_qe = NULL; | ||
851 | send_revocation_finished (rh, GNUNET_SYSERR); | ||
852 | cleanup_revoke_ticket_handle (rh); | ||
853 | } | ||
854 | |||
855 | /** | ||
856 | * Revoke next attribte by reencryption with | ||
857 | * new ABE master | ||
858 | */ | ||
859 | static void reenc_next_attribute (void *cls); | ||
860 | |||
861 | /** | ||
862 | * Check for existing attribute and overwrite | ||
863 | */ | ||
864 | static void check_attr_cb (void *cls, | ||
865 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | ||
866 | const char *label, unsigned int rd_count, | ||
867 | const struct GNUNET_GNSRECORD_Data *rd_old) | ||
868 | { | ||
869 | struct TicketRevocationHandle *rh = cls; | ||
870 | struct TicketAttributeUpdateEntry *tue; | ||
871 | struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le; | ||
872 | struct GNUNET_GNSRECORD_Data rd[1]; | ||
873 | char *buf; | ||
874 | size_t buf_size; | ||
875 | char *new_label; | ||
876 | |||
877 | rh->ns_qe = NULL; | ||
878 | if (1 != rd_count) { | ||
879 | le = rh->attrs->list_head; | ||
880 | GNUNET_CONTAINER_DLL_remove (rh->attrs->list_head, rh->attrs->list_tail, | ||
881 | le); | ||
882 | GNUNET_assert (NULL != rh->rvk_attrs); | ||
883 | GNUNET_CONTAINER_DLL_insert (rh->rvk_attrs->list_head, | ||
884 | rh->rvk_attrs->list_tail, le); | ||
885 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Re-encrypting next attribute\n"); | ||
886 | GNUNET_SCHEDULER_add_now (&reenc_next_attribute, rh); | ||
887 | return; | ||
888 | } | ||
889 | |||
890 | buf_size = | ||
891 | GNUNET_RECLAIM_ATTRIBUTE_serialize_get_size (rh->attrs->list_head->claim); | ||
892 | buf = GNUNET_malloc (buf_size); | ||
893 | rh->attrs->list_head->claim->version++; | ||
894 | GNUNET_RECLAIM_ATTRIBUTE_serialize (rh->attrs->list_head->claim, buf); | ||
895 | tue = GNUNET_new (struct TicketAttributeUpdateEntry); | ||
896 | tue->old_id = rh->attrs->list_head->claim->id; | ||
897 | tue->new_id = | ||
898 | GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_STRONG, UINT64_MAX); | ||
899 | GNUNET_CONTAINER_DLL_insert (rh->attr_updates_head, rh->attr_updates_tail, | ||
900 | tue); | ||
901 | rh->attrs->list_head->claim->id = tue->new_id; | ||
902 | new_label = | ||
903 | GNUNET_STRINGS_data_to_string_alloc (&tue->new_id, sizeof (uint64_t)); | ||
904 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "New attr id %s\n", new_label); | ||
905 | rd[0].data_size = buf_size; | ||
906 | rd[0].data = buf; | ||
907 | rd[0].record_type = GNUNET_GNSRECORD_TYPE_RECLAIM_ATTR; | ||
908 | rd[0].flags = GNUNET_GNSRECORD_RF_RELATIVE_EXPIRATION; | ||
909 | rd[0].expiration_time = rd_old[0].expiration_time; | ||
910 | rh->ns_qe = GNUNET_NAMESTORE_records_store (nsh, &rh->identity, new_label, 1, | ||
911 | rd, &attr_reenc_cont, rh); | ||
912 | } | ||
913 | |||
914 | /** | ||
915 | * Revoke next attribte by reencryption with | ||
916 | * new ABE master | ||
917 | */ | ||
918 | static void reenc_next_attribute (void *cls) | ||
919 | { | ||
920 | struct TicketRevocationHandle *rh = cls; | ||
921 | char *label; | ||
922 | if (NULL == rh->attrs->list_head) { | ||
923 | revocation_reissue_tickets (rh); | ||
924 | return; | ||
925 | } | ||
926 | /* First check if attribute still exists */ | ||
927 | label = GNUNET_STRINGS_data_to_string_alloc (&rh->attrs->list_head->claim->id, | ||
928 | sizeof (uint64_t)); | ||
929 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Name: %s\n", | ||
930 | rh->attrs->list_head->claim->name); | ||
931 | rh->ns_qe = GNUNET_NAMESTORE_records_lookup ( | ||
932 | nsh, &rh->identity, label, &check_attr_error, rh, &check_attr_cb, rh); | ||
933 | GNUNET_free (label); | ||
934 | } | ||
935 | |||
936 | /** | ||
937 | * Namestore callback after revoked attribute | ||
938 | * is stored | ||
939 | */ | ||
940 | static void attr_reenc_cont (void *cls, int32_t success, const char *emsg) | ||
941 | { | ||
942 | struct TicketRevocationHandle *rh = cls; | ||
943 | struct GNUNET_RECLAIM_ATTRIBUTE_ClaimListEntry *le; | ||
944 | |||
945 | rh->ns_qe = NULL; | ||
946 | if (GNUNET_SYSERR == success) { | ||
947 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to reencrypt attribute %s\n", | ||
948 | emsg); | ||
949 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | ||
950 | return; | ||
951 | } | ||
952 | if (NULL == rh->attrs->list_head) { | ||
953 | revocation_reissue_tickets (rh); | ||
954 | return; | ||
955 | } | ||
956 | le = rh->attrs->list_head; | ||
957 | GNUNET_CONTAINER_DLL_remove (rh->attrs->list_head, rh->attrs->list_tail, le); | ||
958 | GNUNET_assert (NULL != rh->rvk_attrs); | ||
959 | GNUNET_CONTAINER_DLL_insert (rh->rvk_attrs->list_head, | ||
960 | rh->rvk_attrs->list_tail, le); | ||
961 | |||
962 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Re-encrypting next attribute\n"); | ||
963 | reenc_next_attribute (rh); | ||
964 | } | ||
965 | |||
966 | |||
967 | static void process_attributes_to_update ( | ||
968 | void *cls, const struct GNUNET_RECLAIM_Ticket *ticket, | ||
969 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs) | ||
970 | { | ||
971 | struct TicketRevocationHandle *rh = cls; | ||
972 | |||
973 | rh->attrs = GNUNET_RECLAIM_ATTRIBUTE_list_dup (attrs); | ||
974 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
975 | "Revocation Phase I: Collecting attributes\n"); | ||
976 | /* Reencrypt all attributes with new key */ | ||
977 | if (NULL == rh->attrs->list_head) { | ||
978 | /* No attributes to reencrypt */ | ||
979 | send_revocation_finished (rh, GNUNET_OK); | ||
980 | cleanup_revoke_ticket_handle (rh); | ||
981 | return; | ||
982 | } else { | ||
983 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
984 | "Revocation Phase II: Re-encrypting attributes\n"); | ||
985 | reenc_next_attribute (rh); | ||
986 | } | ||
987 | } | ||
988 | |||
989 | static int check_revoke_ticket_message (void *cls, | ||
990 | const struct RevokeTicketMessage *im) | ||
991 | { | 565 | { |
992 | uint16_t size; | 566 | uint16_t size; |
993 | 567 | ||
@@ -999,32 +573,25 @@ static int check_revoke_ticket_message (void *cls, | |||
999 | return GNUNET_OK; | 573 | return GNUNET_OK; |
1000 | } | 574 | } |
1001 | 575 | ||
1002 | static void handle_revoke_ticket_message (void *cls, | 576 | static void |
1003 | const struct RevokeTicketMessage *rm) | 577 | handle_revoke_ticket_message (void *cls, const struct RevokeTicketMessage *rm) |
1004 | { | 578 | { |
1005 | struct TicketRevocationHandle *rh; | 579 | struct TicketRevocationOperation *rop; |
1006 | struct IdpClient *idp = cls; | 580 | struct IdpClient *idp = cls; |
1007 | struct GNUNET_RECLAIM_Ticket *ticket; | 581 | struct GNUNET_RECLAIM_Ticket *ticket; |
1008 | 582 | ||
1009 | rh = GNUNET_new (struct TicketRevocationHandle); | 583 | rop = GNUNET_new (struct TicketRevocationOperation); |
1010 | ticket = (struct GNUNET_RECLAIM_Ticket *)&rm[1]; | 584 | ticket = (struct GNUNET_RECLAIM_Ticket *)&rm[1]; |
1011 | rh->rvk_attrs = GNUNET_new (struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList); | 585 | rop->r_id = ntohl (rm->id); |
1012 | rh->ticket = *ticket; | 586 | rop->client = idp; |
1013 | rh->r_id = ntohl (rm->id); | 587 | GNUNET_CONTAINER_DLL_insert (idp->revoke_op_head, idp->revoke_op_tail, rop); |
1014 | rh->client = idp; | 588 | rop->rh = |
1015 | rh->identity = rm->identity; | 589 | RECLAIM_TICKETS_revoke (ticket, &rm->identity, &revoke_result_cb, rop); |
1016 | GNUNET_CRYPTO_ecdsa_key_get_public (&rh->identity, &rh->ticket.identity); | ||
1017 | GNUNET_CONTAINER_DLL_insert (idp->revoke_op_head, idp->revoke_op_tail, rh); | ||
1018 | /** | ||
1019 | * TODO replace with GNS storage | ||
1020 | */ | ||
1021 | TKT_database->get_ticket_attributes (TKT_database->cls, &rh->ticket, | ||
1022 | &process_attributes_to_update, rh); | ||
1023 | GNUNET_SERVICE_client_continue (idp->client); | 590 | GNUNET_SERVICE_client_continue (idp->client); |
1024 | } | 591 | } |
1025 | 592 | ||
1026 | static int check_consume_ticket_message (void *cls, | 593 | static int |
1027 | const struct ConsumeTicketMessage *cm) | 594 | check_consume_ticket_message (void *cls, const struct ConsumeTicketMessage *cm) |
1028 | { | 595 | { |
1029 | uint16_t size; | 596 | uint16_t size; |
1030 | 597 | ||
@@ -1040,7 +607,7 @@ static void | |||
1040 | consume_result_cb (void *cls, | 607 | consume_result_cb (void *cls, |
1041 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, | 608 | const struct GNUNET_CRYPTO_EcdsaPublicKey *identity, |
1042 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs, | 609 | const struct GNUNET_RECLAIM_ATTRIBUTE_ClaimList *attrs, |
1043 | uint32_t success, const char *emsg) | 610 | int32_t success, const char *emsg) |
1044 | { | 611 | { |
1045 | struct ConsumeTicketOperation *cop = cls; | 612 | struct ConsumeTicketOperation *cop = cls; |
1046 | struct ConsumeTicketResultMessage *crm; | 613 | struct ConsumeTicketResultMessage *crm; |
@@ -1091,7 +658,8 @@ handle_consume_ticket_message (void *cls, const struct ConsumeTicketMessage *cm) | |||
1091 | * | 658 | * |
1092 | * @param handle handle to clean up | 659 | * @param handle handle to clean up |
1093 | */ | 660 | */ |
1094 | static void cleanup_as_handle (struct AttributeStoreHandle *ash) | 661 | static void |
662 | cleanup_as_handle (struct AttributeStoreHandle *ash) | ||
1095 | { | 663 | { |
1096 | if (NULL != ash->ns_qe) | 664 | if (NULL != ash->ns_qe) |
1097 | GNUNET_NAMESTORE_cancel (ash->ns_qe); | 665 | GNUNET_NAMESTORE_cancel (ash->ns_qe); |
@@ -1100,7 +668,8 @@ static void cleanup_as_handle (struct AttributeStoreHandle *ash) | |||
1100 | GNUNET_free (ash); | 668 | GNUNET_free (ash); |
1101 | } | 669 | } |
1102 | 670 | ||
1103 | static void attr_store_cont (void *cls, int32_t success, const char *emsg) | 671 | static void |
672 | attr_store_cont (void *cls, int32_t success, const char *emsg) | ||
1104 | { | 673 | { |
1105 | struct AttributeStoreHandle *ash = cls; | 674 | struct AttributeStoreHandle *ash = cls; |
1106 | struct GNUNET_MQ_Envelope *env; | 675 | struct GNUNET_MQ_Envelope *env; |
@@ -1133,7 +702,8 @@ static void attr_store_cont (void *cls, int32_t success, const char *emsg) | |||
1133 | * | 702 | * |
1134 | * @param cls the AttributeStoreHandle | 703 | * @param cls the AttributeStoreHandle |
1135 | */ | 704 | */ |
1136 | static void attr_store_task (void *cls) | 705 | static void |
706 | attr_store_task (void *cls) | ||
1137 | { | 707 | { |
1138 | struct AttributeStoreHandle *ash = cls; | 708 | struct AttributeStoreHandle *ash = cls; |
1139 | struct GNUNET_GNSRECORD_Data rd[1]; | 709 | struct GNUNET_GNSRECORD_Data rd[1]; |
@@ -1205,12 +775,14 @@ handle_attribute_store_message (void *cls, | |||
1205 | * Attrubute iteration | 775 | * Attrubute iteration |
1206 | *************************************************/ | 776 | *************************************************/ |
1207 | 777 | ||
1208 | static void cleanup_attribute_iter_handle (struct AttributeIterator *ai) | 778 | static void |
779 | cleanup_attribute_iter_handle (struct AttributeIterator *ai) | ||
1209 | { | 780 | { |
1210 | GNUNET_free (ai); | 781 | GNUNET_free (ai); |
1211 | } | 782 | } |
1212 | 783 | ||
1213 | static void attr_iter_error (void *cls) | 784 | static void |
785 | attr_iter_error (void *cls) | ||
1214 | { | 786 | { |
1215 | struct AttributeIterator *ai = cls; | 787 | struct AttributeIterator *ai = cls; |
1216 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to iterate over attributes\n"); | 788 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to iterate over attributes\n"); |
@@ -1220,7 +792,8 @@ static void attr_iter_error (void *cls) | |||
1220 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); | 792 | GNUNET_SCHEDULER_add_now (&do_shutdown, NULL); |
1221 | } | 793 | } |
1222 | 794 | ||
1223 | static void attr_iter_finished (void *cls) | 795 | static void |
796 | attr_iter_finished (void *cls) | ||
1224 | { | 797 | { |
1225 | struct AttributeIterator *ai = cls; | 798 | struct AttributeIterator *ai = cls; |
1226 | struct GNUNET_MQ_Envelope *env; | 799 | struct GNUNET_MQ_Envelope *env; |
@@ -1235,10 +808,10 @@ static void attr_iter_finished (void *cls) | |||
1235 | cleanup_attribute_iter_handle (ai); | 808 | cleanup_attribute_iter_handle (ai); |
1236 | } | 809 | } |
1237 | 810 | ||
1238 | static void attr_iter_cb (void *cls, | 811 | static void |
1239 | const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, | 812 | attr_iter_cb (void *cls, const struct GNUNET_CRYPTO_EcdsaPrivateKey *zone, |
1240 | const char *label, unsigned int rd_count, | 813 | const char *label, unsigned int rd_count, |
1241 | const struct GNUNET_GNSRECORD_Data *rd) | 814 | const struct GNUNET_GNSRECORD_Data *rd) |
1242 | { | 815 | { |
1243 | struct AttributeIterator *ai = cls; | 816 | struct AttributeIterator *ai = cls; |
1244 | struct AttributeResultMessage *arm; | 817 | struct AttributeResultMessage *arm; |
@@ -1337,7 +910,8 @@ handle_iteration_next (void *cls, | |||
1337 | * Ticket iteration | 910 | * Ticket iteration |
1338 | ******************************************************/ | 911 | ******************************************************/ |
1339 | 912 | ||
1340 | static void ticket_iter_cb (void *cls, struct GNUNET_RECLAIM_Ticket *ticket) | 913 | static void |
914 | ticket_iter_cb (void *cls, struct GNUNET_RECLAIM_Ticket *ticket) | ||
1341 | { | 915 | { |
1342 | struct TicketIteration *ti = cls; | 916 | struct TicketIteration *ti = cls; |
1343 | struct GNUNET_MQ_Envelope *env; | 917 | struct GNUNET_MQ_Envelope *env; |
@@ -1358,7 +932,8 @@ static void ticket_iter_cb (void *cls, struct GNUNET_RECLAIM_Ticket *ticket) | |||
1358 | GNUNET_free (ti); | 932 | GNUNET_free (ti); |
1359 | } | 933 | } |
1360 | 934 | ||
1361 | static void handle_ticket_iteration_start ( | 935 | static void |
936 | handle_ticket_iteration_start ( | ||
1362 | void *cls, const struct TicketIterationStartMessage *tis_msg) | 937 | void *cls, const struct TicketIterationStartMessage *tis_msg) |
1363 | { | 938 | { |
1364 | struct IdpClient *client = cls; | 939 | struct IdpClient *client = cls; |
@@ -1433,8 +1008,9 @@ handle_ticket_iteration_next (void *cls, | |||
1433 | * @param c the configuration used | 1008 | * @param c the configuration used |
1434 | * @param server the service handle | 1009 | * @param server the service handle |
1435 | */ | 1010 | */ |
1436 | static void run (void *cls, const struct GNUNET_CONFIGURATION_Handle *c, | 1011 | static void |
1437 | struct GNUNET_SERVICE_Handle *server) | 1012 | run (void *cls, const struct GNUNET_CONFIGURATION_Handle *c, |
1013 | struct GNUNET_SERVICE_Handle *server) | ||
1438 | { | 1014 | { |
1439 | char *database; | 1015 | char *database; |
1440 | cfg = c; | 1016 | cfg = c; |
@@ -1487,14 +1063,14 @@ static void run (void *cls, const struct GNUNET_CONFIGURATION_Handle *c, | |||
1487 | * @param client identification of the client | 1063 | * @param client identification of the client |
1488 | * @param app_ctx @a client | 1064 | * @param app_ctx @a client |
1489 | */ | 1065 | */ |
1490 | static void client_disconnect_cb (void *cls, | 1066 | static void |
1491 | struct GNUNET_SERVICE_Client *client, | 1067 | client_disconnect_cb (void *cls, struct GNUNET_SERVICE_Client *client, |
1492 | void *app_ctx) | 1068 | void *app_ctx) |
1493 | { | 1069 | { |
1494 | struct IdpClient *idp = app_ctx; | 1070 | struct IdpClient *idp = app_ctx; |
1495 | struct AttributeIterator *ai; | 1071 | struct AttributeIterator *ai; |
1496 | struct TicketIteration *ti; | 1072 | struct TicketIteration *ti; |
1497 | struct TicketRevocationHandle *rh; | 1073 | struct TicketRevocationOperation *rop; |
1498 | struct TicketIssueOperation *iss; | 1074 | struct TicketIssueOperation *iss; |
1499 | struct ConsumeTicketOperation *ct; | 1075 | struct ConsumeTicketOperation *ct; |
1500 | struct AttributeStoreHandle *as; | 1076 | struct AttributeStoreHandle *as; |
@@ -1523,9 +1099,11 @@ static void client_disconnect_cb (void *cls, | |||
1523 | GNUNET_CONTAINER_DLL_remove (idp->attr_iter_head, idp->attr_iter_tail, ai); | 1099 | GNUNET_CONTAINER_DLL_remove (idp->attr_iter_head, idp->attr_iter_tail, ai); |
1524 | cleanup_attribute_iter_handle (ai); | 1100 | cleanup_attribute_iter_handle (ai); |
1525 | } | 1101 | } |
1526 | while (NULL != (rh = idp->revoke_op_head)) { | 1102 | while (NULL != (rop = idp->revoke_op_head)) { |
1527 | GNUNET_CONTAINER_DLL_remove (idp->revoke_op_head, idp->revoke_op_tail, rh); | 1103 | GNUNET_CONTAINER_DLL_remove (idp->revoke_op_head, idp->revoke_op_tail, rop); |
1528 | cleanup_revoke_ticket_handle (rh); | 1104 | if (NULL != rop->rh) |
1105 | RECLAIM_TICKETS_revoke_cancel (rop->rh); | ||
1106 | GNUNET_free (rop); | ||
1529 | } | 1107 | } |
1530 | while (NULL != (ti = idp->ticket_iter_head)) { | 1108 | while (NULL != (ti = idp->ticket_iter_head)) { |
1531 | GNUNET_CONTAINER_DLL_remove (idp->ticket_iter_head, idp->ticket_iter_tail, | 1109 | GNUNET_CONTAINER_DLL_remove (idp->ticket_iter_head, idp->ticket_iter_tail, |
@@ -1543,8 +1121,9 @@ static void client_disconnect_cb (void *cls, | |||
1543 | * @param mq message queue for @a client | 1121 | * @param mq message queue for @a client |
1544 | * @return internal namestore client structure for this client | 1122 | * @return internal namestore client structure for this client |
1545 | */ | 1123 | */ |
1546 | static void *client_connect_cb (void *cls, struct GNUNET_SERVICE_Client *client, | 1124 | static void * |
1547 | struct GNUNET_MQ_Handle *mq) | 1125 | client_connect_cb (void *cls, struct GNUNET_SERVICE_Client *client, |
1126 | struct GNUNET_MQ_Handle *mq) | ||
1548 | { | 1127 | { |
1549 | struct IdpClient *idp; | 1128 | struct IdpClient *idp; |
1550 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Client %p connected\n", client); | 1129 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Client %p connected\n", client); |