diff options
64 files changed, 1183 insertions, 1027 deletions
diff --git a/configure.ac b/configure.ac index fd1642839..5d308c658 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1773,8 +1773,6 @@ pkgconfig/gnunetdatacache.pc | |||
1773 | pkgconfig/gnunetdatastore.pc | 1773 | pkgconfig/gnunetdatastore.pc |
1774 | pkgconfig/gnunetdht.pc | 1774 | pkgconfig/gnunetdht.pc |
1775 | pkgconfig/gnunetdns.pc | 1775 | pkgconfig/gnunetdns.pc |
1776 | pkgconfig/gnunetdnsparser.pc | ||
1777 | pkgconfig/gnunetdnsstub.pc | ||
1778 | pkgconfig/gnunetdv.pc | 1776 | pkgconfig/gnunetdv.pc |
1779 | pkgconfig/gnunetenv.pc | 1777 | pkgconfig/gnunetenv.pc |
1780 | pkgconfig/gnunetfragmentation.pc | 1778 | pkgconfig/gnunetfragmentation.pc |
@@ -1803,7 +1801,6 @@ pkgconfig/gnunetstatistics.pc | |||
1803 | pkgconfig/gnunettestbed.pc | 1801 | pkgconfig/gnunettestbed.pc |
1804 | pkgconfig/gnunettesting.pc | 1802 | pkgconfig/gnunettesting.pc |
1805 | pkgconfig/gnunettransport.pc | 1803 | pkgconfig/gnunettransport.pc |
1806 | pkgconfig/gnunettun.pc | ||
1807 | pkgconfig/gnunetutil.pc | 1804 | pkgconfig/gnunetutil.pc |
1808 | pkgconfig/gnunetvpn.pc | 1805 | pkgconfig/gnunetvpn.pc |
1809 | ]) | 1806 | ]) |
diff --git a/contrib/conf/gnunet/no_autostart_above_core.conf b/contrib/conf/gnunet/no_autostart_above_core.conf index 114ec83a3..245b6a47d 100644 --- a/contrib/conf/gnunet/no_autostart_above_core.conf +++ b/contrib/conf/gnunet/no_autostart_above_core.conf | |||
@@ -88,3 +88,6 @@ START_ON_DEMAND = NO | |||
88 | 88 | ||
89 | [zonemaster-monitor] | 89 | [zonemaster-monitor] |
90 | START_ON_DEMAND = NO | 90 | START_ON_DEMAND = NO |
91 | |||
92 | [zonemaster] | ||
93 | START_ON_DEMAND = NO | ||
diff --git a/contrib/conf/gnunet/no_forcestart.conf b/contrib/conf/gnunet/no_forcestart.conf index a069674e0..de58c6039 100644 --- a/contrib/conf/gnunet/no_forcestart.conf +++ b/contrib/conf/gnunet/no_forcestart.conf | |||
@@ -39,3 +39,19 @@ IMMEDIATE_START = NO | |||
39 | 39 | ||
40 | [zonemaster-monitor] | 40 | [zonemaster-monitor] |
41 | IMMEDIATE_START = NO | 41 | IMMEDIATE_START = NO |
42 | |||
43 | [psyc] | ||
44 | IMMEDIATE_START = NO | ||
45 | |||
46 | [rps] | ||
47 | IMMEDIATE_START = NO | ||
48 | |||
49 | [consensus] | ||
50 | IMMEDIATE_START = NO | ||
51 | |||
52 | [set] | ||
53 | IMMEDIATE_START = NO | ||
54 | |||
55 | [nse] | ||
56 | IMMEDIATE_START = NO | ||
57 | |||
diff --git a/doc/documentation/Makefile.am b/doc/documentation/Makefile.am index 12f40f147..0ee81304e 100644 --- a/doc/documentation/Makefile.am +++ b/doc/documentation/Makefile.am | |||
@@ -114,6 +114,7 @@ gnunet_TEXINFOS = \ | |||
114 | chapters/developer.texi \ | 114 | chapters/developer.texi \ |
115 | chapters/preface.texi \ | 115 | chapters/preface.texi \ |
116 | chapters/philosophy.texi \ | 116 | chapters/philosophy.texi \ |
117 | chapters/installation.texi \ | ||
117 | chapters/user.texi \ | 118 | chapters/user.texi \ |
118 | chapters/vocabulary.texi \ | 119 | chapters/vocabulary.texi \ |
119 | chapters/configuration.texi \ | 120 | chapters/configuration.texi \ |
diff --git a/doc/documentation/chapters/developer.texi b/doc/documentation/chapters/developer.texi index 22b175a3f..1f74a8163 100644 --- a/doc/documentation/chapters/developer.texi +++ b/doc/documentation/chapters/developer.texi | |||
@@ -352,7 +352,7 @@ The DHT and other components of GNUnet | |||
352 | store information in units called 'blocks'. Each block has a type and the | 352 | store information in units called 'blocks'. Each block has a type and the |
353 | type defines a particular format and how that binary format is to be | 353 | type defines a particular format and how that binary format is to be |
354 | linked to a hash code (the key for the DHT and for databases). The block | 354 | linked to a hash code (the key for the DHT and for databases). The block |
355 | library is a wapper around block plugins which provide the necessary | 355 | library is a wrapper around block plugins which provide the necessary |
356 | functions for each block type. | 356 | functions for each block type. |
357 | @item @file{statistics/} --- statistics service | 357 | @item @file{statistics/} --- statistics service |
358 | The statistics service enables associating | 358 | The statistics service enables associating |
@@ -400,7 +400,7 @@ external service to test the local configuration. | |||
400 | Some transports (UDP and WLAN, mostly) have restrictions on the maximum | 400 | Some transports (UDP and WLAN, mostly) have restrictions on the maximum |
401 | transfer unit (MTU) for packets. The fragmentation library can be used to | 401 | transfer unit (MTU) for packets. The fragmentation library can be used to |
402 | break larger packets into chunks of at most 1k and transmit the resulting | 402 | break larger packets into chunks of at most 1k and transmit the resulting |
403 | fragments reliabily (with acknowledgement, retransmission, timeouts, | 403 | fragments reliably (with acknowledgment, retransmission, timeouts, |
404 | etc.). | 404 | etc.). |
405 | @item @file{transport/} --- transport service | 405 | @item @file{transport/} --- transport service |
406 | The transport service is responsible for managing the | 406 | The transport service is responsible for managing the |
@@ -425,8 +425,8 @@ the foundation for the testbed service | |||
425 | @item @file{testbed/} --- testbed service | 425 | @item @file{testbed/} --- testbed service |
426 | The testbed service is used for creating small or large scale deployments | 426 | The testbed service is used for creating small or large scale deployments |
427 | of GNUnet peers for evaluation of protocols. | 427 | of GNUnet peers for evaluation of protocols. |
428 | It facilitates peer depolyments on multiple | 428 | It facilitates peer deployments on multiple |
429 | hosts (for example, in a cluster) and establishing varous network | 429 | hosts (for example, in a cluster) and establishing various network |
430 | topologies (both underlay and overlay). | 430 | topologies (both underlay and overlay). |
431 | @item @file{nse/} --- Network Size Estimation | 431 | @item @file{nse/} --- Network Size Estimation |
432 | The network size estimation (NSE) service | 432 | The network size estimation (NSE) service |
@@ -1038,7 +1038,7 @@ if (0 == bar && x != y) | |||
1038 | @end example | 1038 | @end example |
1039 | 1039 | ||
1040 | @noindent | 1040 | @noindent |
1041 | Note that splitting the @code{if} statement above is debateable as the | 1041 | Note that splitting the @code{if} statement above is debatable as the |
1042 | @code{return x} is a very trivial statement. However, once the logic after | 1042 | @code{return x} is a very trivial statement. However, once the logic after |
1043 | the branch becomes more complicated (and is still identical), the "or" | 1043 | the branch becomes more complicated (and is still identical), the "or" |
1044 | formulation should be used for sure. | 1044 | formulation should be used for sure. |
@@ -1173,12 +1173,12 @@ for building applications under UNIX-like systems. Furthermore we | |||
1173 | assume that the build environment is sane and that you are aware of | 1173 | assume that the build environment is sane and that you are aware of |
1174 | any implications actions in this process could have. | 1174 | any implications actions in this process could have. |
1175 | Instructions here can be seen as notes for developers (an extension to | 1175 | Instructions here can be seen as notes for developers (an extension to |
1176 | the 'HACKING' section in README) as well as package mantainers. | 1176 | the 'HACKING' section in README) as well as package maintainers. |
1177 | @b{Users should rely on the available binary packages.} | 1177 | @b{Users should rely on the available binary packages.} |
1178 | We will use Debian as an example Operating System environment. Substitute | 1178 | We will use Debian as an example Operating System environment. Substitute |
1179 | accordingly with your own Ooperating System environment. | 1179 | accordingly with your own Operating System environment. |
1180 | 1180 | ||
1181 | For the full list of depenendencies, consult the appropriate, up-to-date | 1181 | For the full list of dependencies, consult the appropriate, up-to-date |
1182 | section in the @file{README} file. | 1182 | section in the @file{README} file. |
1183 | 1183 | ||
1184 | First, we need to build or install (depending on your OS) the following | 1184 | First, we need to build or install (depending on your OS) the following |
@@ -1442,7 +1442,7 @@ $ gnunet-gns-proxy-setup-ca | |||
1442 | @end example | 1442 | @end example |
1443 | 1443 | ||
1444 | @noindent | 1444 | @noindent |
1445 | The first generates the default zones, wheras the second setups the GNS | 1445 | The first generates the default zones, whereas the second setups the GNS |
1446 | Certificate Authority with the user's browser. Now, to activate GNS in the | 1446 | Certificate Authority with the user's browser. Now, to activate GNS in the |
1447 | normal DNS resolution process, you need to edit your | 1447 | normal DNS resolution process, you need to edit your |
1448 | @file{/etc/nsswitch.conf} where you should find a line like this: | 1448 | @file{/etc/nsswitch.conf} where you should find a line like this: |
@@ -1536,7 +1536,7 @@ This range can be customised with the function | |||
1536 | similar to @code{GNUNET_TESTING_system_create()} except that it take 2 | 1536 | similar to @code{GNUNET_TESTING_system_create()} except that it take 2 |
1537 | additional parameters --- the start and end of the port range to use. | 1537 | additional parameters --- the start and end of the port range to use. |
1538 | 1538 | ||
1539 | A TESTING system is destroyed with the funciton | 1539 | A TESTING system is destroyed with the function |
1540 | @code{GNUNET_TESTING_system_destory()}. This function takes the handle of | 1540 | @code{GNUNET_TESTING_system_destory()}. This function takes the handle of |
1541 | the system and a flag to remove the files created in the directory used | 1541 | the system and a flag to remove the files created in the directory used |
1542 | to generate configurations. | 1542 | to generate configurations. |
@@ -1545,7 +1545,7 @@ A peer is created with the function | |||
1545 | @code{GNUNET_TESTING_peer_configure()}. This functions takes the system | 1545 | @code{GNUNET_TESTING_peer_configure()}. This functions takes the system |
1546 | handle, a configuration template from which the configuration for the peer | 1546 | handle, a configuration template from which the configuration for the peer |
1547 | is auto-generated and the index from where the hostkey for the peer has to | 1547 | is auto-generated and the index from where the hostkey for the peer has to |
1548 | be copied from. When successfull, this function returs a handle to the | 1548 | be copied from. When successful, this function returns a handle to the |
1549 | peer which can be used to start and stop it and to obtain the identity of | 1549 | peer which can be used to start and stop it and to obtain the identity of |
1550 | the peer. If unsuccessful, a NULL pointer is returned with an error | 1550 | the peer. If unsuccessful, a NULL pointer is returned with an error |
1551 | message. This function handles the generated configuration to have | 1551 | message. This function handles the generated configuration to have |
@@ -1579,7 +1579,7 @@ to the handle to the peer to stop. The callback function is called with | |||
1579 | the given closure when the peer is stopped. Using this function | 1579 | the given closure when the peer is stopped. Using this function |
1580 | eliminates blocking while waiting for the peer to terminate. | 1580 | eliminates blocking while waiting for the peer to terminate. |
1581 | 1581 | ||
1582 | An asynchronous peer stop can be cancelled by calling the function | 1582 | An asynchronous peer stop can be canceled by calling the function |
1583 | @code{GNUNET_TESTING_peer_stop_async_cancel()}. Note that calling this | 1583 | @code{GNUNET_TESTING_peer_stop_async_cancel()}. Note that calling this |
1584 | function does not prevent the peer from terminating if the termination | 1584 | function does not prevent the peer from terminating if the termination |
1585 | signal has already been sent to it. It does, however, cancels the | 1585 | signal has already been sent to it. It does, however, cancels the |
@@ -1660,12 +1660,12 @@ simply load the plugin directly. | |||
1660 | To help avoid performance regressions, GNUnet uses Gauger. Gauger is a | 1660 | To help avoid performance regressions, GNUnet uses Gauger. Gauger is a |
1661 | simple logging tool that allows remote hosts to send performance data to | 1661 | simple logging tool that allows remote hosts to send performance data to |
1662 | a central server, where this data can be analyzed and visualized. Gauger | 1662 | a central server, where this data can be analyzed and visualized. Gauger |
1663 | shows graphs of the repository revisions and the performace data recorded | 1663 | shows graphs of the repository revisions and the performance data recorded |
1664 | for each revision, so sudden performance peaks or drops can be identified | 1664 | for each revision, so sudden performance peaks or drops can be identified |
1665 | and linked to a specific revision number. | 1665 | and linked to a specific revision number. |
1666 | 1666 | ||
1667 | In the case of GNUnet, the buildbots log the performance data obtained | 1667 | In the case of GNUnet, the buildbots log the performance data obtained |
1668 | during the tests after each build. The data can be accesed on GNUnet's | 1668 | during the tests after each build. The data can be accessed on GNUnet's |
1669 | Gauger page. | 1669 | Gauger page. |
1670 | 1670 | ||
1671 | The menu on the left allows to select either the results of just one | 1671 | The menu on the left allows to select either the results of just one |
@@ -1678,7 +1678,7 @@ performance evolution across all hosts. | |||
1678 | Using Gauger in GNUnet and having the performance of a module tracked over | 1678 | Using Gauger in GNUnet and having the performance of a module tracked over |
1679 | time is very easy. First of course, the testcase must generate some | 1679 | time is very easy. First of course, the testcase must generate some |
1680 | consistent metric, which makes sense to have logged. Highly volatile or | 1680 | consistent metric, which makes sense to have logged. Highly volatile or |
1681 | random dependant metrics probably are not ideal candidates for meaningful | 1681 | random dependent metrics probably are not ideal candidates for meaningful |
1682 | regression detection. | 1682 | regression detection. |
1683 | 1683 | ||
1684 | To start logging any value, just include @code{gauger.h} in your testcase | 1684 | To start logging any value, just include @code{gauger.h} in your testcase |
@@ -1890,7 +1890,7 @@ random links are to be given | |||
1890 | 1890 | ||
1891 | @item @code{GNUNET_TESTBED_TOPOLOGY_SCALE_FREE}: Connects peers in a | 1891 | @item @code{GNUNET_TESTBED_TOPOLOGY_SCALE_FREE}: Connects peers in a |
1892 | topology where peer connectivity follows power law - new peers are | 1892 | topology where peer connectivity follows power law - new peers are |
1893 | connected with high probabililty to well connected peers. | 1893 | connected with high probability to well connected peers. |
1894 | @footnote{See Emergence of Scaling in Random Networks. Science 286, | 1894 | @footnote{See Emergence of Scaling in Random Networks. Science 286, |
1895 | 509-512, 1999 | 1895 | 509-512, 1999 |
1896 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/emergence_of_scaling_in_random_networks__barabasi_albert_science_286__1999.pdf, pdf})} | 1896 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/emergence_of_scaling_in_random_networks__barabasi_albert_science_286__1999.pdf, pdf})} |
@@ -1931,7 +1931,7 @@ ignored for the rest of the topologies. | |||
1931 | Topology @code{SCALE_FREE} requires the options | 1931 | Topology @code{SCALE_FREE} requires the options |
1932 | @code{SCALE_FREE_TOPOLOGY_CAP} to be set to the maximum number of peers | 1932 | @code{SCALE_FREE_TOPOLOGY_CAP} to be set to the maximum number of peers |
1933 | which can connect to a peer and @code{SCALE_FREE_TOPOLOGY_M} to be set to | 1933 | which can connect to a peer and @code{SCALE_FREE_TOPOLOGY_M} to be set to |
1934 | how many peers a peer should be atleast connected to. | 1934 | how many peers a peer should be at least connected to. |
1935 | 1935 | ||
1936 | Similarly, the topology @code{FROM_FILE} requires the option | 1936 | Similarly, the topology @code{FROM_FILE} requires the option |
1937 | @code{OVERLAY_TOPOLOGY_FILE} to contain the path of the file containing | 1937 | @code{OVERLAY_TOPOLOGY_FILE} to contain the path of the file containing |
@@ -1977,7 +1977,7 @@ A topology file describes how peers are to be connected. It should adhere | |||
1977 | to the following format for testbed to parse it correctly. | 1977 | to the following format for testbed to parse it correctly. |
1978 | 1978 | ||
1979 | Each line should begin with the target peer id. This should be followed by | 1979 | Each line should begin with the target peer id. This should be followed by |
1980 | a colon(`:') and origin peer ids seperated by `|'. All spaces except for | 1980 | a colon(`:') and origin peer ids separated by `|'. All spaces except for |
1981 | newline characters are ignored. The API will then try to connect each | 1981 | newline characters are ignored. The API will then try to connect each |
1982 | origin peer to the target peer. | 1982 | origin peer to the target peer. |
1983 | 1983 | ||
@@ -2003,9 +2003,9 @@ deemed as crossed after all the peers waiting on it are notified. | |||
2003 | The barriers API provides the following functions: | 2003 | The barriers API provides the following functions: |
2004 | @itemize @bullet | 2004 | @itemize @bullet |
2005 | @item @strong{@code{GNUNET_TESTBED_barrier_init()}:} function to | 2005 | @item @strong{@code{GNUNET_TESTBED_barrier_init()}:} function to |
2006 | initialse a barrier in the experiment | 2006 | initialize a barrier in the experiment |
2007 | @item @strong{@code{GNUNET_TESTBED_barrier_cancel()}:} function to cancel | 2007 | @item @strong{@code{GNUNET_TESTBED_barrier_cancel()}:} function to cancel |
2008 | a barrier which has been initialised before | 2008 | a barrier which has been initialized before |
2009 | @item @strong{@code{GNUNET_TESTBED_barrier_wait()}:} function to signal | 2009 | @item @strong{@code{GNUNET_TESTBED_barrier_wait()}:} function to signal |
2010 | barrier service that the caller has reached a barrier and is waiting for | 2010 | barrier service that the caller has reached a barrier and is waiting for |
2011 | it to be crossed | 2011 | it to be crossed |
@@ -2122,7 +2122,7 @@ the large-scale deployment. We provide you a set of scripts you can use | |||
2122 | to deploy GNUnet on a set of nodes and manage your installation. | 2122 | to deploy GNUnet on a set of nodes and manage your installation. |
2123 | 2123 | ||
2124 | Please also check @uref{https://gnunet.org/installation-fedora8-svn} and | 2124 | Please also check @uref{https://gnunet.org/installation-fedora8-svn} and |
2125 | @uref{https://gnunet.org/installation-fedora12-svn} to find detailled | 2125 | @uref{https://gnunet.org/installation-fedora12-svn} to find detailed |
2126 | instructions how to install GNUnet on a PlanetLab node. | 2126 | instructions how to install GNUnet on a PlanetLab node. |
2127 | 2127 | ||
2128 | 2128 | ||
@@ -2148,7 +2148,7 @@ image, installing the buildslave software is quite some pain. For our | |||
2148 | PlanetLab testbed we figured out how to install the buildslave software | 2148 | PlanetLab testbed we figured out how to install the buildslave software |
2149 | best. | 2149 | best. |
2150 | 2150 | ||
2151 | @c This is a vvery terrible way to suggest installing software. | 2151 | @c This is a very terrible way to suggest installing software. |
2152 | @c FIXME: Is there an official, safer way instead of blind-piping a | 2152 | @c FIXME: Is there an official, safer way instead of blind-piping a |
2153 | @c script? | 2153 | @c script? |
2154 | @c FIXME: Use newer pypi URLs below. | 2154 | @c FIXME: Use newer pypi URLs below. |
@@ -2354,7 +2354,7 @@ for new developers): | |||
2354 | @item CPS-style scheduling (scheduler.c) | 2354 | @item CPS-style scheduling (scheduler.c) |
2355 | @item Program initialization (program.c) | 2355 | @item Program initialization (program.c) |
2356 | @item Networking (network.c, client.c, server*.c, service.c) | 2356 | @item Networking (network.c, client.c, server*.c, service.c) |
2357 | @item message queueing (mq.c) | 2357 | @item message queuing (mq.c) |
2358 | @item bandwidth calculations (bandwidth.c) | 2358 | @item bandwidth calculations (bandwidth.c) |
2359 | @item Other OS-related (os*.c, plugin.c, signal.c) | 2359 | @item Other OS-related (os*.c, plugin.c, signal.c) |
2360 | @item Pseudonym management (pseudonym.c) | 2360 | @item Pseudonym management (pseudonym.c) |
@@ -2425,7 +2425,7 @@ level to "loglevel". Thus it is possible to run some processes | |||
2425 | with -L DEBUG, for example, and others with -L ERROR to enable specific | 2425 | with -L DEBUG, for example, and others with -L ERROR to enable specific |
2426 | settings to diagnose problems with a particular process. | 2426 | settings to diagnose problems with a particular process. |
2427 | @item Configuration files. Because GNUnet | 2427 | @item Configuration files. Because GNUnet |
2428 | service and deamon processes are usually launched by gnunet-arm, it is not | 2428 | service and daemon processes are usually launched by gnunet-arm, it is not |
2429 | possible to pass different custom command line options directly to every | 2429 | possible to pass different custom command line options directly to every |
2430 | one of them. The options passed to @code{gnunet-arm} only affect | 2430 | one of them. The options passed to @code{gnunet-arm} only affect |
2431 | gnunet-arm and not the rest of GNUnet. However, one can specify a | 2431 | gnunet-arm and not the rest of GNUnet. However, one can specify a |
@@ -2717,7 +2717,7 @@ will have | |||
2717 | no effect. Other messages (ERROR, WARNING, INFO, etc) will be included. | 2717 | no effect. Other messages (ERROR, WARNING, INFO, etc) will be included. |
2718 | @item If @code{--enable-logging} is set to @code{verbose}, or | 2718 | @item If @code{--enable-logging} is set to @code{verbose}, or |
2719 | @code{veryverbose} the binary will contain DEBUG messages (still, it will | 2719 | @code{veryverbose} the binary will contain DEBUG messages (still, it will |
2720 | be neccessary to run with @command{-L DEBUG} or set the DEBUG config option | 2720 | be necessary to run with @command{-L DEBUG} or set the DEBUG config option |
2721 | to show | 2721 | to show |
2722 | them). | 2722 | them). |
2723 | @end itemize | 2723 | @end itemize |
@@ -2728,7 +2728,7 @@ If you are a developer: | |||
2728 | @item please make sure that you @code{./configure | 2728 | @item please make sure that you @code{./configure |
2729 | --enable-logging=@{verbose,veryverbose@}}, so you can see DEBUG messages. | 2729 | --enable-logging=@{verbose,veryverbose@}}, so you can see DEBUG messages. |
2730 | @item please remove the @code{#if} statements around @code{GNUNET_log | 2730 | @item please remove the @code{#if} statements around @code{GNUNET_log |
2731 | (GNUNET_ERROR_TYPE_DEBUG, ...)} lines, to improve the readibility of your | 2731 | (GNUNET_ERROR_TYPE_DEBUG, ...)} lines, to improve the readability of your |
2732 | code. | 2732 | code. |
2733 | @end itemize | 2733 | @end itemize |
2734 | 2734 | ||
@@ -2741,7 +2741,7 @@ A suitable configuration could be: | |||
2741 | $ export GNUNET_FORCE_LOG="^YOUR_SUBSYSTEM$;;;;DEBUG/;;;;WARNING" | 2741 | $ export GNUNET_FORCE_LOG="^YOUR_SUBSYSTEM$;;;;DEBUG/;;;;WARNING" |
2742 | @end example | 2742 | @end example |
2743 | 2743 | ||
2744 | Which will behave almost like enabling DEBUG in that subsytem before the | 2744 | Which will behave almost like enabling DEBUG in that subsystem before the |
2745 | change. Of course you can adapt it to your particular needs, this is only | 2745 | change. Of course you can adapt it to your particular needs, this is only |
2746 | a quick example. | 2746 | a quick example. |
2747 | 2747 | ||
@@ -2952,7 +2952,7 @@ function, which is set to @code{NULL} in most cases, and the last | |||
2952 | parameter is the expected size of the message of this type, usually we | 2952 | parameter is the expected size of the message of this type, usually we |
2953 | set it to 0 to accept variable size, for special cases the exact size of | 2953 | set it to 0 to accept variable size, for special cases the exact size of |
2954 | the specified message also can be set. In addition, the terminator sign | 2954 | the specified message also can be set. In addition, the terminator sign |
2955 | depicted as @code{@{NULL, NULL, 0, 0@}} is set in the last aera. | 2955 | depicted as @code{@{NULL, NULL, 0, 0@}} is set in the last area. |
2956 | 2956 | ||
2957 | @c *********************************************************************** | 2957 | @c *********************************************************************** |
2958 | @node Server - Process request message | 2958 | @node Server - Process request message |
@@ -3002,7 +3002,7 @@ understand the request message, and the processing of this request would | |||
3002 | be terminated. | 3002 | be terminated. |
3003 | 3003 | ||
3004 | In comparison to the aforementioned situation, when the argument is equal | 3004 | In comparison to the aforementioned situation, when the argument is equal |
3005 | to @code{GNUNET_OK}, the service would continue to process the requst | 3005 | to @code{GNUNET_OK}, the service would continue to process the request |
3006 | message. | 3006 | message. |
3007 | 3007 | ||
3008 | @c *********************************************************************** | 3008 | @c *********************************************************************** |
@@ -3151,7 +3151,7 @@ GNUnet uses SHA-512 for computing one-way hash codes. The API provides | |||
3151 | functions to compute a hash over a block in memory or over a file on disk. | 3151 | functions to compute a hash over a block in memory or over a file on disk. |
3152 | 3152 | ||
3153 | The crypto API also provides functions for randomizing a block of memory, | 3153 | The crypto API also provides functions for randomizing a block of memory, |
3154 | obtaining a single random number and for generating a permuation of the | 3154 | obtaining a single random number and for generating a permutation of the |
3155 | numbers 0 to n-1. Random number generation distinguishes between WEAK and | 3155 | numbers 0 to n-1. Random number generation distinguishes between WEAK and |
3156 | STRONG random number quality; WEAK random numbers are pseudo-random | 3156 | STRONG random number quality; WEAK random numbers are pseudo-random |
3157 | whereas STRONG random numbers use entropy gathered from the operating | 3157 | whereas STRONG random numbers use entropy gathered from the operating |
@@ -3230,7 +3230,7 @@ message. | |||
3230 | 3230 | ||
3231 | Consider the following simple message, with the body consisting of a | 3231 | Consider the following simple message, with the body consisting of a |
3232 | single number value. | 3232 | single number value. |
3233 | @c why the empy code function? | 3233 | @c why the empty code function? |
3234 | @code{} | 3234 | @code{} |
3235 | 3235 | ||
3236 | @example | 3236 | @example |
@@ -3505,7 +3505,7 @@ or in some other transient data structure and thus having the hash map | |||
3505 | keep a pointer to @code{key} would not work. Only the key inside of | 3505 | keep a pointer to @code{key} would not work. Only the key inside of |
3506 | @code{val} has the same lifetime as the entry in the map (this must of | 3506 | @code{val} has the same lifetime as the entry in the map (this must of |
3507 | course be checked as well). Naturally, @code{val->key} must be | 3507 | course be checked as well). Naturally, @code{val->key} must be |
3508 | intiialized before the @code{put} call. Once all @code{put} calls have | 3508 | initialized before the @code{put} call. Once all @code{put} calls have |
3509 | been converted and double-checked, you can change the call to create the | 3509 | been converted and double-checked, you can change the call to create the |
3510 | hash map from | 3510 | hash map from |
3511 | 3511 | ||
@@ -3893,7 +3893,7 @@ The goal of transport-level address validation is to minimize the chances | |||
3893 | of a successful man-in-the-middle attack against GNUnet peers on the | 3893 | of a successful man-in-the-middle attack against GNUnet peers on the |
3894 | transport level. Such an attack would not allow the adversary to decrypt | 3894 | transport level. Such an attack would not allow the adversary to decrypt |
3895 | the P2P transmissions, but a successful attacker could at least measure | 3895 | the P2P transmissions, but a successful attacker could at least measure |
3896 | traffic volumes and latencies (raising the adversaries capablities by | 3896 | traffic volumes and latencies (raising the adversaries capabilities by |
3897 | those of a global passive adversary in the worst case). The scenarios we | 3897 | those of a global passive adversary in the worst case). The scenarios we |
3898 | are concerned about is an attacker, Mallory, giving a @code{HELLO} to | 3898 | are concerned about is an attacker, Mallory, giving a @code{HELLO} to |
3899 | Alice that claims to be for Bob, but contains Mallory's IP address | 3899 | Alice that claims to be for Bob, but contains Mallory's IP address |
@@ -4019,7 +4019,7 @@ connected peers, but they are sent about other knowns peers within the | |||
4019 | to each other about their appropriate other neighbors. They also gossip | 4019 | to each other about their appropriate other neighbors. They also gossip |
4020 | about the newly connected peer to previously | 4020 | about the newly connected peer to previously |
4021 | connected neighbors. In order to keep the routing tables up to date, | 4021 | connected neighbors. In order to keep the routing tables up to date, |
4022 | disconnect notifications are propogated as gossip as well (because | 4022 | disconnect notifications are propagated as gossip as well (because |
4023 | disconnects may not be sent/received, timeouts are also used remove | 4023 | disconnects may not be sent/received, timeouts are also used remove |
4024 | stagnant routing table entries). | 4024 | stagnant routing table entries). |
4025 | 4025 | ||
@@ -4210,7 +4210,7 @@ to send and receive messages. | |||
4210 | 4210 | ||
4211 | We have measured the performance of the UDP, TCP and SMTP transport layer | 4211 | We have measured the performance of the UDP, TCP and SMTP transport layer |
4212 | directly and when used from an application using the GNUnet core. | 4212 | directly and when used from an application using the GNUnet core. |
4213 | Measureing just the transport layer gives the better view of the actual | 4213 | Measuring just the transport layer gives the better view of the actual |
4214 | overhead of the protocol, whereas evaluating the transport from the | 4214 | overhead of the protocol, whereas evaluating the transport from the |
4215 | application puts the overhead into perspective from a practical point of | 4215 | application puts the overhead into perspective from a practical point of |
4216 | view. | 4216 | view. |
@@ -4230,7 +4230,7 @@ wire have no impact on the timings. n messages were sent sequentially over | |||
4230 | the transport layer, sending message i+1 after the i-th message was | 4230 | the transport layer, sending message i+1 after the i-th message was |
4231 | received. All messages were sent over the same connection and the time to | 4231 | received. All messages were sent over the same connection and the time to |
4232 | establish the connection was not taken into account since this overhead is | 4232 | establish the connection was not taken into account since this overhead is |
4233 | miniscule in practice --- as long as a connection is used for a | 4233 | minuscule in practice --- as long as a connection is used for a |
4234 | significant number of messages. | 4234 | significant number of messages. |
4235 | 4235 | ||
4236 | @multitable @columnfractions .20 .15 .15 .15 .15 .15 | 4236 | @multitable @columnfractions .20 .15 .15 .15 .15 .15 |
@@ -4261,9 +4261,9 @@ given time-bounds. For this benchmark we report the message loss after | |||
4261 | allowing t time for sending m messages. If messages were not sent (or | 4261 | allowing t time for sending m messages. If messages were not sent (or |
4262 | received) after an overall timeout of t, they were considered lost. The | 4262 | received) after an overall timeout of t, they were considered lost. The |
4263 | benchmark was performed using two Xeon 2 GHZ machines running RedHat 8.0 | 4263 | benchmark was performed using two Xeon 2 GHZ machines running RedHat 8.0 |
4264 | with sendmail. The machines were connected with a direct 100 MBit ethernet | 4264 | with sendmail. The machines were connected with a direct 100 MBit Ethernet |
4265 | connection.@ Figures udp1200, tcp1200 and smtp-MTUs show that the | 4265 | connection.@ Figures udp1200, tcp1200 and smtp-MTUs show that the |
4266 | throughput for messages of size 1,200 octects is 2,343 kbps, 3,310 kbps | 4266 | throughput for messages of size 1,200 octets is 2,343 kbps, 3,310 kbps |
4267 | and 6 kbps for UDP, TCP and SMTP respectively. The high per-message | 4267 | and 6 kbps for UDP, TCP and SMTP respectively. The high per-message |
4268 | overhead of SMTP can be improved by increasing the MTU, for example, an | 4268 | overhead of SMTP can be improved by increasing the MTU, for example, an |
4269 | MTU of 12,000 octets improves the throughput to 13 kbps as figure | 4269 | MTU of 12,000 octets improves the throughput to 13 kbps as figure |
@@ -4308,7 +4308,7 @@ installed). | |||
4308 | For instructions about how to install the libraries you should | 4308 | For instructions about how to install the libraries you should |
4309 | check out the BlueZ site | 4309 | check out the BlueZ site |
4310 | (@uref{http://www.bluez.org/, http://www.bluez.org}). If you don't know if | 4310 | (@uref{http://www.bluez.org/, http://www.bluez.org}). If you don't know if |
4311 | you have the necesarry libraries, don't worry, just run the GNUnet | 4311 | you have the necessary libraries, don't worry, just run the GNUnet |
4312 | configure script and you will be able to see a notification at the end | 4312 | configure script and you will be able to see a notification at the end |
4313 | which will warn you if you don't have the necessary libraries. | 4313 | which will warn you if you don't have the necessary libraries. |
4314 | 4314 | ||
@@ -4336,7 +4336,7 @@ helper binary used on GNU/Linux: | |||
4336 | 4336 | ||
4337 | @itemize @bullet | 4337 | @itemize @bullet |
4338 | @item it verifies if the name corresponds to a Bluetooth interface name | 4338 | @item it verifies if the name corresponds to a Bluetooth interface name |
4339 | @item it verifies if the iterface is up (if it is not, it tries to bring | 4339 | @item it verifies if the interface is up (if it is not, it tries to bring |
4340 | it up) | 4340 | it up) |
4341 | @item it tries to enable the page and inquiry scan in order to make the | 4341 | @item it tries to enable the page and inquiry scan in order to make the |
4342 | device discoverable and to accept incoming connection requests | 4342 | device discoverable and to accept incoming connection requests |
@@ -4377,12 +4377,12 @@ Bluetooth address has the form 00:00:00:00:00:00 it means that there is | |||
4377 | something wrong with the D-Bus daemon or with the Bluetooth daemon. Use | 4377 | something wrong with the D-Bus daemon or with the Bluetooth daemon. Use |
4378 | @code{bluetoothd} tool to see the logs | 4378 | @code{bluetoothd} tool to see the logs |
4379 | 4379 | ||
4380 | @item @code{sdptool} can be used to control and interogate SDP servers. | 4380 | @item @code{sdptool} can be used to control and interrogate SDP servers. |
4381 | If you encounter problems regarding the SDP server (like the SDP server is | 4381 | If you encounter problems regarding the SDP server (like the SDP server is |
4382 | down) you should check out if the D-Bus daemon is running correctly and to | 4382 | down) you should check out if the D-Bus daemon is running correctly and to |
4383 | see if the Bluetooth daemon started correctly(use @code{bluetoothd} tool). | 4383 | see if the Bluetooth daemon started correctly(use @code{bluetoothd} tool). |
4384 | Also, sometimes the SDP service could work but somehow the device couldn't | 4384 | Also, sometimes the SDP service could work but somehow the device couldn't |
4385 | register his service. Use @code{sdptool browse [dev-address]} to see if | 4385 | register its service. Use @code{sdptool browse [dev-address]} to see if |
4386 | the service is registered. There should be a service with the name of the | 4386 | the service is registered. There should be a service with the name of the |
4387 | interface and GNUnet as provider. | 4387 | interface and GNUnet as provider. |
4388 | 4388 | ||
@@ -4464,11 +4464,11 @@ then start sending data for benchmarking. | |||
4464 | On Windows you cannot test the plugin functionality using two Bluetooth | 4464 | On Windows you cannot test the plugin functionality using two Bluetooth |
4465 | devices from the same machine because after you install the drivers there | 4465 | devices from the same machine because after you install the drivers there |
4466 | will occur some conflicts between the Bluetooth stacks. (At least that is | 4466 | will occur some conflicts between the Bluetooth stacks. (At least that is |
4467 | what happend on my machine : I wasn't able to use the Bluesoleil stack and | 4467 | what happened on my machine : I wasn't able to use the Bluesoleil stack and |
4468 | the WINDCOMM one in the same time). | 4468 | the WINDCOMM one in the same time). |
4469 | 4469 | ||
4470 | If you have two different machines and your configuration files are good | 4470 | If you have two different machines and your configuration files are good |
4471 | you can use the same scenario presented on the begining of this section. | 4471 | you can use the same scenario presented on the beginning of this section. |
4472 | 4472 | ||
4473 | Another way to test the plugin functionality is to create your own | 4473 | Another way to test the plugin functionality is to create your own |
4474 | application which will use the GNUnet framework with the Bluetooth | 4474 | application which will use the GNUnet framework with the Bluetooth |
@@ -4483,8 +4483,8 @@ This page describes the implementation of the Bluetooth transport plugin. | |||
4483 | First I want to remind you that the Bluetooth transport plugin uses | 4483 | First I want to remind you that the Bluetooth transport plugin uses |
4484 | virtually the same code as the WLAN plugin and only the helper binary is | 4484 | virtually the same code as the WLAN plugin and only the helper binary is |
4485 | different. Also the scope of the helper binary from the Bluetooth | 4485 | different. Also the scope of the helper binary from the Bluetooth |
4486 | transport plugin is the same as the one used for the wlan transport | 4486 | transport plugin is the same as the one used for the WLAN transport |
4487 | plugin: it acceses the interface and then it forwards traffic in both | 4487 | plugin: it accesses the interface and then it forwards traffic in both |
4488 | directions between the Bluetooth interface and stdin/stdout of the | 4488 | directions between the Bluetooth interface and stdin/stdout of the |
4489 | process involved. | 4489 | process involved. |
4490 | 4490 | ||
@@ -4525,8 +4525,8 @@ Bluetooth interface) and is separated in two stages: | |||
4525 | @subsubsection THE INITIALIZATION | 4525 | @subsubsection THE INITIALIZATION |
4526 | 4526 | ||
4527 | @itemize @bullet | 4527 | @itemize @bullet |
4528 | @item first, it checks if we have root privilegies | 4528 | @item first, it checks if we have root privileges |
4529 | (@emph{Remember that we need to have root privilegies in order to be able | 4529 | (@emph{Remember that we need to have root privileges in order to be able |
4530 | to bring the interface up if it is down or to change its state.}). | 4530 | to bring the interface up if it is down or to change its state.}). |
4531 | 4531 | ||
4532 | @item second, it verifies if the interface with the given name exists. | 4532 | @item second, it verifies if the interface with the given name exists. |
@@ -4551,7 +4551,7 @@ discoverable | |||
4551 | devices to get the port on which this device is listening on) | 4551 | devices to get the port on which this device is listening on) |
4552 | @end itemize | 4552 | @end itemize |
4553 | 4553 | ||
4554 | @item drops the root privilegies | 4554 | @item drops the root privileges |
4555 | 4555 | ||
4556 | @strong{If the interface is not a Bluetooth interface the helper exits | 4556 | @strong{If the interface is not a Bluetooth interface the helper exits |
4557 | with a suitable error} | 4557 | with a suitable error} |
@@ -4596,7 +4596,7 @@ the STDOUT file descriptor, then we write to STDOUT the message from the | |||
4596 | @emph{write_std} buffer. | 4596 | @emph{write_std} buffer. |
4597 | 4597 | ||
4598 | To find out on which port a device is listening on we connect to the local | 4598 | To find out on which port a device is listening on we connect to the local |
4599 | SDP server and searche the registered service for that device. | 4599 | SDP server and search the registered service for that device. |
4600 | 4600 | ||
4601 | @emph{You should be aware of the fact that if the device fails to connect | 4601 | @emph{You should be aware of the fact that if the device fails to connect |
4602 | to another one when trying to send a message it will attempt one more | 4602 | to another one when trying to send a message it will attempt one more |
@@ -4659,17 +4659,17 @@ For Windows I decided to use the Microsoft Bluetooth stack which has the | |||
4659 | advantage of coming standard from Windows XP SP2. The main disadvantage is | 4659 | advantage of coming standard from Windows XP SP2. The main disadvantage is |
4660 | that it only supports the RFCOMM protocol so we will not be able to have | 4660 | that it only supports the RFCOMM protocol so we will not be able to have |
4661 | a low level control over the Bluetooth device. Therefore it is the user | 4661 | a low level control over the Bluetooth device. Therefore it is the user |
4662 | responsability to check if the device is up and in the discoverable mode. | 4662 | responsibility to check if the device is up and in the discoverable mode. |
4663 | Also there are no tools which could be used for debugging in order to read | 4663 | Also there are no tools which could be used for debugging in order to read |
4664 | the data coming from and going to a Bluetooth device, which obviously | 4664 | the data coming from and going to a Bluetooth device, which obviously |
4665 | hindered my work. Another thing that slowed down the implementation of the | 4665 | hindered my work. Another thing that slowed down the implementation of the |
4666 | plugin (besides that I wasn't too accomodated with the win32 API) was that | 4666 | plugin (besides that I wasn't too accommodated with the win32 API) was that |
4667 | there were some bugs on MinGW regarding the Bluetooth. Now they are solved | 4667 | there were some bugs on MinGW regarding the Bluetooth. Now they are solved |
4668 | but you should keep in mind that you should have the latest updates | 4668 | but you should keep in mind that you should have the latest updates |
4669 | (especially the @emph{ws2bth} header). | 4669 | (especially the @emph{ws2bth} header). |
4670 | 4670 | ||
4671 | Besides the fact that it uses the Windows Sockets, the Windows | 4671 | Besides the fact that it uses the Windows Sockets, the Windows |
4672 | implemenation follows the same principles as the GNU/Linux one: | 4672 | implementation follows the same principles as the GNU/Linux one: |
4673 | 4673 | ||
4674 | @itemize @bullet | 4674 | @itemize @bullet |
4675 | @item It has a initalization part where it initializes the | 4675 | @item It has a initalization part where it initializes the |
@@ -4714,7 +4714,7 @@ broadcast messages. When it receives a broadcast message it will skip it. | |||
4714 | @item Implement the broadcast functionality on Windows @emph{(currently | 4714 | @item Implement the broadcast functionality on Windows @emph{(currently |
4715 | working on)} | 4715 | working on)} |
4716 | @item Implement a testcase for the helper :@ @emph{The testcase | 4716 | @item Implement a testcase for the helper :@ @emph{The testcase |
4717 | consists of a program which emaluates the plugin and uses the helper. It | 4717 | consists of a program which emulates the plugin and uses the helper. It |
4718 | will simulate connections, disconnections and data transfers.} | 4718 | will simulate connections, disconnections and data transfers.} |
4719 | @end itemize | 4719 | @end itemize |
4720 | 4720 | ||
@@ -4902,7 +4902,7 @@ peers connecting, peers disconnecting and incoming messages) and send | |||
4902 | messages to connected peers using | 4902 | messages to connected peers using |
4903 | @code{GNUNET_CORE_notify_transmit_ready}. Note that applications must | 4903 | @code{GNUNET_CORE_notify_transmit_ready}. Note that applications must |
4904 | cancel pending transmission requests if they receive a disconnect event | 4904 | cancel pending transmission requests if they receive a disconnect event |
4905 | for a peer that had a transmission pending; furthermore, queueing more | 4905 | for a peer that had a transmission pending; furthermore, queuing more |
4906 | than one transmission request per peer per application using the | 4906 | than one transmission request per peer per application using the |
4907 | service is not permitted. | 4907 | service is not permitted. |
4908 | 4908 | ||
@@ -5197,11 +5197,11 @@ The API is heavily base on the CORE API. | |||
5197 | CADET delivers messages to other peers in "channels". | 5197 | CADET delivers messages to other peers in "channels". |
5198 | A channel is a permanent connection defined by a destination peer | 5198 | A channel is a permanent connection defined by a destination peer |
5199 | (identified by its public key) and a port number. | 5199 | (identified by its public key) and a port number. |
5200 | Internally, CADET tunnels all channels towards a destiantion peer | 5200 | Internally, CADET tunnels all channels towards a destination peer |
5201 | using one session key and relays the data on multiple "connections", | 5201 | using one session key and relays the data on multiple "connections", |
5202 | independent from the channels. | 5202 | independent from the channels. |
5203 | 5203 | ||
5204 | Each channel has optional paramenters, the most important being the | 5204 | Each channel has optional parameters, the most important being the |
5205 | reliability flag. | 5205 | reliability flag. |
5206 | Should a message get lost on TRANSPORT/CORE level, if a channel is | 5206 | Should a message get lost on TRANSPORT/CORE level, if a channel is |
5207 | created with as reliable, CADET will retransmit the lost message and | 5207 | created with as reliable, CADET will retransmit the lost message and |
@@ -5242,15 +5242,15 @@ case. To be alerted when a channel is online, a client can call | |||
5242 | @code{GNUNET_CADET_notify_transmit_ready} immediately after | 5242 | @code{GNUNET_CADET_notify_transmit_ready} immediately after |
5243 | @code{GNUNET_CADET_create_channel}. When the callback is activated, it | 5243 | @code{GNUNET_CADET_create_channel}. When the callback is activated, it |
5244 | means that the channel is online. The callback can give 0 bytes to CADET | 5244 | means that the channel is online. The callback can give 0 bytes to CADET |
5245 | if no message is to be sent, this is ok. | 5245 | if no message is to be sent, this is OK. |
5246 | 5246 | ||
5247 | If a transmission was requested but before the callback fires it is no | 5247 | If a transmission was requested but before the callback fires it is no |
5248 | longer needed, it can be cancelled with | 5248 | longer needed, it can be canceled with |
5249 | @code{GNUNET_CADET_notify_transmit_ready_cancel}, which uses the handle | 5249 | @code{GNUNET_CADET_notify_transmit_ready_cancel}, which uses the handle |
5250 | given back by @code{GNUNET_CADET_notify_transmit_ready}. | 5250 | given back by @code{GNUNET_CADET_notify_transmit_ready}. |
5251 | As in the case of CORE, only one message can be requested at a time: a | 5251 | As in the case of CORE, only one message can be requested at a time: a |
5252 | client must not call @code{GNUNET_CADET_notify_transmit_ready} again until | 5252 | client must not call @code{GNUNET_CADET_notify_transmit_ready} again until |
5253 | the callback is called or the request is cancelled. | 5253 | the callback is called or the request is canceled. |
5254 | 5254 | ||
5255 | When a channel is no longer needed, a client can call | 5255 | When a channel is no longer needed, a client can call |
5256 | @code{GNUNET_CADET_channel_destroy} to get rid of it. | 5256 | @code{GNUNET_CADET_channel_destroy} to get rid of it. |
@@ -5298,10 +5298,10 @@ all of the details can be found in this technical report. | |||
5298 | @subsection Motivation | 5298 | @subsection Motivation |
5299 | 5299 | ||
5300 | 5300 | ||
5301 | Some subsytems, like DHT, need to know the size of the GNUnet network to | 5301 | Some subsystems, like DHT, need to know the size of the GNUnet network to |
5302 | optimize some parameters of their own protocol. The decentralized nature | 5302 | optimize some parameters of their own protocol. The decentralized nature |
5303 | of GNUnet makes efficient and securely counting the exact number of peers | 5303 | of GNUnet makes efficient and securely counting the exact number of peers |
5304 | infeasable. Although there are several decentralized algorithms to count | 5304 | infeasible. Although there are several decentralized algorithms to count |
5305 | the number of peers in a system, so far there is none to do so securely. | 5305 | the number of peers in a system, so far there is none to do so securely. |
5306 | Other protocols may allow any malicious peer to manipulate the final | 5306 | Other protocols may allow any malicious peer to manipulate the final |
5307 | result or to take advantage of the system to perform | 5307 | result or to take advantage of the system to perform |
@@ -5323,7 +5323,7 @@ GNUnet's NSE protocol avoids these drawbacks. | |||
5323 | The NSE subsystem is designed to be resilient against these attacks. | 5323 | The NSE subsystem is designed to be resilient against these attacks. |
5324 | It uses @uref{http://en.wikipedia.org/wiki/Proof-of-work_system, proofs of work} | 5324 | It uses @uref{http://en.wikipedia.org/wiki/Proof-of-work_system, proofs of work} |
5325 | to prevent one peer from impersonating a large number of participants, | 5325 | to prevent one peer from impersonating a large number of participants, |
5326 | which would otherwise allow an adversary to artifically inflate the | 5326 | which would otherwise allow an adversary to artificially inflate the |
5327 | estimate. | 5327 | estimate. |
5328 | The DoS protection comes from the time-based nature of the protocol: | 5328 | The DoS protection comes from the time-based nature of the protocol: |
5329 | the estimates are calculated periodically and out-of-time traffic is | 5329 | the estimates are calculated periodically and out-of-time traffic is |
@@ -5385,7 +5385,7 @@ to all the other peers, who will calculate the estimate from it. | |||
5385 | The target value itself is generated by hashing the current time, rounded | 5385 | The target value itself is generated by hashing the current time, rounded |
5386 | down to an agreed value. If the rounding amount is 1h (default) and the | 5386 | down to an agreed value. If the rounding amount is 1h (default) and the |
5387 | time is 12:34:56, the time to hash would be 12:00:00. The process is | 5387 | time is 12:34:56, the time to hash would be 12:00:00. The process is |
5388 | repeated each rouning amount (in this example would be every hour). | 5388 | repeated each rounding amount (in this example would be every hour). |
5389 | Every repetition is called a round. | 5389 | Every repetition is called a round. |
5390 | 5390 | ||
5391 | @node Timing | 5391 | @node Timing |
@@ -5397,12 +5397,12 @@ its ID all at one. Once each peer has the target random value, it | |||
5397 | compares its own ID to the target and calculates the hypothetical size of | 5397 | compares its own ID to the target and calculates the hypothetical size of |
5398 | the network if that peer were to be the closest. | 5398 | the network if that peer were to be the closest. |
5399 | Then it compares the hypothetical size with the estimate from the previous | 5399 | Then it compares the hypothetical size with the estimate from the previous |
5400 | rounds. For each value there is an assiciated point in the period, | 5400 | rounds. For each value there is an associated point in the period, |
5401 | let's call it "broadcast time". If its own hypothetical estimate | 5401 | let's call it "broadcast time". If its own hypothetical estimate |
5402 | is the same as the previous global estimate, its "broadcast time" will be | 5402 | is the same as the previous global estimate, its "broadcast time" will be |
5403 | in the middle of the round. If its bigger it will be earlier and if its | 5403 | in the middle of the round. If its bigger it will be earlier and if its |
5404 | smaller (the most likely case) it will be later. This ensures that the | 5404 | smaller (the most likely case) it will be later. This ensures that the |
5405 | peers closests to the target value start broadcasting their ID the first. | 5405 | peers closest to the target value start broadcasting their ID the first. |
5406 | 5406 | ||
5407 | @node Controlled Flooding | 5407 | @node Controlled Flooding |
5408 | @subsubsection Controlled Flooding | 5408 | @subsubsection Controlled Flooding |
@@ -5415,7 +5415,7 @@ with a message containing the better value. Then it checks a proof of | |||
5415 | work that must be included in the incoming message, to ensure that the | 5415 | work that must be included in the incoming message, to ensure that the |
5416 | other peer's ID is not made up (otherwise a malicious peer could claim to | 5416 | other peer's ID is not made up (otherwise a malicious peer could claim to |
5417 | have an ID of exactly the target value every round). Once validated, it | 5417 | have an ID of exactly the target value every round). Once validated, it |
5418 | compares the brodcast time of the received value with the current time | 5418 | compares the broadcast time of the received value with the current time |
5419 | and if it's not too early, sends the received value to its neighbors. | 5419 | and if it's not too early, sends the received value to its neighbors. |
5420 | Otherwise it stores the value until the correct broadcast time comes. | 5420 | Otherwise it stores the value until the correct broadcast time comes. |
5421 | This prevents unnecessary traffic of sub-optimal values, since a better | 5421 | This prevents unnecessary traffic of sub-optimal values, since a better |
@@ -5429,7 +5429,7 @@ to the neighbors. | |||
5429 | @c %**end of header | 5429 | @c %**end of header |
5430 | 5430 | ||
5431 | Once the closest ID has been spread across the network each peer gets the | 5431 | Once the closest ID has been spread across the network each peer gets the |
5432 | exact distance betweed this ID and the target value of the round and | 5432 | exact distance between this ID and the target value of the round and |
5433 | calculates the estimate with a mathematical formula described in the tech | 5433 | calculates the estimate with a mathematical formula described in the tech |
5434 | report. The estimate generated with this method for a single round is not | 5434 | report. The estimate generated with this method for a single round is not |
5435 | very precise. Remember the case of the example, where the only peer is the | 5435 | very precise. Remember the case of the example, where the only peer is the |
@@ -5453,7 +5453,7 @@ calls: @code{GNUNET_NSE_connect} and @code{GNUNET_NSE_disconnect}. | |||
5453 | The connect call gets a callback function as a parameter and this function | 5453 | The connect call gets a callback function as a parameter and this function |
5454 | is called each time the network agrees on an estimate. This usually is | 5454 | is called each time the network agrees on an estimate. This usually is |
5455 | once per round, with some exceptions: if the closest peer has a late | 5455 | once per round, with some exceptions: if the closest peer has a late |
5456 | local clock and starts spreading his ID after everyone else agreed on a | 5456 | local clock and starts spreading its ID after everyone else agreed on a |
5457 | value, the callback might be activated twice in a round, the second value | 5457 | value, the callback might be activated twice in a round, the second value |
5458 | being always bigger than the first. The default round time is set to | 5458 | being always bigger than the first. The default round time is set to |
5459 | 1 hour. | 5459 | 1 hour. |
@@ -5503,7 +5503,7 @@ size is between one third and three times the estimate. This can of | |||
5503 | course vary with network conditions. | 5503 | course vary with network conditions. |
5504 | Thus, applications may want to also consider the provided standard | 5504 | Thus, applications may want to also consider the provided standard |
5505 | deviation value, not only the average (in particular, if the standard | 5505 | deviation value, not only the average (in particular, if the standard |
5506 | veriation is very high, the average maybe meaningless: the network size is | 5506 | variation is very high, the average maybe meaningless: the network size is |
5507 | changing rapidly). | 5507 | changing rapidly). |
5508 | 5508 | ||
5509 | @node libgnunetnse - Examples | 5509 | @node libgnunetnse - Examples |
@@ -5579,12 +5579,12 @@ is what we are flooding the network with right now. | |||
5579 | At the beginning of each round the peer does the following: | 5579 | At the beginning of each round the peer does the following: |
5580 | 5580 | ||
5581 | @itemize @bullet | 5581 | @itemize @bullet |
5582 | @item calculates his own distance to the target value | 5582 | @item calculates its own distance to the target value |
5583 | @item creates, signs and stores the message for the current round (unless | 5583 | @item creates, signs and stores the message for the current round (unless |
5584 | it has a better message in the "next round" slot which came early in the | 5584 | it has a better message in the "next round" slot which came early in the |
5585 | previous round) | 5585 | previous round) |
5586 | @item calculates, based on the stored round message (own or received) when | 5586 | @item calculates, based on the stored round message (own or received) when |
5587 | to stard flooding it to its neighbors | 5587 | to start flooding it to its neighbors |
5588 | @end itemize | 5588 | @end itemize |
5589 | 5589 | ||
5590 | Upon receiving a message the peer checks the validity of the message | 5590 | Upon receiving a message the peer checks the validity of the message |
@@ -6085,7 +6085,7 @@ convenience API to do just that. Use @code{GNUNET_IDENTITY_ego_lookup} to | |||
6085 | lookup a single ego by name. Note that this is the user's name for the | 6085 | lookup a single ego by name. Note that this is the user's name for the |
6086 | ego, not the service function. The resulting ego will be returned via a | 6086 | ego, not the service function. The resulting ego will be returned via a |
6087 | callback and will only be valid during that callback. The operation can | 6087 | callback and will only be valid during that callback. The operation can |
6088 | be cancelled via @code{GNUNET_IDENTITY_ego_lookup_cancel} | 6088 | be canceled via @code{GNUNET_IDENTITY_ego_lookup_cancel} |
6089 | (cancellation is only legal before the callback is invoked). | 6089 | (cancellation is only legal before the callback is invoked). |
6090 | 6090 | ||
6091 | @node Associating egos with service functions | 6091 | @node Associating egos with service functions |
@@ -6215,8 +6215,8 @@ So a client has first to retrieve records, merge with existing records | |||
6215 | and then store the result. | 6215 | and then store the result. |
6216 | 6216 | ||
6217 | To perform a lookup operation, the client uses the | 6217 | To perform a lookup operation, the client uses the |
6218 | @code{GNUNET_NAMESTORE_records_store} function. Here he has to pass the | 6218 | @code{GNUNET_NAMESTORE_records_store} function. Here it has to pass the |
6219 | namestore handle, the private key of the zone and the label. He also has | 6219 | namestore handle, the private key of the zone and the label. It also has |
6220 | to provide a callback function which will be called with the result of | 6220 | to provide a callback function which will be called with the result of |
6221 | the lookup operation: | 6221 | the lookup operation: |
6222 | the zone for the records, the label, and the records including the | 6222 | the zone for the records, the label, and the records including the |
@@ -6239,7 +6239,7 @@ by NAMESTORE. | |||
6239 | Here a client uses the @code{GNUNET_NAMESTORE_zone_iteration_start} | 6239 | Here a client uses the @code{GNUNET_NAMESTORE_zone_iteration_start} |
6240 | function and passes the namestore handle, the zone to iterate over and a | 6240 | function and passes the namestore handle, the zone to iterate over and a |
6241 | callback function to call with the result. | 6241 | callback function to call with the result. |
6242 | If the client wants to iterate over all the, he passes NULL for the zone. | 6242 | If the client wants to iterate over all the WHAT!? FIXME, it passes NULL for the zone. |
6243 | A @code{GNUNET_NAMESTORE_ZoneIterator} handle is returned to be used to | 6243 | A @code{GNUNET_NAMESTORE_ZoneIterator} handle is returned to be used to |
6244 | continue iteration. | 6244 | continue iteration. |
6245 | 6245 | ||
@@ -6658,7 +6658,7 @@ The size of an element's data is limited to around 62 KB. | |||
6658 | 6658 | ||
6659 | Sets created by a local client can be modified and reused for multiple | 6659 | Sets created by a local client can be modified and reused for multiple |
6660 | operations. As each set operation requires potentially expensive special | 6660 | operations. As each set operation requires potentially expensive special |
6661 | auxilliary data to be computed for each element of a set, a set can only | 6661 | auxiliary data to be computed for each element of a set, a set can only |
6662 | participate in one type of set operation (i.e. union or intersection). | 6662 | participate in one type of set operation (i.e. union or intersection). |
6663 | The type of a set is determined upon its creation. | 6663 | The type of a set is determined upon its creation. |
6664 | If a the elements of a set are needed for an operation of a different | 6664 | If a the elements of a set are needed for an operation of a different |
@@ -6778,7 +6778,7 @@ until the client calls @code{GNUNET_SET_commit} | |||
6778 | @c %**end of header | 6778 | @c %**end of header |
6779 | 6779 | ||
6780 | To create symmetry between the two ways of starting a set operation | 6780 | To create symmetry between the two ways of starting a set operation |
6781 | (accepting and nitiating it), the operation handles returned by | 6781 | (accepting and initiating it), the operation handles returned by |
6782 | @code{GNUNET_SET_accept} and @code{GNUNET_SET_prepare} do not yet have a | 6782 | @code{GNUNET_SET_accept} and @code{GNUNET_SET_prepare} do not yet have a |
6783 | set to operate on, thus they can not do any work yet. | 6783 | set to operate on, thus they can not do any work yet. |
6784 | 6784 | ||
@@ -6935,10 +6935,10 @@ number of iterations). | |||
6935 | The receiver of the message removes all elements from its local set that | 6935 | The receiver of the message removes all elements from its local set that |
6936 | do not pass the Bloom filter test. | 6936 | do not pass the Bloom filter test. |
6937 | It then checks if the set size of the sender and the XOR over the keys | 6937 | It then checks if the set size of the sender and the XOR over the keys |
6938 | match what is left of his own set. If they do, he sends a | 6938 | match what is left of its own set. If they do, it sends a |
6939 | @code{GNUNET_MESSAGE_TYPE_SET_INTERSECTION_P2P_DONE} back to indicate | 6939 | @code{GNUNET_MESSAGE_TYPE_SET_INTERSECTION_P2P_DONE} back to indicate |
6940 | that the latest set is the final result. | 6940 | that the latest set is the final result. |
6941 | Otherwise, the receiver starts another Bloom fitler exchange, except | 6941 | Otherwise, the receiver starts another Bloom filter exchange, except |
6942 | this time as the sender. | 6942 | this time as the sender. |
6943 | 6943 | ||
6944 | @node Salt | 6944 | @node Salt |
@@ -6946,7 +6946,7 @@ this time as the sender. | |||
6946 | 6946 | ||
6947 | @c %**end of header | 6947 | @c %**end of header |
6948 | 6948 | ||
6949 | Bloomfilter operations are probablistic: With some non-zero probability | 6949 | Bloomfilter operations are probabilistic: With some non-zero probability |
6950 | the test may incorrectly say an element is in the set, even though it is | 6950 | the test may incorrectly say an element is in the set, even though it is |
6951 | not. | 6951 | not. |
6952 | 6952 | ||
@@ -6999,7 +6999,7 @@ message. If the IBF fully decodes, the peer responds with a | |||
6999 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_DONE message instead of another | 6999 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_DONE message instead of another |
7000 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_IBF. | 7000 | GNUNET_MESSAGE_TYPE_SET_UNION_P2P_IBF. |
7001 | 7001 | ||
7002 | All Bloom filter operations use a salt to mingle keys before hasing them | 7002 | All Bloom filter operations use a salt to mingle keys before hashing them |
7003 | into buckets, such that future iterations have a fresh chance of | 7003 | into buckets, such that future iterations have a fresh chance of |
7004 | succeeding if they failed due to collisions before. | 7004 | succeeding if they failed due to collisions before. |
7005 | 7005 | ||
@@ -7557,7 +7557,7 @@ already knows more than about a thousand blocks may need to send | |||
7557 | several of these messages. Naturally, the client should transmit these | 7557 | several of these messages. Naturally, the client should transmit these |
7558 | messages as quickly as possible after the original GET request such that | 7558 | messages as quickly as possible after the original GET request such that |
7559 | the DHT can filter those results in the network early on. Naturally, as | 7559 | the DHT can filter those results in the network early on. Naturally, as |
7560 | these messages are sent after the original request, it is conceivalbe | 7560 | these messages are sent after the original request, it is conceivable |
7561 | that the DHT service may return blocks that match those already known | 7561 | that the DHT service may return blocks that match those already known |
7562 | to the client anyway. | 7562 | to the client anyway. |
7563 | 7563 | ||
@@ -7670,7 +7670,7 @@ duplicate results) and when they obtain a matching, non-filtered response | |||
7670 | a @code{struct PeerResultMessage} of type | 7670 | a @code{struct PeerResultMessage} of type |
7671 | @code{GNUNET_MESSAGE_TYPE_DHT_P2P_RESULT} is forwarded to the previous | 7671 | @code{GNUNET_MESSAGE_TYPE_DHT_P2P_RESULT} is forwarded to the previous |
7672 | hop. | 7672 | hop. |
7673 | Whenver a result is forwarded, the block plugin is used to update the | 7673 | Whenever a result is forwarded, the block plugin is used to update the |
7674 | Bloom filter accordingly, to ensure that the same result is never | 7674 | Bloom filter accordingly, to ensure that the same result is never |
7675 | forwarded more than once. | 7675 | forwarded more than once. |
7676 | The DHT service may also cache forwarded results locally if the | 7676 | The DHT service may also cache forwarded results locally if the |
@@ -7737,7 +7737,7 @@ record types. | |||
7737 | 7737 | ||
7738 | @c %**end of header | 7738 | @c %**end of header |
7739 | 7739 | ||
7740 | The GNS API itself is extremely simple. Clients first connec to the | 7740 | The GNS API itself is extremely simple. Clients first connect to the |
7741 | GNS service using @code{GNUNET_GNS_connect}. | 7741 | GNS service using @code{GNUNET_GNS_connect}. |
7742 | They can then perform lookups using @code{GNUNET_GNS_lookup} or cancel | 7742 | They can then perform lookups using @code{GNUNET_GNS_lookup} or cancel |
7743 | pending lookups using @code{GNUNET_GNS_lookup_cancel}. | 7743 | pending lookups using @code{GNUNET_GNS_lookup_cancel}. |
@@ -7786,9 +7786,9 @@ their respective zones can automatically be learned and added to the | |||
7786 | the shorten zone. If NULL is passed, shortening is disabled. | 7786 | the shorten zone. If NULL is passed, shortening is disabled. |
7787 | @item proc This argument identifies | 7787 | @item proc This argument identifies |
7788 | the function to call with the result. It is given proc_cls, the number of | 7788 | the function to call with the result. It is given proc_cls, the number of |
7789 | records found (possilby zero) and the array of the records as arguments. | 7789 | records found (possibly zero) and the array of the records as arguments. |
7790 | proc will only be called once. After proc,> has been called, the lookup | 7790 | proc will only be called once. After proc,> has been called, the lookup |
7791 | must no longer be cancelled. | 7791 | must no longer be canceled. |
7792 | @item proc_cls The closure for proc. | 7792 | @item proc_cls The closure for proc. |
7793 | @end table | 7793 | @end table |
7794 | 7794 | ||
@@ -7943,7 +7943,7 @@ This is merely one method for how we can obtain GNS queries. | |||
7943 | It is also possible to change @code{resolv.conf} to point to a machine | 7943 | It is also possible to change @code{resolv.conf} to point to a machine |
7944 | running @code{gnunet-dns2gns} or to modify libc's name system switch | 7944 | running @code{gnunet-dns2gns} or to modify libc's name system switch |
7945 | (NSS) configuration to include a GNS resolution plugin. | 7945 | (NSS) configuration to include a GNS resolution plugin. |
7946 | The method described in this chaper is more of a last-ditch catch-all | 7946 | The method described in this chapter is more of a last-ditch catch-all |
7947 | approach. | 7947 | approach. |
7948 | 7948 | ||
7949 | @code{gnunet-service-dns} enables intercepting DNS traffic using policy | 7949 | @code{gnunet-service-dns} enables intercepting DNS traffic using policy |
@@ -8111,8 +8111,8 @@ This returns the handle required for all other operations on the | |||
8111 | NAMECACHE. Using @code{GNUNET_NAMECACHE_block_cache} clients can insert a | 8111 | NAMECACHE. Using @code{GNUNET_NAMECACHE_block_cache} clients can insert a |
8112 | block into the cache. | 8112 | block into the cache. |
8113 | @code{GNUNET_NAMECACHE_lookup_block} can be used to lookup blocks that | 8113 | @code{GNUNET_NAMECACHE_lookup_block} can be used to lookup blocks that |
8114 | were stored in the NAMECACHE. Both operations can be cancelled using | 8114 | were stored in the NAMECACHE. Both operations can be canceled using |
8115 | @code{GNUNET_NAMECACHE_cancel}. Note that cancelling a | 8115 | @code{GNUNET_NAMECACHE_cancel}. Note that canceling a |
8116 | @code{GNUNET_NAMECACHE_block_cache} operation can result in the block | 8116 | @code{GNUNET_NAMECACHE_block_cache} operation can result in the block |
8117 | being stored in the NAMECACHE --- or not. Cancellation primarily ensures | 8117 | being stored in the NAMECACHE --- or not. Cancellation primarily ensures |
8118 | that the continuation function with the result of the operation will no | 8118 | that the continuation function with the result of the operation will no |
@@ -8239,7 +8239,7 @@ When a revocation is performed, the revocation is first of all | |||
8239 | disseminated by flooding the overlay network. | 8239 | disseminated by flooding the overlay network. |
8240 | The goal is to reach every peer, so that when a peer needs to check if a | 8240 | The goal is to reach every peer, so that when a peer needs to check if a |
8241 | key has been revoked, this will be purely a local operation where the | 8241 | key has been revoked, this will be purely a local operation where the |
8242 | peer looks at his local revocation list. Flooding the network is also the | 8242 | peer looks at its local revocation list. Flooding the network is also the |
8243 | most robust form of key revocation --- an adversary would have to control | 8243 | most robust form of key revocation --- an adversary would have to control |
8244 | a separator of the overlay graph to restrict the propagation of the | 8244 | a separator of the overlay graph to restrict the propagation of the |
8245 | revocation message. Flooding is also very easy to implement --- peers that | 8245 | revocation message. Flooding is also very easy to implement --- peers that |
@@ -8299,7 +8299,7 @@ revocations. | |||
8299 | @code{GNUNET_REVOCATION_query} is used to check if a given ECDSA public | 8299 | @code{GNUNET_REVOCATION_query} is used to check if a given ECDSA public |
8300 | key has been revoked. | 8300 | key has been revoked. |
8301 | The given callback will be invoked with the result of the check. | 8301 | The given callback will be invoked with the result of the check. |
8302 | The query can be cancelled using @code{GNUNET_REVOCATION_query_cancel} on | 8302 | The query can be canceled using @code{GNUNET_REVOCATION_query_cancel} on |
8303 | the return value. | 8303 | the return value. |
8304 | 8304 | ||
8305 | @node Preparing revocations | 8305 | @node Preparing revocations |
@@ -8477,7 +8477,7 @@ metadata describing the content of the namespace. | |||
8477 | Instead of the name of the identifier for a potential update, it contains | 8477 | Instead of the name of the identifier for a potential update, it contains |
8478 | the identifier for the root of the namespace. | 8478 | the identifier for the root of the namespace. |
8479 | The URI should always be empty. The @code{SBlock} is signed with the | 8479 | The URI should always be empty. The @code{SBlock} is signed with the |
8480 | content provder's RSA private key (just like any other SBlock). Peers | 8480 | content provider's RSA private key (just like any other SBlock). Peers |
8481 | can search for @code{SBlock}s in order to find out more about a namespace. | 8481 | can search for @code{SBlock}s in order to find out more about a namespace. |
8482 | 8482 | ||
8483 | @node KSBlocks | 8483 | @node KSBlocks |
@@ -8800,5 +8800,5 @@ so please make sure that endpoints are unambiguous. | |||
8800 | @subsection Endpoint documentation | 8800 | @subsection Endpoint documentation |
8801 | 8801 | ||
8802 | This is WIP. Endpoints should be documented appropriately. | 8802 | This is WIP. Endpoints should be documented appropriately. |
8803 | Perferably using annotations. | 8803 | Preferably using annotations. |
8804 | 8804 | ||
diff --git a/doc/documentation/chapters/installation.texi b/doc/documentation/chapters/installation.texi new file mode 100644 index 000000000..d66d72ae5 --- /dev/null +++ b/doc/documentation/chapters/installation.texi | |||
@@ -0,0 +1,158 @@ | |||
1 | @node Installing GNUnet | ||
2 | @chapter Installing GNUnet | ||
3 | |||
4 | This guide is intended for those who want to install Gnunet from source. For instructions on how to install GNUnet as a binary package please refer to the official documentation of your operating system or package manager. | ||
5 | |||
6 | @node Getting the Source Code | ||
7 | @section Installing dependencies | ||
8 | GNUnet needs few libraries and applications for being able to run and another few optional ones for using certain features. Preferably they should be installed with a package manager. Just in case we include a link to the project websites. | ||
9 | |||
10 | The mandatory libraries and applications are | ||
11 | @itemize @bullet | ||
12 | @item libtool | ||
13 | @item autoconf >= version 2.59 | ||
14 | @item automake >= version 1.11.1 | ||
15 | @item pkg-config | ||
16 | @item libgcrypt >= version 1.6 | ||
17 | @item libextractor | ||
18 | @item libidn | ||
19 | @item libmicrohttpd >= version 0.9.52 | ||
20 | @item libnss | ||
21 | @item libunistring | ||
22 | @item gettext | ||
23 | @item glibc | ||
24 | @item libgmp | ||
25 | @item gnutls | ||
26 | @item libcurl (has to be linked to GnuTLS) or libgnurl | ||
27 | @item zlib | ||
28 | @end itemize | ||
29 | |||
30 | In addition GNUnet needs one of of these three databases | ||
31 | @itemize @bullet | ||
32 | @item sqlite + libsqlite (the default, requires no further configuration) | ||
33 | @item postgres + libpq | ||
34 | @item mysql + libmysqlclient | ||
35 | @end itemize | ||
36 | |||
37 | These are the dependencies only required for certain features | ||
38 | @itemize @bullet | ||
39 | @item Texinfo (for building the documentation) | ||
40 | @item Texlive (for building the documentation) | ||
41 | @item miniupnpc (for traversing NAT boxes more reliably) | ||
42 | @item libopus (for running the GNUnet conversation telephony application) | ||
43 | @item libpulse (for running the GNUnet conversation telephony application) | ||
44 | @item libogg (for running the GNUnet conversation telephony application) | ||
45 | @item bluez (for bluetooth support) | ||
46 | @item libpbc (for attribute-based encryption and the identity provider subsystem) | ||
47 | @item libgabe (for attribute-based encryption and the identity provider subsystem) | ||
48 | @end itemize | ||
49 | |||
50 | |||
51 | @section Getting the Source Code | ||
52 | You can either download the source code using git (you obviously need git installed) or as an archive. | ||
53 | |||
54 | Using git type | ||
55 | @example | ||
56 | git clone https://gnunet.org/git/gnunet.git | ||
57 | @end example | ||
58 | |||
59 | The archive can be found at @uref{https://gnunet.org/downloads}. Extract it using a graphical archive tool or @code{tar}: | ||
60 | @example | ||
61 | tar xzvf gnunet-0.11.0pre66.tar.gz | ||
62 | @end example | ||
63 | |||
64 | In the next chapter we will assume that the source code is available in the home directory at @code{~/gnunet}. | ||
65 | |||
66 | @section Create @code{gnunet} user and group | ||
67 | The GNUnet services should be run as a dedicated user called @code{gnunet}. For using them a user should be in the same group as this system user. | ||
68 | |||
69 | Create user @code{gnunet} who is member of the group @code{gnunet} and specify a home directory where the GNUnet services will store persistant data such as information about peers. | ||
70 | @example | ||
71 | $ sudo useradd --system --groups gnunet --home-dir /var/lib/gnunet | ||
72 | @end example | ||
73 | |||
74 | Now add your own user to the @code{gnunet} group. | ||
75 | @example | ||
76 | $ sudo adduser alice gnunet | ||
77 | @end example | ||
78 | |||
79 | @section Preparing and Compiling the Source Code | ||
80 | For preparing the source code for compilation a bootstrap script and @code{configure} has to be run from the source code directory. When running @code{configure} the following options can be specified to customize the compilation and installation process: | ||
81 | |||
82 | @itemize @bullet | ||
83 | @item @code{--disable-documentation} - don't build the configuration documents | ||
84 | @item @code{--enable-looging=[LOGLEVEL]} - choose a loglevel (@code{debug}, @code{info}, @code{warning} or @code{error}) | ||
85 | @item @code{--prefix=[PATH]} - the directory where the GNUnet libraries and binaries will be installed | ||
86 | @item @code{--with-extractor=[PATH]} - the path to libextractor | ||
87 | @item @code{--with-libidn=[PATH]} - the path to libidn | ||
88 | @item @code{--with-microhttpd=[PATH]} - the path to libmicrohttpd | ||
89 | @item @code{--with-sqlite=[PATH]} - the path to libsqlite | ||
90 | @item @code{--with-zlib=[PATH]} - the path to zlib | ||
91 | @item @code{--with-sudo=[PATH]} - path to the sudo binary (no need to run @code{make install} as root if specified) | ||
92 | @end itemize | ||
93 | |||
94 | The following example configures the installation prefix @code{/usr/lib} and disables building the documentation | ||
95 | @example | ||
96 | $ cd ~/gnunet | ||
97 | $ ./bootstrap | ||
98 | $ configure --prefix=/usr/lib --disable-configuration | ||
99 | @end example | ||
100 | |||
101 | After running the bootstrap script and @code{configure} successfully the source code can be compiled with make. Here @code{-j5} specifies that 5 threads should be used. | ||
102 | @example | ||
103 | $ make -j5 | ||
104 | @end example | ||
105 | |||
106 | |||
107 | @section Installation | ||
108 | The compiled binaries can be installed using @code{make install}. It needs to be run as root (or with sudo) because some binaries need the @code{suid} bit set. Without that some GNUnet subsystems (such as VPN) will not work. | ||
109 | |||
110 | @example | ||
111 | $ sudo make install | ||
112 | @end example | ||
113 | |||
114 | One important library is the GNS plugin for NSS (the name services switch) which allows using GNS (the GNU name system) in the normal DNS resolution process. Unfortunately NSS expects it in a specific location (probably @code{/lib}) which may differ from the installation prefix (see @code{--prefix} option in the previous section). This is why the pugin has to be installed manually. | ||
115 | |||
116 | Find the directory where nss plugins are installed on your system, e.g. | ||
117 | |||
118 | @example | ||
119 | $ ls -l /lib/libnss_* | ||
120 | /lib/libnss_mymachines.so.2 | ||
121 | /lib/libnss_resolve.so.2 | ||
122 | /lib/libnss_myhostname.so.2 | ||
123 | /lib/libnss_systemd.so.2 | ||
124 | @end example | ||
125 | |||
126 | Copy the GNS NSS plugin to that directory: | ||
127 | |||
128 | @example | ||
129 | cp ~/gnunet/src/gns/nss/libnss_gns.so.2 /lib | ||
130 | @end example | ||
131 | |||
132 | Now, to activate the plugin, you need to edit your @code{/etc/nsswitch.conf} where you should find a line like this: | ||
133 | |||
134 | @example | ||
135 | hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
136 | @end example | ||
137 | |||
138 | The exact details may differ a bit, which is fine. Add the text @code{"gns [NOTFOUND=return]"} after @code{"files"}. | ||
139 | |||
140 | @example | ||
141 | hosts: files gns [NOTFOUND=return] mdns4_minimal [NOTFOUND=return] dns mdns4 | ||
142 | @end example | ||
143 | |||
144 | Optionally, if GNS shall be used with a browser, execute the GNS CA-setup script. It will isetup the GNS Certificate Authority with the user's browser. | ||
145 | @example | ||
146 | $ gnunet-gns-proxy-setup-ca | ||
147 | @end example | ||
148 | |||
149 | Finally install a configuration file in @code{~/.gnunet/gnunet.conf}. Below you find an example config which allows you to start GNUnet. | ||
150 | |||
151 | @example | ||
152 | [arm] | ||
153 | SYSTEM_ONLY = NO | ||
154 | USER_ONLY = NO | ||
155 | |||
156 | [transport] | ||
157 | PLUGINS = tcp | ||
158 | @end example | ||
diff --git a/doc/documentation/chapters/keyconcepts.texi b/doc/documentation/chapters/keyconcepts.texi new file mode 100644 index 000000000..55f79f1c7 --- /dev/null +++ b/doc/documentation/chapters/keyconcepts.texi | |||
@@ -0,0 +1,308 @@ | |||
1 | |||
2 | @cindex Key Concepts | ||
3 | @node Key Concepts | ||
4 | @chapter Key Concepts | ||
5 | |||
6 | In this section, the fundamental concepts of GNUnet are explained. | ||
7 | @c FIXME: Use @uref{https://docs.gnunet.org/bib/, research papers} | ||
8 | @c once we have the new bibliography + subdomain setup. | ||
9 | Most of them are also described in our research papers. | ||
10 | First, some of the concepts used in the GNUnet framework are detailed. | ||
11 | The second part describes concepts specific to anonymous file-sharing. | ||
12 | |||
13 | @menu | ||
14 | * Authentication:: | ||
15 | * Accounting to Encourage Resource Sharing:: | ||
16 | * Confidentiality:: | ||
17 | * Anonymity:: | ||
18 | * Deniability:: | ||
19 | * Peer Identities:: | ||
20 | * Zones in the GNU Name System (GNS Zones):: | ||
21 | * Egos:: | ||
22 | @end menu | ||
23 | |||
24 | @cindex Authentication | ||
25 | @node Authentication | ||
26 | @section Authentication | ||
27 | |||
28 | Almost all peer-to-peer communications in GNUnet are between mutually | ||
29 | authenticated peers. The authentication works by using ECDHE, that is a | ||
30 | DH (Diffie---Hellman) key exchange using ephemeral elliptic curve | ||
31 | cryptography. The ephemeral ECC (Elliptic Curve Cryptography) keys are | ||
32 | signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}). | ||
33 | The shared secret from ECDHE is used to create a pair of session keys | ||
34 | @c FIXME: Long word for HKDF. More FIXMEs: Explain MITM etc. | ||
35 | (using HKDF) which are then used to encrypt the communication between the | ||
36 | two peers using both 256-bit AES (Advanced Encryption Standard) | ||
37 | and 256-bit Twofish (with independently derived secret keys). | ||
38 | As only the two participating hosts know the shared secret, this | ||
39 | authenticates each packet | ||
40 | without requiring signatures each time. GNUnet uses SHA-512 | ||
41 | (Secure Hash Algorithm) hash codes to verify the integrity of messages. | ||
42 | |||
43 | @c FIXME: A while back I got the feedback that I should try and integrate | ||
44 | @c explanation boxes in the long-run. So we could explain | ||
45 | @c "man-in-the-middle" and "man-in-the-middle attacks" and other words | ||
46 | @c which are not common knowledge. MITM is not common knowledge. To be | ||
47 | @c selfcontained, we should be able to explain words and concepts used in | ||
48 | @c a chapter or paragraph without hinting at Wikipedia and other online | ||
49 | @c sources which might not be available or accessible to everyone. | ||
50 | @c On the other hand we could write an introductionary chapter or book | ||
51 | @c that we could then reference in each chapter, which sound like it | ||
52 | @c could be more reusable. | ||
53 | In GNUnet, the identity of a host is its public key. For that reason, | ||
54 | man-in-the-middle attacks will not break the authentication or accounting | ||
55 | goals. Essentially, for GNUnet, the IP of the host has nothing to do with | ||
56 | the identity of the host. As the public key is the only thing that truly | ||
57 | matters, faking an IP, a port or any other property of the underlying | ||
58 | transport protocol is irrelevant. In fact, GNUnet peers can use | ||
59 | multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the | ||
60 | IP protocol at all (by running directly on layer 2). | ||
61 | @c FIXME: "IP protocol" feels wrong, but could be what people expect, as | ||
62 | @c IP is "the number" and "IP protocol" the protocol itself in general | ||
63 | @c knowledge? | ||
64 | |||
65 | @c NOTE: For consistency we will use @code{HELLO}s throughout this Manual. | ||
66 | GNUnet uses a special type of message to communicate a binding between | ||
67 | public (ECC) keys to their current network address. These messages are | ||
68 | commonly called @code{HELLO}s or @code{peer advertisements}. | ||
69 | They contain the public key of the peer and its current network | ||
70 | addresses for various transport services. | ||
71 | A transport service is a special kind of shared library that | ||
72 | provides (possibly unreliable, out-of-order) message delivery between | ||
73 | peers. | ||
74 | For the UDP and TCP transport services, a network address is an IP and a | ||
75 | port. | ||
76 | GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use | ||
77 | various other forms of addresses. Note that any node can have many | ||
78 | different active transport services at the same time, | ||
79 | and each of these can have a different addresses. | ||
80 | Binding messages expire after at most a week (the timeout can be | ||
81 | shorter if the user configures the node appropriately). | ||
82 | This expiration ensures that the network will eventually get rid of | ||
83 | outdated advertisements. | ||
84 | @footnote{Ronaldo A. Ferreira, Christian Grothoff, and Paul Ruth. | ||
85 | A Transport Layer Abstraction for Peer-to-Peer Networks | ||
86 | Proceedings of the 3rd International Symposium on Cluster Computing | ||
87 | and the Grid (GRID 2003), 2003. | ||
88 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf, https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf})} | ||
89 | |||
90 | @cindex Accounting to Encourage Resource Sharing | ||
91 | @node Accounting to Encourage Resource Sharing | ||
92 | @section Accounting to Encourage Resource Sharing | ||
93 | |||
94 | Most distributed P2P networks suffer from a lack of defenses or | ||
95 | precautions against attacks in the form of freeloading. | ||
96 | While the intentions of an attacker and a freeloader are different, their | ||
97 | effect on the network is the same; they both render it useless. | ||
98 | Most simple attacks on networks such as @command{Gnutella} | ||
99 | involve flooding the network with traffic, particularly | ||
100 | with queries that are, in the worst case, multiplied by the network. | ||
101 | |||
102 | In order to ensure that freeloaders or attackers have a minimal impact | ||
103 | on the network, GNUnet's file-sharing implementation (@code{FS} tries | ||
104 | to distinguish good (contributing) nodes from malicious (freeloading) | ||
105 | nodes. In GNUnet, every file-sharing node keeps track of the behavior | ||
106 | of every other node it has been in contact with. Many requests | ||
107 | (depending on the application) are transmitted with a priority (or | ||
108 | importance) level. That priority is used to establish how important | ||
109 | the sender believes this request is. If a peer responds to an | ||
110 | important request, the recipient will increase its trust in the | ||
111 | responder: the responder contributed resources. If a peer is too busy | ||
112 | to answer all requests, it needs to prioritize. For that, peers do | ||
113 | not take the priorities of the requests received at face value. | ||
114 | First, they check how much they trust the sender, and depending on | ||
115 | that amount of trust they assign the request a (possibly lower) | ||
116 | effective priority. Then, they drop the requests with the lowest | ||
117 | effective priority to satisfy their resource constraints. This way, | ||
118 | GNUnet's economic model ensures that nodes that are not currently | ||
119 | considered to have a surplus in contributions will not be served if | ||
120 | the network load is high. | ||
121 | @footnote{Christian Grothoff. An Excess-Based Economic Model for Resource | ||
122 | Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003. | ||
123 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf})} | ||
124 | @c 2009? | ||
125 | |||
126 | @cindex Confidentiality | ||
127 | @node Confidentiality | ||
128 | @section Confidentiality | ||
129 | |||
130 | Adversaries (malicious, bad actors) outside of GNUnet are not supposed | ||
131 | to know what kind of actions a peer is involved in. Only the specific | ||
132 | neighbor of a peer that is the corresponding sender or recipient of a | ||
133 | message may know its contents, and even then application protocols may | ||
134 | place further restrictions on that knowledge. In order to ensure | ||
135 | confidentiality, GNUnet uses link encryption, that is each message | ||
136 | exchanged between two peers is encrypted using a pair of keys only | ||
137 | known to these two peers. Encrypting traffic like this makes any kind | ||
138 | of traffic analysis much harder. Naturally, for some applications, it | ||
139 | may still be desirable if even neighbors cannot determine the concrete | ||
140 | contents of a message. In GNUnet, this problem is addressed by the | ||
141 | specific application-level protocols. See for example the following | ||
142 | sections @pxref{Anonymity}, @pxref{How file-sharing achieves Anonymity}, | ||
143 | and @pxref{Deniability}. | ||
144 | |||
145 | @cindex Anonymity | ||
146 | @node Anonymity | ||
147 | @section Anonymity | ||
148 | |||
149 | @menu | ||
150 | * How file-sharing achieves Anonymity:: | ||
151 | @end menu | ||
152 | |||
153 | Providing anonymity for users is the central goal for the anonymous | ||
154 | file-sharing application. Many other design decisions follow in the | ||
155 | footsteps of this requirement. | ||
156 | Anonymity is never absolute. While there are various | ||
157 | scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens, | ||
158 | and Bart Preneel. Towards measuring anonymity. | ||
159 | 2002. | ||
160 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf, https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf})} | ||
161 | that can help quantify the level of anonymity that a given mechanism | ||
162 | provides, there is no such thing as "complete anonymity". | ||
163 | GNUnet's file-sharing implementation allows users to select for each | ||
164 | operation (publish, search, download) the desired level of anonymity. | ||
165 | The metric used is the amount of cover traffic available to hide the | ||
166 | request. | ||
167 | While this metric is not as good as, for example, the theoretical metric | ||
168 | given in scientific metrics@footnote{likewise}, | ||
169 | it is probably the best metric available to a peer with a purely local | ||
170 | view of the world that does not rely on unreliable external information. | ||
171 | The default anonymity level is @code{1}, which uses anonymous routing but | ||
172 | imposes no minimal requirements on cover traffic. It is possible | ||
173 | to forego anonymity when this is not required. The anonymity level of | ||
174 | @code{0} allows GNUnet to use more efficient, non-anonymous routing. | ||
175 | |||
176 | @cindex How file-sharing achieves Anonymity | ||
177 | @node How file-sharing achieves Anonymity | ||
178 | @subsection How file-sharing achieves Anonymity | ||
179 | |||
180 | Contrary to other designs, we do not believe that users achieve strong | ||
181 | anonymity just because their requests are obfuscated by a couple of | ||
182 | indirections. This is not sufficient if the adversary uses traffic | ||
183 | analysis. | ||
184 | The threat model used for anonymous file sharing in GNUnet assumes that | ||
185 | the adversary is quite powerful. | ||
186 | In particular, we assume that the adversary can see all the traffic on | ||
187 | the Internet. And while we assume that the adversary | ||
188 | can not break our encryption, we assume that the adversary has many | ||
189 | participating nodes in the network and that it can thus see many of the | ||
190 | node-to-node interactions since it controls some of the nodes. | ||
191 | |||
192 | The system tries to achieve anonymity based on the idea that users can be | ||
193 | anonymous if they can hide their actions in the traffic created by other | ||
194 | users. | ||
195 | Hiding actions in the traffic of other users requires participating in the | ||
196 | traffic, bringing back the traditional technique of using indirection and | ||
197 | source rewriting. Source rewriting is required to gain anonymity since | ||
198 | otherwise an adversary could tell if a message originated from a host by | ||
199 | looking at the source address. If all packets look like they originate | ||
200 | from one node, the adversary can not tell which ones originate from that | ||
201 | node and which ones were routed. | ||
202 | Note that in this mindset, any node can decide to break the | ||
203 | source-rewriting paradigm without violating the protocol, as this | ||
204 | only reduces the amount of traffic that a node can hide its own traffic | ||
205 | in. | ||
206 | |||
207 | If we want to hide our actions in the traffic of other nodes, we must make | ||
208 | our traffic indistinguishable from the traffic that we route for others. | ||
209 | As our queries must have us as the receiver of the reply | ||
210 | (otherwise they would be useless), we must put ourselves as the receiver | ||
211 | of replies that actually go to other hosts; in other words, we must | ||
212 | indirect replies. | ||
213 | Unlike other systems, in anonymous file-sharing as implemented on top of | ||
214 | GNUnet we do not have to indirect the replies if we don't think we need | ||
215 | more traffic to hide our own actions. | ||
216 | |||
217 | This increases the efficiency of the network as we can indirect less under | ||
218 | higher load.@footnote{Krista Bennett and Christian Grothoff. | ||
219 | GAP --- practical anonymous networking. In Proceedings of | ||
220 | Designing Privacy Enhancing Technologies, 2003. | ||
221 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf, https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf})} | ||
222 | |||
223 | @cindex Deniability | ||
224 | @node Deniability | ||
225 | @section Deniability | ||
226 | |||
227 | Even if the user that downloads data and the server that provides data are | ||
228 | anonymous, the intermediaries may still be targets. In particular, if the | ||
229 | intermediaries can find out which queries or which content they are | ||
230 | processing, a strong adversary could try to force them to censor | ||
231 | certain materials. | ||
232 | |||
233 | With the file-encoding used by GNUnet's anonymous file-sharing, this | ||
234 | problem does not arise. | ||
235 | The reason is that queries and replies are transmitted in | ||
236 | an encrypted format such that intermediaries cannot tell what the query | ||
237 | is for or what the content is about. Mind that this is not the same | ||
238 | encryption as the link-encryption between the nodes. GNUnet has | ||
239 | encryption on the network layer (link encryption, confidentiality, | ||
240 | authentication) and again on the application layer (provided | ||
241 | by @command{gnunet-publish}, @command{gnunet-download}, | ||
242 | @command{gnunet-search} and @command{gnunet-gtk}). | ||
243 | @footnote{Christian Grothoff, Krista Grothoff, Tzvetan Horozov, | ||
244 | and Jussi T. Lindgren. | ||
245 | An Encoding for Censorship-Resistant Sharing. | ||
246 | 2009. | ||
247 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf})} | ||
248 | |||
249 | @cindex Peer Identities | ||
250 | @node Peer Identities | ||
251 | @section Peer Identities | ||
252 | |||
253 | Peer identities are used to identify peers in the network and are unique | ||
254 | for each peer. The identity for a peer is simply its public key, which is | ||
255 | generated along with a private key the peer is started for the first time. | ||
256 | While the identity is binary data, it is often expressed as ASCII string. | ||
257 | For example, the following is a peer identity as you might see it in | ||
258 | various places: | ||
259 | |||
260 | @example | ||
261 | UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0 | ||
262 | @end example | ||
263 | |||
264 | @noindent | ||
265 | You can find your peer identity by running @command{gnunet-peerinfo -s}. | ||
266 | |||
267 | @cindex Zones in the GNU Name System (GNS Zones) | ||
268 | @node Zones in the GNU Name System (GNS Zones) | ||
269 | @section Zones in the GNU Name System (GNS Zones) | ||
270 | |||
271 | @c FIXME: Explain or link to an explanation of the concept of public keys | ||
272 | @c and private keys. | ||
273 | @c FIXME: Rewrite for the latest GNS changes. | ||
274 | GNS@footnote{Matthias Wachs, Martin Schanzenbach, and Christian Grothoff. | ||
275 | A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name | ||
276 | System. In proceedings of 13th International Conference on Cryptology and | ||
277 | Network Security (CANS 2014). 2014. | ||
278 | @uref{https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf}} | ||
279 | zones are similar to those of DNS zones, but instead of a hierarchy of | ||
280 | authorities to governing their use, GNS zones are controlled by a private | ||
281 | key. | ||
282 | When you create a record in a DNS zone, that information is stored in your | ||
283 | nameserver. Anyone trying to resolve your domain then gets pointed | ||
284 | (hopefully) by the centralised authority to your nameserver. | ||
285 | Whereas GNS, being fully decentralized by design, stores that information | ||
286 | in DHT. The validity of the records is assured cryptographically, by | ||
287 | signing them with the private key of the respective zone. | ||
288 | |||
289 | Anyone trying to resolve records in a zone of your domain can then verify | ||
290 | the signature of the records they get from the DHT and be assured that | ||
291 | they are indeed from the respective zone. | ||
292 | To make this work, there is a 1:1 correspondence between zones and | ||
293 | their public-private key pairs. | ||
294 | So when we talk about the owner of a GNS zone, that's really the owner of | ||
295 | the private key. | ||
296 | And a user accessing a zone needs to somehow specify the corresponding | ||
297 | public key first. | ||
298 | |||
299 | @cindex Egos | ||
300 | @node Egos | ||
301 | @section Egos | ||
302 | |||
303 | @c what is the difference between peer identity and egos? It seems | ||
304 | @c like both are linked to public-private key pair. | ||
305 | Egos are your "identities" in GNUnet. Any user can assume multiple | ||
306 | identities, for example to separate their activities online. Egos can | ||
307 | correspond to "pseudonyms" or "real-world identities". Technically an | ||
308 | ego is first of all a key pair of a public- and private-key. | ||
diff --git a/doc/documentation/chapters/philosophy.texi b/doc/documentation/chapters/philosophy.texi index 148f0cd91..6d80d77ae 100644 --- a/doc/documentation/chapters/philosophy.texi +++ b/doc/documentation/chapters/philosophy.texi | |||
@@ -5,36 +5,28 @@ | |||
5 | @c NOTE: We should probably re-use some of the images lynX created | 5 | @c NOTE: We should probably re-use some of the images lynX created |
6 | @c for secushare, showing some of the relations and functionalities | 6 | @c for secushare, showing some of the relations and functionalities |
7 | @c of GNUnet. | 7 | @c of GNUnet. |
8 | The foremost goal of the GNUnet project is to become a widely used, | 8 | The primary goal of the GNUnet project is to provide a reliable, open, |
9 | reliable, open, non-discriminating, egalitarian, unconstrained and | 9 | non-discriminating and censorship-resistant system for information |
10 | censorship-resistant system of free information exchange. | 10 | exchange. We value free speech above state interests and intellectual |
11 | We value free speech above state secrets, law-enforcement or | 11 | monopoly. GNUnet's long-term goal is to serve as a development |
12 | intellectual monopoly. | 12 | platform for the next generation of Internet protocols. |
13 | GNUnet is supposed to be an anarchistic network, where the only | 13 | |
14 | limitation for participants (devices or people making use of the | 14 | GNUnet is an anarchistic network. Participants are encouraged to |
15 | network, in the following sometimes called peers) is | 15 | contribute at least as much resources (storage, bandwidth) to the network |
16 | that they must contribute enough back to the network such that | 16 | as they consume, so that their participation does not have a negative |
17 | their resource consumption does not have a significant impact | 17 | impact on other users. |
18 | on other users. | ||
19 | GNUnet should be more than just another file-sharing network. | ||
20 | The plan is to offer many other services and in particular | ||
21 | to serve as a development platform for the next generation of | ||
22 | Internet Protocols. | ||
23 | 18 | ||
24 | @menu | 19 | @menu |
25 | * Design Goals:: | 20 | * Design Principles:: |
26 | * Security and Privacy:: | 21 | * Privacy and Anonymity:: |
27 | * Versatility:: | ||
28 | * Practicality:: | 22 | * Practicality:: |
29 | * Key Concepts:: | ||
30 | @end menu | 23 | @end menu |
31 | 24 | ||
32 | @cindex Design Goals | 25 | @cindex Design Principles |
33 | @cindex Design Goals | 26 | @node Design Principles |
34 | @node Design Goals | 27 | @section Design Principles |
35 | @section Design Goals | ||
36 | 28 | ||
37 | These are the core GNUnet design goals, in order of relative importance: | 29 | These are the GNUnet design principles, in order of importance: |
38 | 30 | ||
39 | @itemize | 31 | @itemize |
40 | @item GNUnet must be implemented as | 32 | @item GNUnet must be implemented as |
@@ -44,399 +36,45 @@ These are the core GNUnet design goals, in order of relative importance: | |||
44 | the program, to study and change the program in source code form, | 36 | the program, to study and change the program in source code form, |
45 | to redistribute exact copies, and to distribute modified versions. | 37 | to redistribute exact copies, and to distribute modified versions. |
46 | Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}} | 38 | Refer to @uref{https://www.gnu.org/philosophy/free-sw.html, https://www.gnu.org/philosophy/free-sw.html}} |
47 | @item GNUnet must only disclose the minimal amount of information | 39 | @item GNUnet must minimize the amount of personally identifiable information exposed. |
48 | necessary. | ||
49 | @c TODO: Explain 'fully' in the terminology section. | 40 | @c TODO: Explain 'fully' in the terminology section. |
50 | @item GNUnet must be fully distributed and survive | 41 | @item GNUnet must be fully distributed and resilient to external attacks and rogue participants. |
51 | @uref{https://en.wikipedia.org/wiki/Byzantine_fault_tolerance, Byzantine failures} | 42 | @item GNUnet must be self-organizing and not depend on administrators or centralized infrastructure. |
52 | @footnote{@uref{https://en.wikipedia.org/wiki/Byzantine_fault_tolerance, https://en.wikipedia.org/wiki/Byzantine_fault_tolerance}} | 43 | @item GNUnet must inform the user which other participants have to be trusted when establishing private communications. |
53 | at any position in the network. | ||
54 | @item GNUnet must make it explicit to the user which entities are | ||
55 | considered to be trustworthy when establishing secured communications. | ||
56 | @item GNUnet must use compartmentalization to protect sensitive | ||
57 | information. | ||
58 | @item GNUnet must be open and permit new peers to join. | 44 | @item GNUnet must be open and permit new peers to join. |
59 | @item GNUnet must be self-organizing and not depend on administrators. | ||
60 | @item GNUnet must support a diverse range of applications and devices. | 45 | @item GNUnet must support a diverse range of applications and devices. |
61 | @item The GNUnet architecture must be cost effective. | 46 | @item GNUnet must use compartmentalization to protect sensitive information. |
62 | @item GNUnet must provide incentives for peers to contribute more | 47 | @item The GNUnet architecture must be resource efficient. |
63 | resources than they consume. | 48 | @item GNUnet must provide incentives for peers to contribute more resources than they consume. |
64 | @end itemize | 49 | @end itemize |
65 | 50 | ||
66 | 51 | ||
67 | @cindex Security and Privacy | 52 | @cindex Privacy and Anonymity |
68 | @node Security and Privacy | 53 | @node Privacy and Anonymity |
69 | @section Security and Privacy | 54 | @section Privacy and Anonymity |
70 | |||
71 | GNUnet's primary design goals are to protect the privacy of its users and | ||
72 | to guard itself against attacks or abuse. | ||
73 | GNUnet does not have any mechanisms to control, track or censor users. | ||
74 | Instead, the GNUnet protocols aim to make it as hard as possible to | ||
75 | find out what is happening on the network or to disrupt operations. | ||
76 | 55 | ||
77 | @cindex Versatility | 56 | The GNUnet protocols minimize the leakage of personally identifiable information of participants and |
78 | @node Versatility | 57 | do not allow adversaries to control, track, monitor or censor users activities. The |
79 | @section Versatility | 58 | GNUnet protocols also make it as hard as possible to disrupt operations by participating in the network with malicious intent. |
80 | 59 | ||
81 | We call GNUnet a peer-to-peer framework because we want to support many | 60 | Analyzing participant's activities becomes more difficult as the number of peers and |
82 | different forms of peer-to-peer applications. GNUnet uses a plugin | 61 | applications that generate traffic on the network grows, even if the additional |
83 | architecture to make the system extensible and to encourage code reuse. | 62 | traffic generated is not related to anonymous communication. This is one of the reasons why GNUnet is developed as a peer-to-peer |
84 | While the first versions of the system only supported anonymous | ||
85 | file-sharing, other applications are being worked on and more will | ||
86 | hopefully follow in the future. | ||
87 | A powerful synergy regarding anonymity services is created by a large | ||
88 | community utilizing many diverse applications over the same software | ||
89 | infrastructure. The reason is that link encryption hides the specifics | ||
90 | of the traffic for non-participating observers. This way, anonymity can | ||
91 | get stronger with additional (GNUnet) traffic, even if the additional | ||
92 | traffic is not related to anonymous communication. Increasing anonymity | ||
93 | is the primary reason why GNUnet is developed to become a peer-to-peer | ||
94 | framework where many applications share the lower layers of an | 63 | framework where many applications share the lower layers of an |
95 | increasingly complex protocol stack. | 64 | increasingly complex protocol stack. The GNUnet architecture encourages many |
96 | If merging traffic to hinder traffic analysis was not important, | 65 | different forms of peer-to-peer applications. |
97 | we could have just developed a dozen stand-alone applications | ||
98 | and a few shared libraries. | ||
99 | 66 | ||
100 | @cindex Practicality | 67 | @cindex Practicality |
101 | @node Practicality | 68 | @node Practicality |
102 | @section Practicality | 69 | @section Practicality |
103 | 70 | ||
104 | GNUnet allows participants to trade various amounts of security in | 71 | Whereever possible GNUnet allows the peer to adjust its operations |
105 | exchange for increased efficiency. However, it is not possible for any | 72 | and functionalities to specific use cases. A GNUnet peer running on |
106 | user's security and efficiency requirements to compromise the security | 73 | a mobile device with limited battery for example might choose not to |
107 | and efficiency of any other user. | 74 | relay traffic for other participants. |
108 | |||
109 | For GNUnet, efficiency is not paramount. If there were a more secure and | ||
110 | still practical approach, we would choose to take the more secure | ||
111 | alternative. @command{telnet} is more efficient than @command{ssh}, yet | ||
112 | it is obsolete. | ||
113 | Hardware gets faster, and code can be optimized. Fixing security issues | ||
114 | as an afterthought is much harder. | ||
115 | |||
116 | While security is paramount, practicability is still a requirement. | ||
117 | The most secure system is always the one that nobody can use. | ||
118 | Similarly, any anonymous system that is extremely inefficient will only | ||
119 | find few users. | ||
120 | However, good anonymity requires a large and diverse user base. Since | ||
121 | individual security requirements may vary, the only good solution here is | ||
122 | to allow individuals to trade-off security and efficiency. | ||
123 | The primary challenge in allowing this is to ensure that the economic | ||
124 | incentives work properly. | ||
125 | In particular, this means that it must be impossible for a user to gain | ||
126 | security at the expense of other users. Many designs (e.g. anonymity via | ||
127 | broadcast) fail to give users an incentive to choose a less secure but | ||
128 | more efficient mode of operation. | ||
129 | GNUnet should avoid where ever possible to rely on protocols that will | ||
130 | only work if the participants are benevolent. | ||
131 | While some designs have had widespread success while relying on parties | ||
132 | to observe a protocol that may be sub-optimal for the individuals (e.g. | ||
133 | TCP Nagle), a protocol that ensures that individual goals never conflict | ||
134 | with the goals of the group is always preferable. | ||
135 | |||
136 | @cindex Key Concepts | ||
137 | @node Key Concepts | ||
138 | @section Key Concepts | ||
139 | |||
140 | In this section, the fundamental concepts of GNUnet are explained. | ||
141 | @c FIXME: Use @uref{https://docs.gnunet.org/bib/, research papers} | ||
142 | @c once we have the new bibliography + subdomain setup. | ||
143 | Most of them are also described in our research papers. | ||
144 | First, some of the concepts used in the GNUnet framework are detailed. | ||
145 | The second part describes concepts specific to anonymous file-sharing. | ||
146 | |||
147 | @menu | ||
148 | * Authentication:: | ||
149 | * Accounting to Encourage Resource Sharing:: | ||
150 | * Confidentiality:: | ||
151 | * Anonymity:: | ||
152 | * Deniability:: | ||
153 | * Peer Identities:: | ||
154 | * Zones in the GNU Name System (GNS Zones):: | ||
155 | * Egos:: | ||
156 | @end menu | ||
157 | |||
158 | @cindex Authentication | ||
159 | @node Authentication | ||
160 | @subsection Authentication | ||
161 | |||
162 | Almost all peer-to-peer communications in GNUnet are between mutually | ||
163 | authenticated peers. The authentication works by using ECDHE, that is a | ||
164 | DH (Diffie---Hellman) key exchange using ephemeral eliptic curve | ||
165 | cryptography. The ephemeral ECC (Eliptic Curve Cryptography) keys are | ||
166 | signed using ECDSA (@uref{http://en.wikipedia.org/wiki/ECDSA, ECDSA}). | ||
167 | The shared secret from ECDHE is used to create a pair of session keys | ||
168 | @c FIXME: LOng word for HKDF. More FIXMEs: Explain MITM etc. | ||
169 | (using HKDF) which are then used to encrypt the communication between the | ||
170 | two peers using both 256-bit AES (Advanced Encryption Standard) | ||
171 | and 256-bit Twofish (with independently derived secret keys). | ||
172 | As only the two participating hosts know the shared secret, this | ||
173 | authenticates each packet | ||
174 | without requiring signatures each time. GNUnet uses SHA-512 | ||
175 | (Secure Hash Algorithm) hash codes to verify the integrity of messages. | ||
176 | |||
177 | @c Fixme: A while back I got the feedback that I should try and integrate | ||
178 | @c explanation boxes in the long-run. So we could explain | ||
179 | @c "man-in-the-middle" and "man-in-the-middle attacks" and other words | ||
180 | @c which are not common knowledge. MITM is not common knowledge. To be | ||
181 | @c selfcontained, we should be able to explain words and concepts used in | ||
182 | @c a chapter or paragraph without hinting at wikipedia and other online | ||
183 | @c sources which might not be available or accessible to everyone. | ||
184 | @c On the other hand we could write an introductionary chapter or book | ||
185 | @c that we could then reference in each chapter, which sound like it | ||
186 | @c could be more reusable. | ||
187 | In GNUnet, the identity of a host is its public key. For that reason, | ||
188 | man-in-the-middle attacks will not break the authentication or accounting | ||
189 | goals. Essentially, for GNUnet, the IP of the host has nothing to do with | ||
190 | the identity of the host. As the public key is the only thing that truly | ||
191 | matters, faking an IP, a port or any other property of the underlying | ||
192 | transport protocol is irrelevant. In fact, GNUnet peers can use | ||
193 | multiple IPs (IPv4 and IPv6) on multiple ports --- or even not use the | ||
194 | IP protocol at all (by running directly on layer 2). | ||
195 | @c FIXME: "IP protocol" feels wrong, but could be what people expect, as | ||
196 | @c IP is "the number" and "IP protocol" the protocol itself in general | ||
197 | @c knowledge? | ||
198 | |||
199 | @c NOTE: For consistency we will use @code{HELLO}s throughout this Manual. | ||
200 | GNUnet uses a special type of message to communicate a binding between | ||
201 | public (ECC) keys to their current network address. These messages are | ||
202 | commonly called @code{HELLO}s or @code{peer advertisements}. | ||
203 | They contain the public key of the peer and its current network | ||
204 | addresses for various transport services. | ||
205 | A transport service is a special kind of shared library that | ||
206 | provides (possibly unreliable, out-of-order) message delivery between | ||
207 | peers. | ||
208 | For the UDP and TCP transport services, a network address is an IP and a | ||
209 | port. | ||
210 | GNUnet can also use other transports (HTTP, HTTPS, WLAN, etc.) which use | ||
211 | various other forms of addresses. Note that any node can have many | ||
212 | different active transport services at the same time, | ||
213 | and each of these can have a different addresses. | ||
214 | Binding messages expire after at most a week (the timeout can be | ||
215 | shorter if the user configures the node appropriately). | ||
216 | This expiration ensures that the network will eventually get rid of | ||
217 | outdated advertisements. | ||
218 | @footnote{Ronaldo A. Ferreira, Christian Grothoff, and Paul Ruth. | ||
219 | A Transport Layer Abstraction for Peer-to-Peer Networks | ||
220 | Proceedings of the 3rd International Symposium on Cluster Computing | ||
221 | and the Grid (GRID 2003), 2003. | ||
222 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf, https://gnunet.org/git/bibliography.git/plain/docs/transport.pdf})} | ||
223 | |||
224 | @cindex Accounting to Encourage Resource Sharing | ||
225 | @node Accounting to Encourage Resource Sharing | ||
226 | @subsection Accounting to Encourage Resource Sharing | ||
227 | |||
228 | Most distributed P2P networks suffer from a lack of defenses or | ||
229 | precautions against attacks in the form of freeloading. | ||
230 | While the intentions of an attacker and a freeloader are different, their | ||
231 | effect on the network is the same; they both render it useless. | ||
232 | Most simple attacks on networks such as @command{Gnutella} | ||
233 | involve flooding the network with traffic, particularly | ||
234 | with queries that are, in the worst case, multiplied by the network. | ||
235 | |||
236 | In order to ensure that freeloaders or attackers have a minimal impact | ||
237 | on the network, GNUnet's file-sharing implementation (@code{FS} tries | ||
238 | to distinguish good (contributing) nodes from malicious (freeloading) | ||
239 | nodes. In GNUnet, every file-sharing node keeps track of the behavior | ||
240 | of every other node it has been in contact with. Many requests | ||
241 | (depending on the application) are transmitted with a priority (or | ||
242 | importance) level. That priority is used to establish how important | ||
243 | the sender believes this request is. If a peer responds to an | ||
244 | important request, the recipient will increase its trust in the | ||
245 | responder: the responder contributed resources. If a peer is too busy | ||
246 | to answer all requests, it needs to prioritize. For that, peers do | ||
247 | not take the priorities of the requests received at face value. | ||
248 | First, they check how much they trust the sender, and depending on | ||
249 | that amount of trust they assign the request a (possibly lower) | ||
250 | effective priority. Then, they drop the requests with the lowest | ||
251 | effective priority to satisfy their resource constraints. This way, | ||
252 | GNUnet's economic model ensures that nodes that are not currently | ||
253 | considered to have a surplus in contributions will not be served if | ||
254 | the network load is high. | ||
255 | @footnote{Christian Grothoff. An Excess-Based Economic Model for Resource | ||
256 | Allocation in Peer-to-Peer Networks. Wirtschaftsinformatik, June 2003. | ||
257 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ebe.pdf})} | ||
258 | @c 2009? | ||
259 | |||
260 | @cindex Confidentiality | ||
261 | @node Confidentiality | ||
262 | @subsection Confidentiality | ||
263 | |||
264 | Adversaries (malicious, bad actors) outside of GNUnet are not supposed | ||
265 | to know what kind of actions a peer is involved in. Only the specific | ||
266 | neighbor of a peer that is the corresponding sender or recipient of a | ||
267 | message may know its contents, and even then application protocols may | ||
268 | place further restrictions on that knowledge. In order to ensure | ||
269 | confidentiality, GNUnet uses link encryption, that is each message | ||
270 | exchanged between two peers is encrypted using a pair of keys only | ||
271 | known to these two peers. Encrypting traffic like this makes any kind | ||
272 | of traffic analysis much harder. Naturally, for some applications, it | ||
273 | may still be desirable if even neighbors cannot determine the concrete | ||
274 | contents of a message. In GNUnet, this problem is addressed by the | ||
275 | specific application-level protocols. See for example the following | ||
276 | sections @pxref{Anonymity}, @pxref{How file-sharing achieves Anonymity}, | ||
277 | and @pxref{Deniability}. | ||
278 | |||
279 | @cindex Anonymity | ||
280 | @node Anonymity | ||
281 | @subsection Anonymity | ||
282 | 75 | ||
283 | @menu | 76 | For certain applications like file-sharing GNUnet allows participants to trade degrees of anonymity in |
284 | * How file-sharing achieves Anonymity:: | 77 | exchange for increased efficiency. However, it is not possible for any |
285 | @end menu | 78 | user's efficiency requirements to compromise the anonymity |
286 | 79 | of any other user. | |
287 | Providing anonymity for users is the central goal for the anonymous | ||
288 | file-sharing application. Many other design decisions follow in the | ||
289 | footsteps of this requirement. | ||
290 | Anonymity is never absolute. While there are various | ||
291 | scientific metrics@footnote{Claudia Díaz, Stefaan Seys, Joris Claessens, | ||
292 | and Bart Preneel. Towards measuring anonymity. | ||
293 | 2002. | ||
294 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf, https://gnunet.org/git/bibliography.git/plain/docs/article-89.pdf})} | ||
295 | that can help quantify the level of anonymity that a given mechanism | ||
296 | provides, there is no such thing as "complete anonymity". | ||
297 | GNUnet's file-sharing implementation allows users to select for each | ||
298 | operation (publish, search, download) the desired level of anonymity. | ||
299 | The metric used is the amount of cover traffic available to hide the | ||
300 | request. | ||
301 | While this metric is not as good as, for example, the theoretical metric | ||
302 | given in scientific metrics@footnote{likewise}, | ||
303 | it is probably the best metric available to a peer with a purely local | ||
304 | view of the world that does not rely on unreliable external information. | ||
305 | The default anonymity level is @code{1}, which uses anonymous routing but | ||
306 | imposes no minimal requirements on cover traffic. It is possible | ||
307 | to forego anonymity when this is not required. The anonymity level of | ||
308 | @code{0} allows GNUnet to use more efficient, non-anonymous routing. | ||
309 | |||
310 | @cindex How file-sharing achieves Anonymity | ||
311 | @node How file-sharing achieves Anonymity | ||
312 | @subsubsection How file-sharing achieves Anonymity | ||
313 | |||
314 | Contrary to other designs, we do not believe that users achieve strong | ||
315 | anonymity just because their requests are obfuscated by a couple of | ||
316 | indirections. This is not sufficient if the adversary uses traffic | ||
317 | analysis. | ||
318 | The threat model used for anonymous file sharing in GNUnet assumes that | ||
319 | the adversary is quite powerful. | ||
320 | In particular, we assume that the adversary can see all the traffic on | ||
321 | the Internet. And while we assume that the adversary | ||
322 | can not break our encryption, we assume that the adversary has many | ||
323 | participating nodes in the network and that it can thus see many of the | ||
324 | node-to-node interactions since it controls some of the nodes. | ||
325 | |||
326 | The system tries to achieve anonymity based on the idea that users can be | ||
327 | anonymous if they can hide their actions in the traffic created by other | ||
328 | users. | ||
329 | Hiding actions in the traffic of other users requires participating in the | ||
330 | traffic, bringing back the traditional technique of using indirection and | ||
331 | source rewriting. Source rewriting is required to gain anonymity since | ||
332 | otherwise an adversary could tell if a message originated from a host by | ||
333 | looking at the source address. If all packets look like they originate | ||
334 | from one node, the adversary can not tell which ones originate from that | ||
335 | node and which ones were routed. | ||
336 | Note that in this mindset, any node can decide to break the | ||
337 | source-rewriting paradigm without violating the protocol, as this | ||
338 | only reduces the amount of traffic that a node can hide its own traffic | ||
339 | in. | ||
340 | |||
341 | If we want to hide our actions in the traffic of other nodes, we must make | ||
342 | our traffic indistinguishable from the traffic that we route for others. | ||
343 | As our queries must have us as the receiver of the reply | ||
344 | (otherwise they would be useless), we must put ourselves as the receiver | ||
345 | of replies that actually go to other hosts; in other words, we must | ||
346 | indirect replies. | ||
347 | Unlike other systems, in anonymous file-sharing as implemented on top of | ||
348 | GNUnet we do not have to indirect the replies if we don't think we need | ||
349 | more traffic to hide our own actions. | ||
350 | |||
351 | This increases the efficiency of the network as we can indirect less under | ||
352 | higher load.@footnote{Krista Bennett and Christian Grothoff. | ||
353 | GAP --- practical anonymous networking. In Proceedings of | ||
354 | Designing Privacy Enhancing Technologies, 2003. | ||
355 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf, https://gnunet.org/git/bibliography.git/plain/docs/aff.pdf})} | ||
356 | |||
357 | @cindex Deniability | ||
358 | @node Deniability | ||
359 | @subsection Deniability | ||
360 | |||
361 | Even if the user that downloads data and the server that provides data are | ||
362 | anonymous, the intermediaries may still be targets. In particular, if the | ||
363 | intermediaries can find out which queries or which content they are | ||
364 | processing, a strong adversary could try to force them to censor | ||
365 | certain materials. | ||
366 | |||
367 | With the file-encoding used by GNUnet's anonymous file-sharing, this | ||
368 | problem does not arise. | ||
369 | The reason is that queries and replies are transmitted in | ||
370 | an encrypted format such that intermediaries cannot tell what the query | ||
371 | is for or what the content is about. Mind that this is not the same | ||
372 | encryption as the link-encryption between the nodes. GNUnet has | ||
373 | encryption on the network layer (link encryption, confidentiality, | ||
374 | authentication) and again on the application layer (provided | ||
375 | by @command{gnunet-publish}, @command{gnunet-download}, | ||
376 | @command{gnunet-search} and @command{gnunet-gtk}). | ||
377 | @footnote{Christian Grothoff, Krista Grothoff, Tzvetan Horozov, | ||
378 | and Jussi T. Lindgren. | ||
379 | An Encoding for Censorship-Resistant Sharing. | ||
380 | 2009. | ||
381 | (@uref{https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/ecrs.pdf})} | ||
382 | |||
383 | @cindex Peer Identities | ||
384 | @node Peer Identities | ||
385 | @subsection Peer Identities | ||
386 | |||
387 | Peer identities are used to identify peers in the network and are unique | ||
388 | for each peer. The identity for a peer is simply its public key, which is | ||
389 | generated along with a private key the peer is started for the first time. | ||
390 | While the identity is binary data, it is often expressed as ASCII string. | ||
391 | For example, the following is a peer identity as you might see it in | ||
392 | various places: | ||
393 | |||
394 | @example | ||
395 | UAT1S6PMPITLBKSJ2DGV341JI6KF7B66AC4JVCN9811NNEGQLUN0 | ||
396 | @end example | ||
397 | |||
398 | @noindent | ||
399 | You can find your peer identity by running @command{gnunet-peerinfo -s}. | ||
400 | |||
401 | @cindex Zones in the GNU Name System (GNS Zones) | ||
402 | @node Zones in the GNU Name System (GNS Zones) | ||
403 | @subsection Zones in the GNU Name System (GNS Zones) | ||
404 | |||
405 | @c FIXME: Explain or link to an explanation of the concept of public keys | ||
406 | @c and private keys. | ||
407 | @c FIXME: Rewrite for the latest GNS changes. | ||
408 | GNS@footnote{Matthias Wachs, Martin Schanzenbach, and Christian Grothoff. | ||
409 | A Censorship-Resistant, Privacy-Enhancing and Fully Decentralized Name | ||
410 | System. In proceedings of 13th International Conference on Cryptology and | ||
411 | Network Security (CANS 2014). 2014. | ||
412 | @uref{https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf, https://gnunet.org/git/bibliography.git/plain/docs/gns2014wachs.pdf}} | ||
413 | zones are similar to those of DNS zones, but instead of a hierarchy of | ||
414 | authorities to governing their use, GNS zones are controlled by a private | ||
415 | key. | ||
416 | When you create a record in a DNS zone, that information is stored in your | ||
417 | nameserver. Anyone trying to resolve your domain then gets pointed | ||
418 | (hopefully) by the centralised authority to your nameserver. | ||
419 | Whereas GNS, being fully decentralized by design, stores that information | ||
420 | in DHT. The validity of the records is assured cryptographically, by | ||
421 | signing them with the private key of the respective zone. | ||
422 | |||
423 | Anyone trying to resolve records in a zone of your domain can then verify | ||
424 | the signature of the records they get from the DHT and be assured that | ||
425 | they are indeed from the respective zone. | ||
426 | To make this work, there is a 1:1 correspondence between zones and | ||
427 | their public-private key pairs. | ||
428 | So when we talk about the owner of a GNS zone, that's really the owner of | ||
429 | the private key. | ||
430 | And a user accessing a zone needs to somehow specify the corresponding | ||
431 | public key first. | ||
432 | |||
433 | @cindex Egos | ||
434 | @node Egos | ||
435 | @subsection Egos | ||
436 | 80 | ||
437 | @c what is the difference between peer identity and egos? It seems | ||
438 | @c like both are linked to public-private key pair. | ||
439 | Egos are your "identities" in GNUnet. Any user can assume multiple | ||
440 | identities, for example to separate their activities online. Egos can | ||
441 | correspond to "pseudonyms" or "real-world identities". Technically an | ||
442 | ego is first of all a key pair of a public- and private-key. | ||
diff --git a/doc/documentation/chapters/user.texi b/doc/documentation/chapters/user.texi index f2dc5b35d..2dd6cbcb5 100644 --- a/doc/documentation/chapters/user.texi +++ b/doc/documentation/chapters/user.texi | |||
@@ -20,232 +20,32 @@ always welcome. | |||
20 | 20 | ||
21 | 21 | ||
22 | @menu | 22 | @menu |
23 | * Checking the Installation:: | 23 | * Start and stop GNUnet:: |
24 | * First steps - File-sharing:: | ||
25 | * First steps - Using the GNU Name System:: | 24 | * First steps - Using the GNU Name System:: |
26 | * First steps - Using GNUnet Conversation:: | 25 | * First steps - Using GNUnet Conversation:: |
27 | * First steps - Using the GNUnet VPN:: | 26 | * First steps - Using the GNUnet VPN:: |
28 | * File-sharing:: | 27 | * File-sharing:: |
29 | * The GNU Name System:: | 28 | * The GNU Name System:: |
30 | * Using the Virtual Public Network:: | 29 | * Using the Virtual Public Network:: |
31 | * The graphical configuration interface:: | 30 | * MOVE TO INSTALL The graphical configuration interface:: |
32 | * How to start and stop a GNUnet peer:: | 31 | * MOVE TO INSTALL Checking the Installation:: |
32 | * MOVE TO INSTALL Config Leftovers:: | ||
33 | @end menu | 33 | @end menu |
34 | 34 | ||
35 | @node Checking the Installation | 35 | @node Start and stop GNUnet |
36 | @section Checking the Installation | 36 | @section Start and stop GNUnet |
37 | @c %**end of header | ||
38 | |||
39 | This section describes a quick, casual way to check if your GNUnet | ||
40 | installation works. However, if it does not, we do not cover | ||
41 | steps for recovery --- for this, please study the instructions | ||
42 | provided in the developer handbook as well as the system-specific | ||
43 | instruction in the source code repository@footnote{The system specific instructions are not provided as part of this handbook!}. | ||
44 | 37 | ||
45 | 38 | Previous to use any GNUnet-based application, one has to start a node: | |
46 | @menu | ||
47 | * gnunet-gtk:: | ||
48 | * Statistics:: | ||
49 | * Peer Information:: | ||
50 | @end menu | ||
51 | |||
52 | @cindex GNUnet GTK | ||
53 | @cindex GTK | ||
54 | @cindex GTK user interface | ||
55 | @node gnunet-gtk | ||
56 | @subsection gnunet-gtk | ||
57 | @c %**end of header | ||
58 | |||
59 | The @command{gnunet-gtk} package contains several graphical | ||
60 | user interfaces for the respective GNUnet applications. | ||
61 | Currently these interfaces cover: | ||
62 | |||
63 | @itemize @bullet | ||
64 | @item Statistics | ||
65 | @item Peer Information | ||
66 | @item GNU Name System | ||
67 | @item File Sharing | ||
68 | @item Identity Management | ||
69 | @item Conversation | ||
70 | @end itemize | ||
71 | |||
72 | @node Statistics | ||
73 | @subsection Statistics | ||
74 | @c %**end of header | ||
75 | |||
76 | First, you should launch GNUnet gtk@footnote{Obviously you should also start gnunet, via gnunet-arm or the system provided method}. | ||
77 | You can do this from the command-line by typing | ||
78 | 39 | ||
79 | @example | 40 | @example |
80 | gnunet-statistics-gtk | 41 | $ gnunet-arm -s -l gnunet.log |
81 | @end example | 42 | @end example |
82 | 43 | ||
83 | If your peer@footnote{The term ``peer'' is a common word used in federated and distributed networks to describe a participating device which is connected to the network. Thus, your Personal Computer or whatever it is you are looking at the Gtk+ interface describes a ``Peer'' or a ``Node''.} | 44 | To stop GNUnet: |
84 | is running correctly, you should see a bunch of lines, | ||
85 | all of which should be ``significantly'' above zero (at least if your | ||
86 | peer has been running for more than a few seconds). The lines indicate | ||
87 | how many other peers your peer is connected to (via different | ||
88 | mechanisms) and how large the entire overlay network is currently | ||
89 | estimated to be. The X-axis represents time (in seconds since the | ||
90 | start of @command{gnunet-gtk}). | ||
91 | |||
92 | You can click on "Traffic" to see information about the amount of | ||
93 | bandwidth your peer has consumed, and on "Storage" to check the amount | ||
94 | of storage available and used by your peer. Note that "Traffic" is | ||
95 | plotted cummulatively, so you should see a strict upwards trend in the | ||
96 | traffic. | ||
97 | |||
98 | @node Peer Information | ||
99 | @subsection Peer Information | ||
100 | @c %**end of header | ||
101 | |||
102 | First, you should launch the graphical user interface. You can do | ||
103 | this from the command-line by typing | ||
104 | 45 | ||
105 | @example | 46 | @example |
106 | $ gnunet-peerinfo-gtk | 47 | $ gnunet-arm -e |
107 | @end example | 48 | @end example |
108 | |||
109 | Once you have done this, you will see a list of known peers (by the | ||
110 | first four characters of their public key), their friend status (all | ||
111 | should be marked as not-friends initially), their connectivity (green | ||
112 | is connected, red is disconnected), assigned bandwidth, country of | ||
113 | origin (if determined) and address information. If hardly any peers | ||
114 | are listed and/or if there are very few peers with a green light for | ||
115 | connectivity, there is likely a problem with your network | ||
116 | configuration. | ||
117 | |||
118 | @node First steps - File-sharing | ||
119 | @section First steps - File-sharing | ||
120 | @c %**end of header | ||
121 | |||
122 | This chapter describes first steps for file-sharing with GNUnet. | ||
123 | To start, you should launch @command{gnunet-fs-gtk}. | ||
124 | |||
125 | As we want to be sure that the network contains the data that we are | ||
126 | looking for for testing, we need to begin by publishing a file. | ||
127 | |||
128 | |||
129 | @menu | ||
130 | * Publishing:: | ||
131 | * Searching:: | ||
132 | * Downloading:: | ||
133 | @end menu | ||
134 | |||
135 | @node Publishing | ||
136 | @subsection Publishing | ||
137 | @c %**end of header | ||
138 | |||
139 | To publish a file, select "File Sharing" in the menu bar just below the | ||
140 | "Statistics" icon, and then select "Publish" from the menu. | ||
141 | |||
142 | Afterwards, the following publishing dialog will appear: | ||
143 | |||
144 | @c Add image here | ||
145 | |||
146 | In this dialog, select the "Add File" button. This will open a | ||
147 | file selection dialog: | ||
148 | |||
149 | @c Add image here | ||
150 | |||
151 | Now, you should select a file from your computer to be published on | ||
152 | GNUnet. To see more of GNUnet's features later, you should pick a | ||
153 | PNG or JPEG file this time. You can leave all of the other options | ||
154 | in the dialog unchanged. Confirm your selection by pressing the "OK" | ||
155 | button in the bottom right corner. Now, you will briefly see a | ||
156 | "Messages..." dialog pop up, but most likely it will be too short for | ||
157 | you to really read anything. That dialog is showing you progress | ||
158 | information as GNUnet takes a first look at the selected file(s). | ||
159 | For a normal image, this is virtually instant, but if you later | ||
160 | import a larger directory you might be interested in the progress dialog | ||
161 | and potential errors that might be encountered during processing. | ||
162 | After the progress dialog automatically disappears, your file | ||
163 | should now appear in the publishing dialog: | ||
164 | |||
165 | @c Add image here | ||
166 | |||
167 | Now, select the file (by clicking on the file name) and then click | ||
168 | the "Edit" button. This will open the editing dialog: | ||
169 | |||
170 | @c Add image here | ||
171 | |||
172 | In this dialog, you can see many details about your file. In the | ||
173 | top left area, you can see meta data extracted about the file, | ||
174 | such as the original filename, the mimetype and the size of the image. | ||
175 | In the top right, you should see a preview for the image | ||
176 | (if GNU libextractor was installed correctly with the | ||
177 | respective plugins). Note that if you do not see a preview, this | ||
178 | is not a disaster, but you might still want to install more of | ||
179 | GNU libextractor in the future. In the bottom left, the dialog contains | ||
180 | a list of keywords. These are the keywords under which the file will be | ||
181 | made available. The initial list will be based on the extracted meta data. | ||
182 | Additional publishing options are in the right bottom corner. We will | ||
183 | now add an additional keyword to the list of keywords. This is done by | ||
184 | entering the keyword above the keyword list between the label "Keyword" | ||
185 | and the "Add keyword" button. Enter "test" and select "Add keyword". | ||
186 | Note that the keyword will appear at the bottom of the existing keyword | ||
187 | list, so you might have to scroll down to see it. Afterwards, push the | ||
188 | "OK" button at the bottom right of the dialog. | ||
189 | |||
190 | You should now be back at the "Publish content on GNUnet" dialog. Select | ||
191 | "Execute" in the bottom right to close the dialog and publish your file | ||
192 | on GNUnet! Afterwards, you should see the main dialog with a new area | ||
193 | showing the list of published files (or ongoing publishing operations | ||
194 | with progress indicators): | ||
195 | |||
196 | @c Add image here | ||
197 | |||
198 | @node Searching | ||
199 | @subsection Searching | ||
200 | @c %**end of header | ||
201 | |||
202 | Below the menu bar, there are four entry widges labeled "Namespace", | ||
203 | "Keywords", "Anonymity" and "Mime-type" (from left to right). These | ||
204 | widgets are used to control searching for files in GNUnet. Between the | ||
205 | "Keywords" and "Anonymity" widgets, there is also a big "Search" button, | ||
206 | which is used to initiate the search. We will ignore the "Namespace", | ||
207 | "Anonymity" and "Mime-type" options in this tutorial, please leave them | ||
208 | empty. Instead, simply enter "test" under "Keywords" and press "Search". | ||
209 | Afterwards, you should immediately see a new tab labeled after your | ||
210 | search term, followed by the (current) number of search | ||
211 | results --- "(15)" in our screenshot. Note that your results may | ||
212 | vary depending on what other users may have shared and how your | ||
213 | peer is connected. | ||
214 | |||
215 | You can now select one of the search results. Once you do this, | ||
216 | additional information about the result should be displayed on the | ||
217 | right. If available, a preview image should appear on the top right. | ||
218 | Meta data describing the file will be listed at the bottom right. | ||
219 | |||
220 | Once a file is selected, at the bottom of the search result list | ||
221 | a little area for downloading appears. | ||
222 | |||
223 | @node Downloading | ||
224 | @subsection Downloading | ||
225 | @c %**end of header | ||
226 | |||
227 | In the downloading area, you can select the target directory (default is | ||
228 | "Downloads") and specify the desired filename (by default the filename it | ||
229 | taken from the meta data of the published file). Additionally, you can | ||
230 | specify if the download should be anonynmous and (for directories) if | ||
231 | the download should be recursive. In most cases, you can simply start | ||
232 | the download with the "Download!" button. | ||
233 | |||
234 | Once you selected download, the progress of the download will be | ||
235 | displayed with the search result. You may need to resize the result | ||
236 | list or scroll to the right. The "Status" column shows the current | ||
237 | status of the download, and "Progress" how much has been completed. | ||
238 | When you close the search tab (by clicking on the "X" button next to | ||
239 | the "test" label), ongoing and completed downloads are not aborted | ||
240 | but moved to a special "*" tab. | ||
241 | |||
242 | You can remove completed downloads from the "*" tab by clicking the | ||
243 | cleanup button next to the "*". You can also abort downloads by right | ||
244 | clicking on the respective download and selecting "Abort download" | ||
245 | from the menu. | ||
246 | |||
247 | That's it, you now know the basics for file-sharing with GNUnet! | ||
248 | |||
249 | @node First steps - Using the GNU Name System | 49 | @node First steps - Using the GNU Name System |
250 | @section First steps - Using the GNU Name System | 50 | @section First steps - Using the GNU Name System |
251 | @c %**end of header | 51 | @c %**end of header |
@@ -899,24 +699,198 @@ the searcher/downloader specify "no anonymity", non-anonymous | |||
899 | file-sharing is used. If either user specifies some desired degree | 699 | file-sharing is used. If either user specifies some desired degree |
900 | of anonymity, anonymous file-sharing will be used. | 700 | of anonymity, anonymous file-sharing will be used. |
901 | 701 | ||
902 | In this chapter, we will first look at the various concepts in GNUnet's | 702 | After a short introduction, we will first look at the various concepts in |
903 | file-sharing implementation. Then, we will discuss specifics as to | 703 | GNUnet's file-sharing implementation. Then, we will discuss specifics as to how |
904 | how they impact users that publish, search or download files. | 704 | they impact users that publish, search or download files. |
905 | |||
906 | 705 | ||
907 | 706 | ||
908 | @menu | 707 | @menu |
909 | * File-sharing Concepts:: | 708 | * fs-Searching:: |
910 | * File-sharing Publishing:: | 709 | * fs-Downloading:: |
911 | * File-sharing Searching:: | 710 | * fs-Publishing:: |
912 | * File-sharing Downloading:: | 711 | * fs-Concepts:: |
913 | * File-sharing Directories:: | 712 | * fs-Directories:: |
914 | * File-sharing Namespace Management:: | 713 | * Namespace Management:: |
915 | * File-Sharing URIs:: | 714 | * File-Sharing URIs:: |
715 | * GTK User Interface:: | ||
716 | @end menu | ||
717 | |||
718 | @node fs-Searching | ||
719 | @subsection Searching | ||
720 | @c %**end of header | ||
721 | |||
722 | The command @command{gnunet-search} can be used to search | ||
723 | for content on GNUnet. The format is: | ||
724 | |||
725 | @example | ||
726 | $ gnunet-search [-t TIMEOUT] KEYWORD | ||
727 | @end example | ||
728 | |||
729 | @noindent | ||
730 | The -t option specifies that the query should timeout after | ||
731 | approximately TIMEOUT seconds. A value of zero is interpreted | ||
732 | as @emph{no timeout}, which is also the default. In this case, | ||
733 | gnunet-search will never terminate (unless you press CTRL-C). | ||
734 | |||
735 | If multiple words are passed as keywords, they will all be | ||
736 | considered optional. Prefix keywords with a "+" to make them mandatory. | ||
737 | |||
738 | Note that searching using | ||
739 | |||
740 | @example | ||
741 | $ gnunet-search Das Kapital | ||
742 | @end example | ||
743 | |||
744 | @noindent | ||
745 | is not the same as searching for | ||
746 | |||
747 | @example | ||
748 | $ gnunet-search "Das Kapital" | ||
749 | @end example | ||
750 | |||
751 | @noindent | ||
752 | as the first will match files shared under the keywords | ||
753 | "Das" or "Kapital" whereas the second will match files | ||
754 | shared under the keyword "Das Kapital". | ||
755 | |||
756 | Search results are printed by gnunet-search like this: | ||
757 | |||
758 | @c it will be better the avoid the ellipsis altogether because I don't | ||
759 | @c understand the explanation below that | ||
760 | @example | ||
761 | #15: | ||
762 | gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446 | ||
763 | |||
764 | @end example | ||
765 | |||
766 | @noindent | ||
767 | The whole line is the command you would have to enter to download | ||
768 | the file. The argument passed to @code{-o} is the suggested | ||
769 | filename (you may change it to whatever you like). | ||
770 | It is followed by the key for decrypting the file, the query for searching the | ||
771 | file, a checksum (in hexadecimal) finally the size of the file in bytes. | ||
772 | |||
773 | @node fs-Downloading | ||
774 | @subsection Downloading | ||
775 | @c %**end of header | ||
776 | |||
777 | In order to download a file, you need the whole line returned by | ||
778 | @command{gnunet-search}. | ||
779 | You can then use the tool @command{gnunet-download} to obtain the file: | ||
780 | |||
781 | @example | ||
782 | $ gnunet-download -o <FILENAME> <GNUNET-URL> | ||
783 | @end example | ||
784 | |||
785 | @noindent | ||
786 | FILENAME specifies the name of the file where GNUnet is supposed | ||
787 | to write the result. Existing files are overwritten. If the | ||
788 | existing file contains blocks that are identical to the | ||
789 | desired download, those blocks will not be downloaded again | ||
790 | (automatic resume). | ||
791 | |||
792 | If you want to download the GPL from the previous example, | ||
793 | you do the following: | ||
794 | |||
795 | @example | ||
796 | $ gnunet-download -o "COPYING" gnunet://fs/chk/PGK8M...3EK130.75446 | ||
797 | @end example | ||
798 | |||
799 | @noindent | ||
800 | If you ever have to abort a download, you can continue it at any time by | ||
801 | re-issuing @command{gnunet-download} with the same filename. | ||
802 | In that case, GNUnet will @strong{not} download blocks again that are | ||
803 | already present. | ||
804 | |||
805 | GNUnet's file-encoding mechanism will ensure file integrity, even if the | ||
806 | existing file was not downloaded from GNUnet in the first place. | ||
807 | |||
808 | You may want to use the @command{-V} switch to turn on verbose reporting. In | ||
809 | this case, @command{gnunet-download} will print the current number of bytes | ||
810 | downloaded whenever new data was received. | ||
811 | |||
812 | @node fs-Publishing | ||
813 | @subsection Publishing | ||
814 | @c %**end of header | ||
815 | |||
816 | The command @command{gnunet-publish} can be used to add content | ||
817 | to the network. The basic format of the command is | ||
818 | |||
819 | @example | ||
820 | $ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME | ||
821 | @end example | ||
822 | |||
823 | For example | ||
824 | @example | ||
825 | $ gnunet-publish -m "description:GNU License" -k gpl -k test -m "mimetype:text/plain" COPYING | ||
826 | @end example | ||
827 | |||
828 | @menu | ||
829 | * Important command-line options:: | ||
830 | * Indexing vs. Inserting:: | ||
916 | @end menu | 831 | @end menu |
917 | 832 | ||
918 | @node File-sharing Concepts | 833 | @node Important command-line options |
919 | @subsection File-sharing Concepts | 834 | @subsubsection Important command-line options |
835 | @c %**end of header | ||
836 | |||
837 | The option @code{-k} is used to specify keywords for the file that | ||
838 | should be inserted. You can supply any number of keywords, | ||
839 | and each of the keywords will be sufficient to locate and | ||
840 | retrieve the file. Please note that you must use the @code{-k} option | ||
841 | more than once -- one for each expression you use as a keyword for | ||
842 | the filename. | ||
843 | |||
844 | The -m option is used to specify meta-data, such as descriptions. | ||
845 | You can use -m multiple times. The TYPE passed must be from the | ||
846 | list of meta-data types known to libextractor. You can obtain this | ||
847 | list by running @command{extract -L}. Use quotes around the entire | ||
848 | meta-data argument if the value contains spaces. The meta-data | ||
849 | is displayed to other users when they select which files to | ||
850 | download. The meta-data and the keywords are optional and | ||
851 | maybe inferred using @code{GNU libextractor}. | ||
852 | |||
853 | gnunet-publish has a few additional options to handle namespaces and | ||
854 | directories. See the man-page for details. | ||
855 | |||
856 | @node Indexing vs. Inserting | ||
857 | @subsubsection Indexing vs Inserting | ||
858 | @c %**end of header | ||
859 | |||
860 | By default, GNUnet indexes a file instead of making a full copy. | ||
861 | This is much more efficient, but requries the file to stay unaltered | ||
862 | at the location where it was when it was indexed. If you intend to move, | ||
863 | delete or alter a file, consider using the option @code{-n} which will | ||
864 | force GNUnet to make a copy of the file in the database. | ||
865 | |||
866 | Since it is much less efficient, this is strongly discouraged for large | ||
867 | files. When GNUnet indexes a file (default), GNUnet does @strong{not} | ||
868 | create an additional encrypted copy of the file but just computes a | ||
869 | summary (or index) of the file. That summary is approximately two percent | ||
870 | of the size of the original file and is stored in GNUnet's database. | ||
871 | Whenever a request for a part of an indexed file reaches GNUnet, | ||
872 | this part is encrypted on-demand and send out. This way, there is no | ||
873 | need for an additional encrypted copy of the file to stay anywhere | ||
874 | on the drive. This is different from other systems, such as Freenet, | ||
875 | where each file that is put online must be in Freenet's database in | ||
876 | encrypted format, doubling the space requirements if the user wants | ||
877 | to preseve a directly accessible copy in plaintext. | ||
878 | |||
879 | Thus indexing should be used for all files where the user will keep | ||
880 | using this file (at the location given to gnunet-publish) and does | ||
881 | not want to retrieve it back from GNUnet each time. If you want to | ||
882 | remove a file that you have indexed from the local peer, use the tool | ||
883 | @command{gnunet-unindex} to un-index the file. | ||
884 | |||
885 | The option @code{-n} may be used if the user fears that the file might | ||
886 | be found on their drive (assuming the computer comes under the control | ||
887 | of an adversary). When used with the @code{-n} flag, the user has a | ||
888 | much better chance of denying knowledge of the existence of the file, | ||
889 | even if it is still (encrypted) on the drive and the adversary is | ||
890 | able to crack the encryption (e.g. by guessing the keyword. | ||
891 | |||
892 | @node fs-Concepts | ||
893 | @subsection Concepts | ||
920 | @c %**end of header | 894 | @c %**end of header |
921 | 895 | ||
922 | Sharing files in GNUnet is not quite as simple as in traditional | 896 | Sharing files in GNUnet is not quite as simple as in traditional |
@@ -1072,184 +1046,9 @@ replication level into the network, and then decrement the replication | |||
1072 | level by one. If all blocks reach replication level zero, the | 1046 | level by one. If all blocks reach replication level zero, the |
1073 | selection is simply random. | 1047 | selection is simply random. |
1074 | 1048 | ||
1075 | @node File-sharing Publishing | ||
1076 | @subsection File-sharing Publishing | ||
1077 | @c %**end of header | ||
1078 | |||
1079 | The command @command{gnunet-publish} can be used to add content | ||
1080 | to the network. The basic format of the command is | ||
1081 | |||
1082 | @example | ||
1083 | $ gnunet-publish [-n] [-k KEYWORDS]* [-m TYPE:VALUE] FILENAME | ||
1084 | @end example | ||
1085 | |||
1086 | |||
1087 | @menu | ||
1088 | * Important command-line options:: | ||
1089 | * Indexing vs. Inserting:: | ||
1090 | @end menu | ||
1091 | |||
1092 | @node Important command-line options | ||
1093 | @subsubsection Important command-line options | ||
1094 | @c %**end of header | ||
1095 | |||
1096 | The option @code{-k} is used to specify keywords for the file that | ||
1097 | should be inserted. You can supply any number of keywords, | ||
1098 | and each of the keywords will be sufficient to locate and | ||
1099 | retrieve the file. Please note that you must use the @code{-k} option | ||
1100 | more than once -- one for each expression you use as a keyword for | ||
1101 | the filename. | ||
1102 | |||
1103 | The -m option is used to specify meta-data, such as descriptions. | ||
1104 | You can use -m multiple times. The TYPE passed must be from the | ||
1105 | list of meta-data types known to libextractor. You can obtain this | ||
1106 | list by running @command{extract -L}. Use quotes around the entire | ||
1107 | meta-data argument if the value contains spaces. The meta-data | ||
1108 | is displayed to other users when they select which files to | ||
1109 | download. The meta-data and the keywords are optional and | ||
1110 | maybe inferred using @code{GNU libextractor}. | ||
1111 | |||
1112 | gnunet-publish has a few additional options to handle namespaces and | ||
1113 | directories. See the man-page for details. | ||
1114 | |||
1115 | @node Indexing vs. Inserting | ||
1116 | @subsubsection Indexing vs Inserting | ||
1117 | @c %**end of header | ||
1118 | |||
1119 | By default, GNUnet indexes a file instead of making a full copy. | ||
1120 | This is much more efficient, but requries the file to stay unaltered | ||
1121 | at the location where it was when it was indexed. If you intend to move, | ||
1122 | delete or alter a file, consider using the option @code{-n} which will | ||
1123 | force GNUnet to make a copy of the file in the database. | ||
1124 | |||
1125 | Since it is much less efficient, this is strongly discouraged for large | ||
1126 | files. When GNUnet indexes a file (default), GNUnet does @strong{not} | ||
1127 | create an additional encrypted copy of the file but just computes a | ||
1128 | summary (or index) of the file. That summary is approximately two percent | ||
1129 | of the size of the original file and is stored in GNUnet's database. | ||
1130 | Whenever a request for a part of an indexed file reaches GNUnet, | ||
1131 | this part is encrypted on-demand and send out. This way, there is no | ||
1132 | need for an additional encrypted copy of the file to stay anywhere | ||
1133 | on the drive. This is different from other systems, such as Freenet, | ||
1134 | where each file that is put online must be in Freenet's database in | ||
1135 | encrypted format, doubling the space requirements if the user wants | ||
1136 | to preseve a directly accessible copy in plaintext. | ||
1137 | |||
1138 | Thus indexing should be used for all files where the user will keep | ||
1139 | using this file (at the location given to gnunet-publish) and does | ||
1140 | not want to retrieve it back from GNUnet each time. If you want to | ||
1141 | remove a file that you have indexed from the local peer, use the tool | ||
1142 | @command{gnunet-unindex} to un-index the file. | ||
1143 | |||
1144 | The option @code{-n} may be used if the user fears that the file might | ||
1145 | be found on their drive (assuming the computer comes under the control | ||
1146 | of an adversary). When used with the @code{-n} flag, the user has a | ||
1147 | much better chance of denying knowledge of the existence of the file, | ||
1148 | even if it is still (encrypted) on the drive and the adversary is | ||
1149 | able to crack the encryption (e.g. by guessing the keyword. | ||
1150 | |||
1151 | @node File-sharing Searching | ||
1152 | @subsection File-sharing Searching | ||
1153 | @c %**end of header | ||
1154 | |||
1155 | The command @command{gnunet-search} can be used to search | ||
1156 | for content on GNUnet. The format is: | ||
1157 | |||
1158 | @example | ||
1159 | $ gnunet-search [-t TIMEOUT] KEYWORD | ||
1160 | @end example | ||
1161 | |||
1162 | @noindent | ||
1163 | The -t option specifies that the query should timeout after | ||
1164 | approximately TIMEOUT seconds. A value of zero is interpreted | ||
1165 | as @emph{no timeout}, which is also the default. In this case, | ||
1166 | gnunet-search will never terminate (unless you press CTRL-C). | ||
1167 | |||
1168 | If multiple words are passed as keywords, they will all be | ||
1169 | considered optional. Prefix keywords with a "+" to make them mandatory. | ||
1170 | |||
1171 | Note that searching using | ||
1172 | |||
1173 | @example | ||
1174 | $ gnunet-search Das Kapital | ||
1175 | @end example | ||
1176 | |||
1177 | @noindent | ||
1178 | is not the same as searching for | ||
1179 | |||
1180 | @example | ||
1181 | $ gnunet-search "Das Kapital" | ||
1182 | @end example | ||
1183 | |||
1184 | @noindent | ||
1185 | as the first will match files shared under the keywords | ||
1186 | "Das" or "Kapital" whereas the second will match files | ||
1187 | shared under the keyword "Das Kapital". | ||
1188 | |||
1189 | Search results are printed by gnunet-search like this: | ||
1190 | |||
1191 | @c it will be better the avoid the ellipsis altogether because I don't | ||
1192 | @c understand the explanation below that | ||
1193 | @example | ||
1194 | $ gnunet-download -o "COPYING" --- gnunet://fs/chk/N8...C92.17992 | ||
1195 | => The GNU Public License <= (mimetype: text/plain) | ||
1196 | @end example | ||
1197 | |||
1198 | @noindent | ||
1199 | The first line is the command you would have to enter to download | ||
1200 | the file. The argument passed to @code{-o} is the suggested | ||
1201 | filename (you may change it to whatever you like). | ||
1202 | @c except it's triple dash in the above example --- | ||
1203 | The @code{--} is followed by key for decrypting the file, | ||
1204 | the query for searching the file, a checksum (in hexadecimal) | ||
1205 | finally the size of the file in bytes. | ||
1206 | The second line contains the description of the file; here this is | ||
1207 | "The GNU Public License" and the mime-type (see the options for | ||
1208 | gnunet-publish on how to specify these). | ||
1209 | |||
1210 | @node File-sharing Downloading | ||
1211 | @subsection File-sharing Downloading | ||
1212 | @c %**end of header | ||
1213 | |||
1214 | In order to download a file, you need the three values returned by | ||
1215 | @command{gnunet-search}. | ||
1216 | You can then use the tool @command{gnunet-download} to obtain the file: | ||
1217 | |||
1218 | @example | ||
1219 | $ gnunet-download -o FILENAME --- GNUNETURL | ||
1220 | @end example | ||
1221 | |||
1222 | @noindent | ||
1223 | FILENAME specifies the name of the file where GNUnet is supposed | ||
1224 | to write the result. Existing files are overwritten. If the | ||
1225 | existing file contains blocks that are identical to the | ||
1226 | desired download, those blocks will not be downloaded again | ||
1227 | (automatic resume). | ||
1228 | |||
1229 | If you want to download the GPL from the previous example, | ||
1230 | you do the following: | ||
1231 | |||
1232 | @example | ||
1233 | $ gnunet-download -o "COPYING" --- gnunet://fs/chk/N8...92.17992 | ||
1234 | @end example | ||
1235 | |||
1236 | @noindent | ||
1237 | If you ever have to abort a download, you can continue it at any time by | ||
1238 | re-issuing @command{gnunet-download} with the same filename. | ||
1239 | In that case, GNUnet will @strong{not} download blocks again that are | ||
1240 | already present. | ||
1241 | 1049 | ||
1242 | GNUnet's file-encoding mechanism will ensure file integrity, even if the | 1050 | @node fs-Directories |
1243 | existing file was not downloaded from GNUnet in the first place. | 1051 | @subsection Directories |
1244 | |||
1245 | You may want to use the @command{-V} switch (must be added before | ||
1246 | @c Same as above it's triple dash | ||
1247 | the @command{--}) to turn on verbose reporting. In this case, | ||
1248 | @command{gnunet-download} will print the current number of | ||
1249 | bytes downloaded whenever new data was received. | ||
1250 | |||
1251 | @node File-sharing Directories | ||
1252 | @subsection File-sharing Directories | ||
1253 | @c %**end of header | 1052 | @c %**end of header |
1254 | 1053 | ||
1255 | Directories are shared just like ordinary files. If you download a | 1054 | Directories are shared just like ordinary files. If you download a |
@@ -1264,8 +1063,8 @@ typically includes the mime-type, description, a filename and | |||
1264 | other meta information, and possibly even the full original file | 1063 | other meta information, and possibly even the full original file |
1265 | (if it was small). | 1064 | (if it was small). |
1266 | 1065 | ||
1267 | @node File-sharing Namespace Management | 1066 | @node Namespace Management |
1268 | @subsection File-sharing Namespace Management | 1067 | @subsection Namespace Management |
1269 | @c %**end of header | 1068 | @c %**end of header |
1270 | 1069 | ||
1271 | @b{Please note that the text in this subsection is outdated and needs} | 1070 | @b{Please note that the text in this subsection is outdated and needs} |
@@ -1436,6 +1235,135 @@ chosen keyword (or password!). A commonly used identifier is | |||
1436 | "root" which by convention refers to some kind of index or other | 1235 | "root" which by convention refers to some kind of index or other |
1437 | entry point into the namespace. | 1236 | entry point into the namespace. |
1438 | 1237 | ||
1238 | @node GTK User Interface | ||
1239 | @subsection GTK User Interface | ||
1240 | This chapter describes first steps for file-sharing with GNUnet. | ||
1241 | To start, you should launch @command{gnunet-fs-gtk}. | ||
1242 | |||
1243 | As we want to be sure that the network contains the data that we are | ||
1244 | looking for for testing, we need to begin by publishing a file. | ||
1245 | |||
1246 | @menu | ||
1247 | * gtk-Publishing:: | ||
1248 | * gtk-Searching:: | ||
1249 | * gtk-Downloading:: | ||
1250 | @end menu | ||
1251 | |||
1252 | @node gtk-Publishing | ||
1253 | @subsubsection Publishing | ||
1254 | @c %**end of header | ||
1255 | |||
1256 | To publish a file, select "File Sharing" in the menu bar just below the | ||
1257 | "Statistics" icon, and then select "Publish" from the menu. | ||
1258 | |||
1259 | Afterwards, the following publishing dialog will appear: | ||
1260 | |||
1261 | @c Add image here | ||
1262 | |||
1263 | In this dialog, select the "Add File" button. This will open a | ||
1264 | file selection dialog: | ||
1265 | |||
1266 | @c Add image here | ||
1267 | |||
1268 | Now, you should select a file from your computer to be published on | ||
1269 | GNUnet. To see more of GNUnet's features later, you should pick a | ||
1270 | PNG or JPEG file this time. You can leave all of the other options | ||
1271 | in the dialog unchanged. Confirm your selection by pressing the "OK" | ||
1272 | button in the bottom right corner. Now, you will briefly see a | ||
1273 | "Messages..." dialog pop up, but most likely it will be too short for | ||
1274 | you to really read anything. That dialog is showing you progress | ||
1275 | information as GNUnet takes a first look at the selected file(s). | ||
1276 | For a normal image, this is virtually instant, but if you later | ||
1277 | import a larger directory you might be interested in the progress dialog | ||
1278 | and potential errors that might be encountered during processing. | ||
1279 | After the progress dialog automatically disappears, your file | ||
1280 | should now appear in the publishing dialog: | ||
1281 | |||
1282 | @c Add image here | ||
1283 | |||
1284 | Now, select the file (by clicking on the file name) and then click | ||
1285 | the "Edit" button. This will open the editing dialog: | ||
1286 | |||
1287 | @c Add image here | ||
1288 | |||
1289 | In this dialog, you can see many details about your file. In the | ||
1290 | top left area, you can see meta data extracted about the file, | ||
1291 | such as the original filename, the mimetype and the size of the image. | ||
1292 | In the top right, you should see a preview for the image | ||
1293 | (if GNU libextractor was installed correctly with the | ||
1294 | respective plugins). Note that if you do not see a preview, this | ||
1295 | is not a disaster, but you might still want to install more of | ||
1296 | GNU libextractor in the future. In the bottom left, the dialog contains | ||
1297 | a list of keywords. These are the keywords under which the file will be | ||
1298 | made available. The initial list will be based on the extracted meta data. | ||
1299 | Additional publishing options are in the right bottom corner. We will | ||
1300 | now add an additional keyword to the list of keywords. This is done by | ||
1301 | entering the keyword above the keyword list between the label "Keyword" | ||
1302 | and the "Add keyword" button. Enter "test" and select "Add keyword". | ||
1303 | Note that the keyword will appear at the bottom of the existing keyword | ||
1304 | list, so you might have to scroll down to see it. Afterwards, push the | ||
1305 | "OK" button at the bottom right of the dialog. | ||
1306 | |||
1307 | You should now be back at the "Publish content on GNUnet" dialog. Select | ||
1308 | "Execute" in the bottom right to close the dialog and publish your file | ||
1309 | on GNUnet! Afterwards, you should see the main dialog with a new area | ||
1310 | showing the list of published files (or ongoing publishing operations | ||
1311 | with progress indicators): | ||
1312 | |||
1313 | @c Add image here | ||
1314 | |||
1315 | @node gtk-Searching | ||
1316 | @subsubsection Searching | ||
1317 | @c %**end of header | ||
1318 | |||
1319 | Below the menu bar, there are four entry widges labeled "Namespace", | ||
1320 | "Keywords", "Anonymity" and "Mime-type" (from left to right). These | ||
1321 | widgets are used to control searching for files in GNUnet. Between the | ||
1322 | "Keywords" and "Anonymity" widgets, there is also a big "Search" button, | ||
1323 | which is used to initiate the search. We will ignore the "Namespace", | ||
1324 | "Anonymity" and "Mime-type" options in this tutorial, please leave them | ||
1325 | empty. Instead, simply enter "test" under "Keywords" and press "Search". | ||
1326 | Afterwards, you should immediately see a new tab labeled after your | ||
1327 | search term, followed by the (current) number of search | ||
1328 | results --- "(15)" in our screenshot. Note that your results may | ||
1329 | vary depending on what other users may have shared and how your | ||
1330 | peer is connected. | ||
1331 | |||
1332 | You can now select one of the search results. Once you do this, | ||
1333 | additional information about the result should be displayed on the | ||
1334 | right. If available, a preview image should appear on the top right. | ||
1335 | Meta data describing the file will be listed at the bottom right. | ||
1336 | |||
1337 | Once a file is selected, at the bottom of the search result list | ||
1338 | a little area for downloading appears. | ||
1339 | |||
1340 | @node gtk-Downloading | ||
1341 | @subsubsection Downloading | ||
1342 | @c %**end of header | ||
1343 | |||
1344 | In the downloading area, you can select the target directory (default is | ||
1345 | "Downloads") and specify the desired filename (by default the filename it | ||
1346 | taken from the meta data of the published file). Additionally, you can | ||
1347 | specify if the download should be anonynmous and (for directories) if | ||
1348 | the download should be recursive. In most cases, you can simply start | ||
1349 | the download with the "Download!" button. | ||
1350 | |||
1351 | Once you selected download, the progress of the download will be | ||
1352 | displayed with the search result. You may need to resize the result | ||
1353 | list or scroll to the right. The "Status" column shows the current | ||
1354 | status of the download, and "Progress" how much has been completed. | ||
1355 | When you close the search tab (by clicking on the "X" button next to | ||
1356 | the "test" label), ongoing and completed downloads are not aborted | ||
1357 | but moved to a special "*" tab. | ||
1358 | |||
1359 | You can remove completed downloads from the "*" tab by clicking the | ||
1360 | cleanup button next to the "*". You can also abort downloads by right | ||
1361 | clicking on the respective download and selecting "Abort download" | ||
1362 | from the menu. | ||
1363 | |||
1364 | That's it, you now know the basics for file-sharing with GNUnet! | ||
1365 | |||
1366 | |||
1439 | @node The GNU Name System | 1367 | @node The GNU Name System |
1440 | @section The GNU Name System | 1368 | @section The GNU Name System |
1441 | @c %**end of header | 1369 | @c %**end of header |
@@ -2032,8 +1960,8 @@ that will terminate at the respective peer's service. | |||
2032 | 1960 | ||
2033 | @c NOTE: Inserted from Installation Handbook in original ``order'': | 1961 | @c NOTE: Inserted from Installation Handbook in original ``order'': |
2034 | @c FIXME: Move this to User Handbook. | 1962 | @c FIXME: Move this to User Handbook. |
2035 | @node The graphical configuration interface | 1963 | @node MOVE TO INSTALL The graphical configuration interface |
2036 | @section The graphical configuration interface | 1964 | @section MOVE TO INSTALL The graphical configuration interface |
2037 | 1965 | ||
2038 | If you also would like to use @command{gnunet-gtk} and | 1966 | If you also would like to use @command{gnunet-gtk} and |
2039 | @command{gnunet-setup} (highly recommended for beginners), do: | 1967 | @command{gnunet-setup} (highly recommended for beginners), do: |
@@ -3619,8 +3547,91 @@ desktop-user to "sudo" (i.e. using gtksudo) to the "gnunet" user account | |||
3619 | and then runs "gnunet-arm -e", "gnunet-setup" and "gnunet-arm -s" in | 3547 | and then runs "gnunet-arm -e", "gnunet-setup" and "gnunet-arm -s" in |
3620 | sequence. | 3548 | sequence. |
3621 | 3549 | ||
3622 | @node How to start and stop a GNUnet peer | 3550 | @node MOVE TO INSTALL Checking the Installation |
3623 | @section How to start and stop a GNUnet peer | 3551 | @section MOVE TO INSTALL Checking the Installation |
3552 | @c %**end of header | ||
3553 | |||
3554 | This section describes a quick, casual way to check if your GNUnet | ||
3555 | installation works. However, if it does not, we do not cover | ||
3556 | steps for recovery --- for this, please study the instructions | ||
3557 | provided in the developer handbook as well as the system-specific | ||
3558 | instruction in the source code repository@footnote{The system specific instructions are not provided as part of this handbook!}. | ||
3559 | |||
3560 | |||
3561 | @menu | ||
3562 | * gnunet-gtk:: | ||
3563 | * Statistics:: | ||
3564 | * Peer Information:: | ||
3565 | @end menu | ||
3566 | |||
3567 | @cindex GNUnet GTK | ||
3568 | @cindex GTK | ||
3569 | @cindex GTK user interface | ||
3570 | @node gnunet-gtk | ||
3571 | @subsection gnunet-gtk | ||
3572 | @c %**end of header | ||
3573 | |||
3574 | The @command{gnunet-gtk} package contains several graphical | ||
3575 | user interfaces for the respective GNUnet applications. | ||
3576 | Currently these interfaces cover: | ||
3577 | |||
3578 | @itemize @bullet | ||
3579 | @item Statistics | ||
3580 | @item Peer Information | ||
3581 | @item GNU Name System | ||
3582 | @item File Sharing | ||
3583 | @item Identity Management | ||
3584 | @item Conversation | ||
3585 | @end itemize | ||
3586 | |||
3587 | @node Statistics | ||
3588 | @subsection Statistics | ||
3589 | @c %**end of header | ||
3590 | |||
3591 | First, you should launch GNUnet gtk@footnote{Obviously you should also start gnunet, via gnunet-arm or the system provided method}. | ||
3592 | You can do this from the command-line by typing | ||
3593 | |||
3594 | @example | ||
3595 | gnunet-statistics-gtk | ||
3596 | @end example | ||
3597 | |||
3598 | If your peer@footnote{The term ``peer'' is a common word used in federated and distributed networks to describe a participating device which is connected to the network. Thus, your Personal Computer or whatever it is you are looking at the Gtk+ interface describes a ``Peer'' or a ``Node''.} | ||
3599 | is running correctly, you should see a bunch of lines, | ||
3600 | all of which should be ``significantly'' above zero (at least if your | ||
3601 | peer has been running for more than a few seconds). The lines indicate | ||
3602 | how many other peers your peer is connected to (via different | ||
3603 | mechanisms) and how large the entire overlay network is currently | ||
3604 | estimated to be. The X-axis represents time (in seconds since the | ||
3605 | start of @command{gnunet-gtk}). | ||
3606 | |||
3607 | You can click on "Traffic" to see information about the amount of | ||
3608 | bandwidth your peer has consumed, and on "Storage" to check the amount | ||
3609 | of storage available and used by your peer. Note that "Traffic" is | ||
3610 | plotted cummulatively, so you should see a strict upwards trend in the | ||
3611 | traffic. | ||
3612 | |||
3613 | @node Peer Information | ||
3614 | @subsection Peer Information | ||
3615 | @c %**end of header | ||
3616 | |||
3617 | First, you should launch the graphical user interface. You can do | ||
3618 | this from the command-line by typing | ||
3619 | |||
3620 | @example | ||
3621 | $ gnunet-peerinfo-gtk | ||
3622 | @end example | ||
3623 | |||
3624 | Once you have done this, you will see a list of known peers (by the | ||
3625 | first four characters of their public key), their friend status (all | ||
3626 | should be marked as not-friends initially), their connectivity (green | ||
3627 | is connected, red is disconnected), assigned bandwidth, country of | ||
3628 | origin (if determined) and address information. If hardly any peers | ||
3629 | are listed and/or if there are very few peers with a green light for | ||
3630 | connectivity, there is likely a problem with your network | ||
3631 | configuration. | ||
3632 | |||
3633 | @node MOVE TO INSTALL Config Leftovers | ||
3634 | @section MOVE TO INSTALL Config Leftovers | ||
3624 | 3635 | ||
3625 | This section describes how to start a GNUnet peer. It assumes that you | 3636 | This section describes how to start a GNUnet peer. It assumes that you |
3626 | have already compiled and installed GNUnet and its' dependencies. | 3637 | have already compiled and installed GNUnet and its' dependencies. |
@@ -3949,3 +3960,4 @@ Furthermore, 'make install' will silently fail to set the DNS binaries to | |||
3949 | be owned by group "gnunetdns" unless that group already exists (!). | 3960 | be owned by group "gnunetdns" unless that group already exists (!). |
3950 | An alternative name for the "gnunetdns" group can be specified using the | 3961 | An alternative name for the "gnunetdns" group can be specified using the |
3951 | @code{--with-gnunetdns=GRPNAME} configure option. | 3962 | @code{--with-gnunetdns=GRPNAME} configure option. |
3963 | |||
diff --git a/doc/documentation/gnunet.texi b/doc/documentation/gnunet.texi index cd2f04399..5ba6f6b15 100644 --- a/doc/documentation/gnunet.texi +++ b/doc/documentation/gnunet.texi | |||
@@ -82,7 +82,9 @@ This document is the Reference Manual for GNUnet version @value{VERSION}. | |||
82 | 82 | ||
83 | * Preface:: Chapter 0 | 83 | * Preface:: Chapter 0 |
84 | * Philosophy:: About GNUnet | 84 | * Philosophy:: About GNUnet |
85 | * Key Concepts:: Key concepts of GNUnet | ||
85 | @c * Vocabulary:: Vocabulary | 86 | @c * Vocabulary:: Vocabulary |
87 | * Installing GNUnet:: Installing GNUnet | ||
86 | * Using GNUnet:: Using GNUnet | 88 | * Using GNUnet:: Using GNUnet |
87 | @c * Configuration Handbook:: Configuring GNUnet | 89 | @c * Configuration Handbook:: Configuring GNUnet |
88 | * GNUnet Contributors Handbook:: Contributing to GNUnet | 90 | * GNUnet Contributors Handbook:: Contributing to GNUnet |
@@ -104,11 +106,12 @@ Preface | |||
104 | 106 | ||
105 | Philosophy | 107 | Philosophy |
106 | 108 | ||
107 | * Design Goals:: | 109 | * Design Principles:: |
108 | * Security and Privacy:: | 110 | * Privacy and Anonymity:: |
109 | * Versatility:: | 111 | * Practicality:: |
110 | * Practicality:: | 112 | |
111 | * Key Concepts:: | 113 | Key Concepts |
114 | |||
112 | * Authentication:: | 115 | * Authentication:: |
113 | * Accounting to Encourage Resource Sharing:: | 116 | * Accounting to Encourage Resource Sharing:: |
114 | * Confidentiality:: | 117 | * Confidentiality:: |
@@ -120,18 +123,20 @@ Philosophy | |||
120 | * Backup of Identities and Egos:: | 123 | * Backup of Identities and Egos:: |
121 | * Revocation:: | 124 | * Revocation:: |
122 | 125 | ||
126 | Installing GNUnet | ||
127 | |||
123 | Using GNUnet | 128 | Using GNUnet |
124 | 129 | ||
125 | * Checking the Installation:: | 130 | * Start and stop GNUnet:: |
126 | * First steps - File-sharing:: | ||
127 | * First steps - Using the GNU Name System:: | 131 | * First steps - Using the GNU Name System:: |
128 | * First steps - Using GNUnet Conversation:: | 132 | * First steps - Using GNUnet Conversation:: |
129 | * First steps - Using the GNUnet VPN:: | 133 | * First steps - Using the GNUnet VPN:: |
130 | * File-sharing:: | 134 | * File-sharing:: |
131 | * The GNU Name System:: | 135 | * The GNU Name System:: |
132 | * Using the Virtual Public Network:: | 136 | * Using the Virtual Public Network:: |
133 | * The graphical configuration interface:: | 137 | * MOVE TO INSTALL The graphical configuration interface:: |
134 | * How to start and stop a GNUnet peer:: | 138 | * MOVE TO INSTALL Checking the Installation:: |
139 | * MOVE TO INSTALL Config Leftovers:: | ||
135 | 140 | ||
136 | GNUnet Contributors Handbook | 141 | GNUnet Contributors Handbook |
137 | 142 | ||
@@ -193,6 +198,14 @@ GNUnet Developer Handbook | |||
193 | @c ********************************************************************* | 198 | @c ********************************************************************* |
194 | 199 | ||
195 | @c ********************************************************************* | 200 | @c ********************************************************************* |
201 | @include chapters/keyconcepts.texi | ||
202 | @c ********************************************************************* | ||
203 | |||
204 | @c ********************************************************************* | ||
205 | @include chapters/installation.texi | ||
206 | @c ********************************************************************* | ||
207 | |||
208 | @c ********************************************************************* | ||
196 | @include chapters/user.texi | 209 | @include chapters/user.texi |
197 | @c ********************************************************************* | 210 | @c ********************************************************************* |
198 | 211 | ||
diff --git a/doc/man/gnunet-revocation.1 b/doc/man/gnunet-revocation.1 index 017b019fd..b963b2dc0 100644 --- a/doc/man/gnunet-revocation.1 +++ b/doc/man/gnunet-revocation.1 | |||
@@ -15,7 +15,7 @@ instantly revoke a key and to use a pre-generated revocation | |||
15 | certificate to revoke a key. Upon successful revocation, all peers | 15 | certificate to revoke a key. Upon successful revocation, all peers |
16 | will be informed about the invalidity of the key. As this is an | 16 | will be informed about the invalidity of the key. As this is an |
17 | expensive operation, GNUnet requires the issuer of the revocation to | 17 | expensive operation, GNUnet requires the issuer of the revocation to |
18 | perform an expensive proof-of-work computation before he will be | 18 | perform an expensive proof-of-work computation before they will be |
19 | allowed to perform the revocation. gnunet\-revocation will perform | 19 | allowed to perform the revocation. gnunet\-revocation will perform |
20 | this computation. The computation can be performed ahead of time, | 20 | this computation. The computation can be performed ahead of time, |
21 | with the resulting revocation certificate being stored in a file for | 21 | with the resulting revocation certificate being stored in a file for |
diff --git a/doc/release_policy.rfc.txt b/doc/release_policy.rfc.txt index fd4118742..b3d72bac4 100644 --- a/doc/release_policy.rfc.txt +++ b/doc/release_policy.rfc.txt | |||
@@ -117,7 +117,7 @@ platforms. It also doubt it will give you the recognition you crave. | |||
117 | More importantly, what you describe is already happening, and | 117 | More importantly, what you describe is already happening, and |
118 | partially has contributed to the problems. Bart kept his own CADET | 118 | partially has contributed to the problems. Bart kept his own CADET |
119 | hacks in his personal branch for years, hence without much feedback or | 119 | hacks in his personal branch for years, hence without much feedback or |
120 | review. The SecuShare team kept their patches in their own branch, | 120 | review. The secushare team kept their patches in their own branch, |
121 | hence revealing interesting failure modes when it was finally merged. | 121 | hence revealing interesting failure modes when it was finally merged. |
122 | Martin kept some of his ABE-logic in his own branch (that one was | 122 | Martin kept some of his ABE-logic in his own branch (that one was |
123 | merged without me noticing major problems). Anyway, what you propose | 123 | merged without me noticing major problems). Anyway, what you propose |
diff --git a/m4/iconv.m4 b/m4/iconv.m4 index a50364656..41aa44a56 100644 --- a/m4/iconv.m4 +++ b/m4/iconv.m4 | |||
@@ -29,7 +29,7 @@ AC_DEFUN([AM_ICONV_LINK], | |||
29 | 29 | ||
30 | dnl Add $INCICONV to CPPFLAGS before performing the following checks, | 30 | dnl Add $INCICONV to CPPFLAGS before performing the following checks, |
31 | dnl because if the user has installed libiconv and not disabled its use | 31 | dnl because if the user has installed libiconv and not disabled its use |
32 | dnl via --without-libiconv-prefix, he wants to use it. The first | 32 | dnl via --without-libiconv-prefix, they want to use it. The first |
33 | dnl AC_LINK_IFELSE will then fail, the second AC_LINK_IFELSE will succeed. | 33 | dnl AC_LINK_IFELSE will then fail, the second AC_LINK_IFELSE will succeed. |
34 | am_save_CPPFLAGS="$CPPFLAGS" | 34 | am_save_CPPFLAGS="$CPPFLAGS" |
35 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCICONV]) | 35 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INCICONV]) |
diff --git a/m4/lib-link.m4 b/m4/lib-link.m4 index 073f04050..d963149b0 100644 --- a/m4/lib-link.m4 +++ b/m4/lib-link.m4 | |||
@@ -68,7 +68,7 @@ AC_DEFUN([AC_LIB_HAVE_LINKFLAGS], | |||
68 | 68 | ||
69 | dnl Add $INC[]NAME to CPPFLAGS before performing the following checks, | 69 | dnl Add $INC[]NAME to CPPFLAGS before performing the following checks, |
70 | dnl because if the user has installed lib[]Name and not disabled its use | 70 | dnl because if the user has installed lib[]Name and not disabled its use |
71 | dnl via --without-lib[]Name-prefix, he wants to use it. | 71 | dnl via --without-lib[]Name-prefix, they want to use it. |
72 | ac_save_CPPFLAGS="$CPPFLAGS" | 72 | ac_save_CPPFLAGS="$CPPFLAGS" |
73 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME) | 73 | AC_LIB_APPENDTOVAR([CPPFLAGS], [$INC]NAME) |
74 | 74 | ||
diff --git a/m4/lib-prefix.m4 b/m4/lib-prefix.m4 index 60908e8fb..855ca9317 100644 --- a/m4/lib-prefix.m4 +++ b/m4/lib-prefix.m4 | |||
@@ -15,7 +15,7 @@ ifdef([AC_HELP_STRING], | |||
15 | 15 | ||
16 | dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed | 16 | dnl AC_LIB_PREFIX adds to the CPPFLAGS and LDFLAGS the flags that are needed |
17 | dnl to access previously installed libraries. The basic assumption is that | 17 | dnl to access previously installed libraries. The basic assumption is that |
18 | dnl a user will want packages to use other packages he previously installed | 18 | dnl a user will want packages to use other packages they previously installed |
19 | dnl with the same --prefix option. | 19 | dnl with the same --prefix option. |
20 | dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate | 20 | dnl This macro is not needed if only AC_LIB_LINKFLAGS is used to locate |
21 | dnl libraries, but is otherwise very convenient. | 21 | dnl libraries, but is otherwise very convenient. |
diff --git a/pkgconfig/Makefile.am b/pkgconfig/Makefile.am index 9c9eb5c6b..3a3102f0a 100644 --- a/pkgconfig/Makefile.am +++ b/pkgconfig/Makefile.am | |||
@@ -10,8 +10,6 @@ pcfiles = \ | |||
10 | gnunetdatastore.pc \ | 10 | gnunetdatastore.pc \ |
11 | gnunetdht.pc \ | 11 | gnunetdht.pc \ |
12 | gnunetdns.pc \ | 12 | gnunetdns.pc \ |
13 | gnunetdnsparser.pc \ | ||
14 | gnunetdnsstub.pc \ | ||
15 | gnunetdv.pc \ | 13 | gnunetdv.pc \ |
16 | gnunetenv.pc \ | 14 | gnunetenv.pc \ |
17 | gnunetfragmentation.pc \ | 15 | gnunetfragmentation.pc \ |
@@ -39,7 +37,6 @@ pcfiles = \ | |||
39 | gnunettestbed.pc \ | 37 | gnunettestbed.pc \ |
40 | gnunettesting.pc \ | 38 | gnunettesting.pc \ |
41 | gnunettransport.pc \ | 39 | gnunettransport.pc \ |
42 | gnunettun.pc \ | ||
43 | gnunetutil.pc \ | 40 | gnunetutil.pc \ |
44 | gnunetvpn.pc | 41 | gnunetvpn.pc |
45 | 42 | ||
diff --git a/pkgconfig/gnunetdnsparser.pc.in b/pkgconfig/gnunetdnsparser.pc.in deleted file mode 100644 index ffb5fca8b..000000000 --- a/pkgconfig/gnunetdnsparser.pc.in +++ /dev/null | |||
@@ -1,12 +0,0 @@ | |||
1 | prefix=@prefix@ | ||
2 | exec_prefix=@exec_prefix@ | ||
3 | libdir=@libdir@ | ||
4 | includedir=@includedir@ | ||
5 | |||
6 | Name: GNUnet DNS parser | ||
7 | Description: Provides API for parsing and serializing DNS packets | ||
8 | URL: http://gnunet.org | ||
9 | Version: @VERSION@ | ||
10 | Requires: | ||
11 | Libs: -L${libdir} -lgnunetdnsparser | ||
12 | Cflags: -I${includedir} | ||
diff --git a/pkgconfig/gnunetdnsstub.pc.in b/pkgconfig/gnunetdnsstub.pc.in deleted file mode 100644 index b1da343ea..000000000 --- a/pkgconfig/gnunetdnsstub.pc.in +++ /dev/null | |||
@@ -1,12 +0,0 @@ | |||
1 | prefix=@prefix@ | ||
2 | exec_prefix=@exec_prefix@ | ||
3 | libdir=@libdir@ | ||
4 | includedir=@includedir@ | ||
5 | |||
6 | Name: GNUnet DNS stub | ||
7 | Description: Provides API for asynchronous DNS resolution (DNS stub resolver) | ||
8 | URL: http://gnunet.org | ||
9 | Version: @VERSION@ | ||
10 | Requires: | ||
11 | Libs: -L${libdir} -lgnunetdnsstub | ||
12 | Cflags: -I${includedir} | ||
diff --git a/pkgconfig/gnunettun.pc.in b/pkgconfig/gnunettun.pc.in deleted file mode 100644 index 2a3bd5213..000000000 --- a/pkgconfig/gnunettun.pc.in +++ /dev/null | |||
@@ -1,12 +0,0 @@ | |||
1 | prefix=@prefix@ | ||
2 | exec_prefix=@exec_prefix@ | ||
3 | libdir=@libdir@ | ||
4 | includedir=@includedir@ | ||
5 | |||
6 | Name: GNUnet TUN | ||
7 | Description: Provides API for parsing IP packets for Linux TUN interface interaction | ||
8 | URL: http://gnunet.org | ||
9 | Version: @VERSION@ | ||
10 | Requires: | ||
11 | Libs: -L${libdir} -lgnunettun | ||
12 | Cflags: -I${includedir} | ||
@@ -914,8 +914,8 @@ msgstr "" | |||
914 | 914 | ||
915 | #: src/conversation/gnunet-conversation.c:720 | 915 | #: src/conversation/gnunet-conversation.c:720 |
916 | #, c-format | 916 | #, c-format |
917 | msgid "We are calling `%s', his phone should be ringing.\n" | 917 | msgid "We are calling `%s', their phone should be ringing.\n" |
918 | msgstr "" | 918 | msgstr "Wir rufen `%s' an, deren Telefon sollte jetzt klingeln.\n" |
919 | 919 | ||
920 | #: src/conversation/gnunet-conversation.c:739 | 920 | #: src/conversation/gnunet-conversation.c:739 |
921 | msgid "Calls waiting:\n" | 921 | msgid "Calls waiting:\n" |
@@ -980,7 +980,7 @@ msgstr "Detectada dirección de la red interna «%s».\n" | |||
980 | 980 | ||
981 | #: src/conversation/gnunet-conversation.c:720 | 981 | #: src/conversation/gnunet-conversation.c:720 |
982 | #, c-format | 982 | #, c-format |
983 | msgid "We are calling `%s', his phone should be ringing.\n" | 983 | msgid "We are calling `%s', their phone should be ringing.\n" |
984 | msgstr "" | 984 | msgstr "" |
985 | 985 | ||
986 | #: src/conversation/gnunet-conversation.c:739 | 986 | #: src/conversation/gnunet-conversation.c:739 |
@@ -899,7 +899,7 @@ msgstr "" | |||
899 | 899 | ||
900 | #: src/conversation/gnunet-conversation.c:720 | 900 | #: src/conversation/gnunet-conversation.c:720 |
901 | #, c-format | 901 | #, c-format |
902 | msgid "We are calling `%s', his phone should be ringing.\n" | 902 | msgid "We are calling `%s', their phone should be ringing.\n" |
903 | msgstr "" | 903 | msgstr "" |
904 | 904 | ||
905 | #: src/conversation/gnunet-conversation.c:739 | 905 | #: src/conversation/gnunet-conversation.c:739 |
@@ -924,7 +924,7 @@ msgstr "" | |||
924 | 924 | ||
925 | #: src/conversation/gnunet-conversation.c:720 | 925 | #: src/conversation/gnunet-conversation.c:720 |
926 | #, c-format | 926 | #, c-format |
927 | msgid "We are calling `%s', his phone should be ringing.\n" | 927 | msgid "We are calling `%s', their phone should be ringing.\n" |
928 | msgstr "" | 928 | msgstr "" |
929 | 929 | ||
930 | #: src/conversation/gnunet-conversation.c:739 | 930 | #: src/conversation/gnunet-conversation.c:739 |
@@ -933,7 +933,7 @@ msgstr "GNUnet bây giờ sử dụng địa chỉ IP %s.\n" | |||
933 | 933 | ||
934 | #: src/conversation/gnunet-conversation.c:720 | 934 | #: src/conversation/gnunet-conversation.c:720 |
935 | #, c-format | 935 | #, c-format |
936 | msgid "We are calling `%s', his phone should be ringing.\n" | 936 | msgid "We are calling `%s', their phone should be ringing.\n" |
937 | msgstr "" | 937 | msgstr "" |
938 | 938 | ||
939 | #: src/conversation/gnunet-conversation.c:739 | 939 | #: src/conversation/gnunet-conversation.c:739 |
diff --git a/po/zh_CN.po b/po/zh_CN.po index 80d7e1996..d27d6f0a0 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po | |||
@@ -915,7 +915,7 @@ msgstr "GNUnet 现在使用 IP 地址 %s。\n" | |||
915 | 915 | ||
916 | #: src/conversation/gnunet-conversation.c:720 | 916 | #: src/conversation/gnunet-conversation.c:720 |
917 | #, c-format | 917 | #, c-format |
918 | msgid "We are calling `%s', his phone should be ringing.\n" | 918 | msgid "We are calling `%s', their phone should be ringing.\n" |
919 | msgstr "" | 919 | msgstr "" |
920 | 920 | ||
921 | #: src/conversation/gnunet-conversation.c:739 | 921 | #: src/conversation/gnunet-conversation.c:739 |
diff --git a/src/ats/gnunet-service-ats_addresses.h b/src/ats/gnunet-service-ats_addresses.h index d90ca1375..d4dc483eb 100644 --- a/src/ats/gnunet-service-ats_addresses.h +++ b/src/ats/gnunet-service-ats_addresses.h | |||
@@ -151,7 +151,7 @@ | |||
151 | * 1.7 Address management | 151 | * 1.7 Address management |
152 | * | 152 | * |
153 | * Transport service notifies ATS about changes to the addresses known to | 153 | * Transport service notifies ATS about changes to the addresses known to |
154 | * him. | 154 | * it. |
155 | * | 155 | * |
156 | * 1.7.1 Adding an address | 156 | * 1.7.1 Adding an address |
157 | * | 157 | * |
diff --git a/src/cadet/gnunet-cadet.c b/src/cadet/gnunet-cadet.c index 67cebf02b..b22881907 100644 --- a/src/cadet/gnunet-cadet.c +++ b/src/cadet/gnunet-cadet.c | |||
@@ -27,6 +27,7 @@ | |||
27 | #include "gnunet_cadet_service.h" | 27 | #include "gnunet_cadet_service.h" |
28 | #include "cadet.h" | 28 | #include "cadet.h" |
29 | 29 | ||
30 | #define STREAM_BUFFER_SIZE 1024 // Pakets | ||
30 | 31 | ||
31 | /** | 32 | /** |
32 | * Option -P. | 33 | * Option -P. |
@@ -123,6 +124,8 @@ static struct GNUNET_SCHEDULER_Task *rd_task; | |||
123 | */ | 124 | */ |
124 | static struct GNUNET_SCHEDULER_Task *job; | 125 | static struct GNUNET_SCHEDULER_Task *job; |
125 | 126 | ||
127 | static unsigned int sent_pkt; | ||
128 | |||
126 | 129 | ||
127 | /** | 130 | /** |
128 | * Wait for input on STDIO and send it out over the #ch. | 131 | * Wait for input on STDIO and send it out over the #ch. |
@@ -228,6 +231,12 @@ shutdown_task (void *cls) | |||
228 | } | 231 | } |
229 | } | 232 | } |
230 | 233 | ||
234 | void * | ||
235 | mq_cb(void *cls) | ||
236 | { | ||
237 | listen_stdio (); | ||
238 | } | ||
239 | |||
231 | 240 | ||
232 | /** | 241 | /** |
233 | * Task run in stdio mode, after some data is available at stdin. | 242 | * Task run in stdio mode, after some data is available at stdin. |
@@ -248,6 +257,8 @@ read_stdio (void *cls) | |||
248 | 60000); | 257 | 60000); |
249 | if (data_size < 1) | 258 | if (data_size < 1) |
250 | { | 259 | { |
260 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
261 | "read() returned %s\n", strerror(errno)); | ||
251 | GNUNET_SCHEDULER_shutdown(); | 262 | GNUNET_SCHEDULER_shutdown(); |
252 | return; | 263 | return; |
253 | } | 264 | } |
@@ -262,9 +273,21 @@ read_stdio (void *cls) | |||
262 | data_size); | 273 | data_size); |
263 | GNUNET_MQ_send (GNUNET_CADET_get_mq (ch), | 274 | GNUNET_MQ_send (GNUNET_CADET_get_mq (ch), |
264 | env); | 275 | env); |
276 | |||
277 | sent_pkt++; | ||
278 | |||
265 | if (GNUNET_NO == echo) | 279 | if (GNUNET_NO == echo) |
266 | { | 280 | { |
267 | listen_stdio (); | 281 | // Use MQ's notification if too much data of stdin is pooring in too fast. |
282 | if (STREAM_BUFFER_SIZE < sent_pkt) | ||
283 | { | ||
284 | GNUNET_MQ_notify_sent (env, mq_cb, cls); | ||
285 | sent_pkt = 0; | ||
286 | } | ||
287 | else | ||
288 | { | ||
289 | listen_stdio (); | ||
290 | } | ||
268 | } | 291 | } |
269 | else | 292 | else |
270 | { | 293 | { |
diff --git a/src/cadet/gnunet-service-cadet.c b/src/cadet/gnunet-service-cadet.c index 8ccf4ae07..712c6339a 100644 --- a/src/cadet/gnunet-service-cadet.c +++ b/src/cadet/gnunet-service-cadet.c | |||
@@ -927,29 +927,23 @@ get_peer_info (void *cls, | |||
927 | struct CadetClient *c = cls; | 927 | struct CadetClient *c = cls; |
928 | struct GNUNET_MQ_Envelope *env; | 928 | struct GNUNET_MQ_Envelope *env; |
929 | struct GNUNET_CADET_LocalInfoPeer *msg; | 929 | struct GNUNET_CADET_LocalInfoPeer *msg; |
930 | |||
931 | 930 | ||
932 | env = GNUNET_MQ_msg (msg, | 931 | env = GNUNET_MQ_msg (msg, |
933 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER); | 932 | GNUNET_MESSAGE_TYPE_CADET_LOCAL_INFO_PEER); |
934 | |||
935 | msg->offset = htons(0); | 933 | msg->offset = htons(0); |
936 | msg->destination = *peer; | 934 | msg->destination = *peer; |
937 | msg->paths = htons (GCP_count_paths (p)); | 935 | msg->paths = htons (GCP_count_paths (p)); |
938 | msg->tunnel = htons (NULL != GCP_get_tunnel (p, | 936 | msg->tunnel = htons (NULL != GCP_get_tunnel (p, |
939 | GNUNET_NO)); | 937 | GNUNET_NO)); |
940 | msg->finished_with_paths = htons(0); | 938 | msg->finished_with_paths = htons(0); |
941 | |||
942 | GNUNET_MQ_send (c->mq, | 939 | GNUNET_MQ_send (c->mq, |
943 | env); | 940 | env); |
944 | 941 | GCP_iterate_indirect_paths (p, | |
945 | GCP_iterate_indirect_paths(p, | 942 | &path_info_iterator, |
946 | &path_info_iterator, | 943 | c->mq); |
947 | c->mq); | ||
948 | |||
949 | } | 944 | } |
950 | 945 | ||
951 | 946 | ||
952 | |||
953 | /** | 947 | /** |
954 | * Handler for client's SHOW_PEER request. | 948 | * Handler for client's SHOW_PEER request. |
955 | * | 949 | * |
diff --git a/src/cadet/gnunet-service-cadet_peer.c b/src/cadet/gnunet-service-cadet_peer.c index 09dfcd4d7..b375d51ca 100644 --- a/src/cadet/gnunet-service-cadet_peer.c +++ b/src/cadet/gnunet-service-cadet_peer.c | |||
@@ -1217,6 +1217,8 @@ GCP_iterate_paths (struct CadetPeer *cp, | |||
1217 | (NULL == cp->core_mq) ? "" : " including direct link"); | 1217 | (NULL == cp->core_mq) ? "" : " including direct link"); |
1218 | if (NULL != cp->core_mq) | 1218 | if (NULL != cp->core_mq) |
1219 | { | 1219 | { |
1220 | /* FIXME: this branch seems to duplicate the | ||
1221 | i=0 case below (direct link). Leave out!??? -CG */ | ||
1220 | struct CadetPeerPath *path; | 1222 | struct CadetPeerPath *path; |
1221 | 1223 | ||
1222 | path = GCPP_get_path_from_route (1, | 1224 | path = GCPP_get_path_from_route (1, |
diff --git a/src/consensus/gnunet-service-consensus.c b/src/consensus/gnunet-service-consensus.c index 86d056aaf..afbefdc5a 100644 --- a/src/consensus/gnunet-service-consensus.c +++ b/src/consensus/gnunet-service-consensus.c | |||
@@ -2821,7 +2821,7 @@ construct_task_graph_gradecast (struct ConsensusSession *session, | |||
2821 | } | 2821 | } |
2822 | /* We run this task to make sure that the leader | 2822 | /* We run this task to make sure that the leader |
2823 | has the stored the SET_KIND_LEADER set of himself, | 2823 | has the stored the SET_KIND_LEADER set of himself, |
2824 | so he can participate in the rest of the gradecast | 2824 | so it can participate in the rest of the gradecast |
2825 | without the code having to handle any special cases. */ | 2825 | without the code having to handle any special cases. */ |
2826 | task = ((struct TaskEntry) { | 2826 | task = ((struct TaskEntry) { |
2827 | .step = step, | 2827 | .step = step, |
diff --git a/src/conversation/gnunet-conversation.c b/src/conversation/gnunet-conversation.c index 92a435d55..bb4946720 100644 --- a/src/conversation/gnunet-conversation.c +++ b/src/conversation/gnunet-conversation.c | |||
@@ -264,6 +264,13 @@ phone_event_handler (void *cls, | |||
264 | switch (code) | 264 | switch (code) |
265 | { | 265 | { |
266 | case GNUNET_CONVERSATION_EC_PHONE_RING: | 266 | case GNUNET_CONVERSATION_EC_PHONE_RING: |
267 | /* | ||
268 | * FIXME: we should be playing our ringtones from contrib/sounds now! | ||
269 | * | ||
270 | ring_my_bell(); | ||
271 | * | ||
272 | * see https://gstreamer.freedesktop.org/documentation/application-development/highlevel/playback-components.html on how to play a wav using the gst framework being used here | ||
273 | */ | ||
267 | FPRINTF (stdout, | 274 | FPRINTF (stdout, |
268 | _("Incoming call from `%s'. Please /accept %u or /cancel %u the call.\n"), | 275 | _("Incoming call from `%s'. Please /accept %u or /cancel %u the call.\n"), |
269 | GNUNET_GNSRECORD_pkey_to_zkey (caller_id), | 276 | GNUNET_GNSRECORD_pkey_to_zkey (caller_id), |
@@ -717,7 +724,7 @@ do_status (const char *args) | |||
717 | break; | 724 | break; |
718 | case CS_RINGING: | 725 | case CS_RINGING: |
719 | FPRINTF (stdout, | 726 | FPRINTF (stdout, |
720 | _("We are calling `%s', his phone should be ringing.\n"), | 727 | _("We are calling `%s', their phone should be ringing.\n"), |
721 | peer_name); | 728 | peer_name); |
722 | break; | 729 | break; |
723 | case CS_CONNECTED: | 730 | case CS_CONNECTED: |
diff --git a/src/core/core.h b/src/core/core.h index a2c05d4af..2ce77244e 100644 --- a/src/core/core.h +++ b/src/core/core.h | |||
@@ -172,7 +172,7 @@ struct DisconnectNotifyMessage | |||
172 | * messages being received or transmitted. This overall message is | 172 | * messages being received or transmitted. This overall message is |
173 | * followed by the real message, or just the header of the real | 173 | * followed by the real message, or just the header of the real |
174 | * message (depending on the client's preferences). The receiver can | 174 | * message (depending on the client's preferences). The receiver can |
175 | * tell if he got the full message or only a partial message by | 175 | * tell if it got the full message or only a partial message by |
176 | * looking at the size field in the header of NotifyTrafficMessage and | 176 | * looking at the size field in the header of NotifyTrafficMessage and |
177 | * checking it with the size field in the message that follows. | 177 | * checking it with the size field in the message that follows. |
178 | */ | 178 | */ |
diff --git a/src/core/gnunet-service-core.c b/src/core/gnunet-service-core.c index 0afc75add..a033f9fac 100644 --- a/src/core/gnunet-service-core.c +++ b/src/core/gnunet-service-core.c | |||
@@ -230,7 +230,7 @@ handle_client_init (void *cls, | |||
230 | /** | 230 | /** |
231 | * We will never be ready to transmit the given message in (disconnect | 231 | * We will never be ready to transmit the given message in (disconnect |
232 | * or invalid request). Frees resources associated with @a car. We | 232 | * or invalid request). Frees resources associated with @a car. We |
233 | * don't explicitly tell the client, he'll learn with the disconnect | 233 | * don't explicitly tell the client, it'll learn with the disconnect |
234 | * (or violated the protocol). | 234 | * (or violated the protocol). |
235 | * | 235 | * |
236 | * @param car request that now permanently failed; the | 236 | * @param car request that now permanently failed; the |
diff --git a/src/core/gnunet-service-core.h b/src/core/gnunet-service-core.h index 81e73ec39..fd1a88e75 100644 --- a/src/core/gnunet-service-core.h +++ b/src/core/gnunet-service-core.h | |||
@@ -113,7 +113,7 @@ GSC_CLIENTS_solicit_request (struct GSC_ClientActiveRequest *car); | |||
113 | /** | 113 | /** |
114 | * We will never be ready to transmit the given message in (disconnect | 114 | * We will never be ready to transmit the given message in (disconnect |
115 | * or invalid request). Frees resources associated with @a car. We | 115 | * or invalid request). Frees resources associated with @a car. We |
116 | * don't explicitly tell the client, he'll learn with the disconnect | 116 | * don't explicitly tell the client, it'll learn with the disconnect |
117 | * (or violated the protocol). | 117 | * (or violated the protocol). |
118 | * | 118 | * |
119 | * @param car request that now permanently failed; the | 119 | * @param car request that now permanently failed; the |
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index 6e713cf61..c017e0c23 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c | |||
@@ -123,7 +123,7 @@ struct EphemeralKeyMessage | |||
123 | 123 | ||
124 | 124 | ||
125 | /** | 125 | /** |
126 | * We're sending an (encrypted) PING to the other peer to check if he | 126 | * We're sending an (encrypted) PING to the other peer to check if it |
127 | * can decrypt. The other peer should respond with a PONG with the | 127 | * can decrypt. The other peer should respond with a PONG with the |
128 | * same content, except this time encrypted with the receiver's key. | 128 | * same content, except this time encrypted with the receiver's key. |
129 | */ | 129 | */ |
@@ -854,8 +854,8 @@ handle_transport_notify_connect (void *cls, | |||
854 | } | 854 | } |
855 | else | 855 | else |
856 | { | 856 | { |
857 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer | 857 | /* peer with "higher" identity starts a delayed KX, if the "lower" peer |
858 | * does not start a KX since he sees no reasons to do so */ | 858 | * does not start a KX since it sees no reasons to do so */ |
859 | kx->retry_set_key_task | 859 | kx->retry_set_key_task |
860 | = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, | 860 | = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, |
861 | &set_key_retry_task, | 861 | &set_key_retry_task, |
diff --git a/src/core/gnunet-service-core_sessions.c b/src/core/gnunet-service-core_sessions.c index 41fe4dfb7..16f9a092d 100644 --- a/src/core/gnunet-service-core_sessions.c +++ b/src/core/gnunet-service-core_sessions.c | |||
@@ -356,7 +356,7 @@ GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer, | |||
356 | 356 | ||
357 | 357 | ||
358 | /** | 358 | /** |
359 | * The other peer has indicated that he 'lost' the session | 359 | * The other peer has indicated that it 'lost' the session |
360 | * (KX down), reinitialize the session on our end, in particular | 360 | * (KX down), reinitialize the session on our end, in particular |
361 | * this means to restart the typemap transmission. | 361 | * this means to restart the typemap transmission. |
362 | * | 362 | * |
diff --git a/src/core/gnunet-service-core_sessions.h b/src/core/gnunet-service-core_sessions.h index 845edac69..be862b71f 100644 --- a/src/core/gnunet-service-core_sessions.h +++ b/src/core/gnunet-service-core_sessions.h | |||
@@ -40,7 +40,7 @@ GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer, | |||
40 | 40 | ||
41 | 41 | ||
42 | /** | 42 | /** |
43 | * The other peer has indicated that he 'lost' the session | 43 | * The other peer has indicated that it 'lost' the session |
44 | * (KX down), reinitialize the session on our end, in particular | 44 | * (KX down), reinitialize the session on our end, in particular |
45 | * this means to restart the typemap transmission. | 45 | * this means to restart the typemap transmission. |
46 | * | 46 | * |
diff --git a/src/datastore/perf_datastore_api.c b/src/datastore/perf_datastore_api.c index f659dedff..6a0ff231b 100644 --- a/src/datastore/perf_datastore_api.c +++ b/src/datastore/perf_datastore_api.c | |||
@@ -172,7 +172,7 @@ struct CpsRunContext | |||
172 | 172 | ||
173 | /** | 173 | /** |
174 | * Counts the number of items put in the current phase. | 174 | * Counts the number of items put in the current phase. |
175 | * Once it hits #PUT_10, we progress tot he #RP_CUT phase | 175 | * Once it hits #PUT_10, we progress to the #RP_CUT phase |
176 | * or are done if @e i reaches #ITERATIONS. | 176 | * or are done if @e i reaches #ITERATIONS. |
177 | */ | 177 | */ |
178 | unsigned int j; | 178 | unsigned int j; |
diff --git a/src/datastore/plugin_datastore_mysql.c b/src/datastore/plugin_datastore_mysql.c index b09fd1af3..3568ebe8f 100644 --- a/src/datastore/plugin_datastore_mysql.c +++ b/src/datastore/plugin_datastore_mysql.c | |||
@@ -76,7 +76,7 @@ | |||
76 | * a safe partition etc. The $HOME/.my.cnf can of course be a symbolic | 76 | * a safe partition etc. The $HOME/.my.cnf can of course be a symbolic |
77 | * link. Even greater security risk can be achieved by setting no | 77 | * link. Even greater security risk can be achieved by setting no |
78 | * password for $USER. Luckily $USER has only priviledges to mess | 78 | * password for $USER. Luckily $USER has only priviledges to mess |
79 | * up GNUnet's tables, nothing else (unless you give him more, | 79 | * up GNUnet's tables, nothing else (unless you give them more, |
80 | * of course).<p> | 80 | * of course).<p> |
81 | * | 81 | * |
82 | * 4) Still, perhaps you should briefly try if the DB connection | 82 | * 4) Still, perhaps you should briefly try if the DB connection |
diff --git a/src/fs/gnunet-service-fs_cp.h b/src/fs/gnunet-service-fs_cp.h index 5e98f4940..dc7e03f4a 100644 --- a/src/fs/gnunet-service-fs_cp.h +++ b/src/fs/gnunet-service-fs_cp.h | |||
@@ -84,7 +84,7 @@ struct GSF_PeerPerformanceData | |||
84 | 84 | ||
85 | /** | 85 | /** |
86 | * If we get content we already have from this peer, for how | 86 | * If we get content we already have from this peer, for how |
87 | * long do we block him? Adjusted based on the fraction of | 87 | * long do we block it? Adjusted based on the fraction of |
88 | * redundant data we receive, between 1s and 1h. | 88 | * redundant data we receive, between 1s and 1h. |
89 | */ | 89 | */ |
90 | struct GNUNET_TIME_Relative migration_delay; | 90 | struct GNUNET_TIME_Relative migration_delay; |
diff --git a/src/include/block_dns.h b/src/include/block_dns.h index f54a51232..234ed502d 100644 --- a/src/include/block_dns.h +++ b/src/include/block_dns.h | |||
@@ -38,7 +38,7 @@ GNUNET_NETWORK_STRUCT_BEGIN | |||
38 | struct GNUNET_DNS_Advertisement | 38 | struct GNUNET_DNS_Advertisement |
39 | { | 39 | { |
40 | /** | 40 | /** |
41 | * Signature of the peer affirming that he is offering the service. | 41 | * Signature of the peer affirming that it is offering the service. |
42 | */ | 42 | */ |
43 | struct GNUNET_CRYPTO_EddsaSignature signature; | 43 | struct GNUNET_CRYPTO_EddsaSignature signature; |
44 | 44 | ||
diff --git a/src/include/gnunet_core_service.h b/src/include/gnunet_core_service.h index e25043d17..b38f38b69 100644 --- a/src/include/gnunet_core_service.h +++ b/src/include/gnunet_core_service.h | |||
@@ -232,7 +232,7 @@ enum GNUNET_CORE_KxState | |||
232 | 232 | ||
233 | /** | 233 | /** |
234 | * The other peer has confirmed our session key + PING with a PONG | 234 | * The other peer has confirmed our session key + PING with a PONG |
235 | * message encrypted with his session key (which we got). Key | 235 | * message encrypted with their session key (which we got). Key |
236 | * exchange is done. | 236 | * exchange is done. |
237 | */ | 237 | */ |
238 | GNUNET_CORE_KX_STATE_UP, | 238 | GNUNET_CORE_KX_STATE_UP, |
diff --git a/src/include/gnunet_os_lib.h b/src/include/gnunet_os_lib.h index 86957a25c..98469a156 100644 --- a/src/include/gnunet_os_lib.h +++ b/src/include/gnunet_os_lib.h | |||
@@ -556,7 +556,7 @@ GNUNET_OS_command_run (GNUNET_OS_LineProcessor proc, | |||
556 | 556 | ||
557 | 557 | ||
558 | /** | 558 | /** |
559 | * Retrieve the status of a process, waiting on him if dead. | 559 | * Retrieve the status of a process, waiting on it if dead. |
560 | * Nonblocking version. | 560 | * Nonblocking version. |
561 | * | 561 | * |
562 | * @param proc pointer to process structure | 562 | * @param proc pointer to process structure |
@@ -586,7 +586,7 @@ GNUNET_OS_process_wait (struct GNUNET_OS_Process *proc); | |||
586 | 586 | ||
587 | 587 | ||
588 | /** | 588 | /** |
589 | * Retrieve the status of a process, waiting on him if dead. | 589 | * Retrieve the status of a process, waiting on it if dead. |
590 | * Blocking version. | 590 | * Blocking version. |
591 | * | 591 | * |
592 | * @param proc pointer to process structure | 592 | * @param proc pointer to process structure |
diff --git a/src/include/gnunet_psyc_service.h b/src/include/gnunet_psyc_service.h index f31de0e67..053fe4495 100644 --- a/src/include/gnunet_psyc_service.h +++ b/src/include/gnunet_psyc_service.h | |||
@@ -135,7 +135,7 @@ enum GNUNET_PSYC_ChannelFlags | |||
135 | enum GNUNET_PSYC_Policy | 135 | enum GNUNET_PSYC_Policy |
136 | { | 136 | { |
137 | /** | 137 | /** |
138 | * Anyone can join the channel, without announcing his presence; | 138 | * Anyone can join the channel, without announcing their presence; |
139 | * all messages are always public and can be distributed freely. | 139 | * all messages are always public and can be distributed freely. |
140 | * Joins may be announced, but this is not required. | 140 | * Joins may be announced, but this is not required. |
141 | */ | 141 | */ |
diff --git a/src/include/gnunet_secretsharing_service.h b/src/include/gnunet_secretsharing_service.h index bd11df982..a3f44222e 100644 --- a/src/include/gnunet_secretsharing_service.h +++ b/src/include/gnunet_secretsharing_service.h | |||
@@ -248,7 +248,7 @@ GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey *publi | |||
248 | * published the same value, it will be decrypted. | 248 | * published the same value, it will be decrypted. |
249 | * | 249 | * |
250 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling | 250 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling |
251 | * peer may already have irrevocably contributed his share for the decryption of the value. | 251 | * peer may already have irrevocably contributed its share for the decryption of the value. |
252 | * | 252 | * |
253 | * @param cfg configuration to use | 253 | * @param cfg configuration to use |
254 | * @param share our secret share to use for decryption | 254 | * @param share our secret share to use for decryption |
@@ -273,7 +273,7 @@ GNUNET_SECRETSHARING_decrypt (const struct GNUNET_CONFIGURATION_Handle *cfg, | |||
273 | * Cancel a decryption. | 273 | * Cancel a decryption. |
274 | * | 274 | * |
275 | * The decrypt_cb is not called anymore, but the calling | 275 | * The decrypt_cb is not called anymore, but the calling |
276 | * peer may already have irrevocably contributed his share for the decryption of the value. | 276 | * peer may already have irrevocably contributed its share for the decryption of the value. |
277 | * | 277 | * |
278 | * @param dh to cancel | 278 | * @param dh to cancel |
279 | */ | 279 | */ |
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h index bc9e3dc16..d7accaf2c 100644 --- a/src/include/gnunet_signatures.h +++ b/src/include/gnunet_signatures.h | |||
@@ -134,7 +134,7 @@ extern "C" | |||
134 | 134 | ||
135 | /** | 135 | /** |
136 | * Accept state in regex DFA. Peer affirms that | 136 | * Accept state in regex DFA. Peer affirms that |
137 | * he offers the matching service. | 137 | * it offers the matching service. |
138 | */ | 138 | */ |
139 | #define GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT 18 | 139 | #define GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT 18 |
140 | 140 | ||
diff --git a/src/namestore/test_namestore_api_sqlite.conf b/src/namestore/test_namestore_api_sqlite.conf index 8c0e557e7..cd4822097 100644 --- a/src/namestore/test_namestore_api_sqlite.conf +++ b/src/namestore/test_namestore_api_sqlite.conf | |||
@@ -2,7 +2,7 @@ | |||
2 | 2 | ||
3 | [namestore] | 3 | [namestore] |
4 | DATABASE = sqlite | 4 | DATABASE = sqlite |
5 | PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/v_log | 5 | # PREFIX = valgrind --leak-check=full --track-origins=yes --log-file=/tmp/v_log |
6 | 6 | ||
7 | [namestore-sqlite] | 7 | [namestore-sqlite] |
8 | FILENAME = $GNUNET_TEST_HOME/namestore/sqlite_test.db | 8 | FILENAME = $GNUNET_TEST_HOME/namestore/sqlite_test.db |
diff --git a/src/nat/gnunet-helper-nat-server.c b/src/nat/gnunet-helper-nat-server.c index 44817ede7..c5c6b563e 100644 --- a/src/nat/gnunet-helper-nat-server.c +++ b/src/nat/gnunet-helper-nat-server.c | |||
@@ -683,7 +683,10 @@ main (int argc, | |||
683 | if (1 == getppid ()) /* Check the parent process id, if 1 the parent has died, so we should die too */ | 683 | if (1 == getppid ()) /* Check the parent process id, if 1 the parent has died, so we should die too */ |
684 | break; | 684 | break; |
685 | if (FD_ISSET (icmpsock, &rs)) | 685 | if (FD_ISSET (icmpsock, &rs)) |
686 | { | ||
686 | process_icmp_response (); | 687 | process_icmp_response (); |
688 | continue; | ||
689 | } | ||
687 | if (0 == (++alt % 2)) | 690 | if (0 == (++alt % 2)) |
688 | send_icmp_echo (&external); | 691 | send_icmp_echo (&external); |
689 | else | 692 | else |
diff --git a/src/rps/gnunet-rps.c b/src/rps/gnunet-rps.c index 739f71dac..b3785a733 100644 --- a/src/rps/gnunet-rps.c +++ b/src/rps/gnunet-rps.c | |||
@@ -150,6 +150,11 @@ run (void *cls, | |||
150 | static struct GNUNET_PeerIdentity zero_pid; | 150 | static struct GNUNET_PeerIdentity zero_pid; |
151 | 151 | ||
152 | rps_handle = GNUNET_RPS_connect (cfg); | 152 | rps_handle = GNUNET_RPS_connect (cfg); |
153 | if (NULL == rps_handle) | ||
154 | { | ||
155 | FPRINTF (stderr, "Failed to connect to the rps service\n"); | ||
156 | return; | ||
157 | } | ||
153 | 158 | ||
154 | if ((0 == memcmp (&zero_pid, &peer_id, sizeof (peer_id))) && | 159 | if ((0 == memcmp (&zero_pid, &peer_id, sizeof (peer_id))) && |
155 | (!view_update)) | 160 | (!view_update)) |
diff --git a/src/rps/gnunet-service-rps.c b/src/rps/gnunet-service-rps.c index 33d4e4fc3..84fb33be2 100644 --- a/src/rps/gnunet-service-rps.c +++ b/src/rps/gnunet-service-rps.c | |||
@@ -243,7 +243,7 @@ struct PeerContext | |||
243 | 243 | ||
244 | /** | 244 | /** |
245 | * This is pobably followed by 'statistical' data (when we first saw | 245 | * This is pobably followed by 'statistical' data (when we first saw |
246 | * him, how did we get his ID, how many pushes (in a timeinterval), | 246 | * it, how did we get its ID, how many pushes (in a timeinterval), |
247 | * ...) | 247 | * ...) |
248 | */ | 248 | */ |
249 | }; | 249 | }; |
@@ -724,7 +724,6 @@ mq_liveliness_check_successful (void *cls) | |||
724 | LOG (GNUNET_ERROR_TYPE_DEBUG, | 724 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
725 | "Liveliness check for peer %s was successfull\n", | 725 | "Liveliness check for peer %s was successfull\n", |
726 | GNUNET_i2s (&peer_ctx->peer_id)); | 726 | GNUNET_i2s (&peer_ctx->peer_id)); |
727 | //GNUNET_free (peer_ctx->liveliness_check_pending); | ||
728 | remove_pending_message (peer_ctx->liveliness_check_pending, GNUNET_YES); | 727 | remove_pending_message (peer_ctx->liveliness_check_pending, GNUNET_YES); |
729 | peer_ctx->liveliness_check_pending = NULL; | 728 | peer_ctx->liveliness_check_pending = NULL; |
730 | set_peer_live (peer_ctx); | 729 | set_peer_live (peer_ctx); |
@@ -747,10 +746,6 @@ check_peer_live (struct PeerContext *peer_ctx) | |||
747 | struct GNUNET_MQ_Envelope *ev; | 746 | struct GNUNET_MQ_Envelope *ev; |
748 | 747 | ||
749 | ev = GNUNET_MQ_msg_header (GNUNET_MESSAGE_TYPE_RPS_PP_CHECK_LIVE); | 748 | ev = GNUNET_MQ_msg_header (GNUNET_MESSAGE_TYPE_RPS_PP_CHECK_LIVE); |
750 | //peer_ctx->liveliness_check_pending = GNUNET_new (struct PendingMessage); | ||
751 | //peer_ctx->liveliness_check_pending->ev = ev; | ||
752 | //peer_ctx->liveliness_check_pending->peer_ctx = peer_ctx; | ||
753 | //peer_ctx->liveliness_check_pending->type = "Check liveliness"; | ||
754 | peer_ctx->liveliness_check_pending = | 749 | peer_ctx->liveliness_check_pending = |
755 | insert_pending_message (&peer_ctx->peer_id, ev, "Check liveliness"); | 750 | insert_pending_message (&peer_ctx->peer_id, ev, "Check liveliness"); |
756 | mq = get_mq (&peer_ctx->peer_id); | 751 | mq = get_mq (&peer_ctx->peer_id); |
@@ -1261,6 +1256,13 @@ Peers_remove_peer (const struct GNUNET_PeerIdentity *peer) | |||
1261 | "Removing unsent %s\n", | 1256 | "Removing unsent %s\n", |
1262 | peer_ctx->pending_messages_head->type); | 1257 | peer_ctx->pending_messages_head->type); |
1263 | /* Cancle pending message, too */ | 1258 | /* Cancle pending message, too */ |
1259 | if ( (NULL != peer_ctx->liveliness_check_pending) && | ||
1260 | (0 == memcmp (peer_ctx->pending_messages_head, | ||
1261 | peer_ctx->liveliness_check_pending, | ||
1262 | sizeof (struct PendingMessage))) ) | ||
1263 | { | ||
1264 | peer_ctx->liveliness_check_pending = NULL; | ||
1265 | } | ||
1264 | remove_pending_message (peer_ctx->pending_messages_head, GNUNET_YES); | 1266 | remove_pending_message (peer_ctx->pending_messages_head, GNUNET_YES); |
1265 | } | 1267 | } |
1266 | /* If we are still waiting for notification whether this peer is live | 1268 | /* If we are still waiting for notification whether this peer is live |
@@ -1272,7 +1274,7 @@ Peers_remove_peer (const struct GNUNET_PeerIdentity *peer) | |||
1272 | GNUNET_i2s (&peer_ctx->peer_id)); | 1274 | GNUNET_i2s (&peer_ctx->peer_id)); |
1273 | // TODO wait until cadet sets mq->cancel_impl | 1275 | // TODO wait until cadet sets mq->cancel_impl |
1274 | //GNUNET_MQ_send_cancel (peer_ctx->liveliness_check_pending->ev); | 1276 | //GNUNET_MQ_send_cancel (peer_ctx->liveliness_check_pending->ev); |
1275 | GNUNET_free (peer_ctx->liveliness_check_pending); | 1277 | remove_pending_message (peer_ctx->liveliness_check_pending, GNUNET_YES); |
1276 | peer_ctx->liveliness_check_pending = NULL; | 1278 | peer_ctx->liveliness_check_pending = NULL; |
1277 | } | 1279 | } |
1278 | channel_flag = Peers_get_channel_flag (peer, Peers_CHANNEL_ROLE_SENDING); | 1280 | channel_flag = Peers_get_channel_flag (peer, Peers_CHANNEL_ROLE_SENDING); |
@@ -2733,7 +2735,7 @@ cleanup_destroyed_channel (void *cls, | |||
2733 | return; | 2735 | return; |
2734 | } | 2736 | } |
2735 | else | 2737 | else |
2736 | { /* Other peer destroyed our sending channel that he is supposed to keep | 2738 | { /* Other peer destroyed our sending channel that it is supposed to keep |
2737 | * open. It probably went down. Remove it from our knowledge. */ | 2739 | * open. It probably went down. Remove it from our knowledge. */ |
2738 | Peers_cleanup_destroyed_channel (cls, channel); | 2740 | Peers_cleanup_destroyed_channel (cls, channel); |
2739 | remove_peer (peer); | 2741 | remove_peer (peer); |
@@ -3214,6 +3216,10 @@ handle_peer_push (void *cls, | |||
3214 | tmp_att_peer); | 3216 | tmp_att_peer); |
3215 | add_peer_array_to_set (peer, 1, att_peer_set); | 3217 | add_peer_array_to_set (peer, 1, att_peer_set); |
3216 | } | 3218 | } |
3219 | else | ||
3220 | { | ||
3221 | GNUNET_free (tmp_att_peer); | ||
3222 | } | ||
3217 | } | 3223 | } |
3218 | 3224 | ||
3219 | 3225 | ||
@@ -3592,6 +3598,7 @@ handle_client_act_malicious (void *cls, | |||
3592 | 3598 | ||
3593 | num_mal_peers_sent = ntohl (msg->num_peers) - 1; | 3599 | num_mal_peers_sent = ntohl (msg->num_peers) - 1; |
3594 | num_mal_peers_old = num_mal_peers; | 3600 | num_mal_peers_old = num_mal_peers; |
3601 | GNUNET_assert (GNUNET_MAX_MALLOC_CHECKED > num_mal_peers_sent); | ||
3595 | GNUNET_array_grow (mal_peers, | 3602 | GNUNET_array_grow (mal_peers, |
3596 | num_mal_peers, | 3603 | num_mal_peers, |
3597 | num_mal_peers + num_mal_peers_sent); | 3604 | num_mal_peers + num_mal_peers_sent); |
diff --git a/src/rps/test_rps.c b/src/rps/test_rps.c index e7b82458a..08424022f 100644 --- a/src/rps/test_rps.c +++ b/src/rps/test_rps.c | |||
@@ -841,6 +841,13 @@ seed_peers (void *cls) | |||
841 | unsigned int amount; | 841 | unsigned int amount; |
842 | unsigned int i; | 842 | unsigned int i; |
843 | 843 | ||
844 | if (GNUNET_YES == in_shutdown || GNUNET_YES == post_test) | ||
845 | { | ||
846 | return; | ||
847 | } | ||
848 | |||
849 | GNUNET_assert (NULL != peer->rps_handle); | ||
850 | |||
844 | // TODO if malicious don't seed mal peers | 851 | // TODO if malicious don't seed mal peers |
845 | amount = round (.5 * num_peers); | 852 | amount = round (.5 * num_peers); |
846 | 853 | ||
@@ -998,9 +1005,11 @@ rps_connect_adapter (void *cls, | |||
998 | struct GNUNET_RPS_Handle *h; | 1005 | struct GNUNET_RPS_Handle *h; |
999 | 1006 | ||
1000 | h = GNUNET_RPS_connect (cfg); | 1007 | h = GNUNET_RPS_connect (cfg); |
1008 | GNUNET_assert (NULL != h); | ||
1001 | 1009 | ||
1002 | if (NULL != cur_test_run.pre_test) | 1010 | if (NULL != cur_test_run.pre_test) |
1003 | cur_test_run.pre_test (cls, h); | 1011 | cur_test_run.pre_test (cls, h); |
1012 | GNUNET_assert (NULL != h); | ||
1004 | 1013 | ||
1005 | return h; | 1014 | return h; |
1006 | } | 1015 | } |
diff --git a/src/secretsharing/gnunet-service-secretsharing.c b/src/secretsharing/gnunet-service-secretsharing.c index 505af0fba..1f565cfeb 100644 --- a/src/secretsharing/gnunet-service-secretsharing.c +++ b/src/secretsharing/gnunet-service-secretsharing.c | |||
@@ -51,7 +51,7 @@ struct KeygenPeerInfo | |||
51 | struct GNUNET_CRYPTO_PaillierPublicKey paillier_public_key; | 51 | struct GNUNET_CRYPTO_PaillierPublicKey paillier_public_key; |
52 | 52 | ||
53 | /** | 53 | /** |
54 | * The peer's commitment to his presecret. | 54 | * The peer's commitment to its presecret. |
55 | */ | 55 | */ |
56 | gcry_mpi_t presecret_commitment; | 56 | gcry_mpi_t presecret_commitment; |
57 | 57 | ||
diff --git a/src/secretsharing/secretsharing_api.c b/src/secretsharing/secretsharing_api.c index cfb13f520..2a828f08d 100644 --- a/src/secretsharing/secretsharing_api.c +++ b/src/secretsharing/secretsharing_api.c | |||
@@ -314,7 +314,7 @@ handle_decrypt_done (void *cls, | |||
314 | * published the same value, it will be decrypted. | 314 | * published the same value, it will be decrypted. |
315 | * | 315 | * |
316 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling | 316 | * When the operation is canceled, the decrypt_cb is not called anymore, but the calling |
317 | * peer may already have irrevocably contributed his share for the decryption of the value. | 317 | * peer may already have irrevocably contributed its share for the decryption of the value. |
318 | * | 318 | * |
319 | * @param share our secret share to use for decryption | 319 | * @param share our secret share to use for decryption |
320 | * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree) | 320 | * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree) |
@@ -485,7 +485,7 @@ GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey *publi | |||
485 | * Cancel a decryption. | 485 | * Cancel a decryption. |
486 | * | 486 | * |
487 | * The decrypt_cb is not called anymore, but the calling | 487 | * The decrypt_cb is not called anymore, but the calling |
488 | * peer may already have irrevocably contributed his share for the decryption of the value. | 488 | * peer may already have irrevocably contributed its share for the decryption of the value. |
489 | * | 489 | * |
490 | * @param dh to cancel | 490 | * @param dh to cancel |
491 | */ | 491 | */ |
diff --git a/src/secretsharing/secretsharing_protocol.h b/src/secretsharing/secretsharing_protocol.h index 7627deb30..da1454ec0 100644 --- a/src/secretsharing/secretsharing_protocol.h +++ b/src/secretsharing/secretsharing_protocol.h | |||
@@ -58,7 +58,7 @@ struct GNUNET_SECRETSHARING_KeygenCommitData | |||
58 | */ | 58 | */ |
59 | struct GNUNET_CRYPTO_PaillierPublicKey pubkey; | 59 | struct GNUNET_CRYPTO_PaillierPublicKey pubkey; |
60 | /** | 60 | /** |
61 | * Commitment of 'peer' to his presecret. | 61 | * Commitment of 'peer' to its presecret. |
62 | */ | 62 | */ |
63 | struct GNUNET_HashCode commitment GNUNET_PACKED; | 63 | struct GNUNET_HashCode commitment GNUNET_PACKED; |
64 | }; | 64 | }; |
diff --git a/src/set/gnunet-service-set.h b/src/set/gnunet-service-set.h index c9e59b441..f7c262eac 100644 --- a/src/set/gnunet-service-set.h +++ b/src/set/gnunet-service-set.h | |||
@@ -125,7 +125,7 @@ typedef struct OperationState * | |||
125 | * @param op operation that is created, should be initialized to | 125 | * @param op operation that is created, should be initialized to |
126 | * begin the evaluation | 126 | * begin the evaluation |
127 | * @param opaque_context message to be transmitted to the listener | 127 | * @param opaque_context message to be transmitted to the listener |
128 | * to convince him to accept, may be NULL | 128 | * to convince it to accept, may be NULL |
129 | * @return operation-specific state to keep in @a op | 129 | * @return operation-specific state to keep in @a op |
130 | */ | 130 | */ |
131 | typedef struct OperationState * | 131 | typedef struct OperationState * |
diff --git a/src/set/gnunet-service-set_intersection.c b/src/set/gnunet-service-set_intersection.c index 0561df406..254763b45 100644 --- a/src/set/gnunet-service-set_intersection.c +++ b/src/set/gnunet-service-set_intersection.c | |||
@@ -695,7 +695,7 @@ initialize_map_unfiltered (void *cls, | |||
695 | 695 | ||
696 | /** | 696 | /** |
697 | * Send our element count to the peer, in case our element count is | 697 | * Send our element count to the peer, in case our element count is |
698 | * lower than his. | 698 | * lower than theirs. |
699 | * | 699 | * |
700 | * @param op intersection operation | 700 | * @param op intersection operation |
701 | */ | 701 | */ |
@@ -1077,7 +1077,7 @@ handle_intersection_p2p_done (void *cls, | |||
1077 | * @param op operation that is created, should be initialized to | 1077 | * @param op operation that is created, should be initialized to |
1078 | * begin the evaluation | 1078 | * begin the evaluation |
1079 | * @param opaque_context message to be transmitted to the listener | 1079 | * @param opaque_context message to be transmitted to the listener |
1080 | * to convince him to accept, may be NULL | 1080 | * to convince it to accept, may be NULL |
1081 | * @return operation-specific state to keep in @a op | 1081 | * @return operation-specific state to keep in @a op |
1082 | */ | 1082 | */ |
1083 | static struct OperationState * | 1083 | static struct OperationState * |
diff --git a/src/set/gnunet-service-set_union.c b/src/set/gnunet-service-set_union.c index 7af220374..c3c14f1ba 100644 --- a/src/set/gnunet-service-set_union.c +++ b/src/set/gnunet-service-set_union.c | |||
@@ -2149,7 +2149,7 @@ handle_union_p2p_done (void *cls, | |||
2149 | * | 2149 | * |
2150 | * We should notify the active peer once | 2150 | * We should notify the active peer once |
2151 | * all our demands are satisfied, so that the active | 2151 | * all our demands are satisfied, so that the active |
2152 | * peer can quit if we gave him everything. | 2152 | * peer can quit if we gave it everything. |
2153 | */ | 2153 | */ |
2154 | GNUNET_CADET_receive_done (op->channel); | 2154 | GNUNET_CADET_receive_done (op->channel); |
2155 | maybe_finish (op); | 2155 | maybe_finish (op); |
@@ -2194,7 +2194,7 @@ handle_union_p2p_over (void *cls, | |||
2194 | * | 2194 | * |
2195 | * @param op operation to perform (to be initialized) | 2195 | * @param op operation to perform (to be initialized) |
2196 | * @param opaque_context message to be transmitted to the listener | 2196 | * @param opaque_context message to be transmitted to the listener |
2197 | * to convince him to accept, may be NULL | 2197 | * to convince it to accept, may be NULL |
2198 | */ | 2198 | */ |
2199 | static struct OperationState * | 2199 | static struct OperationState * |
2200 | union_evaluate (struct Operation *op, | 2200 | union_evaluate (struct Operation *op, |
diff --git a/src/topology/gnunet-daemon-topology.c b/src/topology/gnunet-daemon-topology.c index 829fb5352..f7a4e4525 100644 --- a/src/topology/gnunet-daemon-topology.c +++ b/src/topology/gnunet-daemon-topology.c | |||
@@ -111,7 +111,7 @@ struct Peer | |||
111 | uint32_t strength; | 111 | uint32_t strength; |
112 | 112 | ||
113 | /** | 113 | /** |
114 | * Is this peer listed here because he is a friend? | 114 | * Is this peer listed here because it is a friend? |
115 | */ | 115 | */ |
116 | int is_friend; | 116 | int is_friend; |
117 | 117 | ||
diff --git a/src/transport/gnunet-service-transport.c b/src/transport/gnunet-service-transport.c index 6ebc6da8c..8c4f33fd0 100644 --- a/src/transport/gnunet-service-transport.c +++ b/src/transport/gnunet-service-transport.c | |||
@@ -612,7 +612,7 @@ notify_client_about_neighbour (void *cls, | |||
612 | 612 | ||
613 | /** | 613 | /** |
614 | * Initialize a normal client. We got a start message from this | 614 | * Initialize a normal client. We got a start message from this |
615 | * client, add him to the list of clients for broadcasting of inbound | 615 | * client, add it to the list of clients for broadcasting of inbound |
616 | * messages. | 616 | * messages. |
617 | * | 617 | * |
618 | * @param cls the client | 618 | * @param cls the client |
@@ -2173,7 +2173,7 @@ test_connection_ok (void *cls, | |||
2173 | 2173 | ||
2174 | /** | 2174 | /** |
2175 | * Initialize a blacklisting client. We got a blacklist-init | 2175 | * Initialize a blacklisting client. We got a blacklist-init |
2176 | * message from this client, add him to the list of clients | 2176 | * message from this client, add it to the list of clients |
2177 | * to query for blacklisting. | 2177 | * to query for blacklisting. |
2178 | * | 2178 | * |
2179 | * @param cls the client | 2179 | * @param cls the client |
diff --git a/src/transport/gnunet-service-transport_neighbours.c b/src/transport/gnunet-service-transport_neighbours.c index b1f3965ad..3965bc13e 100644 --- a/src/transport/gnunet-service-transport_neighbours.c +++ b/src/transport/gnunet-service-transport_neighbours.c | |||
@@ -179,7 +179,7 @@ struct GNUNET_ATS_SessionQuotaMessage | |||
179 | 179 | ||
180 | 180 | ||
181 | /** | 181 | /** |
182 | * Message we send to the other peer to notify him that we intentionally | 182 | * Message we send to the other peer to notify it that we intentionally |
183 | * are disconnecting (to reduce timeouts). This is just a friendly | 183 | * are disconnecting (to reduce timeouts). This is just a friendly |
184 | * notification, peers must not rely on always receiving disconnect | 184 | * notification, peers must not rely on always receiving disconnect |
185 | * messages. | 185 | * messages. |
@@ -3081,7 +3081,7 @@ master_task (void *cls) | |||
3081 | 3081 | ||
3082 | /** | 3082 | /** |
3083 | * Send a ACK message to the neighbour to confirm that we | 3083 | * Send a ACK message to the neighbour to confirm that we |
3084 | * got his SYN_ACK. | 3084 | * got its SYN_ACK. |
3085 | * | 3085 | * |
3086 | * @param n neighbour to send the ACK to | 3086 | * @param n neighbour to send the ACK to |
3087 | */ | 3087 | */ |
diff --git a/src/transport/transport.conf.in b/src/transport/transport.conf.in index 4185acc29..c6b207ad7 100644 --- a/src/transport/transport.conf.in +++ b/src/transport/transport.conf.in | |||
@@ -9,7 +9,8 @@ BINARY = gnunet-service-transport | |||
9 | NEIGHBOUR_LIMIT = 50 | 9 | NEIGHBOUR_LIMIT = 50 |
10 | ACCEPT_FROM = 127.0.0.1; | 10 | ACCEPT_FROM = 127.0.0.1; |
11 | ACCEPT_FROM6 = ::1; | 11 | ACCEPT_FROM6 = ::1; |
12 | PLUGINS = tcp udp | 12 | # TCP is the only transport plugin known to work "reliably" |
13 | PLUGINS = tcp | ||
13 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport.sock | 14 | UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport.sock |
14 | BLACKLIST_FILE = $GNUNET_CONFIG_HOME/transport/blacklist | 15 | BLACKLIST_FILE = $GNUNET_CONFIG_HOME/transport/blacklist |
15 | UNIX_MATCH_UID = NO | 16 | UNIX_MATCH_UID = NO |
diff --git a/src/util/common_allocation.c b/src/util/common_allocation.c index fc7953df2..53e1a6707 100644 --- a/src/util/common_allocation.c +++ b/src/util/common_allocation.c | |||
@@ -486,7 +486,6 @@ GNUNET_asprintf (char **buf, | |||
486 | *buf = GNUNET_malloc (ret + 1); | 486 | *buf = GNUNET_malloc (ret + 1); |
487 | va_start (args, format); | 487 | va_start (args, format); |
488 | ret = VSPRINTF (*buf, format, args); | 488 | ret = VSPRINTF (*buf, format, args); |
489 | GNUNET_free (buf); | ||
490 | va_end (args); | 489 | va_end (args); |
491 | return ret; | 490 | return ret; |
492 | } | 491 | } |
diff --git a/src/util/disk.c b/src/util/disk.c index 26b615df9..e0227be70 100644 --- a/src/util/disk.c +++ b/src/util/disk.c | |||
@@ -605,7 +605,6 @@ GNUNET_DISK_mktemp (const char *t) | |||
605 | umask (omask); | 605 | umask (omask); |
606 | if (0 != CLOSE (fd)) | 606 | if (0 != CLOSE (fd)) |
607 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "close", fn); | 607 | LOG_STRERROR_FILE (GNUNET_ERROR_TYPE_WARNING, "close", fn); |
608 | GNUNET_free (fn); | ||
609 | return fn; | 608 | return fn; |
610 | } | 609 | } |
611 | 610 | ||
diff --git a/src/util/os_priority.c b/src/util/os_priority.c index d13991334..a758f24f1 100644 --- a/src/util/os_priority.c +++ b/src/util/os_priority.c | |||
@@ -1588,7 +1588,7 @@ GNUNET_OS_start_process_s (int pipe_control, | |||
1588 | 1588 | ||
1589 | 1589 | ||
1590 | /** | 1590 | /** |
1591 | * Retrieve the status of a process, waiting on him if dead. | 1591 | * Retrieve the status of a process, waiting on it if dead. |
1592 | * Nonblocking version. | 1592 | * Nonblocking version. |
1593 | * | 1593 | * |
1594 | * @param proc process ID | 1594 | * @param proc process ID |
@@ -1705,7 +1705,7 @@ process_status (struct GNUNET_OS_Process *proc, | |||
1705 | 1705 | ||
1706 | 1706 | ||
1707 | /** | 1707 | /** |
1708 | * Retrieve the status of a process, waiting on him if dead. | 1708 | * Retrieve the status of a process, waiting on it if dead. |
1709 | * Nonblocking version. | 1709 | * Nonblocking version. |
1710 | * | 1710 | * |
1711 | * @param proc process ID | 1711 | * @param proc process ID |
@@ -1726,7 +1726,7 @@ GNUNET_OS_process_status (struct GNUNET_OS_Process *proc, | |||
1726 | 1726 | ||
1727 | 1727 | ||
1728 | /** | 1728 | /** |
1729 | * Retrieve the status of a process, waiting on him if dead. | 1729 | * Retrieve the status of a process, waiting on it if dead. |
1730 | * Blocking version. | 1730 | * Blocking version. |
1731 | * | 1731 | * |
1732 | * @param proc pointer to process structure | 1732 | * @param proc pointer to process structure |