diff options
author | Christian Grothoff <christian@grothoff.org> | 2019-01-30 04:51:22 +0100 |
---|---|---|
committer | Christian Grothoff <christian@grothoff.org> | 2019-01-30 04:51:22 +0100 |
commit | 4781fabceb3530e976c27ea37999c8eaa3165612 (patch) | |
tree | 878b12d85058227e1712284aa801409bc24db220 /src/transport | |
parent | 30e26ce0cee2a9b13f5aa0850be48c14bafb2e87 (diff) | |
download | gnunet-4781fabceb3530e976c27ea37999c8eaa3165612.tar.gz gnunet-4781fabceb3530e976c27ea37999c8eaa3165612.zip |
basics for UDP broadcast receiving
Diffstat (limited to 'src/transport')
-rw-r--r-- | src/transport/gnunet-communicator-tcp.c | 3 | ||||
-rw-r--r-- | src/transport/gnunet-communicator-udp.c | 97 |
2 files changed, 97 insertions, 3 deletions
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c index d0ee326b1..d86fa03b6 100644 --- a/src/transport/gnunet-communicator-tcp.c +++ b/src/transport/gnunet-communicator-tcp.c | |||
@@ -24,6 +24,7 @@ | |||
24 | * @author Christian Grothoff | 24 | * @author Christian Grothoff |
25 | * | 25 | * |
26 | * TODO: | 26 | * TODO: |
27 | * - add and use util/ check for IPv6 availability (#V6) | ||
27 | * - support DNS names in BINDTO option (#5528) | 28 | * - support DNS names in BINDTO option (#5528) |
28 | * - support NAT connection reversal method (#5529) | 29 | * - support NAT connection reversal method (#5529) |
29 | * - support other TCP-specific NAT traversal methods (#5531) | 30 | * - support other TCP-specific NAT traversal methods (#5531) |
@@ -1166,6 +1167,8 @@ tcp_address_to_sockaddr (const char *bindto, | |||
1166 | bindto); | 1167 | bindto); |
1167 | return NULL; | 1168 | return NULL; |
1168 | } | 1169 | } |
1170 | /* FIXME: add test to util/ for IPv6 availability, | ||
1171 | and depending on the result, go directly for v4-only */ | ||
1169 | if (GNUNET_YES == | 1172 | if (GNUNET_YES == |
1170 | GNUNET_CONFIGURATION_get_value_yesno (cfg, | 1173 | GNUNET_CONFIGURATION_get_value_yesno (cfg, |
1171 | COMMUNICATOR_CONFIG_SECTION, | 1174 | COMMUNICATOR_CONFIG_SECTION, |
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c index 8e070d414..d464cd0d1 100644 --- a/src/transport/gnunet-communicator-udp.c +++ b/src/transport/gnunet-communicator-udp.c | |||
@@ -24,16 +24,22 @@ | |||
24 | * @author Christian Grothoff | 24 | * @author Christian Grothoff |
25 | * | 25 | * |
26 | * TODO: | 26 | * TODO: |
27 | * - main BOXed sending logic | 27 | * - implement main BOXed sending logic |
28 | * - figure out what to do with MTU: 1280 for IPv6 is obvious; | 28 | * - figure out what to do with MTU: 1280 for IPv6 is obvious; |
29 | * what for IPv4? 1500? Also, consider differences in | 29 | * what for IPv4? 1500? Also, consider differences in |
30 | * headers for with/without box: need to give MIN of both | 30 | * headers for with/without box: need to give MIN of both |
31 | * to TNG (as TNG expects a fixed MTU!), or maybe | 31 | * to TNG (as TNG expects a fixed MTU!), or maybe |
32 | * we create a FRESH MQ while we have available BOXes SQNs? | 32 | * we create a FRESH MQ while we have available BOXes SQNs? |
33 | * (otherwise padding will REALLY hurt) | 33 | * (otherwise padding will REALLY hurt) |
34 | * - add and use util/ check for IPv6 availability (#V6) | ||
35 | * - consider imposing transmission limits in the absence | ||
36 | * of ACKs; or: maybe this should be done at TNG service level? | ||
37 | * - support broadcasting for neighbour discovery (#) | ||
38 | * (think: what was the story again on address validation? | ||
39 | * where is the API for that!?!) | ||
34 | * - support DNS names in BINDTO option (#5528) | 40 | * - support DNS names in BINDTO option (#5528) |
35 | * - support NAT connection reversal method (#5529) | 41 | * - support NAT connection reversal method (#5529) |
36 | * - support other UDP-specific NAT traversal methods | 42 | * - support other UDP-specific NAT traversal methods (#) |
37 | */ | 43 | */ |
38 | #include "platform.h" | 44 | #include "platform.h" |
39 | #include "gnunet_util_lib.h" | 45 | #include "gnunet_util_lib.h" |
@@ -242,6 +248,56 @@ struct UDPAck | |||
242 | 248 | ||
243 | 249 | ||
244 | /** | 250 | /** |
251 | * Signature we use to verify that the broadcast was really made by | ||
252 | * the peer that claims to have made it. Basically, affirms that the | ||
253 | * peer is really using this IP address (albeit possibly not in _our_ | ||
254 | * LAN). Makes it difficult for peers in the LAN to claim to | ||
255 | * be just any global peer -- an attacker must have at least | ||
256 | * shared a LAN with the peer they're pretending to be here. | ||
257 | */ | ||
258 | struct UdpBroadcastSignature | ||
259 | { | ||
260 | /** | ||
261 | * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST | ||
262 | */ | ||
263 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | ||
264 | |||
265 | /** | ||
266 | * Identity of the inititor of the UDP broadcast. | ||
267 | */ | ||
268 | struct GNUNET_PeerIdentity sender; | ||
269 | |||
270 | /** | ||
271 | * Hash of the sender's UDP address. | ||
272 | */ | ||
273 | struct GNUNET_HashCode h_address; | ||
274 | }; | ||
275 | |||
276 | |||
277 | /** | ||
278 | * Broadcast by peer in LAN announcing its presence. Unusual in that | ||
279 | * we don't pad these to full MTU, as we cannot prevent being | ||
280 | * recognized in LAN as GNUnet peers if this feature is enabled | ||
281 | * anyway. Also, the entire message is in cleartext. | ||
282 | */ | ||
283 | struct UDPBroadcast | ||
284 | { | ||
285 | |||
286 | /** | ||
287 | * Sender's peer identity. | ||
288 | */ | ||
289 | struct GNUNET_PeerIdentity sender; | ||
290 | |||
291 | /** | ||
292 | * Sender's signature of type | ||
293 | * #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST | ||
294 | */ | ||
295 | struct GNUNET_CRYPTO_EddsaSignature sender_sig; | ||
296 | |||
297 | }; | ||
298 | |||
299 | |||
300 | /** | ||
245 | * UDP message box. Always sent encrypted, only allowed after | 301 | * UDP message box. Always sent encrypted, only allowed after |
246 | * the receiver sent a `struct UDPAck` for the base key! | 302 | * the receiver sent a `struct UDPAck` for the base key! |
247 | */ | 303 | */ |
@@ -1414,6 +1470,7 @@ sock_read (void *cls) | |||
1414 | "recv"); | 1470 | "recv"); |
1415 | return; | 1471 | return; |
1416 | } | 1472 | } |
1473 | |||
1417 | /* first, see if it is a UDPBox */ | 1474 | /* first, see if it is a UDPBox */ |
1418 | if (rcvd > sizeof (struct UDPBox)) | 1475 | if (rcvd > sizeof (struct UDPBox)) |
1419 | { | 1476 | { |
@@ -1431,7 +1488,39 @@ sock_read (void *cls) | |||
1431 | return; | 1488 | return; |
1432 | } | 1489 | } |
1433 | } | 1490 | } |
1434 | /* next, test if it is a KX */ | 1491 | |
1492 | /* next, check if it is a broadcast */ | ||
1493 | if (sizeof (struct UDPBroadcast) == rcvd) | ||
1494 | { | ||
1495 | const struct UDPBroadcast *ub; | ||
1496 | struct UdpBroadcastSignature uhs; | ||
1497 | |||
1498 | ub = (const struct UDPBroadcast *) buf; | ||
1499 | uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST); | ||
1500 | uhs.purpose.size = htonl (sizeof (uhs)); | ||
1501 | uhs.sender = ub->sender; | ||
1502 | GNUNET_CRYPTO_hash (&sa, | ||
1503 | salen, | ||
1504 | &uhs.h_address); | ||
1505 | if (GNUNET_OK == | ||
1506 | GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST, | ||
1507 | &uhs.purpose, | ||
1508 | &ub->sender_sig, | ||
1509 | &ub->sender.public_key)) | ||
1510 | { | ||
1511 | GNUNET_STATISTICS_update (stats, | ||
1512 | "# broadcasts received", | ||
1513 | 1, | ||
1514 | GNUNET_NO); | ||
1515 | // FIXME: we effectively just got a HELLO! | ||
1516 | // trigger verification NOW! | ||
1517 | return; | ||
1518 | } | ||
1519 | /* continue with KX, mostly for statistics... */ | ||
1520 | } | ||
1521 | |||
1522 | |||
1523 | /* finally, test if it is a KX */ | ||
1435 | if (rcvd < sizeof (struct UDPConfirmation) + sizeof (struct InitialKX)) | 1524 | if (rcvd < sizeof (struct UDPConfirmation) + sizeof (struct InitialKX)) |
1436 | { | 1525 | { |
1437 | GNUNET_STATISTICS_update (stats, | 1526 | GNUNET_STATISTICS_update (stats, |
@@ -1535,6 +1624,8 @@ udp_address_to_sockaddr (const char *bindto, | |||
1535 | bindto); | 1624 | bindto); |
1536 | return NULL; | 1625 | return NULL; |
1537 | } | 1626 | } |
1627 | /* FIXME #V6: add test to util/ for IPv6 availability, | ||
1628 | and depending on the result, go directly for v4-only */ | ||
1538 | if (GNUNET_YES == | 1629 | if (GNUNET_YES == |
1539 | GNUNET_CONFIGURATION_get_value_yesno (cfg, | 1630 | GNUNET_CONFIGURATION_get_value_yesno (cfg, |
1540 | COMMUNICATOR_CONFIG_SECTION, | 1631 | COMMUNICATOR_CONFIG_SECTION, |