diff options
36 files changed, 795 insertions, 232 deletions
diff --git a/contrib/scripts/netjail/netjail_core.sh b/contrib/scripts/netjail/netjail_core.sh index 6a18ea902..1cdbca816 100755 --- a/contrib/scripts/netjail/netjail_core.sh +++ b/contrib/scripts/netjail/netjail_core.sh | |||
@@ -9,10 +9,28 @@ JAILOR=${SUDO_USER:?must run in sudo} | |||
9 | 9 | ||
10 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | 10 | export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
11 | 11 | ||
12 | netjail_check() { | 12 | netjail_opt() { |
13 | NODE_COUNT=$1 | 13 | local OPT=$1 |
14 | shift 1 | ||
15 | |||
16 | INDEX=1 | ||
17 | |||
18 | while [ $# -gt 0 ]; do | ||
19 | if [ "$1" = "$OPT" ]; then | ||
20 | printf "%d" $INDEX | ||
21 | return | ||
22 | fi | ||
23 | |||
24 | INDEX=$(($INDEX + 1)) | ||
25 | shift 1 | ||
26 | done | ||
14 | 27 | ||
15 | FD_COUNT=$(($(ls /proc/self/fd | wc -w) - 4)) | 28 | printf "%d" 0 |
29 | } | ||
30 | |||
31 | netjail_check() { | ||
32 | local NODE_COUNT=$1 | ||
33 | local FD_COUNT=$(($(ls /proc/self/fd | wc -w) - 4)) | ||
16 | 34 | ||
17 | # quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`: | 35 | # quit if `$FD_COUNT < ($LOCAL_M * $GLOBAL_N * 2)`: |
18 | # the script also requires `sudo -C ($FD_COUNT + 4)` | 36 | # the script also requires `sudo -C ($FD_COUNT + 4)` |
@@ -25,43 +43,56 @@ netjail_check() { | |||
25 | fi | 43 | fi |
26 | } | 44 | } |
27 | 45 | ||
46 | netjail_check_bin() { | ||
47 | local PROGRAM=$1 | ||
48 | local MATCH=$(ls $(echo $PATH | tr ":" "\n") | grep "^$PROGRAM\$" | tr "\n" " " | awk '{ print $1 }') | ||
49 | |||
50 | # quit if the required binary $PROGRAM can not be | ||
51 | # found in the used $PATH. | ||
52 | |||
53 | if [ "$MATCH" != "$PROGRAM" ]; then | ||
54 | echo "Required binary not found: $PROGRAM" >&2 | ||
55 | exit 1 | ||
56 | fi | ||
57 | } | ||
58 | |||
28 | netjail_print_name() { | 59 | netjail_print_name() { |
29 | printf "%s%02x%02x" $1 $2 ${3:-0} | 60 | printf "%s%02x%02x" $1 $2 ${3:-0} |
30 | } | 61 | } |
31 | 62 | ||
32 | netjail_bridge() { | 63 | netjail_bridge() { |
33 | BRIDGE=$1 | 64 | local BRIDGE=$1 |
34 | 65 | ||
35 | ip link add $BRIDGE type bridge | 66 | ip link add $BRIDGE type bridge |
36 | ip link set dev $BRIDGE up | 67 | ip link set dev $BRIDGE up |
37 | } | 68 | } |
38 | 69 | ||
39 | netjail_bridge_clear() { | 70 | netjail_bridge_clear() { |
40 | BRIDGE=$1 | 71 | local BRIDGE=$1 |
41 | 72 | ||
42 | ip link delete $BRIDGE | 73 | ip link delete $BRIDGE |
43 | } | 74 | } |
44 | 75 | ||
45 | netjail_node() { | 76 | netjail_node() { |
46 | NODE=$1 | 77 | local NODE=$1 |
47 | 78 | ||
48 | ip netns add $NODE | 79 | ip netns add $NODE |
49 | } | 80 | } |
50 | 81 | ||
51 | netjail_node_clear() { | 82 | netjail_node_clear() { |
52 | NODE=$1 | 83 | local NODE=$1 |
53 | 84 | ||
54 | ip netns delete $NODE | 85 | ip netns delete $NODE |
55 | } | 86 | } |
56 | 87 | ||
57 | netjail_node_link_bridge() { | 88 | netjail_node_link_bridge() { |
58 | NODE=$1 | 89 | local NODE=$1 |
59 | BRIDGE=$2 | 90 | local BRIDGE=$2 |
60 | ADDRESS=$3 | 91 | local ADDRESS=$3 |
61 | MASK=$4 | 92 | local MASK=$4 |
62 | 93 | ||
63 | LINK_IF="$NODE-$BRIDGE-0" | 94 | local LINK_IF="$NODE-$BRIDGE-0" |
64 | LINK_BR="$NODE-$BRIDGE-1" | 95 | local LINK_BR="$NODE-$BRIDGE-1" |
65 | 96 | ||
66 | ip link add $LINK_IF type veth peer name $LINK_BR | 97 | ip link add $LINK_IF type veth peer name $LINK_BR |
67 | ip link set $LINK_IF netns $NODE | 98 | ip link set $LINK_IF netns $NODE |
@@ -74,27 +105,71 @@ netjail_node_link_bridge() { | |||
74 | ip link set $LINK_BR up | 105 | ip link set $LINK_BR up |
75 | } | 106 | } |
76 | 107 | ||
108 | netjail_node_unlink_bridge() { | ||
109 | local NODE=$1 | ||
110 | local BRIDGE=$2 | ||
111 | |||
112 | local LINK_BR="$NODE-$BRIDGE-1" | ||
113 | |||
114 | ip link delete $LINK_BR | ||
115 | } | ||
116 | |||
77 | netjail_node_add_nat() { | 117 | netjail_node_add_nat() { |
78 | NODE=$1 | 118 | local NODE=$1 |
79 | ADDRESS=$2 | 119 | local ADDRESS=$2 |
80 | MASK=$3 | 120 | local MASK=$3 |
81 | 121 | ||
82 | ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE | 122 | ip netns exec $NODE iptables -t nat -A POSTROUTING -s "$ADDRESS/$MASK" -j MASQUERADE |
83 | } | 123 | } |
84 | 124 | ||
85 | netjail_node_add_default() { | 125 | netjail_node_add_default() { |
86 | NODE=$1 | 126 | local NODE=$1 |
87 | ADDRESS=$2 | 127 | local ADDRESS=$2 |
88 | 128 | ||
89 | ip -n $NODE route add default via $ADDRESS | 129 | ip -n $NODE route add default via $ADDRESS |
90 | } | 130 | } |
91 | 131 | ||
92 | netjail_node_exec() { | 132 | netjail_node_exec() { |
93 | NODE=$1 | 133 | local NODE=$1 |
94 | FD_IN=$2 | 134 | local FD_IN=$2 |
95 | FD_OUT=$3 | 135 | local FD_OUT=$3 |
96 | shift 3 | 136 | shift 3 |
97 | 137 | ||
98 | unshare -fp --kill-child -- ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN | 138 | unshare -fp --kill-child -- ip netns exec $NODE sudo -u $JAILOR -- $@ 1>& $FD_OUT 0<& $FD_IN |
99 | } | 139 | } |
100 | 140 | ||
141 | netjail_kill() { | ||
142 | local PID=$1 | ||
143 | local MATCH=$(ps --pid $PID | awk "{ if ( \$1 == $PID ) { print \$1 } }" | wc -l) | ||
144 | |||
145 | if [ $MATCH -gt 0 ]; then | ||
146 | kill -n 19 $PID | ||
147 | |||
148 | for CHILD in $(ps -o pid,ppid -ax | awk "{ if ( \$2 == $PID ) { print \$1 } }"); do | ||
149 | netjail_kill $CHILD | ||
150 | done | ||
151 | |||
152 | kill $PID | ||
153 | fi | ||
154 | } | ||
155 | |||
156 | netjail_killall() { | ||
157 | if [ $# -gt 0 ]; then | ||
158 | local PIDS=$1 | ||
159 | |||
160 | for PID in $PIDS; do | ||
161 | netjail_kill $PID | ||
162 | done | ||
163 | fi | ||
164 | } | ||
165 | |||
166 | netjail_waitall() { | ||
167 | if [ $# -gt 0 ]; then | ||
168 | local PIDS=$1 | ||
169 | |||
170 | for PID in $PIDS; do | ||
171 | wait $PID | ||
172 | done | ||
173 | fi | ||
174 | } | ||
175 | |||
diff --git a/contrib/scripts/netjail/netjail_setup_internet.sh b/contrib/scripts/netjail/netjail_setup_internet.sh index d99709555..de8ef8f15 100755 --- a/contrib/scripts/netjail/netjail_setup_internet.sh +++ b/contrib/scripts/netjail/netjail_setup_internet.sh | |||
@@ -9,16 +9,30 @@ export PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" | |||
9 | LOCAL_M=$1 | 9 | LOCAL_M=$1 |
10 | GLOBAL_N=$2 | 10 | GLOBAL_N=$2 |
11 | 11 | ||
12 | # TODO: stunserver? ..and globally known peer? | 12 | # TODO: globally known peer? |
13 | 13 | ||
14 | shift 2 | 14 | shift 2 |
15 | 15 | ||
16 | netjail_check $(($LOCAL_M * $GLOBAL_N)) | 16 | netjail_check $(($LOCAL_M * $GLOBAL_N)) |
17 | 17 | ||
18 | # Starts optionally 'stunserver' on "92.68.150.$(($GLOBAL_N + 1))": | ||
19 | STUN=$(netjail_opt '--stun' $@) | ||
20 | |||
21 | if [ $STUN -gt 0 ]; then | ||
22 | netjail_check_bin stunserver | ||
23 | |||
24 | shift 1 | ||
25 | |||
26 | STUN_NODE=$(netjail_print_name "S" 254) | ||
27 | fi | ||
28 | |||
29 | netjail_check_bin $1 | ||
30 | |||
18 | LOCAL_GROUP="192.168.15" | 31 | LOCAL_GROUP="192.168.15" |
19 | GLOBAL_GROUP="92.68.150" | 32 | GLOBAL_GROUP="92.68.150" |
20 | 33 | ||
21 | echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/24]" | 34 | CLEANUP=0 |
35 | echo "Start [local: $LOCAL_GROUP.0/24, global: $GLOBAL_GROUP.0/24, stun: $STUN]" | ||
22 | 36 | ||
23 | NETWORK_NET=$(netjail_print_name "n" $GLOBAL_N $LOCAL_M) | 37 | NETWORK_NET=$(netjail_print_name "n" $GLOBAL_N $LOCAL_M) |
24 | 38 | ||
@@ -53,6 +67,17 @@ for N in $(seq $GLOBAL_N); do | |||
53 | done | 67 | done |
54 | done | 68 | done |
55 | 69 | ||
70 | WAITING="" | ||
71 | KILLING="" | ||
72 | |||
73 | if [ $STUN -gt 0 ]; then | ||
74 | netjail_node $STUN_NODE | ||
75 | netjail_node_link_bridge $STUN_NODE $NETWORK_NET "$GLOBAL_GROUP.254" 24 | ||
76 | |||
77 | netjail_node_exec $STUN_NODE 0 1 stunserver & | ||
78 | KILLING="$!" | ||
79 | fi | ||
80 | |||
56 | for N in $(seq $GLOBAL_N); do | 81 | for N in $(seq $GLOBAL_N); do |
57 | for M in $(seq $LOCAL_M); do | 82 | for M in $(seq $LOCAL_M); do |
58 | NODE=$(netjail_print_name "N" $N $M) | 83 | NODE=$(netjail_print_name "N" $N $M) |
@@ -62,20 +87,51 @@ for N in $(seq $GLOBAL_N); do | |||
62 | FD_Y=$(($INDEX * 2 + 3 + 1)) | 87 | FD_Y=$(($INDEX * 2 + 3 + 1)) |
63 | 88 | ||
64 | netjail_node_exec $NODE $FD_X $FD_Y $@ & | 89 | netjail_node_exec $NODE $FD_X $FD_Y $@ & |
90 | WAITING="$! $WAITING" | ||
65 | done | 91 | done |
66 | done | 92 | done |
67 | 93 | ||
68 | wait | 94 | cleanup() { |
95 | if [ $STUN -gt 0 ]; then | ||
96 | STUN_NODE=$(netjail_print_name "S" 254) | ||
69 | 97 | ||
70 | for N in $(seq $GLOBAL_N); do | 98 | netjail_node_unlink_bridge $STUN_NODE $NETWORK_NET |
71 | for M in $(seq $LOCAL_M); do | 99 | netjail_node_clear $STUN_NODE |
72 | netjail_node_clear $(netjail_print_name "N" $N $M) | 100 | fi |
101 | |||
102 | for N in $(seq $GLOBAL_N); do | ||
103 | ROUTER_NET=$(netjail_print_name "r" $N) | ||
104 | |||
105 | for M in $(seq $LOCAL_M); do | ||
106 | NODE=$(netjail_print_name "N" $N $M) | ||
107 | |||
108 | netjail_node_unlink_bridge $NODE $ROUTER_NET | ||
109 | netjail_node_clear $NODE | ||
110 | done | ||
111 | |||
112 | ROUTER=$(netjail_print_name "R" $N) | ||
113 | |||
114 | netjail_bridge_clear $ROUTER_NET | ||
115 | netjail_node_unlink_bridge $ROUTER $NETWORK_NET | ||
116 | netjail_node_clear $ROUTER | ||
73 | done | 117 | done |
74 | |||
75 | netjail_bridge_clear $(netjail_print_name "r" $N) | ||
76 | netjail_node_clear $(netjail_print_name "R" $N) | ||
77 | done | ||
78 | 118 | ||
79 | netjail_bridge_clear $NETWORK_NET | 119 | netjail_bridge_clear $NETWORK_NET |
120 | } | ||
121 | |||
122 | trapped_cleanup() { | ||
123 | netjail_killall $WAITING | ||
124 | netjail_killall $KILLING | ||
125 | |||
126 | cleanup | ||
127 | } | ||
128 | |||
129 | trap 'trapped_cleanup' 2 | ||
130 | |||
131 | netjail_waitall $WAITING | ||
132 | netjail_killall $KILLING | ||
133 | wait | ||
134 | |||
135 | cleanup | ||
80 | 136 | ||
81 | echo "Done" | 137 | echo "Done" |
diff --git a/src/arm/arm_api.c b/src/arm/arm_api.c index 2ec913a0a..afc32fc3a 100644 --- a/src/arm/arm_api.c +++ b/src/arm/arm_api.c | |||
@@ -433,12 +433,10 @@ handle_arm_list_result (void *cls, | |||
433 | const char *name; | 433 | const char *name; |
434 | const char *binary; | 434 | const char *binary; |
435 | 435 | ||
436 | GNUNET_assert (NULL != (name = pool_get (pool_start, | 436 | name = pool_get (pool_start, pool_size, name_index); |
437 | pool_size, | 437 | binary = pool_get (pool_start, pool_size, binary_index); |
438 | name_index))); | 438 | GNUNET_assert (NULL != name); |
439 | GNUNET_assert (NULL != (binary = pool_get (pool_start, | 439 | GNUNET_assert (NULL != binary); |
440 | pool_size, | ||
441 | binary_index))); | ||
442 | list[i] = (struct GNUNET_ARM_ServiceInfo) { | 440 | list[i] = (struct GNUNET_ARM_ServiceInfo) { |
443 | .name = name, | 441 | .name = name, |
444 | .binary = binary, | 442 | .binary = binary, |
@@ -770,7 +768,8 @@ start_arm_service (struct GNUNET_ARM_Handle *h, | |||
770 | } | 768 | } |
771 | GNUNET_free (binary); | 769 | GNUNET_free (binary); |
772 | GNUNET_free (quotedbinary); | 770 | GNUNET_free (quotedbinary); |
773 | GNUNET_free (config); | 771 | if (NULL != config) |
772 | GNUNET_free (config); | ||
774 | GNUNET_free (loprefix); | 773 | GNUNET_free (loprefix); |
775 | GNUNET_free (lopostfix); | 774 | GNUNET_free (lopostfix); |
776 | if (NULL == proc) | 775 | if (NULL == proc) |
@@ -978,15 +977,16 @@ GNUNET_ARM_request_service_start (struct GNUNET_ARM_Handle *h, | |||
978 | { | 977 | { |
979 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, | 978 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, |
980 | "pipe"); | 979 | "pipe"); |
981 | } | 980 | } else { |
982 | wsig = GNUNET_DISK_pipe_detach_end (sig, | 981 | wsig = GNUNET_DISK_pipe_detach_end (sig, |
983 | GNUNET_DISK_PIPE_END_WRITE); | 982 | GNUNET_DISK_PIPE_END_WRITE); |
984 | ret = start_arm_service (h, | 983 | ret = start_arm_service (h, |
985 | std_inheritance, | 984 | std_inheritance, |
986 | wsig); | 985 | wsig); |
987 | GNUNET_DISK_file_close (wsig); | 986 | GNUNET_DISK_file_close (wsig); |
988 | if (GNUNET_ARM_RESULT_STARTING == ret) | 987 | if (GNUNET_ARM_RESULT_STARTING == ret) |
989 | reconnect_arm (h); | 988 | reconnect_arm (h); |
989 | } | ||
990 | op = GNUNET_new (struct GNUNET_ARM_Operation); | 990 | op = GNUNET_new (struct GNUNET_ARM_Operation); |
991 | op->h = h; | 991 | op->h = h; |
992 | op->result_cont = cont; | 992 | op->result_cont = cont; |
diff --git a/src/cadet/gnunet-service-cadet.c b/src/cadet/gnunet-service-cadet.c index c8d69e43d..73e463e9b 100644 --- a/src/cadet/gnunet-service-cadet.c +++ b/src/cadet/gnunet-service-cadet.c | |||
@@ -1137,13 +1137,13 @@ channel_destroy_iterator (void *cls, | |||
1137 | GCCH_2s (ch), | 1137 | GCCH_2s (ch), |
1138 | GSC_2s (c)); | 1138 | GSC_2s (c)); |
1139 | ccn.channel_of_client = htonl (key); | 1139 | ccn.channel_of_client = htonl (key); |
1140 | GCCH_channel_local_destroy (ch, | ||
1141 | c, | ||
1142 | ccn); | ||
1143 | GNUNET_assert (GNUNET_YES == | 1140 | GNUNET_assert (GNUNET_YES == |
1144 | GNUNET_CONTAINER_multihashmap32_remove (c->channels, | 1141 | GNUNET_CONTAINER_multihashmap32_remove (c->channels, |
1145 | key, | 1142 | key, |
1146 | ch)); | 1143 | ch)); |
1144 | GCCH_channel_local_destroy (ch, | ||
1145 | c, | ||
1146 | ccn); | ||
1147 | return GNUNET_OK; | 1147 | return GNUNET_OK; |
1148 | } | 1148 | } |
1149 | 1149 | ||
diff --git a/src/conversation/test_conversation_api.c b/src/conversation/test_conversation_api.c index c5efecd52..41ef75821 100644 --- a/src/conversation/test_conversation_api.c +++ b/src/conversation/test_conversation_api.c | |||
@@ -402,7 +402,9 @@ namestore_put_cont (void *cls, int32_t success, const char *emsg) | |||
402 | GNUNET_assert (GNUNET_YES == success); | 402 | GNUNET_assert (GNUNET_YES == success); |
403 | GNUNET_assert (NULL == emsg); | 403 | GNUNET_assert (NULL == emsg); |
404 | GNUNET_assert (NULL == op); | 404 | GNUNET_assert (NULL == op); |
405 | op = GNUNET_IDENTITY_create (id, "caller-ego", NULL, &caller_ego_create_cont, | 405 | op = GNUNET_IDENTITY_create (id, "caller-ego", NULL, |
406 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
407 | &caller_ego_create_cont, | ||
406 | NULL); | 408 | NULL); |
407 | } | 409 | } |
408 | 410 | ||
@@ -484,7 +486,9 @@ run (void *cls, | |||
484 | cfg = c; | 486 | cfg = c; |
485 | GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_test, NULL); | 487 | GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_test, NULL); |
486 | id = GNUNET_IDENTITY_connect (cfg, &identity_cb, NULL); | 488 | id = GNUNET_IDENTITY_connect (cfg, &identity_cb, NULL); |
487 | op = GNUNET_IDENTITY_create (id, "phone-ego", NULL, &phone_ego_create_cont, | 489 | op = GNUNET_IDENTITY_create (id, "phone-ego", NULL, |
490 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
491 | &phone_ego_create_cont, | ||
488 | NULL); | 492 | NULL); |
489 | ns = GNUNET_NAMESTORE_connect (cfg); | 493 | ns = GNUNET_NAMESTORE_connect (cfg); |
490 | } | 494 | } |
diff --git a/src/conversation/test_conversation_api_reject.c b/src/conversation/test_conversation_api_reject.c index 08c64df37..15728123b 100644 --- a/src/conversation/test_conversation_api_reject.c +++ b/src/conversation/test_conversation_api_reject.c | |||
@@ -255,7 +255,9 @@ namestore_put_cont (void *cls, int32_t success, const char *emsg) | |||
255 | GNUNET_assert (GNUNET_YES == success); | 255 | GNUNET_assert (GNUNET_YES == success); |
256 | GNUNET_assert (NULL == emsg); | 256 | GNUNET_assert (NULL == emsg); |
257 | GNUNET_assert (NULL == op); | 257 | GNUNET_assert (NULL == op); |
258 | op = GNUNET_IDENTITY_create (id, "caller-ego", NULL, &caller_ego_create_cont, | 258 | op = GNUNET_IDENTITY_create (id, "caller-ego", NULL, |
259 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
260 | &caller_ego_create_cont, | ||
259 | NULL); | 261 | NULL); |
260 | } | 262 | } |
261 | 263 | ||
@@ -337,7 +339,9 @@ run (void *cls, | |||
337 | cfg = c; | 339 | cfg = c; |
338 | GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_test, NULL); | 340 | GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_test, NULL); |
339 | id = GNUNET_IDENTITY_connect (cfg, &identity_cb, NULL); | 341 | id = GNUNET_IDENTITY_connect (cfg, &identity_cb, NULL); |
340 | op = GNUNET_IDENTITY_create (id, "phone-ego", NULL, &phone_ego_create_cont, | 342 | op = GNUNET_IDENTITY_create (id, "phone-ego", NULL, |
343 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
344 | &phone_ego_create_cont, | ||
341 | NULL); | 345 | NULL); |
342 | ns = GNUNET_NAMESTORE_connect (cfg); | 346 | ns = GNUNET_NAMESTORE_connect (cfg); |
343 | } | 347 | } |
diff --git a/src/conversation/test_conversation_api_twocalls.c b/src/conversation/test_conversation_api_twocalls.c index ac7a3c9dd..9abf91d0b 100644 --- a/src/conversation/test_conversation_api_twocalls.c +++ b/src/conversation/test_conversation_api_twocalls.c | |||
@@ -524,7 +524,9 @@ namestore_put_cont (void *cls, int32_t success, const char *emsg) | |||
524 | GNUNET_assert (GNUNET_YES == success); | 524 | GNUNET_assert (GNUNET_YES == success); |
525 | GNUNET_assert (NULL == emsg); | 525 | GNUNET_assert (NULL == emsg); |
526 | GNUNET_assert (NULL == op); | 526 | GNUNET_assert (NULL == op); |
527 | op = GNUNET_IDENTITY_create (id, "caller-ego", NULL, &caller_ego_create_cont, | 527 | op = GNUNET_IDENTITY_create (id, "caller-ego", NULL, |
528 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
529 | &caller_ego_create_cont, | ||
528 | NULL); | 530 | NULL); |
529 | } | 531 | } |
530 | 532 | ||
@@ -614,7 +616,9 @@ run (void *cls, | |||
614 | timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_test, NULL); | 616 | timeout_task = GNUNET_SCHEDULER_add_delayed (TIMEOUT, &end_test, NULL); |
615 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | 617 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); |
616 | id = GNUNET_IDENTITY_connect (cfg, &identity_cb, NULL); | 618 | id = GNUNET_IDENTITY_connect (cfg, &identity_cb, NULL); |
617 | op = GNUNET_IDENTITY_create (id, "phone-ego", NULL, &phone_ego_create_cont, | 619 | op = GNUNET_IDENTITY_create (id, "phone-ego", NULL, |
620 | GNUNET_IDENTITY_TYPE_ECDSA, | ||
621 | &phone_ego_create_cont, | ||
618 | NULL); | 622 | NULL); |
619 | ns = GNUNET_NAMESTORE_connect (cfg); | 623 | ns = GNUNET_NAMESTORE_connect (cfg); |
620 | } | 624 | } |
diff --git a/src/datastore/plugin_datastore_sqlite.c b/src/datastore/plugin_datastore_sqlite.c index cecc37978..f58955b7b 100644 --- a/src/datastore/plugin_datastore_sqlite.c +++ b/src/datastore/plugin_datastore_sqlite.c | |||
@@ -1258,14 +1258,35 @@ sqlite_plugin_estimate_size (void *cls, unsigned long long *estimate) | |||
1258 | NULL, | 1258 | NULL, |
1259 | NULL, | 1259 | NULL, |
1260 | ENULL)); | 1260 | ENULL)); |
1261 | CHECK (SQLITE_OK == sq_prepare (plugin->dbh, "PRAGMA page_count", &stmt)); | 1261 | if (SQLITE_OK != sq_prepare (plugin->dbh, "PRAGMA page_count", &stmt)) |
1262 | { | ||
1263 | GNUNET_log_from ( | ||
1264 | GNUNET_ERROR_TYPE_WARNING, | ||
1265 | "datastore-sqlite", | ||
1266 | _("error preparing statement\n")); | ||
1267 | return; | ||
1268 | } | ||
1262 | if (SQLITE_ROW == sqlite3_step (stmt)) | 1269 | if (SQLITE_ROW == sqlite3_step (stmt)) |
1263 | pages = sqlite3_column_int64 (stmt, 0); | 1270 | pages = sqlite3_column_int64 (stmt, 0); |
1264 | else | 1271 | else |
1265 | pages = 0; | 1272 | pages = 0; |
1266 | sqlite3_finalize (stmt); | 1273 | sqlite3_finalize (stmt); |
1267 | CHECK (SQLITE_OK == sq_prepare (plugin->dbh, "PRAGMA page_size", &stmt)); | 1274 | if (SQLITE_OK != sq_prepare (plugin->dbh, "PRAGMA page_size", &stmt)) |
1268 | CHECK (SQLITE_ROW == sqlite3_step (stmt)); | 1275 | { |
1276 | GNUNET_log_from ( | ||
1277 | GNUNET_ERROR_TYPE_WARNING, | ||
1278 | "datastore-sqlite", | ||
1279 | _("error preparing statement\n")); | ||
1280 | return; | ||
1281 | } | ||
1282 | if (SQLITE_ROW != sqlite3_step (stmt)) | ||
1283 | { | ||
1284 | GNUNET_log_from ( | ||
1285 | GNUNET_ERROR_TYPE_WARNING, | ||
1286 | "datastore-sqlite", | ||
1287 | _("error stepping\n")); | ||
1288 | return; | ||
1289 | } | ||
1269 | page_size = sqlite3_column_int64 (stmt, 0); | 1290 | page_size = sqlite3_column_int64 (stmt, 0); |
1270 | sqlite3_finalize (stmt); | 1291 | sqlite3_finalize (stmt); |
1271 | GNUNET_log ( | 1292 | GNUNET_log ( |
diff --git a/src/gns/gnunet-service-gns_resolver.c b/src/gns/gnunet-service-gns_resolver.c index 784a6ee6d..958bf2e94 100644 --- a/src/gns/gnunet-service-gns_resolver.c +++ b/src/gns/gnunet-service-gns_resolver.c | |||
@@ -1764,8 +1764,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, | |||
1764 | /** | 1764 | /** |
1765 | * Records other than GNS2DNS not allowed | 1765 | * Records other than GNS2DNS not allowed |
1766 | */ | 1766 | */ |
1767 | if (NULL != ns) | 1767 | GNUNET_free (ns); |
1768 | GNUNET_free (ns); | 1768 | GNUNET_free (ac); |
1769 | return GNUNET_SYSERR; | 1769 | return GNUNET_SYSERR; |
1770 | } | 1770 | } |
1771 | off = 0; | 1771 | off = 0; |
@@ -1777,10 +1777,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, | |||
1777 | (NULL == ip)) | 1777 | (NULL == ip)) |
1778 | { | 1778 | { |
1779 | GNUNET_break_op (0); | 1779 | GNUNET_break_op (0); |
1780 | if (NULL != n) | 1780 | GNUNET_free (n); |
1781 | GNUNET_free (n); | 1781 | GNUNET_free (ip); |
1782 | if (NULL != ip) | ||
1783 | GNUNET_free (ip); | ||
1784 | continue; | 1782 | continue; |
1785 | } | 1783 | } |
1786 | 1784 | ||
@@ -1789,6 +1787,8 @@ recursive_gns2dns_resolution (struct GNS_ResolverHandle *rh, | |||
1789 | if (off != rd[i].data_size) | 1787 | if (off != rd[i].data_size) |
1790 | { | 1788 | { |
1791 | GNUNET_break_op (0); | 1789 | GNUNET_break_op (0); |
1790 | GNUNET_free (n); | ||
1791 | GNUNET_free (ip); | ||
1792 | continue; | 1792 | continue; |
1793 | } | 1793 | } |
1794 | /* resolve 'ip' to determine the IP(s) of the DNS | 1794 | /* resolve 'ip' to determine the IP(s) of the DNS |
diff --git a/src/gnsrecord/gnsrecord_crypto.c b/src/gnsrecord/gnsrecord_crypto.c index 289f0e885..feb60ade9 100644 --- a/src/gnsrecord/gnsrecord_crypto.c +++ b/src/gnsrecord/gnsrecord_crypto.c | |||
@@ -99,7 +99,14 @@ eddsa_symmetric_decrypt ( | |||
99 | const unsigned char *nonce, | 99 | const unsigned char *nonce, |
100 | void *result) | 100 | void *result) |
101 | { | 101 | { |
102 | if (0 != crypto_secretbox_open_easy (result, block, size, nonce, key)) | 102 | ssize_t ctlen = size - crypto_secretbox_MACBYTES; |
103 | if (ctlen < 0) | ||
104 | return GNUNET_SYSERR; | ||
105 | if (0 != crypto_secretbox_open_detached (result, | ||
106 | block, // Ciphertext | ||
107 | ((unsigned char*)block) + ctlen, // TAG | ||
108 | ctlen, | ||
109 | nonce, key)) | ||
103 | { | 110 | { |
104 | return GNUNET_SYSERR; | 111 | return GNUNET_SYSERR; |
105 | } | 112 | } |
@@ -115,7 +122,11 @@ eddsa_symmetric_encrypt ( | |||
115 | const unsigned char *nonce, | 122 | const unsigned char *nonce, |
116 | void *result) | 123 | void *result) |
117 | { | 124 | { |
118 | crypto_secretbox_easy (result, block, size, nonce, key); | 125 | if (size > crypto_secretbox_MESSAGEBYTES_MAX) |
126 | return GNUNET_SYSERR; | ||
127 | crypto_secretbox_detached (result, // Ciphertext | ||
128 | result + size, // TAG | ||
129 | block, size, nonce, key); | ||
119 | return GNUNET_OK; | 130 | return GNUNET_OK; |
120 | } | 131 | } |
121 | 132 | ||
@@ -396,11 +407,8 @@ block_create_eddsa (const struct GNUNET_CRYPTO_EddsaPrivateKey *key, | |||
396 | label, | 407 | label, |
397 | "gns", | 408 | "gns", |
398 | &dkey); | 409 | &dkey); |
399 | // FIXME: We may want a key_get_public_from_private_scalar function | 410 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dkey, |
400 | struct GNUNET_CRYPTO_EddsaPublicKey test; | 411 | &edblock->derived_key); |
401 | crypto_scalarmult_ed25519_base_noclamp (test.q_y, | ||
402 | dkey.s); | ||
403 | edblock->derived_key = test; | ||
404 | derive_block_xsalsa_key (nonce, | 412 | derive_block_xsalsa_key (nonce, |
405 | skey, | 413 | skey, |
406 | label, | 414 | label, |
@@ -438,25 +446,21 @@ GNUNET_GNSRECORD_block_create (const struct GNUNET_IDENTITY_PrivateKey *key, | |||
438 | const struct GNUNET_GNSRECORD_Data *rd, | 446 | const struct GNUNET_GNSRECORD_Data *rd, |
439 | unsigned int rd_count) | 447 | unsigned int rd_count) |
440 | { | 448 | { |
441 | struct GNUNET_CRYPTO_EcdsaPublicKey pkey; | 449 | struct GNUNET_IDENTITY_PublicKey pkey; |
442 | struct GNUNET_CRYPTO_EddsaPublicKey edkey; | 450 | GNUNET_IDENTITY_key_get_public (key, |
443 | 451 | &pkey); | |
444 | switch (ntohl (key->type)) | 452 | switch (ntohl (key->type)) |
445 | { | 453 | { |
446 | case GNUNET_GNSRECORD_TYPE_PKEY: | 454 | case GNUNET_GNSRECORD_TYPE_PKEY: |
447 | GNUNET_CRYPTO_ecdsa_key_get_public (&key->ecdsa_key, | ||
448 | &pkey); | ||
449 | return block_create_ecdsa (&key->ecdsa_key, | 455 | return block_create_ecdsa (&key->ecdsa_key, |
450 | &pkey, | 456 | &pkey.ecdsa_key, |
451 | expire, | 457 | expire, |
452 | label, | 458 | label, |
453 | rd, | 459 | rd, |
454 | rd_count); | 460 | rd_count); |
455 | case GNUNET_GNSRECORD_TYPE_EDKEY: | 461 | case GNUNET_GNSRECORD_TYPE_EDKEY: |
456 | GNUNET_CRYPTO_eddsa_key_get_public (&key->eddsa_key, | ||
457 | &edkey); | ||
458 | return block_create_eddsa (&key->eddsa_key, | 462 | return block_create_eddsa (&key->eddsa_key, |
459 | &edkey, | 463 | &pkey.eddsa_key, |
460 | expire, | 464 | expire, |
461 | label, | 465 | label, |
462 | rd, | 466 | rd, |
@@ -930,7 +934,7 @@ GNUNET_GNSRECORD_query_from_public_key (const struct | |||
930 | GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, | 934 | GNUNET_CRYPTO_eddsa_public_key_derive (&pub->eddsa_key, |
931 | label, | 935 | label, |
932 | "gns", | 936 | "gns", |
933 | &pd.eddsa_key); | 937 | &(pd.eddsa_key)); |
934 | GNUNET_CRYPTO_hash (&pd.eddsa_key, | 938 | GNUNET_CRYPTO_hash (&pd.eddsa_key, |
935 | sizeof (pd.eddsa_key), | 939 | sizeof (pd.eddsa_key), |
936 | query); | 940 | query); |
diff --git a/src/gnsrecord/gnsrecord_misc.c b/src/gnsrecord/gnsrecord_misc.c index 2fe315bd8..8d3a6421f 100644 --- a/src/gnsrecord/gnsrecord_misc.c +++ b/src/gnsrecord/gnsrecord_misc.c | |||
@@ -377,7 +377,7 @@ GNUNET_GNSRECORD_query_from_block (const struct GNUNET_GNSRECORD_Block *block, | |||
377 | switch (ntohl (block->type)) | 377 | switch (ntohl (block->type)) |
378 | { | 378 | { |
379 | case GNUNET_GNSRECORD_TYPE_PKEY: | 379 | case GNUNET_GNSRECORD_TYPE_PKEY: |
380 | GNUNET_CRYPTO_hash (&block->ecdsa_block.derived_key, | 380 | GNUNET_CRYPTO_hash (&(block->ecdsa_block.derived_key), |
381 | sizeof (block->ecdsa_block.derived_key), | 381 | sizeof (block->ecdsa_block.derived_key), |
382 | query); | 382 | query); |
383 | return GNUNET_OK; | 383 | return GNUNET_OK; |
diff --git a/src/gnsrecord/test_gnsrecord_crypto.c b/src/gnsrecord/test_gnsrecord_crypto.c index 9394f562d..9e5a1aa7e 100644 --- a/src/gnsrecord/test_gnsrecord_crypto.c +++ b/src/gnsrecord/test_gnsrecord_crypto.c | |||
@@ -92,6 +92,7 @@ rd_decrypt_cb (void *cls, | |||
92 | res = 0; | 92 | res = 0; |
93 | } | 93 | } |
94 | 94 | ||
95 | |||
95 | static void | 96 | static void |
96 | test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) | 97 | test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) |
97 | { | 98 | { |
@@ -99,6 +100,7 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) | |||
99 | struct GNUNET_IDENTITY_PublicKey pubkey; | 100 | struct GNUNET_IDENTITY_PublicKey pubkey; |
100 | struct GNUNET_HashCode query_pub; | 101 | struct GNUNET_HashCode query_pub; |
101 | struct GNUNET_HashCode query_priv; | 102 | struct GNUNET_HashCode query_priv; |
103 | struct GNUNET_HashCode query_block; | ||
102 | struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get (); | 104 | struct GNUNET_TIME_Absolute expire = GNUNET_TIME_absolute_get (); |
103 | 105 | ||
104 | 106 | ||
@@ -117,7 +119,7 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) | |||
117 | &query_pub, | 119 | &query_pub, |
118 | sizeof(struct GNUNET_HashCode))); | 120 | sizeof(struct GNUNET_HashCode))); |
119 | /* create record */ | 121 | /* create record */ |
120 | s_name = "DUMMY.dummy.gnunet"; | 122 | s_name = "testlabel"; |
121 | s_rd = create_record (RECORDS); | 123 | s_rd = create_record (RECORDS); |
122 | 124 | ||
123 | /* Create block */ | 125 | /* Create block */ |
@@ -128,6 +130,13 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) | |||
128 | s_rd, | 130 | s_rd, |
129 | RECORDS))); | 131 | RECORDS))); |
130 | GNUNET_assert (GNUNET_OK == | 132 | GNUNET_assert (GNUNET_OK == |
133 | GNUNET_GNSRECORD_query_from_block (block, | ||
134 | &query_block)); | ||
135 | GNUNET_assert (0 == memcmp (&query_pub, | ||
136 | &query_block, | ||
137 | sizeof(struct GNUNET_HashCode))); | ||
138 | |||
139 | GNUNET_assert (GNUNET_OK == | ||
131 | GNUNET_GNSRECORD_block_verify (block)); | 140 | GNUNET_GNSRECORD_block_verify (block)); |
132 | GNUNET_assert (GNUNET_OK == | 141 | GNUNET_assert (GNUNET_OK == |
133 | GNUNET_GNSRECORD_block_decrypt (block, | 142 | GNUNET_GNSRECORD_block_decrypt (block, |
@@ -139,7 +148,6 @@ test_with_type (struct GNUNET_IDENTITY_PrivateKey *privkey) | |||
139 | } | 148 | } |
140 | 149 | ||
141 | 150 | ||
142 | |||
143 | static void | 151 | static void |
144 | run (void *cls, | 152 | run (void *cls, |
145 | char *const *args, | 153 | char *const *args, |
@@ -148,15 +156,29 @@ run (void *cls, | |||
148 | { | 156 | { |
149 | struct GNUNET_IDENTITY_PrivateKey privkey; | 157 | struct GNUNET_IDENTITY_PrivateKey privkey; |
150 | struct GNUNET_IDENTITY_PrivateKey privkey_ed; | 158 | struct GNUNET_IDENTITY_PrivateKey privkey_ed; |
159 | struct GNUNET_TIME_Absolute start; | ||
160 | struct GNUNET_TIME_Absolute end; | ||
151 | 161 | ||
152 | 162 | ||
153 | privkey.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); | 163 | privkey.type = htonl (GNUNET_GNSRECORD_TYPE_PKEY); |
154 | GNUNET_CRYPTO_ecdsa_key_create (&privkey.ecdsa_key); | 164 | GNUNET_CRYPTO_ecdsa_key_create (&privkey.ecdsa_key); |
165 | start = GNUNET_TIME_absolute_get (); | ||
155 | test_with_type (&privkey); | 166 | test_with_type (&privkey); |
167 | end = GNUNET_TIME_absolute_get (); | ||
168 | printf ("Time: %llu ms\n", (unsigned long long) | ||
169 | GNUNET_TIME_absolute_get_difference (start, | ||
170 | end).rel_value_us); | ||
156 | 171 | ||
157 | privkey_ed.type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); | 172 | privkey_ed.type = htonl (GNUNET_GNSRECORD_TYPE_EDKEY); |
158 | GNUNET_CRYPTO_eddsa_key_create (&privkey_ed.eddsa_key); | 173 | GNUNET_CRYPTO_eddsa_key_create (&privkey_ed.eddsa_key); |
159 | test_with_type(&privkey_ed); | 174 | start = GNUNET_TIME_absolute_get (); |
175 | test_with_type (&privkey_ed); | ||
176 | end = GNUNET_TIME_absolute_get (); | ||
177 | printf ("Time: %llu ms\n", (unsigned long long) | ||
178 | GNUNET_TIME_absolute_get_difference (start, | ||
179 | end).rel_value_us); | ||
180 | |||
181 | |||
160 | } | 182 | } |
161 | 183 | ||
162 | 184 | ||
diff --git a/src/include/Makefile.am b/src/include/Makefile.am index faef696a7..efbb06d4f 100644 --- a/src/include/Makefile.am +++ b/src/include/Makefile.am | |||
@@ -25,6 +25,7 @@ gnunetinclude_HEADERS = \ | |||
25 | gnunet_block_group_lib.h \ | 25 | gnunet_block_group_lib.h \ |
26 | gnunet_block_plugin.h \ | 26 | gnunet_block_plugin.h \ |
27 | gnunet_buffer_lib.h \ | 27 | gnunet_buffer_lib.h \ |
28 | gnunet_child_management_lib.h \ | ||
28 | gnunet_client_lib.h \ | 29 | gnunet_client_lib.h \ |
29 | gnunet_common.h \ | 30 | gnunet_common.h \ |
30 | gnunet_constants.h \ | 31 | gnunet_constants.h \ |
diff --git a/src/include/gnunet_child_management_lib.h b/src/include/gnunet_child_management_lib.h index 465f71f0e..a35b37865 100644 --- a/src/include/gnunet_child_management_lib.h +++ b/src/include/gnunet_child_management_lib.h | |||
@@ -19,7 +19,7 @@ | |||
19 | */ | 19 | */ |
20 | 20 | ||
21 | /** | 21 | /** |
22 | * @file include/anastasis_util_lib.h | 22 | * @file include/gnunet_child_management_lib.h |
23 | * @brief GNUnet child management api | 23 | * @brief GNUnet child management api |
24 | * @author Christian Grothoff | 24 | * @author Christian Grothoff |
25 | * @author Dominik Meister | 25 | * @author Dominik Meister |
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h index a334b50d0..ae73c9d40 100644 --- a/src/include/gnunet_crypto_lib.h +++ b/src/include/gnunet_crypto_lib.h | |||
@@ -1985,6 +1985,18 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar ( | |||
1985 | 1985 | ||
1986 | 1986 | ||
1987 | /** | 1987 | /** |
1988 | * Extract the public key of the given private scalar. | ||
1989 | * | ||
1990 | * @param s the private scalar | ||
1991 | * @param pkey the resulting public key | ||
1992 | */ | ||
1993 | void | ||
1994 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar ( | ||
1995 | const struct GNUNET_CRYPTO_EddsaPrivateScalar *s, | ||
1996 | struct GNUNET_CRYPTO_EddsaPublicKey *pkey); | ||
1997 | |||
1998 | |||
1999 | /** | ||
1988 | * Output the given MPI value to the given buffer in network | 2000 | * Output the given MPI value to the given buffer in network |
1989 | * byte order. The MPI @a val may not be negative. | 2001 | * byte order. The MPI @a val may not be negative. |
1990 | * | 2002 | * |
diff --git a/src/include/gnunet_util_lib.h b/src/include/gnunet_util_lib.h index 5e790550f..3acd4cb9b 100644 --- a/src/include/gnunet_util_lib.h +++ b/src/include/gnunet_util_lib.h | |||
@@ -84,6 +84,7 @@ extern "C" | |||
84 | #include "gnunet_tun_lib.h" | 84 | #include "gnunet_tun_lib.h" |
85 | #include "gnunet_dnsstub_lib.h" | 85 | #include "gnunet_dnsstub_lib.h" |
86 | #include "gnunet_dnsparser_lib.h" | 86 | #include "gnunet_dnsparser_lib.h" |
87 | #include "gnunet_child_management_lib.h" | ||
87 | 88 | ||
88 | #if 0 /* keep Emacsens' auto-indent happy */ | 89 | #if 0 /* keep Emacsens' auto-indent happy */ |
89 | { | 90 | { |
diff --git a/src/peerinfo-tool/test_gnunet_peerinfo.py.in b/src/peerinfo-tool/test_gnunet_peerinfo.py.in index 9d6fd8fb2..709556f70 100755 --- a/src/peerinfo-tool/test_gnunet_peerinfo.py.in +++ b/src/peerinfo-tool/test_gnunet_peerinfo.py.in | |||
@@ -33,7 +33,7 @@ if gnunet_pyexpect_dir not in sys.path: | |||
33 | from gnunet_pyexpect import pexpect | 33 | from gnunet_pyexpect import pexpect |
34 | 34 | ||
35 | #save LANG and set it to C | 35 | #save LANG and set it to C |
36 | mylang = os.environ['LANG'] | 36 | mylang = os.environ.get('LANG') |
37 | os.environ['LANG'] = 'C' | 37 | os.environ['LANG'] = 'C' |
38 | 38 | ||
39 | if os.name == 'posix': | 39 | if os.name == 'posix': |
@@ -139,4 +139,5 @@ finally: | |||
139 | else: | 139 | else: |
140 | shutil.rmtree("/tmp/gnunet-test-peerinfo", True) | 140 | shutil.rmtree("/tmp/gnunet-test-peerinfo", True) |
141 | #Reset LANG | 141 | #Reset LANG |
142 | os.environ['LANG'] = mylang | 142 | if type(mylang) == str: |
143 | os.environ['LANG'] = mylang | ||
diff --git a/src/reclaim/pabc_helper.c b/src/reclaim/pabc_helper.c index 1b1dbea0f..e58b8a4f7 100644 --- a/src/reclaim/pabc_helper.c +++ b/src/reclaim/pabc_helper.c | |||
@@ -96,6 +96,7 @@ read_file (char const *const filename, char **buffer) | |||
96 | 96 | ||
97 | fail: | 97 | fail: |
98 | GNUNET_DISK_file_close (fh); | 98 | GNUNET_DISK_file_close (fh); |
99 | GNUNET_free (*buffer); | ||
99 | return GNUNET_SYSERR; | 100 | return GNUNET_SYSERR; |
100 | } | 101 | } |
101 | 102 | ||
diff --git a/src/reclaim/plugin_rest_openid_connect.c b/src/reclaim/plugin_rest_openid_connect.c index 88b928526..1c00abcbd 100644 --- a/src/reclaim/plugin_rest_openid_connect.c +++ b/src/reclaim/plugin_rest_openid_connect.c | |||
@@ -656,7 +656,10 @@ do_error (void *cls) | |||
656 | handle->response_code = MHD_HTTP_BAD_REQUEST; | 656 | handle->response_code = MHD_HTTP_BAD_REQUEST; |
657 | resp = GNUNET_REST_create_response (json_error); | 657 | resp = GNUNET_REST_create_response (json_error); |
658 | if (MHD_HTTP_UNAUTHORIZED == handle->response_code) | 658 | if (MHD_HTTP_UNAUTHORIZED == handle->response_code) |
659 | MHD_add_response_header (resp, MHD_HTTP_HEADER_WWW_AUTHENTICATE, "Basic"); | 659 | GNUNET_assert (MHD_NO != |
660 | MHD_add_response_header (resp, | ||
661 | MHD_HTTP_HEADER_WWW_AUTHENTICATE, | ||
662 | "Basic")); | ||
660 | MHD_add_response_header (resp, | 663 | MHD_add_response_header (resp, |
661 | MHD_HTTP_HEADER_CONTENT_TYPE, | 664 | MHD_HTTP_HEADER_CONTENT_TYPE, |
662 | "application/json"); | 665 | "application/json"); |
diff --git a/src/reclaim/plugin_rest_pabc.c b/src/reclaim/plugin_rest_pabc.c index a0551f215..4b7d21df3 100644 --- a/src/reclaim/plugin_rest_pabc.c +++ b/src/reclaim/plugin_rest_pabc.c | |||
@@ -282,6 +282,7 @@ set_attributes_from_idtoken (const struct pabc_context *ctx, | |||
282 | "Failed to set attribute `%s'.\n", key); | 282 | "Failed to set attribute `%s'.\n", key); |
283 | } | 283 | } |
284 | } | 284 | } |
285 | GNUNET_free (jwt_string); | ||
285 | return PABC_OK; | 286 | return PABC_OK; |
286 | } | 287 | } |
287 | 288 | ||
diff --git a/src/reclaim/plugin_rest_reclaim.c b/src/reclaim/plugin_rest_reclaim.c index 80d6ca976..a2f8d96b2 100644 --- a/src/reclaim/plugin_rest_reclaim.c +++ b/src/reclaim/plugin_rest_reclaim.c | |||
@@ -1364,7 +1364,7 @@ list_ego (void *cls, | |||
1364 | struct EgoEntry *ego_entry; | 1364 | struct EgoEntry *ego_entry; |
1365 | struct GNUNET_IDENTITY_PublicKey pk; | 1365 | struct GNUNET_IDENTITY_PublicKey pk; |
1366 | 1366 | ||
1367 | if ((NULL == ego) && (ID_REST_STATE_INIT == state)) | 1367 | if (NULL == ego) |
1368 | { | 1368 | { |
1369 | state = ID_REST_STATE_POST_INIT; | 1369 | state = ID_REST_STATE_POST_INIT; |
1370 | return; | 1370 | return; |
diff --git a/src/revocation/gnunet-revocation.c b/src/revocation/gnunet-revocation.c index 99fecdd35..a7f96385c 100644 --- a/src/revocation/gnunet-revocation.c +++ b/src/revocation/gnunet-revocation.c | |||
@@ -343,7 +343,13 @@ ego_callback (void *cls, struct GNUNET_IDENTITY_Ego *ego) | |||
343 | GNUNET_DISK_fn_read (filename, proof_of_work, | 343 | GNUNET_DISK_fn_read (filename, proof_of_work, |
344 | GNUNET_REVOCATION_MAX_PROOF_SIZE)))) | 344 | GNUNET_REVOCATION_MAX_PROOF_SIZE)))) |
345 | { | 345 | { |
346 | size_t ksize = GNUNET_IDENTITY_key_get_length (&key); | 346 | ssize_t ksize = GNUNET_IDENTITY_key_get_length (&key); |
347 | if (0 > ksize) | ||
348 | { | ||
349 | fprintf (stderr, | ||
350 | _ ("Error: Key is invalid\n")); | ||
351 | return; | ||
352 | } | ||
347 | if (((psize - sizeof (*proof_of_work)) < ksize) || // Key too small | 353 | if (((psize - sizeof (*proof_of_work)) < ksize) || // Key too small |
348 | (0 != memcmp (&proof_of_work[1], &key, ksize))) // Keys do not match | 354 | (0 != memcmp (&proof_of_work[1], &key, ksize))) // Keys do not match |
349 | { | 355 | { |
diff --git a/src/revocation/gnunet-service-revocation.c b/src/revocation/gnunet-service-revocation.c index 6f70720ba..2d8111adb 100644 --- a/src/revocation/gnunet-service-revocation.c +++ b/src/revocation/gnunet-service-revocation.c | |||
@@ -943,9 +943,17 @@ run (void *cls, | |||
943 | } | 943 | } |
944 | struct GNUNET_REVOCATION_PowP *pow = (struct | 944 | struct GNUNET_REVOCATION_PowP *pow = (struct |
945 | GNUNET_REVOCATION_PowP *) &rm[1]; | 945 | GNUNET_REVOCATION_PowP *) &rm[1]; |
946 | ssize_t ksize; | ||
946 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 947 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
948 | ksize = GNUNET_IDENTITY_key_get_length (pk); | ||
949 | if (0 > ksize) | ||
950 | { | ||
951 | GNUNET_break_op (0); | ||
952 | GNUNET_free (fn); | ||
953 | return; | ||
954 | } | ||
947 | GNUNET_CRYPTO_hash (pk, | 955 | GNUNET_CRYPTO_hash (pk, |
948 | GNUNET_IDENTITY_key_get_length (pk), | 956 | ksize, |
949 | &hc); | 957 | &hc); |
950 | GNUNET_break (GNUNET_OK == | 958 | GNUNET_break (GNUNET_OK == |
951 | GNUNET_CONTAINER_multihashmap_put (revocation_map, | 959 | GNUNET_CONTAINER_multihashmap_put (revocation_map, |
diff --git a/src/revocation/plugin_block_revocation.c b/src/revocation/plugin_block_revocation.c index 1928d09cd..da5882d59 100644 --- a/src/revocation/plugin_block_revocation.c +++ b/src/revocation/plugin_block_revocation.c | |||
@@ -190,6 +190,7 @@ block_plugin_revocation_get_key (void *cls, | |||
190 | struct GNUNET_HashCode *key) | 190 | struct GNUNET_HashCode *key) |
191 | { | 191 | { |
192 | const struct RevokeMessage *rm = block; | 192 | const struct RevokeMessage *rm = block; |
193 | ssize_t ksize; | ||
193 | 194 | ||
194 | if (block_size <= sizeof(*rm)) | 195 | if (block_size <= sizeof(*rm)) |
195 | { | 196 | { |
@@ -199,8 +200,14 @@ block_plugin_revocation_get_key (void *cls, | |||
199 | struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; | 200 | struct GNUNET_REVOCATION_PowP *pow = (struct GNUNET_REVOCATION_PowP *) &rm[1]; |
200 | const struct GNUNET_IDENTITY_PublicKey *pk; | 201 | const struct GNUNET_IDENTITY_PublicKey *pk; |
201 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; | 202 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &pow[1]; |
203 | ksize = GNUNET_IDENTITY_key_get_length (pk); | ||
204 | if (0 > ksize) | ||
205 | { | ||
206 | GNUNET_break_op (0); | ||
207 | return GNUNET_SYSERR; | ||
208 | } | ||
202 | GNUNET_CRYPTO_hash (pk, | 209 | GNUNET_CRYPTO_hash (pk, |
203 | GNUNET_IDENTITY_key_get_length (pk), | 210 | ksize, |
204 | key); | 211 | key); |
205 | return GNUNET_OK; | 212 | return GNUNET_OK; |
206 | } | 213 | } |
diff --git a/src/revocation/revocation_api.c b/src/revocation/revocation_api.c index e2f871c23..f2b95bafa 100644 --- a/src/revocation/revocation_api.c +++ b/src/revocation/revocation_api.c | |||
@@ -707,6 +707,7 @@ GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) | |||
707 | unsigned int zeros; | 707 | unsigned int zeros; |
708 | int ret; | 708 | int ret; |
709 | uint64_t pow_nbo; | 709 | uint64_t pow_nbo; |
710 | ssize_t ksize; | ||
710 | 711 | ||
711 | pc->current_pow++; | 712 | pc->current_pow++; |
712 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &(pc->pow[1]); | 713 | pk = (const struct GNUNET_IDENTITY_PublicKey *) &(pc->pow[1]); |
@@ -722,9 +723,11 @@ GNUNET_REVOCATION_pow_round (struct GNUNET_REVOCATION_PowCalculationHandle *pc) | |||
722 | GNUNET_memcpy (&buf[sizeof(uint64_t)], | 723 | GNUNET_memcpy (&buf[sizeof(uint64_t)], |
723 | &pc->pow->timestamp, | 724 | &pc->pow->timestamp, |
724 | sizeof (uint64_t)); | 725 | sizeof (uint64_t)); |
726 | ksize = GNUNET_IDENTITY_key_get_length (pk); | ||
727 | GNUNET_assert (0 < ksize); | ||
725 | GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], | 728 | GNUNET_memcpy (&buf[sizeof(uint64_t) * 2], |
726 | pk, | 729 | pk, |
727 | GNUNET_IDENTITY_key_get_length (pk)); | 730 | ksize); |
728 | GNUNET_CRYPTO_pow_hash (&salt, | 731 | GNUNET_CRYPTO_pow_hash (&salt, |
729 | buf, | 732 | buf, |
730 | sizeof(buf), | 733 | sizeof(buf), |
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c index a871d980f..1b838bf9c 100644 --- a/src/transport/gnunet-communicator-tcp.c +++ b/src/transport/gnunet-communicator-tcp.c | |||
@@ -1158,10 +1158,10 @@ setup_cipher (const struct GNUNET_HashCode *dh, | |||
1158 | char key[256 / 8]; | 1158 | char key[256 / 8]; |
1159 | char ctr[128 / 8]; | 1159 | char ctr[128 / 8]; |
1160 | 1160 | ||
1161 | gcry_cipher_open (cipher, | 1161 | GNUNET_assert (0 == gcry_cipher_open (cipher, |
1162 | GCRY_CIPHER_AES256 /* low level: go for speed */, | 1162 | GCRY_CIPHER_AES256 /* low level: go for speed */, |
1163 | GCRY_CIPHER_MODE_CTR, | 1163 | GCRY_CIPHER_MODE_CTR, |
1164 | 0 /* flags */); | 1164 | 0 /* flags */)); |
1165 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (key, | 1165 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (key, |
1166 | sizeof(key), | 1166 | sizeof(key), |
1167 | "TCP-key", | 1167 | "TCP-key", |
@@ -1172,7 +1172,7 @@ setup_cipher (const struct GNUNET_HashCode *dh, | |||
1172 | sizeof(*pid), | 1172 | sizeof(*pid), |
1173 | NULL, | 1173 | NULL, |
1174 | 0)); | 1174 | 0)); |
1175 | gcry_cipher_setkey (*cipher, key, sizeof(key)); | 1175 | GNUNET_assert (0 == gcry_cipher_setkey (*cipher, key, sizeof(key))); |
1176 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (ctr, | 1176 | GNUNET_assert (GNUNET_YES == GNUNET_CRYPTO_kdf (ctr, |
1177 | sizeof(ctr), | 1177 | sizeof(ctr), |
1178 | "TCP-ctr", | 1178 | "TCP-ctr", |
@@ -2115,6 +2115,7 @@ extract_address (const char *bindto) | |||
2115 | char *token; | 2115 | char *token; |
2116 | char *cp; | 2116 | char *cp; |
2117 | char *rest = NULL; | 2117 | char *rest = NULL; |
2118 | char *res; | ||
2118 | 2119 | ||
2119 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2120 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2120 | "extract address with bindto %s\n", | 2121 | "extract address with bindto %s\n", |
@@ -2145,7 +2146,9 @@ extract_address (const char *bindto) | |||
2145 | else | 2146 | else |
2146 | { | 2147 | { |
2147 | token++; | 2148 | token++; |
2148 | return token; | 2149 | res = GNUNET_strdup (token); |
2150 | GNUNET_free (cp); | ||
2151 | return res; | ||
2149 | } | 2152 | } |
2150 | } | 2153 | } |
2151 | 2154 | ||
@@ -2155,7 +2158,7 @@ extract_address (const char *bindto) | |||
2155 | "extract address with start %s\n", | 2158 | "extract address with start %s\n", |
2156 | start); | 2159 | start); |
2157 | 2160 | ||
2158 | return start; | 2161 | return GNUNET_strdup (start); |
2159 | } | 2162 | } |
2160 | 2163 | ||
2161 | 2164 | ||
@@ -2185,6 +2188,7 @@ extract_port (const char *addr_and_port) | |||
2185 | colon = strrchr (cp, ':'); | 2188 | colon = strrchr (cp, ':'); |
2186 | if (NULL == colon) | 2189 | if (NULL == colon) |
2187 | { | 2190 | { |
2191 | GNUNET_free (cp); | ||
2188 | return 0; | 2192 | return 0; |
2189 | } | 2193 | } |
2190 | addr = colon; | 2194 | addr = colon; |
@@ -2195,6 +2199,7 @@ extract_port (const char *addr_and_port) | |||
2195 | token = strtok_r (NULL, "]", &rest); | 2199 | token = strtok_r (NULL, "]", &rest); |
2196 | if (NULL == token) | 2200 | if (NULL == token) |
2197 | { | 2201 | { |
2202 | GNUNET_free (cp); | ||
2198 | return 0; | 2203 | return 0; |
2199 | } | 2204 | } |
2200 | else | 2205 | else |
@@ -2213,7 +2218,7 @@ extract_port (const char *addr_and_port) | |||
2213 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2218 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2214 | "Port `%u' invalid: value too large for port\n", | 2219 | "Port `%u' invalid: value too large for port\n", |
2215 | port); | 2220 | port); |
2216 | // GNUNET_free (cp); | 2221 | GNUNET_free (cp); |
2217 | return 0; | 2222 | return 0; |
2218 | } | 2223 | } |
2219 | } | 2224 | } |
@@ -2221,7 +2226,7 @@ extract_port (const char *addr_and_port) | |||
2221 | { | 2226 | { |
2222 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | 2227 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, |
2223 | "BINDTO specification invalid: last ':' not followed by number\n"); | 2228 | "BINDTO specification invalid: last ':' not followed by number\n"); |
2224 | // GNUNET_free (cp); | 2229 | GNUNET_free (cp); |
2225 | return 0; | 2230 | return 0; |
2226 | } | 2231 | } |
2227 | } | 2232 | } |
@@ -2252,7 +2257,7 @@ tcp_address_to_sockaddr (const char *bindto, socklen_t *sock_len) | |||
2252 | unsigned int port; | 2257 | unsigned int port; |
2253 | struct sockaddr_in v4; | 2258 | struct sockaddr_in v4; |
2254 | struct sockaddr_in6 v6; | 2259 | struct sockaddr_in6 v6; |
2255 | const char *start; | 2260 | char *start; |
2256 | 2261 | ||
2257 | // cp = GNUNET_strdup (bindto); | 2262 | // cp = GNUNET_strdup (bindto); |
2258 | start = extract_address (bindto); | 2263 | start = extract_address (bindto); |
@@ -2288,8 +2293,7 @@ tcp_address_to_sockaddr (const char *bindto, socklen_t *sock_len) | |||
2288 | GNUNET_assert (0); | 2293 | GNUNET_assert (0); |
2289 | } | 2294 | } |
2290 | 2295 | ||
2291 | // GNUNET_free (start); | 2296 | GNUNET_free (start); |
2292 | |||
2293 | return in; | 2297 | return in; |
2294 | } | 2298 | } |
2295 | 2299 | ||
@@ -2427,39 +2431,6 @@ boot_queue (struct Queue *queue) | |||
2427 | NULL, | 2431 | NULL, |
2428 | &mq_error, | 2432 | &mq_error, |
2429 | queue); | 2433 | queue); |
2430 | /* { */ | ||
2431 | /* char *foreign_addr; */ | ||
2432 | |||
2433 | /* switch (queue->address->sa_family) */ | ||
2434 | /* { */ | ||
2435 | /* case AF_INET: */ | ||
2436 | /* GNUNET_asprintf (&foreign_addr, */ | ||
2437 | /* "%s-%s", */ | ||
2438 | /* COMMUNICATOR_ADDRESS_PREFIX, */ | ||
2439 | /* GNUNET_a2s (queue->address, queue->address_len)); */ | ||
2440 | /* break; */ | ||
2441 | |||
2442 | /* case AF_INET6: */ | ||
2443 | /* GNUNET_asprintf (&foreign_addr, */ | ||
2444 | /* "%s-%s", */ | ||
2445 | /* COMMUNICATOR_ADDRESS_PREFIX, */ | ||
2446 | /* GNUNET_a2s (queue->address, queue->address_len)); */ | ||
2447 | /* break; */ | ||
2448 | |||
2449 | /* default: */ | ||
2450 | /* GNUNET_assert (0); */ | ||
2451 | /* } */ | ||
2452 | /* queue->qh = GNUNET_TRANSPORT_communicator_mq_add (ch, */ | ||
2453 | /* &queue->target, */ | ||
2454 | /* foreign_addr, */ | ||
2455 | /* 0 /\* no MTU *\/, */ | ||
2456 | /* GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED, */ | ||
2457 | /* 0, /\* Priority *\/ */ | ||
2458 | /* queue->nt, */ | ||
2459 | /* queue->cs, */ | ||
2460 | /* queue->mq); */ | ||
2461 | /* GNUNET_free (foreign_addr); */ | ||
2462 | /* } */ | ||
2463 | } | 2434 | } |
2464 | 2435 | ||
2465 | 2436 | ||
@@ -2600,8 +2571,8 @@ handshake_monotime_cb (void *cls, | |||
2600 | pid, | 2571 | pid, |
2601 | GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE, | 2572 | GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE, |
2602 | handshake_monotonic_time, | 2573 | handshake_monotonic_time, |
2603 | sizeof( | 2574 | sizeof(* |
2604 | handshake_monotonic_time), | 2575 | handshake_monotonic_time), |
2605 | GNUNET_TIME_UNIT_FOREVER_ABS, | 2576 | GNUNET_TIME_UNIT_FOREVER_ABS, |
2606 | GNUNET_PEERSTORE_STOREOPTION_REPLACE, | 2577 | GNUNET_PEERSTORE_STOREOPTION_REPLACE, |
2607 | & | 2578 | & |
@@ -2642,18 +2613,18 @@ decrypt_and_check_tc (struct Queue *queue, | |||
2642 | memcpy (&ths.ephemeral, ibuf, sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)); | 2613 | memcpy (&ths.ephemeral, ibuf, sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)); |
2643 | ths.monotonic_time = tc->monotonic_time; | 2614 | ths.monotonic_time = tc->monotonic_time; |
2644 | ths.challenge = tc->challenge; | 2615 | ths.challenge = tc->challenge; |
2616 | queue->handshake_monotime_get = | ||
2617 | GNUNET_PEERSTORE_iterate (peerstore, | ||
2618 | "transport_tcp_communicator", | ||
2619 | &queue->target, | ||
2620 | GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE, | ||
2621 | &handshake_monotime_cb, | ||
2622 | queue); | ||
2645 | return GNUNET_CRYPTO_eddsa_verify ( | 2623 | return GNUNET_CRYPTO_eddsa_verify ( |
2646 | GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE, | 2624 | GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE, |
2647 | &ths, | 2625 | &ths, |
2648 | &tc->sender_sig, | 2626 | &tc->sender_sig, |
2649 | &tc->sender.public_key); | 2627 | &tc->sender.public_key); |
2650 | queue->handshake_monotime_get = GNUNET_PEERSTORE_iterate (peerstore, | ||
2651 | "transport_tcp_communicator", | ||
2652 | &queue->target, | ||
2653 | GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE, | ||
2654 | & | ||
2655 | handshake_monotime_cb, | ||
2656 | queue); | ||
2657 | } | 2628 | } |
2658 | 2629 | ||
2659 | 2630 | ||
@@ -2914,8 +2885,7 @@ queue_read_kx (void *cls) | |||
2914 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2885 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2915 | "cread_off set to %lu bytes\n", | 2886 | "cread_off set to %lu bytes\n", |
2916 | queue->cread_off); | 2887 | queue->cread_off); |
2917 | if (0 <= queue->cread_off) | 2888 | queue->read_task = GNUNET_SCHEDULER_add_now (&queue_read, queue); |
2918 | queue->read_task = GNUNET_SCHEDULER_add_now (&queue_read, queue); | ||
2919 | } | 2889 | } |
2920 | 2890 | ||
2921 | 2891 | ||
@@ -3359,10 +3329,11 @@ init_socket (struct sockaddr *addr, | |||
3359 | 3329 | ||
3360 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 3330 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
3361 | "creating map entry\n"); | 3331 | "creating map entry\n"); |
3362 | GNUNET_CONTAINER_multihashmap_put (lt_map, | 3332 | GNUNET_assert (GNUNET_OK == |
3363 | &h_sock, | 3333 | GNUNET_CONTAINER_multihashmap_put (lt_map, |
3364 | lt, | 3334 | &h_sock, |
3365 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY); | 3335 | lt, |
3336 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); | ||
3366 | 3337 | ||
3367 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 3338 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
3368 | "map entry created\n"); | 3339 | "map entry created\n"); |
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c index fa9bb5d0a..ef7b1d6c0 100644 --- a/src/transport/gnunet-communicator-udp.c +++ b/src/transport/gnunet-communicator-udp.c | |||
@@ -2691,8 +2691,8 @@ check_for_rekeying (struct ReceiverAddress *receiver, struct UDPBox *box) | |||
2691 | struct GNUNET_TIME_Relative rt; | 2691 | struct GNUNET_TIME_Relative rt; |
2692 | 2692 | ||
2693 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2693 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2694 | "Timeout is %lu\n.", | 2694 | "Timeout is %llu\n.", |
2695 | receiver->rekey_timeout.abs_value_us); | 2695 | (unsigned long long) receiver->rekey_timeout.abs_value_us); |
2696 | 2696 | ||
2697 | if (0 == receiver->rekey_timeout.abs_value_us) | 2697 | if (0 == receiver->rekey_timeout.abs_value_us) |
2698 | { | 2698 | { |
@@ -2703,21 +2703,21 @@ check_for_rekeying (struct ReceiverAddress *receiver, struct UDPBox *box) | |||
2703 | { | 2703 | { |
2704 | rt = GNUNET_TIME_absolute_get_remaining (receiver->rekey_timeout); | 2704 | rt = GNUNET_TIME_absolute_get_remaining (receiver->rekey_timeout); |
2705 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2705 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2706 | "Relative time is %lu and timeout is %lu\n.", | 2706 | "Relative time is %llu and timeout is %llu\n.", |
2707 | rt.rel_value_us, | 2707 | (unsigned long long) rt.rel_value_us, |
2708 | receiver->rekey_timeout.abs_value_us); | 2708 | (unsigned long long) receiver->rekey_timeout.abs_value_us); |
2709 | 2709 | ||
2710 | if ((0 == rt.rel_value_us) || (receiver->rekey_send_bytes > | 2710 | if ((0 == rt.rel_value_us) || (receiver->rekey_send_bytes > |
2711 | rekey_max_bytes) ) | 2711 | rekey_max_bytes) ) |
2712 | { | 2712 | { |
2713 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2713 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2714 | "Bytes send %lu greater than %llu max bytes\n.", | 2714 | "Bytes send %llu greater than %llu max bytes\n.", |
2715 | receiver->rekey_send_bytes, | 2715 | (unsigned long long) receiver->rekey_send_bytes, |
2716 | rekey_max_bytes); | 2716 | rekey_max_bytes); |
2717 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 2717 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
2718 | "Relative time is %lu and timeout is %lu\n.", | 2718 | "Relative time is %llu and timeout is %llu\n.", |
2719 | rt.rel_value_us, | 2719 | (unsigned long long) rt.rel_value_us, |
2720 | receiver->rekey_timeout.abs_value_us); | 2720 | (unsigned long long) receiver->rekey_timeout.abs_value_us); |
2721 | 2721 | ||
2722 | receiver->rekey_timeout.abs_value_us = 0; | 2722 | receiver->rekey_timeout.abs_value_us = 0; |
2723 | receiver->rekey_send_bytes = 0; | 2723 | receiver->rekey_send_bytes = 0; |
diff --git a/src/transport/gnunet-service-tng.c b/src/transport/gnunet-service-tng.c index 613477220..a7e2a8c04 100644 --- a/src/transport/gnunet-service-tng.c +++ b/src/transport/gnunet-service-tng.c | |||
@@ -4381,13 +4381,13 @@ dv_setup_key_state_from_km (const struct GNUNET_HashCode *km, | |||
4381 | "Deriving backchannel key based on KM %s and IV %s\n", | 4381 | "Deriving backchannel key based on KM %s and IV %s\n", |
4382 | GNUNET_h2s (km), | 4382 | GNUNET_h2s (km), |
4383 | GNUNET_sh2s (iv)); | 4383 | GNUNET_sh2s (iv)); |
4384 | gcry_cipher_open (&key->cipher, | 4384 | GNUNET_assert (0 == gcry_cipher_open (&key->cipher, |
4385 | GCRY_CIPHER_AES256 /* low level: go for speed */, | 4385 | GCRY_CIPHER_AES256 /* low level: go for speed */, |
4386 | GCRY_CIPHER_MODE_CTR, | 4386 | GCRY_CIPHER_MODE_CTR, |
4387 | 0 /* flags */); | 4387 | 0 /* flags */)); |
4388 | gcry_cipher_setkey (key->cipher, | 4388 | GNUNET_assert (0 == gcry_cipher_setkey (key->cipher, |
4389 | &key->material.aes_key, | 4389 | &key->material.aes_key, |
4390 | sizeof(key->material.aes_key)); | 4390 | sizeof(key->material.aes_key))); |
4391 | gcry_cipher_setctr (key->cipher, | 4391 | gcry_cipher_setctr (key->cipher, |
4392 | &key->material.aes_ctr, | 4392 | &key->material.aes_ctr, |
4393 | sizeof(key->material.aes_ctr)); | 4393 | sizeof(key->material.aes_ctr)); |
@@ -9069,8 +9069,9 @@ handle_send_message_ack (void *cls, | |||
9069 | qep = qep->next) | 9069 | qep = qep->next) |
9070 | { | 9070 | { |
9071 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | 9071 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, |
9072 | "QueueEntry MID: %lu, Ack MID: %lu\n", | 9072 | "QueueEntry MID: %llu, Ack MID: %llu\n", |
9073 | qep->mid, sma->mid); | 9073 | (unsigned long long) qep->mid, |
9074 | (unsigned long long) sma->mid); | ||
9074 | if (qep->mid != sma->mid) | 9075 | if (qep->mid != sma->mid) |
9075 | continue; | 9076 | continue; |
9076 | qe = qep; | 9077 | qe = qep; |
diff --git a/src/transport/test_communicator_basic.c b/src/transport/test_communicator_basic.c index 202bc0a5b..f43cdaaf3 100644 --- a/src/transport/test_communicator_basic.c +++ b/src/transport/test_communicator_basic.c | |||
@@ -755,13 +755,11 @@ add_queue_cb (void *cls, | |||
755 | unsigned int peer_nr; | 755 | unsigned int peer_nr; |
756 | 756 | ||
757 | peer_nr = get_peer_nr (cls, GNUNET_NO); | 757 | peer_nr = get_peer_nr (cls, GNUNET_NO); |
758 | |||
759 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 758 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
760 | "Handle %p add %u %u\n", | 759 | "Handle %p add %u %u\n", |
761 | tc_h, | 760 | tc_h, |
762 | peer_nr, | 761 | peer_nr, |
763 | get_peer_nr_from_tc (tc_h)); | 762 | get_peer_nr_from_tc (tc_h)); |
764 | |||
765 | if ((GNUNET_NO == bidirect)&&(0 != strcmp ((char*) cls, cfg_peers_name[0]))) | 763 | if ((GNUNET_NO == bidirect)&&(0 != strcmp ((char*) cls, cfg_peers_name[0]))) |
766 | { | 764 | { |
767 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 765 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
@@ -772,14 +770,11 @@ add_queue_cb (void *cls, | |||
772 | return; | 770 | return; |
773 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 771 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
774 | "Queue established, starting test...\n"); | 772 | "Queue established, starting test...\n"); |
775 | // start_short = GNUNET_TIME_absolute_get (); | 773 | if (UINT32_MAX != mtu) /* Message header overhead */ |
776 | // my_tc = tc_h; | ||
777 | if (0 != mtu) /* Message header overhead */ | ||
778 | long_message_size = mtu - sizeof(struct GNUNET_TRANSPORT_SendMessageTo) | 774 | long_message_size = mtu - sizeof(struct GNUNET_TRANSPORT_SendMessageTo) |
779 | - sizeof(struct GNUNET_MessageHeader); | 775 | - sizeof(struct GNUNET_MessageHeader); |
780 | else | 776 | else |
781 | long_message_size = LONG_MESSAGE_SIZE; | 777 | long_message_size = LONG_MESSAGE_SIZE; |
782 | // phase = TP_BURST_SHORT; | ||
783 | timeout[peer_nr] = GNUNET_TIME_relative_to_absolute ( | 778 | timeout[peer_nr] = GNUNET_TIME_relative_to_absolute ( |
784 | GNUNET_TIME_relative_multiply ( | 779 | GNUNET_TIME_relative_multiply ( |
785 | GNUNET_TIME_UNIT_SECONDS, | 780 | GNUNET_TIME_UNIT_SECONDS, |
@@ -791,8 +786,6 @@ add_queue_cb (void *cls, | |||
791 | TIMEOUT_MULTIPLIER), | 786 | TIMEOUT_MULTIPLIER), |
792 | &latency_timeout, | 787 | &latency_timeout, |
793 | tc_h); | 788 | tc_h); |
794 | // prepare_test (NULL); | ||
795 | // short_test (NULL); | ||
796 | choose_phase (tc_h); | 789 | choose_phase (tc_h); |
797 | } | 790 | } |
798 | 791 | ||
diff --git a/src/transport/transport-testing2.c b/src/transport/transport-testing2.c index 96d305fd8..482aaf4d0 100644 --- a/src/transport/transport-testing2.c +++ b/src/transport/transport-testing2.c | |||
@@ -337,7 +337,7 @@ hello_iter_cb (void *cb_cls, | |||
337 | const char *emsg) | 337 | const char *emsg) |
338 | { | 338 | { |
339 | struct GNUNET_TRANSPORT_TESTING_PeerContext *p = cb_cls; | 339 | struct GNUNET_TRANSPORT_TESTING_PeerContext *p = cb_cls; |
340 | if ((NULL == record) && (NULL == emsg)) | 340 | if (NULL == record) |
341 | { | 341 | { |
342 | p->pic = NULL; | 342 | p->pic = NULL; |
343 | if (NULL != p->start_cb) | 343 | if (NULL != p->start_cb) |
diff --git a/src/util/Makefile.am b/src/util/Makefile.am index 09620aee0..e720112be 100644 --- a/src/util/Makefile.am +++ b/src/util/Makefile.am | |||
@@ -43,6 +43,7 @@ libgnunetutil_la_SOURCES = \ | |||
43 | $(BENCHMARK) \ | 43 | $(BENCHMARK) \ |
44 | bio.c \ | 44 | bio.c \ |
45 | buffer.c \ | 45 | buffer.c \ |
46 | child_management.c \ | ||
46 | client.c \ | 47 | client.c \ |
47 | common_allocation.c \ | 48 | common_allocation.c \ |
48 | common_endian.c \ | 49 | common_endian.c \ |
@@ -271,6 +272,7 @@ check_SCRIPTS = \ | |||
271 | 272 | ||
272 | check_PROGRAMS = \ | 273 | check_PROGRAMS = \ |
273 | test_bio \ | 274 | test_bio \ |
275 | test_child_management \ | ||
274 | test_client.nc \ | 276 | test_client.nc \ |
275 | $(TEST_CLIENT_UNIX_NC) \ | 277 | $(TEST_CLIENT_UNIX_NC) \ |
276 | test_common_allocation \ | 278 | test_common_allocation \ |
@@ -323,6 +325,14 @@ check_PROGRAMS = \ | |||
323 | test_common_logging_runtime_loglevels | 325 | test_common_logging_runtime_loglevels |
324 | 326 | ||
325 | 327 | ||
328 | test_child_management_SOURCES = \ | ||
329 | test_child_management.c | ||
330 | test_child_management_LDADD = \ | ||
331 | libgnunetutil.la \ | ||
332 | $(XLIB) | ||
333 | |||
334 | |||
335 | |||
326 | # Declare .nc (NO-CONCURRENCY) as a test extension so that we can impart | 336 | # Declare .nc (NO-CONCURRENCY) as a test extension so that we can impart |
327 | # sequential execution order for them | 337 | # sequential execution order for them |
328 | TEST_EXTENSIONS = .nc | 338 | TEST_EXTENSIONS = .nc |
@@ -650,4 +660,7 @@ EXTRA_DIST = \ | |||
650 | test_program_data.conf \ | 660 | test_program_data.conf \ |
651 | test_resolver_api_data.conf \ | 661 | test_resolver_api_data.conf \ |
652 | test_service_data.conf \ | 662 | test_service_data.conf \ |
653 | test_speedup_data.conf | 663 | test_speedup_data.conf \ |
664 | child_management_test.sh \ | ||
665 | test_crypto_vectors.sh \ | ||
666 | crypto-test-vectors.json | ||
diff --git a/src/util/child_management_test.sh b/src/util/child_management_test.sh new file mode 100755 index 000000000..a35b865f3 --- /dev/null +++ b/src/util/child_management_test.sh | |||
@@ -0,0 +1,2 @@ | |||
1 | #!/usr/bin/env bash | ||
2 | echo "$1$2" >> child_management_test.txt | ||
diff --git a/src/util/common_allocation.c b/src/util/common_allocation.c index 215df55d4..308488131 100644 --- a/src/util/common_allocation.c +++ b/src/util/common_allocation.c | |||
@@ -327,8 +327,12 @@ GNUNET_xrealloc_ (void *ptr, size_t n, const char *filename, int linenumber) | |||
327 | * @param linenumber where in the code was the call to GNUNET_free() | 327 | * @param linenumber where in the code was the call to GNUNET_free() |
328 | */ | 328 | */ |
329 | void | 329 | void |
330 | GNUNET_xfree_ (void *ptr, const char *filename, int linenumber) | 330 | GNUNET_xfree_ (void *ptr, |
331 | const char *filename, | ||
332 | int linenumber) | ||
331 | { | 333 | { |
334 | if (NULL == ptr) | ||
335 | return; | ||
332 | #ifdef W32_MEM_LIMIT | 336 | #ifdef W32_MEM_LIMIT |
333 | ptr = &((size_t *) ptr)[-1]; | 337 | ptr = &((size_t *) ptr)[-1]; |
334 | mem_used -= *((size_t *) ptr); | 338 | mem_used -= *((size_t *) ptr); |
diff --git a/src/util/crypto_ecc_gnsrecord.c b/src/util/crypto_ecc_gnsrecord.c index 6689a21f1..ce41a4699 100644 --- a/src/util/crypto_ecc_gnsrecord.c +++ b/src/util/crypto_ecc_gnsrecord.c | |||
@@ -42,20 +42,19 @@ | |||
42 | * @param label label for deriviation | 42 | * @param label label for deriviation |
43 | * @param context additional context to use for HKDF of 'h'; | 43 | * @param context additional context to use for HKDF of 'h'; |
44 | * typically the name of the subsystem/application | 44 | * typically the name of the subsystem/application |
45 | * @return h value | 45 | * @param hc where to write the result |
46 | */ | 46 | */ |
47 | static gcry_mpi_t | 47 | void |
48 | derive_h (const void *pub, | 48 | derive_h (const void *pub, |
49 | size_t pubsize, | 49 | size_t pubsize, |
50 | const char *label, | 50 | const char *label, |
51 | const char *context) | 51 | const char *context, |
52 | struct GNUNET_HashCode *hc) | ||
52 | { | 53 | { |
53 | gcry_mpi_t h; | ||
54 | struct GNUNET_HashCode hc; | ||
55 | static const char *const salt = "key-derivation"; | 54 | static const char *const salt = "key-derivation"; |
56 | 55 | ||
57 | GNUNET_CRYPTO_kdf (&hc, | 56 | GNUNET_CRYPTO_kdf (hc, |
58 | sizeof(hc), | 57 | sizeof(*hc), |
59 | salt, | 58 | salt, |
60 | strlen (salt), | 59 | strlen (salt), |
61 | pub, | 60 | pub, |
@@ -66,8 +65,6 @@ derive_h (const void *pub, | |||
66 | strlen (context), | 65 | strlen (context), |
67 | NULL, | 66 | NULL, |
68 | 0); | 67 | 0); |
69 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc)); | ||
70 | return h; | ||
71 | } | 68 | } |
72 | 69 | ||
73 | 70 | ||
@@ -94,52 +91,87 @@ GNUNET_CRYPTO_eddsa_sign_with_scalar ( | |||
94 | { | 91 | { |
95 | 92 | ||
96 | crypto_hash_sha512_state hs; | 93 | crypto_hash_sha512_state hs; |
97 | unsigned char az[64]; | 94 | unsigned char sk[64]; |
98 | unsigned char nonce[64]; | 95 | unsigned char r[64]; |
99 | unsigned char hram[64]; | 96 | unsigned char hram[64]; |
100 | unsigned char R[32]; | 97 | unsigned char R[32]; |
101 | unsigned char pk[32]; | 98 | unsigned char zk[32]; |
99 | unsigned char tmp[32]; | ||
102 | 100 | ||
103 | crypto_hash_sha512_init (&hs); | 101 | crypto_hash_sha512_init (&hs); |
104 | 102 | ||
105 | // crypto_hash_sha512 (az, sk, 32); DO NOT EXPAND, WE HAVE A KEY | 103 | /** |
106 | memcpy (az, priv->s, 64); | 104 | * Instead of expanding the private here, we already |
107 | crypto_scalarmult_ed25519_base_noclamp (pk, | 105 | * have the secret scalar as input. Use it. |
108 | priv->s); | 106 | * Note that sk is not plain SHA512 (d). |
109 | crypto_hash_sha512_update (&hs, az + 32, 32); | 107 | * sk[0..31] contains the derived private scalar |
110 | 108 | * sk[0..31] = h * SHA512 (d)[0..31] | |
109 | * sk[32..63] = SHA512 (d)[32..63] | ||
110 | */ | ||
111 | memcpy (sk, priv->s, 64); | ||
112 | |||
113 | /** | ||
114 | * Calculate the derived zone key zk' from the | ||
115 | * derived private scalar. | ||
116 | */ | ||
117 | crypto_scalarmult_ed25519_base_noclamp (zk, | ||
118 | sk); | ||
119 | |||
120 | /** | ||
121 | * Calculate r: | ||
122 | * r = SHA512 (sk[32..63] | M) | ||
123 | * where M is our message (purpose). | ||
124 | * Note that sk[32..63] is the other half of the | ||
125 | * expansion from the original, non-derived private key | ||
126 | * "d". | ||
127 | */ | ||
128 | crypto_hash_sha512_update (&hs, sk + 32, 32); | ||
111 | crypto_hash_sha512_update (&hs, (uint8_t*) purpose, ntohl (purpose->size)); | 129 | crypto_hash_sha512_update (&hs, (uint8_t*) purpose, ntohl (purpose->size)); |
112 | crypto_hash_sha512_final (&hs, nonce); | 130 | crypto_hash_sha512_final (&hs, r); |
113 | 131 | ||
114 | // This effectively creates R ||Â A in sig | 132 | /** |
115 | memcpy (sig->s, pk, 32); | 133 | * Temporarily put zk into S |
116 | 134 | */ | |
117 | unsigned char nonce_mod[64]; | 135 | memcpy (sig->s, zk, 32); |
118 | crypto_core_ed25519_scalar_reduce (nonce_mod, nonce); | 136 | |
119 | // nonce == r; r * G == R | 137 | /** |
120 | crypto_scalarmult_ed25519_base_noclamp (R, nonce_mod); | 138 | * Reduce the scalar value r |
139 | */ | ||
140 | unsigned char r_mod[64]; | ||
141 | crypto_core_ed25519_scalar_reduce (r_mod, r); | ||
142 | |||
143 | /** | ||
144 | * Calculate R := r * G of the signature | ||
145 | */ | ||
146 | crypto_scalarmult_ed25519_base_noclamp (R, r_mod); | ||
121 | memcpy (sig->r, R, sizeof (R)); | 147 | memcpy (sig->r, R, sizeof (R)); |
122 | 148 | ||
123 | // SHA512 (R | A | M) == k | 149 | /** |
150 | * Calculate | ||
151 | * hram := SHA512 (R | zk' | M) | ||
152 | */ | ||
124 | crypto_hash_sha512_init (&hs); | 153 | crypto_hash_sha512_init (&hs); |
125 | crypto_hash_sha512_update (&hs, (uint8_t*) sig, 64); | 154 | crypto_hash_sha512_update (&hs, (uint8_t*) sig, 64); |
126 | crypto_hash_sha512_update (&hs, (uint8_t*) purpose, | 155 | crypto_hash_sha512_update (&hs, (uint8_t*) purpose, |
127 | ntohl (purpose->size)); | 156 | ntohl (purpose->size)); |
128 | crypto_hash_sha512_final (&hs, hram); | 157 | crypto_hash_sha512_final (&hs, hram); |
129 | 158 | ||
159 | /** | ||
160 | * Reduce the resulting scalar value | ||
161 | */ | ||
130 | unsigned char hram_mod[64]; | 162 | unsigned char hram_mod[64]; |
131 | crypto_core_ed25519_scalar_reduce (hram_mod, hram); | 163 | crypto_core_ed25519_scalar_reduce (hram_mod, hram); |
132 | az[0] &= 248; | ||
133 | az[31] &= 127; | ||
134 | az[31] |= 64; | ||
135 | 164 | ||
136 | unsigned char tmp[32]; | 165 | /** |
137 | // r + k * s mod L == S | 166 | * Calculate |
138 | crypto_core_ed25519_scalar_mul (tmp, hram_mod, az); | 167 | * S := r + hram * s mod L |
139 | crypto_core_ed25519_scalar_add (sig->s, tmp, nonce_mod); | 168 | */ |
169 | crypto_core_ed25519_scalar_mul (tmp, hram_mod, sk); | ||
170 | crypto_core_ed25519_scalar_add (sig->s, tmp, r_mod); | ||
140 | 171 | ||
141 | sodium_memzero (az, sizeof az); | 172 | sodium_memzero (sk, sizeof (sk)); |
142 | sodium_memzero (nonce, sizeof nonce); | 173 | sodium_memzero (r, sizeof (r)); |
174 | sodium_memzero (r_mod, sizeof (r_mod)); | ||
143 | } | 175 | } |
144 | 176 | ||
145 | 177 | ||
@@ -151,6 +183,7 @@ GNUNET_CRYPTO_ecdsa_private_key_derive ( | |||
151 | { | 183 | { |
152 | struct GNUNET_CRYPTO_EcdsaPublicKey pub; | 184 | struct GNUNET_CRYPTO_EcdsaPublicKey pub; |
153 | struct GNUNET_CRYPTO_EcdsaPrivateKey *ret; | 185 | struct GNUNET_CRYPTO_EcdsaPrivateKey *ret; |
186 | struct GNUNET_HashCode hc; | ||
154 | uint8_t dc[32]; | 187 | uint8_t dc[32]; |
155 | gcry_mpi_t h; | 188 | gcry_mpi_t h; |
156 | gcry_mpi_t x; | 189 | gcry_mpi_t x; |
@@ -163,7 +196,9 @@ GNUNET_CRYPTO_ecdsa_private_key_derive ( | |||
163 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); | 196 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); |
164 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); | 197 | GNUNET_CRYPTO_ecdsa_key_get_public (priv, &pub); |
165 | 198 | ||
166 | h = derive_h (&pub, sizeof (pub), label, context); | 199 | derive_h (&pub, sizeof (pub), label, context, &hc); |
200 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc)); | ||
201 | |||
167 | /* Convert to big endian for libgcrypt */ | 202 | /* Convert to big endian for libgcrypt */ |
168 | for (size_t i = 0; i < 32; i++) | 203 | for (size_t i = 0; i < 32; i++) |
169 | dc[i] = priv->d[31 - i]; | 204 | dc[i] = priv->d[31 - i]; |
@@ -192,6 +227,7 @@ GNUNET_CRYPTO_ecdsa_public_key_derive ( | |||
192 | const char *context, | 227 | const char *context, |
193 | struct GNUNET_CRYPTO_EcdsaPublicKey *result) | 228 | struct GNUNET_CRYPTO_EcdsaPublicKey *result) |
194 | { | 229 | { |
230 | struct GNUNET_HashCode hc; | ||
195 | gcry_ctx_t ctx; | 231 | gcry_ctx_t ctx; |
196 | gcry_mpi_t q_y; | 232 | gcry_mpi_t q_y; |
197 | gcry_mpi_t h; | 233 | gcry_mpi_t h; |
@@ -213,7 +249,8 @@ GNUNET_CRYPTO_ecdsa_public_key_derive ( | |||
213 | GNUNET_assert (q); | 249 | GNUNET_assert (q); |
214 | 250 | ||
215 | /* calculate h_mod_n = h % n */ | 251 | /* calculate h_mod_n = h % n */ |
216 | h = derive_h (pub, sizeof (pub), label, context); | 252 | derive_h (pub, sizeof (*pub), label, context, &hc); |
253 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc)); | ||
217 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); | 254 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); |
218 | h_mod_n = gcry_mpi_new (256); | 255 | h_mod_n = gcry_mpi_new (256); |
219 | gcry_mpi_mod (h_mod_n, h, n); | 256 | gcry_mpi_mod (h_mod_n, h, n); |
@@ -244,6 +281,7 @@ GNUNET_CRYPTO_eddsa_private_key_derive ( | |||
244 | struct GNUNET_CRYPTO_EddsaPrivateScalar *result) | 281 | struct GNUNET_CRYPTO_EddsaPrivateScalar *result) |
245 | { | 282 | { |
246 | struct GNUNET_CRYPTO_EddsaPublicKey pub; | 283 | struct GNUNET_CRYPTO_EddsaPublicKey pub; |
284 | struct GNUNET_HashCode hc; | ||
247 | uint8_t dc[32]; | 285 | uint8_t dc[32]; |
248 | unsigned char sk[64]; | 286 | unsigned char sk[64]; |
249 | gcry_mpi_t h; | 287 | gcry_mpi_t h; |
@@ -255,20 +293,48 @@ GNUNET_CRYPTO_eddsa_private_key_derive ( | |||
255 | gcry_mpi_t a2; | 293 | gcry_mpi_t a2; |
256 | gcry_ctx_t ctx; | 294 | gcry_ctx_t ctx; |
257 | 295 | ||
296 | /** | ||
297 | * Libsodium does not offer an API with arbitrary arithmetic. | ||
298 | * Hence we have to use libgcrypt here. | ||
299 | */ | ||
258 | GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, "Ed25519")); | 300 | GNUNET_assert (0 == gcry_mpi_ec_new (&ctx, NULL, "Ed25519")); |
259 | 301 | ||
302 | /** | ||
303 | * Get our modulo | ||
304 | */ | ||
260 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); | 305 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); |
261 | GNUNET_CRYPTO_eddsa_key_get_public (priv, &pub); | 306 | GNUNET_CRYPTO_eddsa_key_get_public (priv, &pub); |
307 | |||
308 | /** | ||
309 | * This is the standard private key expansion in Ed25519. | ||
310 | * The first 32 octets are used as a little-endian private | ||
311 | * scalar. | ||
312 | * We derive this scalar using our "h". | ||
313 | */ | ||
262 | crypto_hash_sha512 (sk, priv->d, 32); | 314 | crypto_hash_sha512 (sk, priv->d, 32); |
263 | sk[0] &= 248; | 315 | sk[0] &= 248; |
264 | sk[31] &= 127; | 316 | sk[31] &= 127; |
265 | sk[31] |= 64; | 317 | sk[31] |= 64; |
266 | h = derive_h (&pub, sizeof (pub), label, context); | 318 | |
319 | /** | ||
320 | * Get h mod n | ||
321 | */ | ||
322 | derive_h (&pub, sizeof (pub), label, context, &hc); | ||
323 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc)); | ||
267 | h_mod_n = gcry_mpi_new (256); | 324 | h_mod_n = gcry_mpi_new (256); |
268 | gcry_mpi_mod (h_mod_n, h, n); | 325 | gcry_mpi_mod (h_mod_n, h, n); |
269 | /* Convert to big endian for libgcrypt */ | 326 | /* Convert scalar to big endian for libgcrypt */ |
270 | for (size_t i = 0; i < 32; i++) | 327 | for (size_t i = 0; i < 32; i++) |
271 | dc[i] = sk[31 - i]; | 328 | dc[i] = sk[31 - i]; |
329 | |||
330 | /** | ||
331 | * dc now contains the private scalar "a". | ||
332 | * We carefully remove the clamping and derive a'. | ||
333 | * Calculate: | ||
334 | * a1 := a / 8 | ||
335 | * a2 := h * a1 mod n | ||
336 | * a' := a2 * 8 mod n | ||
337 | */ | ||
272 | GNUNET_CRYPTO_mpi_scan_unsigned (&x, dc, sizeof(dc)); // a | 338 | GNUNET_CRYPTO_mpi_scan_unsigned (&x, dc, sizeof(dc)); // a |
273 | a1 = gcry_mpi_new (256); | 339 | a1 = gcry_mpi_new (256); |
274 | gcry_mpi_t eight = gcry_mpi_set_ui (NULL, 8); | 340 | gcry_mpi_t eight = gcry_mpi_set_ui (NULL, 8); |
@@ -276,7 +342,6 @@ GNUNET_CRYPTO_eddsa_private_key_derive ( | |||
276 | a2 = gcry_mpi_new (256); | 342 | a2 = gcry_mpi_new (256); |
277 | gcry_mpi_mulm (a2, h_mod_n, a1, n); // a2 := h * a1 mod n | 343 | gcry_mpi_mulm (a2, h_mod_n, a1, n); // a2 := h * a1 mod n |
278 | d = gcry_mpi_new (256); | 344 | d = gcry_mpi_new (256); |
279 | // gcry_mpi_mulm (d, a2, eight, n); // a' := a2 * 8 mod n | ||
280 | gcry_mpi_mul (d, a2, eight); // a' := a2 * 8 | 345 | gcry_mpi_mul (d, a2, eight); // a' := a2 * 8 |
281 | gcry_mpi_release (h); | 346 | gcry_mpi_release (h); |
282 | gcry_mpi_release (x); | 347 | gcry_mpi_release (x); |
@@ -285,13 +350,21 @@ GNUNET_CRYPTO_eddsa_private_key_derive ( | |||
285 | gcry_mpi_release (a2); | 350 | gcry_mpi_release (a2); |
286 | gcry_ctx_release (ctx); | 351 | gcry_ctx_release (ctx); |
287 | GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d); | 352 | GNUNET_CRYPTO_mpi_print_unsigned (dc, sizeof(dc), d); |
288 | memcpy (result->s, sk, sizeof (sk)); | 353 | /** |
354 | * We hash the derived "h" parameter with the | ||
355 | * other half of the expanded private key. This ensures | ||
356 | * that for signature generation, the "R" is derived from | ||
357 | * the same derivation path as "h" and is not reused. | ||
358 | */ | ||
359 | crypto_hash_sha256_state hs; | ||
360 | crypto_hash_sha256_init (&hs); | ||
361 | crypto_hash_sha256_update (&hs, sk + 32, 32); | ||
362 | crypto_hash_sha256_update (&hs, (unsigned char*) &hc, sizeof (hc)); | ||
363 | crypto_hash_sha256_final (&hs, result->s + 32); | ||
364 | //memcpy (result->s, sk, sizeof (sk)); | ||
289 | /* Convert to little endian for libsodium */ | 365 | /* Convert to little endian for libsodium */ |
290 | for (size_t i = 0; i < 32; i++) | 366 | for (size_t i = 0; i < 32; i++) |
291 | result->s[i] = dc[31 - i]; | 367 | result->s[i] = dc[31 - i]; |
292 | result->s[0] &= 248; | ||
293 | result->s[31] &= 127; | ||
294 | result->s[31] |= 64; | ||
295 | 368 | ||
296 | sodium_memzero (dc, sizeof(dc)); | 369 | sodium_memzero (dc, sizeof(dc)); |
297 | gcry_mpi_release (d); | 370 | gcry_mpi_release (d); |
@@ -305,6 +378,7 @@ GNUNET_CRYPTO_eddsa_public_key_derive ( | |||
305 | const char *context, | 378 | const char *context, |
306 | struct GNUNET_CRYPTO_EddsaPublicKey *result) | 379 | struct GNUNET_CRYPTO_EddsaPublicKey *result) |
307 | { | 380 | { |
381 | struct GNUNET_HashCode hc; | ||
308 | gcry_ctx_t ctx; | 382 | gcry_ctx_t ctx; |
309 | gcry_mpi_t q_y; | 383 | gcry_mpi_t q_y; |
310 | gcry_mpi_t h; | 384 | gcry_mpi_t h; |
@@ -326,7 +400,9 @@ GNUNET_CRYPTO_eddsa_public_key_derive ( | |||
326 | GNUNET_assert (q); | 400 | GNUNET_assert (q); |
327 | 401 | ||
328 | /* calculate h_mod_n = h % n */ | 402 | /* calculate h_mod_n = h % n */ |
329 | h = derive_h (pub, sizeof (*pub), label, context); | 403 | derive_h (pub, sizeof (*pub), label, context, &hc); |
404 | GNUNET_CRYPTO_mpi_scan_unsigned (&h, (unsigned char *) &hc, sizeof(hc)); | ||
405 | |||
330 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); | 406 | n = gcry_mpi_ec_get_mpi ("n", ctx, 1); |
331 | h_mod_n = gcry_mpi_new (256); | 407 | h_mod_n = gcry_mpi_new (256); |
332 | gcry_mpi_mod (h_mod_n, h, n); | 408 | gcry_mpi_mod (h_mod_n, h, n); |
@@ -349,3 +425,21 @@ GNUNET_CRYPTO_eddsa_public_key_derive ( | |||
349 | gcry_ctx_release (ctx); | 425 | gcry_ctx_release (ctx); |
350 | 426 | ||
351 | } | 427 | } |
428 | |||
429 | |||
430 | void | ||
431 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar ( | ||
432 | const struct GNUNET_CRYPTO_EddsaPrivateScalar *priv, | ||
433 | struct GNUNET_CRYPTO_EddsaPublicKey *pkey) | ||
434 | { | ||
435 | unsigned char sk[32]; | ||
436 | |||
437 | memcpy (sk, priv->s, 32); | ||
438 | |||
439 | /** | ||
440 | * Calculate the derived zone key zk' from the | ||
441 | * derived private scalar. | ||
442 | */ | ||
443 | crypto_scalarmult_ed25519_base_noclamp (pkey->q_y, | ||
444 | sk); | ||
445 | } | ||
diff --git a/src/util/test_child_management.c b/src/util/test_child_management.c new file mode 100644 index 000000000..62c143420 --- /dev/null +++ b/src/util/test_child_management.c | |||
@@ -0,0 +1,177 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet | ||
3 | Copyright (C) 2014-2021 GNUnet e.V. | ||
4 | |||
5 | GNUNET is free software; you can redistribute it and/or modify | ||
6 | it under the terms of the GNU General Public License as | ||
7 | published by the Free Software Foundation; either version 3, or | ||
8 | (at your option) any later version. | ||
9 | |||
10 | GNUNET is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | ||
13 | GNU General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU General Public | ||
16 | License along with GNUNET; see the file COPYING. If not, see | ||
17 | <http://www.gnu.org/licenses/> | ||
18 | */ | ||
19 | |||
20 | /** | ||
21 | * @file lib/test_child_management.c | ||
22 | * @brief testcase to test the child management | ||
23 | * @author Christian Grothoff | ||
24 | * @author Dominik Meister | ||
25 | */ | ||
26 | #include "platform.h" | ||
27 | #include "gnunet_util_lib.h" | ||
28 | |||
29 | |||
30 | static struct GNUNET_ChildWaitHandle *cwh; | ||
31 | |||
32 | static int global_ret; | ||
33 | |||
34 | static struct GNUNET_OS_Process *pid; | ||
35 | |||
36 | |||
37 | static void | ||
38 | child_completed_callback (void *cls, | ||
39 | enum GNUNET_OS_ProcessStatusType type, | ||
40 | long unsigned int exit_code) | ||
41 | { | ||
42 | cwh = NULL; | ||
43 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
44 | "Process extided with code: %lu \n", | ||
45 | exit_code); | ||
46 | FILE *file; | ||
47 | char code[9]; | ||
48 | |||
49 | file = fopen ("child_management_test.txt", "r"); | ||
50 | if (NULL == file) | ||
51 | { | ||
52 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
53 | "could not find file: child_management_test.txt in %s:%u\n", | ||
54 | __FILE__, | ||
55 | __LINE__); | ||
56 | global_ret = 1; | ||
57 | return; | ||
58 | } | ||
59 | if (0 == fscanf (file, | ||
60 | "%8s", | ||
61 | code)) | ||
62 | { | ||
63 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
64 | "could not read file: child_management_test.txt in %s:%u\n", | ||
65 | __FILE__, | ||
66 | __LINE__); | ||
67 | global_ret = 1; | ||
68 | return; | ||
69 | } | ||
70 | |||
71 | if (0 != strcmp ("12345678", code)) | ||
72 | { | ||
73 | global_ret = 1; | ||
74 | return; | ||
75 | } | ||
76 | GNUNET_OS_process_destroy (pid); | ||
77 | pid = NULL; | ||
78 | GNUNET_break (0 == unlink ("child_management_test.txt")); | ||
79 | GNUNET_SCHEDULER_shutdown (); | ||
80 | global_ret = 0; | ||
81 | } | ||
82 | |||
83 | |||
84 | static void | ||
85 | do_shutdown (void *cls) | ||
86 | { | ||
87 | if (NULL != cwh) | ||
88 | { | ||
89 | GNUNET_wait_child_cancel (cwh); | ||
90 | cwh = NULL; | ||
91 | } | ||
92 | if (NULL != pid) | ||
93 | { | ||
94 | GNUNET_assert (0 == | ||
95 | GNUNET_OS_process_kill (pid, | ||
96 | SIGKILL)); | ||
97 | GNUNET_assert (GNUNET_OK == | ||
98 | GNUNET_OS_process_wait (pid)); | ||
99 | GNUNET_OS_process_destroy (pid); | ||
100 | pid = NULL; | ||
101 | } | ||
102 | } | ||
103 | |||
104 | |||
105 | static void | ||
106 | test_child_management (void *cls) | ||
107 | { | ||
108 | const char *command = "./child_management_test.sh"; | ||
109 | struct GNUNET_DISK_PipeHandle *p; | ||
110 | struct GNUNET_DISK_FileHandle *out; | ||
111 | |||
112 | (void) cls; | ||
113 | p = GNUNET_DISK_pipe (GNUNET_DISK_PF_NONE); | ||
114 | if (NULL == p) | ||
115 | { | ||
116 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, | ||
117 | "pipe"); | ||
118 | global_ret = 2; | ||
119 | return; | ||
120 | } | ||
121 | pid = GNUNET_OS_start_process (0, | ||
122 | p, | ||
123 | NULL, | ||
124 | NULL, | ||
125 | command, | ||
126 | command, | ||
127 | "1234", | ||
128 | "5678", | ||
129 | NULL); | ||
130 | if (NULL == pid) | ||
131 | { | ||
132 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, | ||
133 | "fork"); | ||
134 | GNUNET_break (GNUNET_OK == | ||
135 | GNUNET_DISK_pipe_close (p)); | ||
136 | global_ret = 1; | ||
137 | return; | ||
138 | } | ||
139 | GNUNET_break (GNUNET_OK == | ||
140 | GNUNET_DISK_pipe_close_end (p, | ||
141 | GNUNET_DISK_PIPE_END_READ)); | ||
142 | out = GNUNET_DISK_pipe_detach_end (p, | ||
143 | GNUNET_DISK_PIPE_END_WRITE); | ||
144 | GNUNET_assert (NULL != out); | ||
145 | GNUNET_break (GNUNET_OK == | ||
146 | GNUNET_DISK_pipe_close (p)); | ||
147 | |||
148 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, | ||
149 | NULL); | ||
150 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,"Alright"); | ||
151 | cwh = GNUNET_wait_child (pid, | ||
152 | &child_completed_callback, | ||
153 | cls); | ||
154 | GNUNET_break (NULL != cwh); | ||
155 | GNUNET_assert (5 == | ||
156 | GNUNET_DISK_file_write (out, | ||
157 | "Hello", | ||
158 | 5)); | ||
159 | GNUNET_break (GNUNET_OK == | ||
160 | GNUNET_DISK_file_close (out)); | ||
161 | } | ||
162 | |||
163 | |||
164 | int | ||
165 | main (int argc, | ||
166 | const char *const argv[]) | ||
167 | { | ||
168 | GNUNET_log_setup (argv[0], | ||
169 | "DEBUG", | ||
170 | NULL); | ||
171 | GNUNET_SCHEDULER_run (&test_child_management, | ||
172 | NULL); | ||
173 | return global_ret; | ||
174 | } | ||
175 | |||
176 | |||
177 | /* end of test_anastasis_child_management.c */ | ||
diff --git a/src/util/test_crypto_eddsa.c b/src/util/test_crypto_eddsa.c index 5baf696b1..10d6a4e91 100644 --- a/src/util/test_crypto_eddsa.c +++ b/src/util/test_crypto_eddsa.c | |||
@@ -100,6 +100,73 @@ testSignVerify (void) | |||
100 | } | 100 | } |
101 | 101 | ||
102 | 102 | ||
103 | static int | ||
104 | testDeriveSignVerify (void) | ||
105 | { | ||
106 | struct GNUNET_CRYPTO_EddsaSignature sig; | ||
107 | struct GNUNET_CRYPTO_EccSignaturePurpose purp; | ||
108 | struct GNUNET_CRYPTO_EddsaPrivateScalar dpriv; | ||
109 | struct GNUNET_CRYPTO_EddsaPublicKey pkey; | ||
110 | struct GNUNET_CRYPTO_EddsaPublicKey dpub; | ||
111 | struct GNUNET_CRYPTO_EddsaPublicKey dpub2; | ||
112 | |||
113 | GNUNET_CRYPTO_eddsa_private_key_derive (&key, | ||
114 | "test-derive", | ||
115 | "test-CTX", | ||
116 | &dpriv); | ||
117 | GNUNET_CRYPTO_eddsa_key_get_public (&key, | ||
118 | &pkey); | ||
119 | GNUNET_CRYPTO_eddsa_public_key_derive (&pkey, | ||
120 | "test-derive", | ||
121 | "test-CTX", | ||
122 | &dpub); | ||
123 | GNUNET_CRYPTO_eddsa_key_get_public_from_scalar (&dpriv, &dpub2); | ||
124 | purp.size = htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)); | ||
125 | purp.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TEST); | ||
126 | |||
127 | if (0 != GNUNET_memcmp (&dpub.q_y, &dpub2.q_y)) | ||
128 | { | ||
129 | fprintf (stderr, "%s", "key derivation failed\n"); | ||
130 | return GNUNET_SYSERR; | ||
131 | } | ||
132 | |||
133 | GNUNET_CRYPTO_eddsa_sign_with_scalar (&dpriv, | ||
134 | &purp, | ||
135 | &sig); | ||
136 | if (GNUNET_SYSERR == | ||
137 | GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, | ||
138 | &purp, | ||
139 | &sig, | ||
140 | &dpub)) | ||
141 | { | ||
142 | fprintf (stderr, | ||
143 | "GNUNET_CRYPTO_eddsa_verify failed!\n"); | ||
144 | return GNUNET_SYSERR; | ||
145 | } | ||
146 | if (GNUNET_SYSERR != | ||
147 | GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TEST, | ||
148 | &purp, | ||
149 | &sig, | ||
150 | &pkey)) | ||
151 | { | ||
152 | fprintf (stderr, | ||
153 | "GNUNET_CRYPTO_eddsa_verify failed to fail!\n"); | ||
154 | return GNUNET_SYSERR; | ||
155 | } | ||
156 | if (GNUNET_SYSERR != | ||
157 | GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN, | ||
158 | &purp, | ||
159 | &sig, | ||
160 | &dpub)) | ||
161 | { | ||
162 | fprintf (stderr, | ||
163 | "GNUNET_CRYPTO_eddsa_verify failed to fail!\n"); | ||
164 | return GNUNET_SYSERR; | ||
165 | } | ||
166 | return GNUNET_OK; | ||
167 | } | ||
168 | |||
169 | |||
103 | #if PERF | 170 | #if PERF |
104 | static int | 171 | static int |
105 | testSignPerformance () | 172 | testSignPerformance () |
@@ -217,6 +284,13 @@ main (int argc, char *argv[]) | |||
217 | "WARNING", | 284 | "WARNING", |
218 | NULL); | 285 | NULL); |
219 | GNUNET_CRYPTO_eddsa_key_create (&key); | 286 | GNUNET_CRYPTO_eddsa_key_create (&key); |
287 | if (GNUNET_OK != testDeriveSignVerify ()) | ||
288 | { | ||
289 | failure_count++; | ||
290 | fprintf (stderr, | ||
291 | "\n\n%d TESTS FAILED!\n\n", failure_count); | ||
292 | return -1; | ||
293 | } | ||
220 | #if PERF | 294 | #if PERF |
221 | if (GNUNET_OK != testSignPerformance ()) | 295 | if (GNUNET_OK != testSignPerformance ()) |
222 | failure_count++; | 296 | failure_count++; |