diff options
author | Matthias Wachs <wachs@net.in.tum.de> | 2013-03-04 13:19:03 +0000 |
---|---|---|
committer | Matthias Wachs <wachs@net.in.tum.de> | 2013-03-04 13:19:03 +0000 |
commit | 9f87b9e3b46bae22310a0328353c98fa863e2158 (patch) | |
tree | e2f0f43ed55168736d7e190332de2a02d75d8397 /src/transport/gnunet-service-transport_validation.c | |
parent | caa001ec8d1d2a9d17b576a445892efc62483707 (diff) | |
download | gnunet-9f87b9e3b46bae22310a0328353c98fa863e2158.tar.gz gnunet-9f87b9e3b46bae22310a0328353c98fa863e2158.zip |
implementing pong singature caching
Diffstat (limited to 'src/transport/gnunet-service-transport_validation.c')
-rw-r--r-- | src/transport/gnunet-service-transport_validation.c | 36 |
1 files changed, 33 insertions, 3 deletions
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c index f35967fb7..b7e195832 100644 --- a/src/transport/gnunet-service-transport_validation.c +++ b/src/transport/gnunet-service-transport_validation.c | |||
@@ -197,6 +197,11 @@ struct ValidationEntry | |||
197 | struct GNUNET_PeerIdentity pid; | 197 | struct GNUNET_PeerIdentity pid; |
198 | 198 | ||
199 | /** | 199 | /** |
200 | * Cached PONG signature | ||
201 | */ | ||
202 | struct GNUNET_CRYPTO_EccSignature pong_sig_cache; | ||
203 | |||
204 | /** | ||
200 | * ID of task that will clean up this entry if nothing happens. | 205 | * ID of task that will clean up this entry if nothing happens. |
201 | */ | 206 | */ |
202 | GNUNET_SCHEDULER_TaskIdentifier timeout_task; | 207 | GNUNET_SCHEDULER_TaskIdentifier timeout_task; |
@@ -218,6 +223,12 @@ struct ValidationEntry | |||
218 | struct GNUNET_TIME_Absolute valid_until; | 223 | struct GNUNET_TIME_Absolute valid_until; |
219 | 224 | ||
220 | /** | 225 | /** |
226 | * Until when is the cached PONG signature valid? | ||
227 | * ZERO if it is not currently considered valid. | ||
228 | */ | ||
229 | struct GNUNET_TIME_Absolute pong_sig_valid_until; | ||
230 | |||
231 | /** | ||
221 | * How long until we can try to validate this address again? | 232 | * How long until we can try to validate this address again? |
222 | * FOREVER if the address is for an unsupported plugin (from PEERINFO) | 233 | * FOREVER if the address is for an unsupported plugin (from PEERINFO) |
223 | * ZERO if the address is considered valid (no validation needed) | 234 | * ZERO if the address is considered valid (no validation needed) |
@@ -252,6 +263,7 @@ struct ValidationEntry | |||
252 | */ | 263 | */ |
253 | int expecting_pong; | 264 | int expecting_pong; |
254 | 265 | ||
266 | |||
255 | /* FIXME: DEBUGGING */ | 267 | /* FIXME: DEBUGGING */ |
256 | int last_line_set_to_no; | 268 | int last_line_set_to_no; |
257 | int last_line_set_to_yes; | 269 | int last_line_set_to_yes; |
@@ -657,6 +669,8 @@ find_validation_entry (const struct GNUNET_CRYPTO_EccPublicKeyBinaryEncoded | |||
657 | ve->address = GNUNET_HELLO_address_copy (address); | 669 | ve->address = GNUNET_HELLO_address_copy (address); |
658 | ve->public_key = *public_key; | 670 | ve->public_key = *public_key; |
659 | ve->pid = address->peer; | 671 | ve->pid = address->peer; |
672 | ve->pong_sig_valid_until = GNUNET_TIME_absolute_get_zero_(); | ||
673 | memset (&ve->pong_sig_cache, '\0', sizeof (struct GNUNET_CRYPTO_EccSignature)); | ||
660 | ve->latency = GNUNET_TIME_UNIT_FOREVER_REL; | 674 | ve->latency = GNUNET_TIME_UNIT_FOREVER_REL; |
661 | ve->challenge = | 675 | ve->challenge = |
662 | GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX); | 676 | GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX); |
@@ -1097,6 +1111,7 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender, | |||
1097 | size_t size; | 1111 | size_t size; |
1098 | struct GNUNET_HELLO_Message *hello; | 1112 | struct GNUNET_HELLO_Message *hello; |
1099 | struct GNUNET_HELLO_Address address; | 1113 | struct GNUNET_HELLO_Address address; |
1114 | int sig_res; | ||
1100 | 1115 | ||
1101 | if (ntohs (hdr->size) < sizeof (struct TransportPongMessage)) | 1116 | if (ntohs (hdr->size) < sizeof (struct TransportPongMessage)) |
1102 | { | 1117 | { |
@@ -1150,10 +1165,23 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender, | |||
1150 | GNUNET_NO); | 1165 | GNUNET_NO); |
1151 | return; | 1166 | return; |
1152 | } | 1167 | } |
1153 | if (GNUNET_OK != | 1168 | |
1154 | GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, | 1169 | sig_res = GNUNET_SYSERR; |
1170 | if (0 != GNUNET_TIME_absolute_get_remaining(ve->pong_sig_valid_until).rel_value) | ||
1171 | { | ||
1172 | if (0 == memcmp (&ve->pong_sig_cache, &pong->signature, sizeof (struct GNUNET_CRYPTO_EccSignature))) | ||
1173 | sig_res = GNUNET_OK; | ||
1174 | else | ||
1175 | sig_res = GNUNET_SYSERR; | ||
1176 | } | ||
1177 | else | ||
1178 | { | ||
1179 | sig_res = GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, | ||
1155 | &pong->purpose, &pong->signature, | 1180 | &pong->purpose, &pong->signature, |
1156 | &ve->public_key)) | 1181 | &ve->public_key); |
1182 | } | ||
1183 | |||
1184 | if (sig_res == GNUNET_SYSERR) | ||
1157 | { | 1185 | { |
1158 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, | 1186 | GNUNET_log (GNUNET_ERROR_TYPE_WARNING, |
1159 | "Invalid signature on address %s:%s from peer `%s'\n", | 1187 | "Invalid signature on address %s:%s from peer `%s'\n", |
@@ -1167,6 +1195,8 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender, | |||
1167 | /* validity achieved, remember it! */ | 1195 | /* validity achieved, remember it! */ |
1168 | ve->expecting_pong = GNUNET_NO; | 1196 | ve->expecting_pong = GNUNET_NO; |
1169 | ve->valid_until = GNUNET_TIME_relative_to_absolute (HELLO_ADDRESS_EXPIRATION); | 1197 | ve->valid_until = GNUNET_TIME_relative_to_absolute (HELLO_ADDRESS_EXPIRATION); |
1198 | ve->pong_sig_cache = pong->signature; | ||
1199 | ve->pong_sig_valid_until = GNUNET_TIME_absolute_ntoh (pong->expiration); | ||
1170 | ve->latency = GNUNET_TIME_absolute_get_duration (ve->send_time); | 1200 | ve->latency = GNUNET_TIME_absolute_get_duration (ve->send_time); |
1171 | { | 1201 | { |
1172 | struct GNUNET_ATS_Information ats; | 1202 | struct GNUNET_ATS_Information ats; |