diff options
author | Philipp Tölke <toelke@in.tum.de> | 2010-10-26 13:55:55 +0000 |
---|---|---|
committer | Philipp Tölke <toelke@in.tum.de> | 2010-10-26 13:55:55 +0000 |
commit | 3900beb1ed0370041bccbe84643d84a6f5204475 (patch) | |
tree | 18c28432dfeaac345892b4f435d3674c3aadc829 /src | |
parent | 8d058446a4a288d87f58a021622ecad6371519cb (diff) | |
download | gnunet-3900beb1ed0370041bccbe84643d84a6f5204475.tar.gz gnunet-3900beb1ed0370041bccbe84643d84a6f5204475.zip |
modified the DNS_Record-block
Diffstat (limited to 'src')
-rw-r--r-- | src/block/plugin_block_dns.c | 17 | ||||
-rw-r--r-- | src/include/block_dns.h | 40 | ||||
-rw-r--r-- | src/include/gnunet_signatures.h | 5 | ||||
-rw-r--r-- | src/vpn/gnunet-service-dns.c | 73 |
4 files changed, 98 insertions, 37 deletions
diff --git a/src/block/plugin_block_dns.c b/src/block/plugin_block_dns.c index 1e1a577fc..205cff4b8 100644 --- a/src/block/plugin_block_dns.c +++ b/src/block/plugin_block_dns.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include "platform.h" | 27 | #include "platform.h" |
28 | #include "plugin_block.h" | 28 | #include "plugin_block.h" |
29 | #include "block_dns.h" | 29 | #include "block_dns.h" |
30 | #include "gnunet_signatures.h" | ||
30 | 31 | ||
31 | #define DEBUG_DHT GNUNET_NO | 32 | #define DEBUG_DHT GNUNET_NO |
32 | 33 | ||
@@ -65,11 +66,21 @@ block_plugin_dns_evaluate (void *cls, | |||
65 | if (reply_block_size == 0) | 66 | if (reply_block_size == 0) |
66 | return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; | 67 | return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; |
67 | 68 | ||
68 | if (reply_block_size < sizeof(struct GNUNET_DNS_Record)) | 69 | if (reply_block_size != sizeof(struct GNUNET_DNS_Record)) |
69 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 70 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
70 | 71 | ||
71 | const struct GNUNET_DNS_Record* rec = reply_block; | 72 | const struct GNUNET_DNS_Record* rec = reply_block; |
72 | if(reply_block_size != (sizeof(struct GNUNET_DNS_Record) + rec->namelen - 1)) | 73 | |
74 | if (ntohl(rec->purpose.size) != sizeof(struct GNUNET_DNS_Record) - sizeof(struct GNUNET_CRYPTO_RsaSignature)) | ||
75 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | ||
76 | |||
77 | if (GNUNET_TIME_relative_get_zero().value == GNUNET_TIME_absolute_get_remaining(rec->expiration_time).value) | ||
78 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | ||
79 | |||
80 | if (GNUNET_OK != GNUNET_CRYPTO_rsa_verify (htonl(GNUNET_SIGNATURE_PURPOSE_DNS_RECORD), | ||
81 | &rec->purpose, | ||
82 | &rec->signature, | ||
83 | &rec->peer)) | ||
73 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; | 84 | return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; |
74 | 85 | ||
75 | /* How to decide whether there are no more? */ | 86 | /* How to decide whether there are no more? */ |
@@ -101,7 +112,7 @@ block_plugin_dns_get_key (void *cls, | |||
101 | if (type != GNUNET_BLOCK_TYPE_DNS) | 112 | if (type != GNUNET_BLOCK_TYPE_DNS) |
102 | return GNUNET_SYSERR; | 113 | return GNUNET_SYSERR; |
103 | const struct GNUNET_DNS_Record* rec = block; | 114 | const struct GNUNET_DNS_Record* rec = block; |
104 | GNUNET_CRYPTO_hash(rec->name, rec->namelen, key); | 115 | memcpy(key, &rec->service_descriptor, sizeof(GNUNET_HashCode)); |
105 | return GNUNET_OK; | 116 | return GNUNET_OK; |
106 | } | 117 | } |
107 | 118 | ||
diff --git a/src/include/block_dns.h b/src/include/block_dns.h index d8f3fa50e..6be82b126 100644 --- a/src/include/block_dns.h +++ b/src/include/block_dns.h | |||
@@ -2,26 +2,38 @@ | |||
2 | #define _GNVPN_BLOCKDNS_H_ | 2 | #define _GNVPN_BLOCKDNS_H_ |
3 | 3 | ||
4 | #include "gnunet_common.h" | 4 | #include "gnunet_common.h" |
5 | #include "gnunet_crypto_lib.h" | ||
5 | 6 | ||
6 | /** | 7 | /** |
7 | * Bitmask describing what ip-services are supported by services | 8 | * Bitmask describing what IP-protocols are supported by the service |
8 | * It is 2 bytes long | ||
9 | */ | 9 | */ |
10 | struct GNUNET_ipservices { | 10 | enum GNUNET_DNS_ServiceTypes |
11 | unsigned UDP:1 GNUNET_PACKED; | 11 | { |
12 | unsigned TCP:1 GNUNET_PACKED; | 12 | GNUNET_DNS_SERVICE_TYPE_UDP = 1, |
13 | unsigned RESERVED:14 GNUNET_PACKED; | 13 | GNUNET_DNS_SERVICE_TYPE_TCP = 2 |
14 | }; | 14 | }; |
15 | 15 | ||
16 | |||
16 | /** | 17 | /** |
17 | * This is the structure describing an dns-record such as www.gnunet. | 18 | * This is the structure describing an dns-record such as www.gnunet. |
18 | */ | 19 | */ |
19 | struct GNUNET_DNS_Record | 20 | struct GNUNET_DNS_Record |
20 | { | 21 | { |
21 | /** | 22 | /** |
23 | * Signature of the peer affirming that he is offering the service. | ||
24 | */ | ||
25 | struct GNUNET_CRYPTO_RsaSignature signature; | ||
26 | |||
27 | /** | ||
28 | * Beginning of signed portion of the record, signs everything until | ||
29 | * the end of the struct. | ||
30 | */ | ||
31 | struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; | ||
32 | |||
33 | /** | ||
22 | * The peer providing this service | 34 | * The peer providing this service |
23 | */ | 35 | */ |
24 | struct GNUNET_PeerIdentity peer; | 36 | struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded peer; |
25 | 37 | ||
26 | /** | 38 | /** |
27 | * The descriptor for the service | 39 | * The descriptor for the service |
@@ -30,20 +42,20 @@ struct GNUNET_DNS_Record | |||
30 | GNUNET_HashCode service_descriptor; | 42 | GNUNET_HashCode service_descriptor; |
31 | 43 | ||
32 | /** | 44 | /** |
33 | * What connection-types (UDP, TCP, ...) are supported by the service | 45 | * When does this record expire? |
34 | */ | 46 | */ |
35 | struct GNUNET_ipservices connectiontypes; | 47 | struct GNUNET_TIME_Absolute expiration_time; |
36 | 48 | ||
37 | /** | 49 | /** |
38 | * The length of the name of the service | 50 | * Four TCP and UDP-Ports that are used by this service, big endian format |
39 | */ | 51 | */ |
40 | unsigned char namelen; | 52 | uint64_t ports; |
41 | 53 | ||
42 | /** | 54 | /** |
43 | * The name of the service | 55 | * What connection-types (UDP, TCP, ...) are supported by the service. |
44 | * This is namelen bytes | 56 | * Contains an 'enum GNUNET_DNS_ServiceTypes' in big endian format. |
45 | */ | 57 | */ |
46 | char name[1]; | 58 | uint32_t service_type; |
47 | }; | 59 | }; |
48 | 60 | ||
49 | #endif | 61 | #endif |
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h index a3199c735..98c449486 100644 --- a/src/include/gnunet_signatures.h +++ b/src/include/gnunet_signatures.h | |||
@@ -97,6 +97,11 @@ extern "C" | |||
97 | */ | 97 | */ |
98 | #define GNUNET_SIGNATURE_PURPOSE_RESOLVER_RESPONSE 10 | 98 | #define GNUNET_SIGNATURE_PURPOSE_RESOLVER_RESPONSE 10 |
99 | 99 | ||
100 | /** | ||
101 | * Signature of an GNUNET_DNS_Record | ||
102 | */ | ||
103 | #define GNUNET_SIGNATURE_PURPOSE_DNS_RECORD 11 | ||
104 | |||
100 | 105 | ||
101 | #if 0 /* keep Emacsens' auto-indent happy */ | 106 | #if 0 /* keep Emacsens' auto-indent happy */ |
102 | { | 107 | { |
diff --git a/src/vpn/gnunet-service-dns.c b/src/vpn/gnunet-service-dns.c index 1ad3c8784..0c688db34 100644 --- a/src/vpn/gnunet-service-dns.c +++ b/src/vpn/gnunet-service-dns.c | |||
@@ -36,6 +36,8 @@ | |||
36 | #include "gnunet_dht_service.h" | 36 | #include "gnunet_dht_service.h" |
37 | #include "gnunet_block_lib.h" | 37 | #include "gnunet_block_lib.h" |
38 | #include "block_dns.h" | 38 | #include "block_dns.h" |
39 | #include "gnunet_crypto_lib.h" | ||
40 | #include "gnunet_signatures.h" | ||
39 | 41 | ||
40 | struct dns_cls { | 42 | struct dns_cls { |
41 | struct GNUNET_SCHEDULER_Handle *sched; | 43 | struct GNUNET_SCHEDULER_Handle *sched; |
@@ -46,6 +48,8 @@ struct dns_cls { | |||
46 | 48 | ||
47 | unsigned short dnsoutport; | 49 | unsigned short dnsoutport; |
48 | 50 | ||
51 | const struct GNUNET_CONFIGURATION_Handle *cfg; | ||
52 | |||
49 | struct answer_packet_list *head; | 53 | struct answer_packet_list *head; |
50 | struct answer_packet_list *tail; | 54 | struct answer_packet_list *tail; |
51 | }; | 55 | }; |
@@ -265,28 +269,55 @@ publish_name (void *cls, | |||
265 | return; | 269 | return; |
266 | 270 | ||
267 | char* name = "philipptoelke.gnunet."; | 271 | char* name = "philipptoelke.gnunet."; |
268 | size_t size = sizeof(struct GNUNET_DNS_Record) + strlen(name); | 272 | size_t size = sizeof(struct GNUNET_DNS_Record); |
269 | struct GNUNET_DNS_Record *data = alloca(size); | 273 | struct GNUNET_DNS_Record data; |
270 | memset(data, 0, size); | 274 | memset(&data, 0, size); |
271 | memcpy(data->name, name, strlen(name) + 1); | 275 | |
272 | data->namelen = strlen(name) + 1; | 276 | data.purpose.size = htonl(size - sizeof(struct GNUNET_CRYPTO_RsaSignature)); |
273 | *((unsigned int*)&data->service_descriptor) = 0x11223344; | 277 | data.purpose.purpose = GNUNET_SIGNATURE_PURPOSE_DNS_RECORD; |
274 | *((unsigned int*)&data->peer) = 0x55667788; | 278 | |
275 | 279 | GNUNET_CRYPTO_hash(name, strlen(name)+1, &data.service_descriptor); | |
276 | GNUNET_HashCode key; | 280 | |
277 | GNUNET_CRYPTO_hash(name, strlen(name)+1, &key); | 281 | char* keyfile; |
278 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Putting with key %08x, len is %d\n", *((unsigned int*)&key), strlen(name)); | 282 | if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename(mycls.cfg, "GNUNETD", |
283 | "HOSTKEY", &keyfile)) | ||
284 | { | ||
285 | GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "could not read keyfile-value\n"); | ||
286 | if (keyfile != NULL) GNUNET_free(keyfile); | ||
287 | return; | ||
288 | } | ||
289 | |||
290 | struct GNUNET_CRYPTO_RsaPrivateKey *my_private_key = GNUNET_CRYPTO_rsa_key_create_from_file(keyfile); | ||
291 | GNUNET_free(keyfile); | ||
292 | |||
293 | GNUNET_CRYPTO_rsa_key_get_public(my_private_key, &data.peer); | ||
294 | |||
295 | data.expiration_time = GNUNET_TIME_relative_to_absolute(GNUNET_TIME_UNIT_HOURS); | ||
296 | |||
297 | /* Sign the block | ||
298 | */ | ||
299 | |||
300 | if (GNUNET_OK != GNUNET_CRYPTO_rsa_sign(my_private_key, | ||
301 | &data.purpose, | ||
302 | &data.signature)) | ||
303 | { | ||
304 | GNUNET_log(GNUNET_ERROR_TYPE_ERROR, "could not sign DNS_Record\n"); | ||
305 | return; | ||
306 | } | ||
307 | GNUNET_free(my_private_key); | ||
308 | |||
309 | GNUNET_log(GNUNET_ERROR_TYPE_DEBUG, "Putting with key %08x\n", *((unsigned int*)&data.service_descriptor)); | ||
279 | 310 | ||
280 | GNUNET_DHT_put(mycls.dht, | 311 | GNUNET_DHT_put(mycls.dht, |
281 | &key, | 312 | &data.service_descriptor, |
282 | GNUNET_DHT_RO_NONE, | 313 | GNUNET_DHT_RO_NONE, |
283 | GNUNET_BLOCK_TYPE_DNS, | 314 | GNUNET_BLOCK_TYPE_DNS, |
284 | size, | 315 | size, |
285 | (char*)data, | 316 | (char*)&data, |
286 | GNUNET_TIME_relative_to_absolute(GNUNET_TIME_UNIT_HOURS), | 317 | GNUNET_TIME_relative_to_absolute(GNUNET_TIME_UNIT_HOURS), |
287 | GNUNET_TIME_UNIT_MINUTES, | 318 | GNUNET_TIME_UNIT_MINUTES, |
288 | NULL, | 319 | NULL, |
289 | NULL); | 320 | NULL); |
290 | 321 | ||
291 | GNUNET_SCHEDULER_add_delayed (mycls.sched, GNUNET_TIME_UNIT_HOURS, publish_name, NULL); | 322 | GNUNET_SCHEDULER_add_delayed (mycls.sched, GNUNET_TIME_UNIT_HOURS, publish_name, NULL); |
292 | } | 323 | } |
@@ -309,6 +340,8 @@ run (void *cls, | |||
309 | {NULL, NULL, 0, 0} | 340 | {NULL, NULL, 0, 0} |
310 | }; | 341 | }; |
311 | 342 | ||
343 | mycls.cfg = cfg; | ||
344 | |||
312 | { | 345 | { |
313 | int i; | 346 | int i; |
314 | for (i = 0; i < 65536; i++) { | 347 | for (i = 0; i < 65536; i++) { |