diff options
author | Christian Grothoff <christian@grothoff.org> | 2011-08-06 18:47:22 +0000 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2011-08-06 18:47:22 +0000 |
commit | aad2f0838ef0586366fe4e3921013b7af6a4ea65 (patch) | |
tree | f8adbdd912e93799caa6936df535e97f96761f95 /src/transport/gnunet-service-transport_validation.c | |
parent | 10120fb0e995a8607898347ea48e12ca907e8840 (diff) | |
download | gnunet-aad2f0838ef0586366fe4e3921013b7af6a4ea65.tar.gz gnunet-aad2f0838ef0586366fe4e3921013b7af6a4ea65.zip |
send validation PING
Diffstat (limited to 'src/transport/gnunet-service-transport_validation.c')
-rw-r--r-- | src/transport/gnunet-service-transport_validation.c | 150 |
1 files changed, 139 insertions, 11 deletions
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c index 23140b7c3..9a8bf0b47 100644 --- a/src/transport/gnunet-service-transport_validation.c +++ b/src/transport/gnunet-service-transport_validation.c | |||
@@ -25,10 +25,12 @@ | |||
25 | */ | 25 | */ |
26 | #include "platform.h" | 26 | #include "platform.h" |
27 | #include "gnunet-service-transport_validation.h" | 27 | #include "gnunet-service-transport_validation.h" |
28 | #include "gnunet-service-transport_plugins.h" | ||
28 | #include "gnunet-service-transport.h" | 29 | #include "gnunet-service-transport.h" |
29 | #include "gnunet_hello_lib.h" | 30 | #include "gnunet_hello_lib.h" |
30 | #include "gnunet_peerinfo_service.h" | 31 | #include "gnunet_peerinfo_service.h" |
31 | 32 | ||
33 | |||
32 | /** | 34 | /** |
33 | * How long until a HELLO verification attempt should time out? | 35 | * How long until a HELLO verification attempt should time out? |
34 | * Must be rather small, otherwise a partially successful HELLO | 36 | * Must be rather small, otherwise a partially successful HELLO |
@@ -55,7 +57,6 @@ | |||
55 | */ | 57 | */ |
56 | #define HELLO_ADDRESS_EXPIRATION GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12) | 58 | #define HELLO_ADDRESS_EXPIRATION GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12) |
57 | 59 | ||
58 | |||
59 | /** | 60 | /** |
60 | * How long before an existing address expires should we again try to | 61 | * How long before an existing address expires should we again try to |
61 | * validate it? Must be (significantly) smaller than | 62 | * validate it? Must be (significantly) smaller than |
@@ -64,10 +65,106 @@ | |||
64 | #define HELLO_REVALIDATION_START_TIME GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 1) | 65 | #define HELLO_REVALIDATION_START_TIME GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 1) |
65 | 66 | ||
66 | /** | 67 | /** |
68 | * How long before we try to check an address again (if it turned out to | ||
69 | * be invalid the first time)? | ||
70 | */ | ||
71 | #define MAX_REVALIDATION_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 1) | ||
72 | |||
73 | /** | ||
67 | * Size of the validation map hashmap. | 74 | * Size of the validation map hashmap. |
68 | */ | 75 | */ |
69 | #define VALIDATION_MAP_SIZE 256 | 76 | #define VALIDATION_MAP_SIZE 256 |
70 | 77 | ||
78 | /** | ||
79 | * Priority to use for PINGs and PONGs | ||
80 | */ | ||
81 | #define PING_PRIORITY 1 | ||
82 | |||
83 | /** | ||
84 | * Message used to ask a peer to validate receipt (to check an address | ||
85 | * from a HELLO). Followed by the address we are trying to validate, | ||
86 | * or an empty address if we are just sending a PING to confirm that a | ||
87 | * connection which the receiver (of the PING) initiated is still valid. | ||
88 | */ | ||
89 | struct TransportPingMessage | ||
90 | { | ||
91 | |||
92 | /** | ||
93 | * Type will be GNUNET_MESSAGE_TYPE_TRANSPORT_PING | ||
94 | */ | ||
95 | struct GNUNET_MessageHeader header; | ||
96 | |||
97 | /** | ||
98 | * Challenge code (to ensure fresh reply). | ||
99 | */ | ||
100 | uint32_t challenge GNUNET_PACKED; | ||
101 | |||
102 | /** | ||
103 | * Who is the intended recipient? | ||
104 | */ | ||
105 | struct GNUNET_PeerIdentity target; | ||
106 | |||
107 | }; | ||
108 | |||
109 | |||
110 | /** | ||
111 | * Message used to validate a HELLO. The challenge is included in the | ||
112 | * confirmation to make matching of replies to requests possible. The | ||
113 | * signature signs our public key, an expiration time and our address.<p> | ||
114 | * | ||
115 | * This message is followed by our transport address that the PING tried | ||
116 | * to confirm (if we liked it). The address can be empty (zero bytes) | ||
117 | * if the PING had not address either (and we received the request via | ||
118 | * a connection that we initiated). | ||
119 | */ | ||
120 | struct TransportPongMessage | ||
121 | { | ||
122 | |||
123 | /** | ||
124 | * Type will be GNUNET_MESSAGE_TYPE_TRANSPORT_PONG | ||
125 | */ | ||
126 | struct GNUNET_MessageHeader header; | ||
127 | |||
128 | /** | ||
129 | * Challenge code from PING (showing freshness). Not part of what | ||
130 | * is signed so that we can re-use signatures. | ||
131 | */ | ||
132 | uint32_t challenge GNUNET_PACKED; | ||
133 | |||
134 | /** | ||
135 | * Signature. | ||
136 | */ | ||
137 | struct GNUNET_CRYPTO_RsaSignature signature; | ||
138 | |||
139 | /** | ||
140 | * What are we signing and why? Two possible reason codes can be here: | ||
141 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a | ||
142 | * plausible address for this peer (pid is set to identity of signer); or | ||
143 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_USING to confirm that this is | ||
144 | * an address we used to connect to the peer with the given pid. | ||
145 | */ | ||
146 | struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; | ||
147 | |||
148 | /** | ||
149 | * When does this signature expire? | ||
150 | */ | ||
151 | struct GNUNET_TIME_AbsoluteNBO expiration; | ||
152 | |||
153 | /** | ||
154 | * Either the identity of the peer Who signed this message, or the | ||
155 | * identity of the peer that we're connected to using the given | ||
156 | * address (depending on purpose.type). | ||
157 | */ | ||
158 | struct GNUNET_PeerIdentity pid; | ||
159 | |||
160 | /** | ||
161 | * Size of address appended to this message (part of what is | ||
162 | * being signed, hence not redundant). | ||
163 | */ | ||
164 | uint32_t addrlen; | ||
165 | |||
166 | }; | ||
167 | |||
71 | 168 | ||
72 | /** | 169 | /** |
73 | * Information about an address under validation | 170 | * Information about an address under validation |
@@ -102,12 +199,10 @@ struct ValidationEntry | |||
102 | struct GNUNET_TIME_Absolute send_time; | 199 | struct GNUNET_TIME_Absolute send_time; |
103 | 200 | ||
104 | /** | 201 | /** |
105 | * When did we last succeed with validating this address? | 202 | * Until when is this address valid? |
106 | * FOREVER if the address has not been validated (we're currently checking) | 203 | * ZERO if it is not currently considered valid. |
107 | * ZERO if the address was validated a long time ago (from PEERINFO) | ||
108 | * otherwise a time in the past if this process validated the address | ||
109 | */ | 204 | */ |
110 | struct GNUNET_TIME_Absolute last_validated_at; | 205 | struct GNUNET_TIME_Absolute valid_until; |
111 | 206 | ||
112 | /** | 207 | /** |
113 | * How long until we can try to validate this address again? | 208 | * How long until we can try to validate this address again? |
@@ -367,9 +462,10 @@ find_validation_entry (struct GNUNET_PeerIdentity *neighbour, | |||
367 | ve->transport_name = GNUNET_strdup (tname); | 462 | ve->transport_name = GNUNET_strdup (tname); |
368 | ve->addr = (void*) &ve[1]; | 463 | ve->addr = (void*) &ve[1]; |
369 | ve->pid = *neighbour; | 464 | ve->pid = *neighbour; |
465 | ve->challenge = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, | ||
466 | UINT32_MAX); | ||
370 | memcpy (&ve[1], addr, addrlen); | 467 | memcpy (&ve[1], addr, addrlen); |
371 | ve->addrlen = addrlen; | 468 | ve->addrlen = addrlen; |
372 | ve->last_validated_at = GNUNET_TIME_UNIT_FOREVER_ABS; | ||
373 | GNUNET_CONTAINER_multihashmap_put (validation_map, | 469 | GNUNET_CONTAINER_multihashmap_put (validation_map, |
374 | &neighbour->hashPubKey, | 470 | &neighbour->hashPubKey, |
375 | ve, | 471 | ve, |
@@ -439,12 +535,44 @@ validate_address (void *cls, | |||
439 | { | 535 | { |
440 | struct GNUNET_PeerIdentity *pid = cls; | 536 | struct GNUNET_PeerIdentity *pid = cls; |
441 | struct ValidationEntry *ve; | 537 | struct ValidationEntry *ve; |
442 | 538 | struct TransportPingMessage ping; | |
539 | struct GNUNET_TRANSPORT_PluginFunctions *papi; | ||
540 | ssize_t ret; | ||
541 | |||
443 | if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) | 542 | if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value == 0) |
444 | return GNUNET_OK; /* expired */ | 543 | return GNUNET_OK; /* expired */ |
445 | ve = find_validation_entry (pid, tname, addr, addrlen); | 544 | ve = find_validation_entry (pid, tname, addr, addrlen); |
446 | // FIXME: check if validated/blocked, if not start validation... | 545 | if (GNUNET_TIME_absolute_get_remaining (ve->validation_block).rel_value > 0) |
447 | ve++; // make compiler happy | 546 | return GNUNET_OK; /* blocked */ |
547 | if (GNUNET_TIME_absolute_get_remaining (ve->valid_until).rel_value > 0) | ||
548 | return GNUNET_OK; /* valid */ | ||
549 | ve->validation_block = GNUNET_TIME_relative_to_absolute (MAX_REVALIDATION_FREQUENCY); | ||
550 | |||
551 | ping.header.size = htons(sizeof(struct TransportPingMessage)); | ||
552 | ping.header.type = htons(GNUNET_MESSAGE_TYPE_TRANSPORT_PING); | ||
553 | ping.challenge = htonl(ve->challenge); | ||
554 | ping.target = *pid; | ||
555 | GNUNET_STATISTICS_update (GST_stats, | ||
556 | gettext_noop ("# PING without HELLO messages sent"), | ||
557 | 1, | ||
558 | GNUNET_NO); | ||
559 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
560 | "Transmitting plain PING to `%s'\n", | ||
561 | GNUNET_i2s (pid)); | ||
562 | papi = GST_plugins_find (ve->transport_name); | ||
563 | ret = papi->send (papi->cls, | ||
564 | pid, | ||
565 | (const char*) &ping, | ||
566 | sizeof (struct TransportPingMessage), | ||
567 | PING_PRIORITY, | ||
568 | HELLO_VERIFICATION_TIMEOUT, | ||
569 | NULL /* no session */, | ||
570 | ve->addr, | ||
571 | ve->addrlen, | ||
572 | GNUNET_YES, | ||
573 | NULL, NULL); | ||
574 | if (-1 != ret) | ||
575 | ve->send_time = GNUNET_TIME_absolute_get (); | ||
448 | return GNUNET_OK; | 576 | return GNUNET_OK; |
449 | } | 577 | } |
450 | 578 | ||
@@ -517,7 +645,7 @@ iterate_addresses (void *cls, | |||
517 | 645 | ||
518 | vic->cb (vic->cb_cls, | 646 | vic->cb (vic->cb_cls, |
519 | &ve->pid, | 647 | &ve->pid, |
520 | ve->last_validated_at, | 648 | ve->valid_until, |
521 | ve->validation_block, | 649 | ve->validation_block, |
522 | ve->transport_name, | 650 | ve->transport_name, |
523 | ve->addr, | 651 | ve->addr, |