Core: Reverted code for complex ephemeral handling.

author: t3sserakt <t3ss@posteo.de> 2024-02-05 11:44:44 +0100
committer: t3sserakt <t3ss@posteo.de> 2024-02-05 13:20:45 +0100
commit: 3ff5ca2600bb75814bd00c616fcc8e6b5a5e04b1 (patch)
tree: 5fa88f00772a74053dabdaefbf000f3c3e814b1c /src/service
parent: 005f2187123ac4a8813bf3c80891a40c9086155d (diff)
download: gnunet-3ff5ca2600bb75814bd00c616fcc8e6b5a5e04b1.tar.gz
gnunet-3ff5ca2600bb75814bd00c616fcc8e6b5a5e04b1.zip
1 files changed, 40 insertions, 70 deletions
diff --git a/src/service/core/gnunet-service-core_kx.c b/src/service/core/gnunet-service-core_kx.c
index fc9bfd7b9..68efe98f0 100644
--- a/src/service/core/gnunet-service-core_kx.c
+++ b/src/service/core/gnunet-service-core_kx.c
@@ -693,14 +693,6 @@ deliver_message (void *cls, const struct GNUNET_MessageHeader *m)
 }
-static void
-do_rekey (void *cls);
-static void
-sign_ephemeral_key ();
 /**
 * Function called by transport to notify us that
 * a peer connected to us (on the network level).
@@ -726,66 +718,34 @@ handle_transport_notify_connect (void *cls,
                            gettext_noop ("# key exchanges initiated"),
                            1,
                            GNUNET_NO);
-  for (kx = kx_head; NULL != kx; kx = kx->next)
+  
-  {
+  kx = GNUNET_new (struct GSC_KeyExchangeInfo);
-    if (0 == memcmp (pid, kx->peer, sizeof(struct GNUNET_PeerIdentity)))
+  kx->mst = GNUNET_MST_create (&deliver_message, kx);
-      break;
+  kx->mq = mq;
-  }
+  kx->peer = pid;
-  if (NULL == kx)
+  kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
+  GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx);
+  kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
+  monitor_notify_all (kx);
+  GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
+  GNUNET_CRYPTO_hash (&GSC_my_identity,
+                      sizeof(struct GNUNET_PeerIdentity),
+                      &h2);
+  if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
  {
-    GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
+    /* peer with "lower" identity starts KX, otherwise we typically end up
-    sign_ephemeral_key ();
+       with both peers starting the exchange and transmit the 'set key'
-    {
+       message twice */
-      struct GNUNET_HashCode eh;
+    send_key (kx);
-      GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
-                          sizeof(current_ekm.ephemeral_key),
-                          &eh);
-      GNUNET_log (GNUNET_ERROR_TYPE_INFO,
-                  "Starting with ephemeral key %s\n",
-                  GNUNET_h2s (&eh));
-    }
-    kx = GNUNET_new (struct GSC_KeyExchangeInfo);
-    kx->mst = GNUNET_MST_create (&deliver_message, kx);
-    kx->mq = mq;
-    kx->peer = pid;
-    kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
-    GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx);
-    kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
-    monitor_notify_all (kx);
-    GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
-    GNUNET_CRYPTO_hash (&GSC_my_identity,
-                        sizeof(struct GNUNET_PeerIdentity),
-                        &h2);
-    if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
-      {
-        /* peer with "lower" identity starts KX, otherwise we typically end up
-           with both peers starting the exchange and transmit the 'set key'
-           message twice */
-        send_key (kx);
-      }
-    else
-      {
-        /* peer with "higher" identity starts a delayed KX, if the "lower" peer
-         * does not start a KX since it sees no reasons to do so  */
-        kx->retry_set_key_task =
-          GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
-                                        &set_key_retry_task,
-                                        kx);
-      }
  }
  else
  {
-    struct GNUNET_TIME_Relative left;
+    /* peer with "higher" identity starts a delayed KX, if the "lower" peer
+     * does not start a KX since it sees no reasons to do so  */
-    left = GNUNET_TIME_absolute_get_remaining (kx->timeout);
+    kx->retry_set_key_task =
-    if (0 == left.rel_value_us)
+      GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
-    {
+                                    &set_key_retry_task,
-      kx->status = GNUNET_CORE_KX_STATE_DOWN;
+                                    kx);
-    }
-    else
-      kx->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
-    do_rekey (NULL);
  }
  return kx;
 }
@@ -1092,6 +1052,10 @@ handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m)
 }
+static void
+send_keep_alive (void *cls);
 /**
 * We received a PING message.  Validate and transmit
 * a PONG message.
@@ -1798,11 +1762,6 @@ do_rekey (void *cls)
  struct GSC_KeyExchangeInfo *pos;
  (void) cls;
-  if (NULL != rekey_task)
-  {
-    GNUNET_SCHEDULER_cancel (rekey_task);
-    rekey_task = NULL;
-  }
  rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
  GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
  sign_ephemeral_key ();
@@ -1865,7 +1824,18 @@ GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
  my_private_key = *pk;
  GNUNET_CRYPTO_eddsa_key_get_public (&my_private_key,
                                      &GSC_my_identity.public_key);
-  
+  GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
+  sign_ephemeral_key ();
+  {
+    struct GNUNET_HashCode eh;
+    GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
+                        sizeof(current_ekm.ephemeral_key),
+                        &eh);
+    GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+                "Starting with ephemeral key %s\n",
+                GNUNET_h2s (&eh));
+  }
  nc = GNUNET_notification_context_create (1);
  rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
author	t3sserakt <t3ss@posteo.de>	2024-02-05 11:44:44 +0100
committer	t3sserakt <t3ss@posteo.de>	2024-02-05 13:20:45 +0100
commit	3ff5ca2600bb75814bd00c616fcc8e6b5a5e04b1 (patch)
tree	5fa88f00772a74053dabdaefbf000f3c3e814b1c /src/service
parent	005f2187123ac4a8813bf3c80891a40c9086155d (diff)
download	gnunet-3ff5ca2600bb75814bd00c616fcc8e6b5a5e04b1.tar.gz gnunet-3ff5ca2600bb75814bd00c616fcc8e6b5a5e04b1.zip

diff --git a/src/service/core/gnunet-service-core_kx.c b/src/service/core/gnunet-service-core_kx.c index fc9bfd7b9..68efe98f0 100644 --- a/src/service/core/gnunet-service-core_kx.c +++ b/src/service/core/gnunet-service-core_kx.c
@@ -693,14 +693,6 @@ deliver_message (void cls, const struct GNUNET_MessageHeader m)
693	}	693	}
694		694
695		695
696	static void
697	do_rekey (void *cls);
698
699
700	static void
701	sign_ephemeral_key ();
702
703
704	/**	696	/**
705	* Function called by transport to notify us that	697	* Function called by transport to notify us that
706	* a peer connected to us (on the network level).	698	* a peer connected to us (on the network level).
@@ -726,66 +718,34 @@ handle_transport_notify_connect (void *cls,
726	gettext_noop ("# key exchanges initiated"),	718	gettext_noop ("# key exchanges initiated"),
727	1,	719	1,
728	GNUNET_NO);	720	GNUNET_NO);
729	for (kx = kx_head; NULL != kx; kx = kx->next)	721
730	{	722	kx = GNUNET_new (struct GSC_KeyExchangeInfo);
731	if (0 == memcmp (pid, kx->peer, sizeof(struct GNUNET_PeerIdentity)))	723	kx->mst = GNUNET_MST_create (&deliver_message, kx);
732	break;	724	kx->mq = mq;
733	}	725	kx->peer = pid;
734	if (NULL == kx)	726	kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
		727	GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx);
		728	kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
		729	monitor_notify_all (kx);
		730	GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
		731	GNUNET_CRYPTO_hash (&GSC_my_identity,
		732	sizeof(struct GNUNET_PeerIdentity),
		733	&h2);
		734	if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
735	{	735	{
736	GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);	736	/* peer with "lower" identity starts KX, otherwise we typically end up
737	sign_ephemeral_key ();	737	with both peers starting the exchange and transmit the 'set key'
738	{	738	message twice */
739	struct GNUNET_HashCode eh;	739	send_key (kx);
740
741	GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
742	sizeof(current_ekm.ephemeral_key),
743	&eh);
744	GNUNET_log (GNUNET_ERROR_TYPE_INFO,
745	"Starting with ephemeral key %s\n",
746	GNUNET_h2s (&eh));
747	}
748	kx = GNUNET_new (struct GSC_KeyExchangeInfo);
749	kx->mst = GNUNET_MST_create (&deliver_message, kx);
750	kx->mq = mq;
751	kx->peer = pid;
752	kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
753	GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx);
754	kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
755	monitor_notify_all (kx);
756	GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
757	GNUNET_CRYPTO_hash (&GSC_my_identity,
758	sizeof(struct GNUNET_PeerIdentity),
759	&h2);
760	if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
761	{
762	/* peer with "lower" identity starts KX, otherwise we typically end up
763	with both peers starting the exchange and transmit the 'set key'
764	message twice */
765	send_key (kx);
766	}
767	else
768	{
769	/* peer with "higher" identity starts a delayed KX, if the "lower" peer
770	* does not start a KX since it sees no reasons to do so */
771	kx->retry_set_key_task =
772	GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
773	&set_key_retry_task,
774	kx);
775	}
776	}	740	}
777	else	741	else
778	{	742	{
779	struct GNUNET_TIME_Relative left;	743	/* peer with "higher" identity starts a delayed KX, if the "lower" peer
780		744	* does not start a KX since it sees no reasons to do so */
781	left = GNUNET_TIME_absolute_get_remaining (kx->timeout);	745	kx->retry_set_key_task =
782	if (0 == left.rel_value_us)	746	GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
783	{	747	&set_key_retry_task,
784	kx->status = GNUNET_CORE_KX_STATE_DOWN;	748	kx);
785	}
786	else
787	kx->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
788	do_rekey (NULL);
789	}	749	}
790	return kx;	750	return kx;
791	}	751	}
@@ -1092,6 +1052,10 @@ handle_ephemeral_key (void cls, const struct EphemeralKeyMessage m)
1092	}	1052	}
1093		1053
1094		1054
		1055	static void
		1056	send_keep_alive (void *cls);
		1057
		1058
1095	/**	1059	/**
1096	* We received a PING message. Validate and transmit	1060	* We received a PING message. Validate and transmit
1097	* a PONG message.	1061	* a PONG message.
@@ -1798,11 +1762,6 @@ do_rekey (void *cls)
1798	struct GSC_KeyExchangeInfo *pos;	1762	struct GSC_KeyExchangeInfo *pos;
1799		1763
1800	(void) cls;	1764	(void) cls;
1801	if (NULL != rekey_task)
1802	{
1803	GNUNET_SCHEDULER_cancel (rekey_task);
1804	rekey_task = NULL;
1805	}
1806	rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);	1765	rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
1807	GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);	1766	GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
1808	sign_ephemeral_key ();	1767	sign_ephemeral_key ();
@@ -1865,7 +1824,18 @@ GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
1865	my_private_key = *pk;	1824	my_private_key = *pk;
1866	GNUNET_CRYPTO_eddsa_key_get_public (&my_private_key,	1825	GNUNET_CRYPTO_eddsa_key_get_public (&my_private_key,
1867	&GSC_my_identity.public_key);	1826	&GSC_my_identity.public_key);
1868		1827	GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
		1828	sign_ephemeral_key ();
		1829	{
		1830	struct GNUNET_HashCode eh;
		1831
		1832	GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
		1833	sizeof(current_ekm.ephemeral_key),
		1834	&eh);
		1835	GNUNET_log (GNUNET_ERROR_TYPE_INFO,
		1836	"Starting with ephemeral key %s\n",
		1837	GNUNET_h2s (&eh));
		1838	}
1869		1839
1870	nc = GNUNET_notification_context_create (1);	1840	nc = GNUNET_notification_context_create (1);
1871	rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);	1841	rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);