summaryrefslogtreecommitdiff
path: root/src/cadet/gnunet-service-cadet_tunnels.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/cadet/gnunet-service-cadet_tunnels.c')
-rw-r--r--src/cadet/gnunet-service-cadet_tunnels.c3467
1 files changed, 1738 insertions, 1729 deletions
diff --git a/src/cadet/gnunet-service-cadet_tunnels.c b/src/cadet/gnunet-service-cadet_tunnels.c
index 11be2bce0..c73f8cdbe 100644
--- a/src/cadet/gnunet-service-cadet_tunnels.c
+++ b/src/cadet/gnunet-service-cadet_tunnels.c
@@ -11,12 +11,12 @@
11 WITHOUT ANY WARRANTY; without even the implied warranty of 11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details. 13 Affero General Public License for more details.
14 14
15 You should have received a copy of the GNU Affero General Public License 15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19*/ 19 */
20/** 20/**
21 * @file cadet/gnunet-service-cadet_tunnels.c 21 * @file cadet/gnunet-service-cadet_tunnels.c
22 * @brief Information we track per tunnel. 22 * @brief Information we track per tunnel.
@@ -42,7 +42,7 @@
42#include "gnunet-service-cadet_paths.h" 42#include "gnunet-service-cadet_paths.h"
43 43
44 44
45#define LOG(level, ...) GNUNET_log_from(level,"cadet-tun",__VA_ARGS__) 45#define LOG(level, ...) GNUNET_log_from(level, "cadet-tun", __VA_ARGS__)
46 46
47/** 47/**
48 * How often do we try to decrypt payload with unverified key 48 * How often do we try to decrypt payload with unverified key
@@ -77,8 +77,7 @@
77/** 77/**
78 * Struct to old keys for skipped messages while advancing the Axolotl ratchet. 78 * Struct to old keys for skipped messages while advancing the Axolotl ratchet.
79 */ 79 */
80struct CadetTunnelSkippedKey 80struct CadetTunnelSkippedKey {
81{
82 /** 81 /**
83 * DLL next. 82 * DLL next.
84 */ 83 */
@@ -114,8 +113,7 @@ struct CadetTunnelSkippedKey
114/** 113/**
115 * Axolotl data, according to https://github.com/trevp/axolotl/wiki . 114 * Axolotl data, according to https://github.com/trevp/axolotl/wiki .
116 */ 115 */
117struct CadetTunnelAxolotl 116struct CadetTunnelAxolotl {
118{
119 /** 117 /**
120 * A (double linked) list of stored message keys and associated header keys 118 * A (double linked) list of stored message keys and associated header keys
121 * for "skipped" messages, i.e. messages that have not been 119 * for "skipped" messages, i.e. messages that have not been
@@ -248,15 +246,13 @@ struct CadetTunnelAxolotl
248 * @e ratchet_allowed is #GNUNET_YES, we advance the ratchet. 246 * @e ratchet_allowed is #GNUNET_YES, we advance the ratchet.
249 */ 247 */
250 unsigned int ratchet_counter; 248 unsigned int ratchet_counter;
251
252}; 249};
253 250
254 251
255/** 252/**
256 * Struct used to save messages in a non-ready tunnel to send once connected. 253 * Struct used to save messages in a non-ready tunnel to send once connected.
257 */ 254 */
258struct CadetTunnelQueueEntry 255struct CadetTunnelQueueEntry {
259{
260 /** 256 /**
261 * We are entries in a DLL 257 * We are entries in a DLL
262 */ 258 */
@@ -298,8 +294,7 @@ struct CadetTunnelQueueEntry
298/** 294/**
299 * Struct containing all information regarding a tunnel to a peer. 295 * Struct containing all information regarding a tunnel to a peer.
300 */ 296 */
301struct CadetTunnel 297struct CadetTunnel {
302{
303 /** 298 /**
304 * Destination of the tunnel. 299 * Destination of the tunnel.
305 */ 300 */
@@ -454,7 +449,6 @@ struct CadetTunnel
454 * Force triggering KX_AUTH independent of @e estate. 449 * Force triggering KX_AUTH independent of @e estate.
455 */ 450 */
456 int kx_auth_requested; 451 int kx_auth_requested;
457
458}; 452};
459 453
460 454
@@ -465,19 +459,19 @@ struct CadetTunnel
465 * @return #GNUNET_YES for Alice, #GNUNET_NO for Betty, #GNUNET_SYSERR if talking to myself 459 * @return #GNUNET_YES for Alice, #GNUNET_NO for Betty, #GNUNET_SYSERR if talking to myself
466 */ 460 */
467static int 461static int
468alice_or_betty (const struct GNUNET_PeerIdentity *other) 462alice_or_betty(const struct GNUNET_PeerIdentity *other)
469{ 463{
470 if (0 > GNUNET_memcmp (&my_full_id, 464 if (0 > GNUNET_memcmp(&my_full_id,
471 other)) 465 other))
472 return GNUNET_YES; 466 return GNUNET_YES;
473 else if (0 < GNUNET_memcmp (&my_full_id, 467 else if (0 < GNUNET_memcmp(&my_full_id,
474 other)) 468 other))
475 return GNUNET_NO; 469 return GNUNET_NO;
476 else 470 else
477 { 471 {
478 GNUNET_break_op (0); 472 GNUNET_break_op(0);
479 return GNUNET_SYSERR; 473 return GNUNET_SYSERR;
480 } 474 }
481} 475}
482 476
483 477
@@ -488,20 +482,20 @@ alice_or_betty (const struct GNUNET_PeerIdentity *other)
488 * @param ct connection to move to unready status 482 * @param ct connection to move to unready status
489 */ 483 */
490static void 484static void
491mark_connection_unready (struct CadetTConnection *ct) 485mark_connection_unready(struct CadetTConnection *ct)
492{ 486{
493 struct CadetTunnel *t = ct->t; 487 struct CadetTunnel *t = ct->t;
494 488
495 GNUNET_assert (GNUNET_YES == ct->is_ready); 489 GNUNET_assert(GNUNET_YES == ct->is_ready);
496 GNUNET_CONTAINER_DLL_remove (t->connection_ready_head, 490 GNUNET_CONTAINER_DLL_remove(t->connection_ready_head,
497 t->connection_ready_tail, 491 t->connection_ready_tail,
498 ct); 492 ct);
499 GNUNET_assert (0 < t->num_ready_connections); 493 GNUNET_assert(0 < t->num_ready_connections);
500 t->num_ready_connections--; 494 t->num_ready_connections--;
501 ct->is_ready = GNUNET_NO; 495 ct->is_ready = GNUNET_NO;
502 GNUNET_CONTAINER_DLL_insert (t->connection_busy_head, 496 GNUNET_CONTAINER_DLL_insert(t->connection_busy_head,
503 t->connection_busy_tail, 497 t->connection_busy_tail,
504 ct); 498 ct);
505 t->num_busy_connections++; 499 t->num_busy_connections++;
506} 500}
507 501
@@ -514,16 +508,16 @@ mark_connection_unready (struct CadetTConnection *ct)
514 * @return Static string the destination peer's ID. 508 * @return Static string the destination peer's ID.
515 */ 509 */
516const char * 510const char *
517GCT_2s (const struct CadetTunnel *t) 511GCT_2s(const struct CadetTunnel *t)
518{ 512{
519 static char buf[64]; 513 static char buf[64];
520 514
521 if (NULL == t) 515 if (NULL == t)
522 return "Tunnel(NULL)"; 516 return "Tunnel(NULL)";
523 GNUNET_snprintf (buf, 517 GNUNET_snprintf(buf,
524 sizeof (buf), 518 sizeof(buf),
525 "Tunnel %s", 519 "Tunnel %s",
526 GNUNET_i2s (GCP_get_id (t->destination))); 520 GNUNET_i2s(GCP_get_id(t->destination)));
527 return buf; 521 return buf;
528} 522}
529 523
@@ -536,31 +530,37 @@ GCT_2s (const struct CadetTunnel *t)
536 * @return String representation. 530 * @return String representation.
537 */ 531 */
538static const char * 532static const char *
539estate2s (enum CadetTunnelEState es) 533estate2s(enum CadetTunnelEState es)
540{ 534{
541 static char buf[32]; 535 static char buf[32];
542 536
543 switch (es) 537 switch (es)
544 { 538 {
545 case CADET_TUNNEL_KEY_UNINITIALIZED: 539 case CADET_TUNNEL_KEY_UNINITIALIZED:
546 return "CADET_TUNNEL_KEY_UNINITIALIZED"; 540 return "CADET_TUNNEL_KEY_UNINITIALIZED";
547 case CADET_TUNNEL_KEY_AX_RECV: 541
548 return "CADET_TUNNEL_KEY_AX_RECV"; 542 case CADET_TUNNEL_KEY_AX_RECV:
549 case CADET_TUNNEL_KEY_AX_SENT: 543 return "CADET_TUNNEL_KEY_AX_RECV";
550 return "CADET_TUNNEL_KEY_AX_SENT"; 544
551 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: 545 case CADET_TUNNEL_KEY_AX_SENT:
552 return "CADET_TUNNEL_KEY_AX_SENT_AND_RECV"; 546 return "CADET_TUNNEL_KEY_AX_SENT";
553 case CADET_TUNNEL_KEY_AX_AUTH_SENT: 547
554 return "CADET_TUNNEL_KEY_AX_AUTH_SENT"; 548 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
555 case CADET_TUNNEL_KEY_OK: 549 return "CADET_TUNNEL_KEY_AX_SENT_AND_RECV";
556 return "CADET_TUNNEL_KEY_OK"; 550
557 default: 551 case CADET_TUNNEL_KEY_AX_AUTH_SENT:
558 GNUNET_snprintf (buf, 552 return "CADET_TUNNEL_KEY_AX_AUTH_SENT";
559 sizeof (buf), 553
560 "%u (UNKNOWN STATE)", 554 case CADET_TUNNEL_KEY_OK:
561 es); 555 return "CADET_TUNNEL_KEY_OK";
562 return buf; 556
563 } 557 default:
558 GNUNET_snprintf(buf,
559 sizeof(buf),
560 "%u (UNKNOWN STATE)",
561 es);
562 return buf;
563 }
564} 564}
565 565
566 566
@@ -571,7 +571,7 @@ estate2s (enum CadetTunnelEState es)
571 * @return the destination of the tunnel 571 * @return the destination of the tunnel
572 */ 572 */
573struct CadetPeer * 573struct CadetPeer *
574GCT_get_destination (struct CadetTunnel *t) 574GCT_get_destination(struct CadetTunnel *t)
575{ 575{
576 return t->destination; 576 return t->destination;
577} 577}
@@ -585,9 +585,9 @@ GCT_get_destination (struct CadetTunnel *t)
585 * @return Number of channels. 585 * @return Number of channels.
586 */ 586 */
587unsigned int 587unsigned int
588GCT_count_channels (struct CadetTunnel *t) 588GCT_count_channels(struct CadetTunnel *t)
589{ 589{
590 return GNUNET_CONTAINER_multihashmap32_size (t->channels); 590 return GNUNET_CONTAINER_multihashmap32_size(t->channels);
591} 591}
592 592
593 593
@@ -599,11 +599,11 @@ GCT_count_channels (struct CadetTunnel *t)
599 * @return NULL if channel does not exist 599 * @return NULL if channel does not exist
600 */ 600 */
601struct CadetChannel * 601struct CadetChannel *
602lookup_channel (struct CadetTunnel *t, 602lookup_channel(struct CadetTunnel *t,
603 struct GNUNET_CADET_ChannelTunnelNumber ctn) 603 struct GNUNET_CADET_ChannelTunnelNumber ctn)
604{ 604{
605 return GNUNET_CONTAINER_multihashmap32_get (t->channels, 605 return GNUNET_CONTAINER_multihashmap32_get(t->channels,
606 ntohl (ctn.cn)); 606 ntohl(ctn.cn));
607} 607}
608 608
609 609
@@ -615,7 +615,7 @@ lookup_channel (struct CadetTunnel *t,
615 * @return Number of connections created, either being established or ready. 615 * @return Number of connections created, either being established or ready.
616 */ 616 */
617unsigned int 617unsigned int
618GCT_count_any_connections (const struct CadetTunnel *t) 618GCT_count_any_connections(const struct CadetTunnel *t)
619{ 619{
620 return t->num_ready_connections + t->num_busy_connections; 620 return t->num_ready_connections + t->num_busy_connections;
621} 621}
@@ -629,12 +629,12 @@ GCT_count_any_connections (const struct CadetTunnel *t)
629 * @return NULL if we have no connection that is ready 629 * @return NULL if we have no connection that is ready
630 */ 630 */
631static struct CadetTConnection * 631static struct CadetTConnection *
632get_ready_connection (struct CadetTunnel *t) 632get_ready_connection(struct CadetTunnel *t)
633{ 633{
634 struct CadetTConnection *hd = t->connection_ready_head; 634 struct CadetTConnection *hd = t->connection_ready_head;
635 635
636 GNUNET_assert ( (NULL == hd) || 636 GNUNET_assert((NULL == hd) ||
637 (GNUNET_YES == hd->is_ready) ); 637 (GNUNET_YES == hd->is_ready));
638 return hd; 638 return hd;
639} 639}
640 640
@@ -647,7 +647,7 @@ get_ready_connection (struct CadetTunnel *t)
647 * @return Tunnel's encryption state. 647 * @return Tunnel's encryption state.
648 */ 648 */
649enum CadetTunnelEState 649enum CadetTunnelEState
650GCT_get_estate (struct CadetTunnel *t) 650GCT_get_estate(struct CadetTunnel *t)
651{ 651{
652 return t->estate; 652 return t->estate;
653} 653}
@@ -662,7 +662,7 @@ GCT_get_estate (struct CadetTunnel *t)
662 * @param cls the `struct CadetTunnel` to process messages on 662 * @param cls the `struct CadetTunnel` to process messages on
663 */ 663 */
664static void 664static void
665trigger_transmissions (void *cls); 665trigger_transmissions(void *cls);
666 666
667 667
668/* ************************************** start core crypto ***************************** */ 668/* ************************************** start core crypto ***************************** */
@@ -674,12 +674,12 @@ trigger_transmissions (void *cls);
674 * @param ax key material to update 674 * @param ax key material to update
675 */ 675 */
676static void 676static void
677new_ephemeral (struct CadetTunnelAxolotl *ax) 677new_ephemeral(struct CadetTunnelAxolotl *ax)
678{ 678{
679 LOG (GNUNET_ERROR_TYPE_DEBUG, 679 LOG(GNUNET_ERROR_TYPE_DEBUG,
680 "Creating new ephemeral ratchet key (DHRs)\n"); 680 "Creating new ephemeral ratchet key (DHRs)\n");
681 GNUNET_assert (GNUNET_OK == 681 GNUNET_assert(GNUNET_OK ==
682 GNUNET_CRYPTO_ecdhe_key_create2 (&ax->DHRs)); 682 GNUNET_CRYPTO_ecdhe_key_create2(&ax->DHRs));
683} 683}
684 684
685 685
@@ -693,31 +693,31 @@ new_ephemeral (struct CadetTunnelAxolotl *ax)
693 * @param hmac[out] Destination to store the HMAC. 693 * @param hmac[out] Destination to store the HMAC.
694 */ 694 */
695static void 695static void
696t_hmac (const void *plaintext, 696t_hmac(const void *plaintext,
697 size_t size, 697 size_t size,
698 uint32_t iv, 698 uint32_t iv,
699 const struct GNUNET_CRYPTO_SymmetricSessionKey *key, 699 const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
700 struct GNUNET_ShortHashCode *hmac) 700 struct GNUNET_ShortHashCode *hmac)
701{ 701{
702 static const char ctx[] = "cadet authentication key"; 702 static const char ctx[] = "cadet authentication key";
703 struct GNUNET_CRYPTO_AuthKey auth_key; 703 struct GNUNET_CRYPTO_AuthKey auth_key;
704 struct GNUNET_HashCode hash; 704 struct GNUNET_HashCode hash;
705 705
706 GNUNET_CRYPTO_hmac_derive_key (&auth_key, 706 GNUNET_CRYPTO_hmac_derive_key(&auth_key,
707 key, 707 key,
708 &iv, sizeof (iv), 708 &iv, sizeof(iv),
709 key, sizeof (*key), 709 key, sizeof(*key),
710 ctx, sizeof (ctx), 710 ctx, sizeof(ctx),
711 NULL); 711 NULL);
712 /* Two step: GNUNET_ShortHash is only 256 bits, 712 /* Two step: GNUNET_ShortHash is only 256 bits,
713 GNUNET_HashCode is 512, so we truncate. */ 713 GNUNET_HashCode is 512, so we truncate. */
714 GNUNET_CRYPTO_hmac (&auth_key, 714 GNUNET_CRYPTO_hmac(&auth_key,
715 plaintext, 715 plaintext,
716 size, 716 size,
717 &hash); 717 &hash);
718 GNUNET_memcpy (hmac, 718 GNUNET_memcpy(hmac,
719 &hash, 719 &hash,
720 sizeof (*hmac)); 720 sizeof(*hmac));
721} 721}
722 722
723 723
@@ -730,22 +730,22 @@ t_hmac (const void *plaintext,
730 * @param len Length of @a source. 730 * @param len Length of @a source.
731 */ 731 */
732static void 732static void
733t_ax_hmac_hash (const struct GNUNET_CRYPTO_SymmetricSessionKey *key, 733t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
734 struct GNUNET_HashCode *hash, 734 struct GNUNET_HashCode *hash,
735 const void *source, 735 const void *source,
736 unsigned int len) 736 unsigned int len)
737{ 737{
738 static const char ctx[] = "axolotl HMAC-HASH"; 738 static const char ctx[] = "axolotl HMAC-HASH";
739 struct GNUNET_CRYPTO_AuthKey auth_key; 739 struct GNUNET_CRYPTO_AuthKey auth_key;
740 740
741 GNUNET_CRYPTO_hmac_derive_key (&auth_key, 741 GNUNET_CRYPTO_hmac_derive_key(&auth_key,
742 key, 742 key,
743 ctx, sizeof (ctx), 743 ctx, sizeof(ctx),
744 NULL); 744 NULL);
745 GNUNET_CRYPTO_hmac (&auth_key, 745 GNUNET_CRYPTO_hmac(&auth_key,
746 source, 746 source,
747 len, 747 len,
748 hash); 748 hash);
749} 749}
750 750
751 751
@@ -758,22 +758,22 @@ t_ax_hmac_hash (const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
758 * @param len Length of @a source. 758 * @param len Length of @a source.
759 */ 759 */
760static void 760static void
761t_hmac_derive_key (const struct GNUNET_CRYPTO_SymmetricSessionKey *key, 761t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
762 struct GNUNET_CRYPTO_SymmetricSessionKey *out, 762 struct GNUNET_CRYPTO_SymmetricSessionKey *out,
763 const void *source, 763 const void *source,
764 unsigned int len) 764 unsigned int len)
765{ 765{
766 static const char ctx[] = "axolotl derive key"; 766 static const char ctx[] = "axolotl derive key";
767 struct GNUNET_HashCode h; 767 struct GNUNET_HashCode h;
768 768
769 t_ax_hmac_hash (key, 769 t_ax_hmac_hash(key,
770 &h, 770 &h,
771 source, 771 source,
772 len); 772 len);
773 GNUNET_CRYPTO_kdf (out, sizeof (*out), 773 GNUNET_CRYPTO_kdf(out, sizeof(*out),
774 ctx, sizeof (ctx), 774 ctx, sizeof(ctx),
775 &h, sizeof (h), 775 &h, sizeof(h),
776 NULL); 776 NULL);
777} 777}
778 778
779 779
@@ -786,78 +786,78 @@ t_hmac_derive_key (const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
786 * @param size Size of the buffers at @a src and @a dst 786 * @param size Size of the buffers at @a src and @a dst
787 */ 787 */
788static void 788static void
789t_ax_encrypt (struct CadetTunnelAxolotl *ax, 789t_ax_encrypt(struct CadetTunnelAxolotl *ax,
790 void *dst, 790 void *dst,
791 const void *src, 791 const void *src,
792 size_t size) 792 size_t size)
793{ 793{
794 struct GNUNET_CRYPTO_SymmetricSessionKey MK; 794 struct GNUNET_CRYPTO_SymmetricSessionKey MK;
795 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 795 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
796 size_t out_size; 796 size_t out_size;
797 797
798 ax->ratchet_counter++; 798 ax->ratchet_counter++;
799 if ( (GNUNET_YES == ax->ratchet_allowed) && 799 if ((GNUNET_YES == ax->ratchet_allowed) &&
800 ( (ratchet_messages <= ax->ratchet_counter) || 800 ((ratchet_messages <= ax->ratchet_counter) ||
801 (0 == GNUNET_TIME_absolute_get_remaining (ax->ratchet_expiration).rel_value_us)) ) 801 (0 == GNUNET_TIME_absolute_get_remaining(ax->ratchet_expiration).rel_value_us)))
802 { 802 {
803 ax->ratchet_flag = GNUNET_YES; 803 ax->ratchet_flag = GNUNET_YES;
804 } 804 }
805 if (GNUNET_YES == ax->ratchet_flag) 805 if (GNUNET_YES == ax->ratchet_flag)
806 { 806 {
807 /* Advance ratchet */ 807 /* Advance ratchet */
808 struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; 808 struct GNUNET_CRYPTO_SymmetricSessionKey keys[3];
809 struct GNUNET_HashCode dh; 809 struct GNUNET_HashCode dh;
810 struct GNUNET_HashCode hmac; 810 struct GNUNET_HashCode hmac;
811 static const char ctx[] = "axolotl ratchet"; 811 static const char ctx[] = "axolotl ratchet";
812 812
813 new_ephemeral (ax); 813 new_ephemeral(ax);
814 ax->HKs = ax->NHKs; 814 ax->HKs = ax->NHKs;
815 815
816 /* RK, NHKs, CKs = KDF( HMAC-HASH(RK, DH(DHRs, DHRr)) ) */ 816 /* RK, NHKs, CKs = KDF( HMAC-HASH(RK, DH(DHRs, DHRr)) ) */
817 GNUNET_CRYPTO_ecc_ecdh (&ax->DHRs, 817 GNUNET_CRYPTO_ecc_ecdh(&ax->DHRs,
818 &ax->DHRr, 818 &ax->DHRr,
819 &dh); 819 &dh);
820 t_ax_hmac_hash (&ax->RK, 820 t_ax_hmac_hash(&ax->RK,
821 &hmac, 821 &hmac,
822 &dh, 822 &dh,
823 sizeof (dh)); 823 sizeof(dh));
824 GNUNET_CRYPTO_kdf (keys, sizeof (keys), 824 GNUNET_CRYPTO_kdf(keys, sizeof(keys),
825 ctx, sizeof (ctx), 825 ctx, sizeof(ctx),
826 &hmac, sizeof (hmac), 826 &hmac, sizeof(hmac),
827 NULL); 827 NULL);
828 ax->RK = keys[0]; 828 ax->RK = keys[0];
829 ax->NHKs = keys[1]; 829 ax->NHKs = keys[1];
830 ax->CKs = keys[2]; 830 ax->CKs = keys[2];
831 831
832 ax->PNs = ax->Ns; 832 ax->PNs = ax->Ns;
833 ax->Ns = 0; 833 ax->Ns = 0;
834 ax->ratchet_flag = GNUNET_NO; 834 ax->ratchet_flag = GNUNET_NO;
835 ax->ratchet_allowed = GNUNET_NO; 835 ax->ratchet_allowed = GNUNET_NO;
836 ax->ratchet_counter = 0; 836 ax->ratchet_counter = 0;
837 ax->ratchet_expiration 837 ax->ratchet_expiration
838 = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get(), 838 = GNUNET_TIME_absolute_add(GNUNET_TIME_absolute_get(),
839 ratchet_time); 839 ratchet_time);
840 } 840 }
841 841
842 t_hmac_derive_key (&ax->CKs, 842 t_hmac_derive_key(&ax->CKs,
843 &MK, 843 &MK,
844 "0", 844 "0",
845 1); 845 1);
846 GNUNET_CRYPTO_symmetric_derive_iv (&iv, 846 GNUNET_CRYPTO_symmetric_derive_iv(&iv,
847 &MK, 847 &MK,
848 NULL, 0, 848 NULL, 0,
849 NULL); 849 NULL);
850 850
851 out_size = GNUNET_CRYPTO_symmetric_encrypt (src, 851 out_size = GNUNET_CRYPTO_symmetric_encrypt(src,
852 size, 852 size,
853 &MK, 853 &MK,
854 &iv, 854 &iv,
855 dst); 855 dst);
856 GNUNET_assert (size == out_size); 856 GNUNET_assert(size == out_size);
857 t_hmac_derive_key (&ax->CKs, 857 t_hmac_derive_key(&ax->CKs,
858 &ax->CKs, 858 &ax->CKs,
859 "1", 859 "1",
860 1); 860 1);
861} 861}
862 862
863 863
@@ -870,34 +870,34 @@ t_ax_encrypt (struct CadetTunnelAxolotl *ax,
870 * @param size Size of the @a src and @a dst buffers 870 * @param size Size of the @a src and @a dst buffers
871 */ 871 */
872static void 872static void
873t_ax_decrypt (struct CadetTunnelAxolotl *ax, 873t_ax_decrypt(struct CadetTunnelAxolotl *ax,
874 void *dst, 874 void *dst,
875 const void *src, 875 const void *src,
876 size_t size) 876 size_t size)
877{ 877{
878 struct GNUNET_CRYPTO_SymmetricSessionKey MK; 878 struct GNUNET_CRYPTO_SymmetricSessionKey MK;
879 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 879 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
880 size_t out_size; 880 size_t out_size;
881 881
882 t_hmac_derive_key (&ax->CKr, 882 t_hmac_derive_key(&ax->CKr,
883 &MK, 883 &MK,
884 "0", 884 "0",
885 1); 885 1);
886 GNUNET_CRYPTO_symmetric_derive_iv (&iv, 886 GNUNET_CRYPTO_symmetric_derive_iv(&iv,
887 &MK, 887 &MK,
888 NULL, 0, 888 NULL, 0,
889 NULL); 889 NULL);
890 GNUNET_assert (size >= sizeof (struct GNUNET_MessageHeader)); 890 GNUNET_assert(size >= sizeof(struct GNUNET_MessageHeader));
891 out_size = GNUNET_CRYPTO_symmetric_decrypt (src, 891 out_size = GNUNET_CRYPTO_symmetric_decrypt(src,
892 size, 892 size,
893 &MK, 893 &MK,
894 &iv, 894 &iv,
895 dst); 895 dst);
896 GNUNET_assert (out_size == size); 896 GNUNET_assert(out_size == size);
897 t_hmac_derive_key (&ax->CKr, 897 t_hmac_derive_key(&ax->CKr,
898 &ax->CKr, 898 &ax->CKr,
899 "1", 899 "1",
900 1); 900 1);
901} 901}
902 902
903 903
@@ -908,22 +908,22 @@ t_ax_decrypt (struct CadetTunnelAxolotl *ax,
908 * @param[in|out] msg Message whose header to encrypt. 908 * @param[in|out] msg Message whose header to encrypt.
909 */ 909 */
910static void 910static void
911t_h_encrypt (struct CadetTunnelAxolotl *ax, 911t_h_encrypt(struct CadetTunnelAxolotl *ax,
912 struct GNUNET_CADET_TunnelEncryptedMessage *msg) 912 struct GNUNET_CADET_TunnelEncryptedMessage *msg)
913{ 913{
914 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 914 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
915 size_t out_size; 915 size_t out_size;
916 916
917 GNUNET_CRYPTO_symmetric_derive_iv (&iv, 917 GNUNET_CRYPTO_symmetric_derive_iv(&iv,
918 &ax->HKs, 918 &ax->HKs,
919 NULL, 0, 919 NULL, 0,
920 NULL); 920 NULL);
921 out_size = GNUNET_CRYPTO_symmetric_encrypt (&msg->ax_header, 921 out_size = GNUNET_CRYPTO_symmetric_encrypt(&msg->ax_header,
922 sizeof (struct GNUNET_CADET_AxHeader), 922 sizeof(struct GNUNET_CADET_AxHeader),
923 &ax->HKs, 923 &ax->HKs,
924 &iv, 924 &iv,
925 &msg->ax_header); 925 &msg->ax_header);
926 GNUNET_assert (sizeof (struct GNUNET_CADET_AxHeader) == out_size); 926 GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == out_size);
927} 927}
928 928
929 929
@@ -935,23 +935,23 @@ t_h_encrypt (struct CadetTunnelAxolotl *ax,
935 * @param dst Where to decrypt header to. 935 * @param dst Where to decrypt header to.
936 */ 936 */
937static void 937static void
938t_h_decrypt (struct CadetTunnelAxolotl *ax, 938t_h_decrypt(struct CadetTunnelAxolotl *ax,
939 const struct GNUNET_CADET_TunnelEncryptedMessage *src, 939 const struct GNUNET_CADET_TunnelEncryptedMessage *src,
940 struct GNUNET_CADET_TunnelEncryptedMessage *dst) 940 struct GNUNET_CADET_TunnelEncryptedMessage *dst)
941{ 941{
942 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 942 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
943 size_t out_size; 943 size_t out_size;
944 944
945 GNUNET_CRYPTO_symmetric_derive_iv (&iv, 945 GNUNET_CRYPTO_symmetric_derive_iv(&iv,
946 &ax->HKr, 946 &ax->HKr,
947 NULL, 0, 947 NULL, 0,
948 NULL); 948 NULL);
949 out_size = GNUNET_CRYPTO_symmetric_decrypt (&src->ax_header.Ns, 949 out_size = GNUNET_CRYPTO_symmetric_decrypt(&src->ax_header.Ns,
950 sizeof (struct GNUNET_CADET_AxHeader), 950 sizeof(struct GNUNET_CADET_AxHeader),
951 &ax->HKr, 951 &ax->HKr,
952 &iv, 952 &iv,
953 &dst->ax_header.Ns); 953 &dst->ax_header.Ns);
954 GNUNET_assert (sizeof (struct GNUNET_CADET_AxHeader) == out_size); 954 GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == out_size);
955} 955}
956 956
957 957
@@ -962,13 +962,13 @@ t_h_decrypt (struct CadetTunnelAxolotl *ax,
962 * @param key Key to delete. 962 * @param key Key to delete.
963 */ 963 */
964static void 964static void
965delete_skipped_key (struct CadetTunnelAxolotl *ax, 965delete_skipped_key(struct CadetTunnelAxolotl *ax,
966 struct CadetTunnelSkippedKey *key) 966 struct CadetTunnelSkippedKey *key)
967{ 967{
968 GNUNET_CONTAINER_DLL_remove (ax->skipped_head, 968 GNUNET_CONTAINER_DLL_remove(ax->skipped_head,
969 ax->skipped_tail, 969 ax->skipped_tail,
970 key); 970 key);
971 GNUNET_free (key); 971 GNUNET_free(key);
972 ax->skipped--; 972 ax->skipped--;
973} 973}
974 974
@@ -984,10 +984,10 @@ delete_skipped_key (struct CadetTunnelAxolotl *ax,
984 * @return Size of the decrypted data, -1 if an error was encountered. 984 * @return Size of the decrypted data, -1 if an error was encountered.
985 */ 985 */
986static ssize_t 986static ssize_t
987try_old_ax_keys (struct CadetTunnelAxolotl *ax, 987try_old_ax_keys(struct CadetTunnelAxolotl *ax,
988 void *dst, 988 void *dst,
989 const struct GNUNET_CADET_TunnelEncryptedMessage *src, 989 const struct GNUNET_CADET_TunnelEncryptedMessage *src,
990 size_t size) 990 size_t size)
991{ 991{
992 struct CadetTunnelSkippedKey *key; 992 struct CadetTunnelSkippedKey *key;
993 struct GNUNET_ShortHashCode *hmac; 993 struct GNUNET_ShortHashCode *hmac;
@@ -999,70 +999,70 @@ try_old_ax_keys (struct CadetTunnelAxolotl *ax,
999 size_t len; 999 size_t len;
1000 unsigned int N; 1000 unsigned int N;
1001 1001
1002 LOG (GNUNET_ERROR_TYPE_DEBUG, 1002 LOG(GNUNET_ERROR_TYPE_DEBUG,
1003 "Trying skipped keys\n"); 1003 "Trying skipped keys\n");
1004 hmac = &plaintext_header.hmac; 1004 hmac = &plaintext_header.hmac;
1005 esize = size - sizeof (struct GNUNET_CADET_TunnelEncryptedMessage); 1005 esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage);
1006 1006
1007 /* Find a correct Header Key */ 1007 /* Find a correct Header Key */
1008 valid_HK = NULL; 1008 valid_HK = NULL;
1009 for (key = ax->skipped_head; NULL != key; key = key->next) 1009 for (key = ax->skipped_head; NULL != key; key = key->next)
1010 { 1010 {
1011 t_hmac (&src->ax_header, 1011 t_hmac(&src->ax_header,
1012 sizeof (struct GNUNET_CADET_AxHeader) + esize, 1012 sizeof(struct GNUNET_CADET_AxHeader) + esize,
1013 0, 1013 0,
1014 &key->HK, 1014 &key->HK,
1015 hmac); 1015 hmac);
1016 if (0 == GNUNET_memcmp (hmac, 1016 if (0 == GNUNET_memcmp(hmac,
1017 &src->hmac)) 1017 &src->hmac))
1018 { 1018 {
1019 valid_HK = &key->HK; 1019 valid_HK = &key->HK;
1020 break; 1020 break;
1021 }
1021 } 1022 }
1022 }
1023 if (NULL == key) 1023 if (NULL == key)
1024 return -1; 1024 return -1;
1025 1025
1026 /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */ 1026 /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */
1027 GNUNET_assert (size > sizeof (struct GNUNET_CADET_TunnelEncryptedMessage)); 1027 GNUNET_assert(size > sizeof(struct GNUNET_CADET_TunnelEncryptedMessage));
1028 len = size - sizeof (struct GNUNET_CADET_TunnelEncryptedMessage); 1028 len = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage);
1029 GNUNET_assert (len >= sizeof (struct GNUNET_MessageHeader)); 1029 GNUNET_assert(len >= sizeof(struct GNUNET_MessageHeader));
1030 1030
1031 /* Decrypt header */ 1031 /* Decrypt header */
1032 GNUNET_CRYPTO_symmetric_derive_iv (&iv, 1032 GNUNET_CRYPTO_symmetric_derive_iv(&iv,
1033 &key->HK, 1033 &key->HK,
1034 NULL, 0, 1034 NULL, 0,
1035 NULL); 1035 NULL);
1036 res = GNUNET_CRYPTO_symmetric_decrypt (&src->ax_header.Ns, 1036 res = GNUNET_CRYPTO_symmetric_decrypt(&src->ax_header.Ns,
1037 sizeof (struct GNUNET_CADET_AxHeader), 1037 sizeof(struct GNUNET_CADET_AxHeader),
1038 &key->HK, 1038 &key->HK,
1039 &iv, 1039 &iv,
1040 &plaintext_header.ax_header.Ns); 1040 &plaintext_header.ax_header.Ns);
1041 GNUNET_assert (sizeof (struct GNUNET_CADET_AxHeader) == res); 1041 GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == res);
1042 1042
1043 /* Find the correct message key */ 1043 /* Find the correct message key */
1044 N = ntohl (plaintext_header.ax_header.Ns); 1044 N = ntohl(plaintext_header.ax_header.Ns);
1045 while ( (NULL != key) && 1045 while ((NULL != key) &&
1046 (N != key->Kn) ) 1046 (N != key->Kn))
1047 key = key->next; 1047 key = key->next;
1048 if ( (NULL == key) || 1048 if ((NULL == key) ||
1049 (0 != GNUNET_memcmp (&key->HK, 1049 (0 != GNUNET_memcmp(&key->HK,
1050 valid_HK)) ) 1050 valid_HK)))
1051 return -1; 1051 return -1;
1052 1052
1053 /* Decrypt payload */ 1053 /* Decrypt payload */
1054 GNUNET_CRYPTO_symmetric_derive_iv (&iv, 1054 GNUNET_CRYPTO_symmetric_derive_iv(&iv,
1055 &key->MK, 1055 &key->MK,
1056 NULL, 1056 NULL,
1057 0, 1057 0,
1058 NULL); 1058 NULL);
1059 res = GNUNET_CRYPTO_symmetric_decrypt (&src[1], 1059 res = GNUNET_CRYPTO_symmetric_decrypt(&src[1],
1060 len, 1060 len,
1061 &key->MK, 1061 &key->MK,
1062 &iv, 1062 &iv,
1063 dst); 1063 dst);
1064 delete_skipped_key (ax, 1064 delete_skipped_key(ax,
1065 key); 1065 key);
1066 return res; 1066 return res;
1067} 1067}
1068 1068
@@ -1074,26 +1074,26 @@ try_old_ax_keys (struct CadetTunnelAxolotl *ax,
1074 * @param HKr Header Key to use. 1074 * @param HKr Header Key to use.
1075 */ 1075 */
1076static void 1076static void
1077store_skipped_key (struct CadetTunnelAxolotl *ax, 1077store_skipped_key(struct CadetTunnelAxolotl *ax,
1078 const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr) 1078 const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr)
1079{ 1079{
1080 struct CadetTunnelSkippedKey *key; 1080 struct CadetTunnelSkippedKey *key;
1081 1081
1082 key = GNUNET_new (struct CadetTunnelSkippedKey); 1082 key = GNUNET_new(struct CadetTunnelSkippedKey);
1083 key->timestamp = GNUNET_TIME_absolute_get (); 1083 key->timestamp = GNUNET_TIME_absolute_get();
1084 key->Kn = ax->Nr; 1084 key->Kn = ax->Nr;
1085 key->HK = ax->HKr; 1085 key->HK = ax->HKr;
1086 t_hmac_derive_key (&ax->CKr, 1086 t_hmac_derive_key(&ax->CKr,
1087 &key->MK, 1087 &key->MK,
1088 "0", 1088 "0",
1089 1); 1089 1);
1090 t_hmac_derive_key (&ax->CKr, 1090 t_hmac_derive_key(&ax->CKr,
1091 &ax->CKr, 1091 &ax->CKr,
1092 "1", 1092 "1",
1093 1); 1093 1);
1094 GNUNET_CONTAINER_DLL_insert (ax->skipped_head, 1094 GNUNET_CONTAINER_DLL_insert(ax->skipped_head,
1095 ax->skipped_tail, 1095 ax->skipped_tail,
1096 key); 1096 key);
1097 ax->skipped++; 1097 ax->skipped++;
1098 ax->Nr++; 1098 ax->Nr++;
1099} 1099}
@@ -1110,41 +1110,41 @@ store_skipped_key (struct CadetTunnelAxolotl *ax,
1110 * #GNUNET_SYSERR if an error ocurred (@a Np not expected). 1110 * #GNUNET_SYSERR if an error ocurred (@a Np not expected).
1111 */ 1111 */
1112static int 1112static int
1113store_ax_keys (struct CadetTunnelAxolotl *ax, 1113store_ax_keys(struct CadetTunnelAxolotl *ax,
1114 const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr, 1114 const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr,
1115 uint32_t Np) 1115 uint32_t Np)
1116{ 1116{
1117 int gap; 1117 int gap;
1118 1118
1119 gap = Np - ax->Nr; 1119 gap = Np - ax->Nr;
1120 LOG (GNUNET_ERROR_TYPE_DEBUG, 1120 LOG(GNUNET_ERROR_TYPE_DEBUG,
1121 "Storing skipped keys [%u, %u)\n", 1121 "Storing skipped keys [%u, %u)\n",
1122 ax->Nr, 1122 ax->Nr,
1123 Np); 1123 Np);
1124 if (MAX_KEY_GAP < gap) 1124 if (MAX_KEY_GAP < gap)
1125 { 1125 {
1126 /* Avoid DoS (forcing peer to do more than #MAX_KEY_GAP HMAC operations) */ 1126 /* Avoid DoS (forcing peer to do more than #MAX_KEY_GAP HMAC operations) */
1127 /* TODO: start new key exchange on return */ 1127 /* TODO: start new key exchange on return */
1128 GNUNET_break_op (0); 1128 GNUNET_break_op(0);
1129 LOG (GNUNET_ERROR_TYPE_WARNING, 1129 LOG(GNUNET_ERROR_TYPE_WARNING,
1130 "Got message %u, expected %u+\n", 1130 "Got message %u, expected %u+\n",
1131 Np, 1131 Np,
1132 ax->Nr); 1132 ax->Nr);
1133 return GNUNET_SYSERR; 1133 return GNUNET_SYSERR;
1134 } 1134 }
1135 if (0 > gap) 1135 if (0 > gap)
1136 { 1136 {
1137 /* Delayed message: don't store keys, flag to try old keys. */ 1137 /* Delayed message: don't store keys, flag to try old keys. */
1138 return GNUNET_SYSERR; 1138 return GNUNET_SYSERR;
1139 } 1139 }
1140 1140
1141 while (ax->Nr < Np) 1141 while (ax->Nr < Np)
1142 store_skipped_key (ax, 1142 store_skipped_key(ax,
1143 HKr); 1143 HKr);
1144 1144
1145 while (ax->skipped > MAX_SKIPPED_KEYS) 1145 while (ax->skipped > MAX_SKIPPED_KEYS)
1146 delete_skipped_key (ax, 1146 delete_skipped_key(ax,
1147 ax->skipped_tail); 1147 ax->skipped_tail);
1148 return GNUNET_OK; 1148 return GNUNET_OK;
1149} 1149}
1150 1150
@@ -1160,10 +1160,10 @@ store_ax_keys (struct CadetTunnelAxolotl *ax,
1160 * @return Size of the decrypted data, -1 if an error was encountered. 1160 * @return Size of the decrypted data, -1 if an error was encountered.
1161 */ 1161 */
1162static ssize_t 1162static ssize_t
1163t_ax_decrypt_and_validate (struct CadetTunnelAxolotl *ax, 1163t_ax_decrypt_and_validate(struct CadetTunnelAxolotl *ax,
1164 void *dst, 1164 void *dst,
1165 const struct GNUNET_CADET_TunnelEncryptedMessage *src, 1165 const struct GNUNET_CADET_TunnelEncryptedMessage *src,
1166 size_t size) 1166 size_t size)
1167{ 1167{
1168 struct GNUNET_ShortHashCode msg_hmac; 1168 struct GNUNET_ShortHashCode msg_hmac;
1169 struct GNUNET_HashCode hmac; 1169 struct GNUNET_HashCode hmac;
@@ -1172,93 +1172,93 @@ t_ax_decrypt_and_validate (struct CadetTunnelAxolotl *ax,
1172 uint32_t PNp; 1172 uint32_t PNp;
1173 size_t esize; /* Size of encryped payload */ 1173 size_t esize; /* Size of encryped payload */
1174 1174
1175 esize = size - sizeof (struct GNUNET_CADET_TunnelEncryptedMessage); 1175 esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage);
1176 1176
1177 /* Try current HK */ 1177 /* Try current HK */
1178 t_hmac (&src->ax_header, 1178 t_hmac(&src->ax_header,
1179 sizeof (struct GNUNET_CADET_AxHeader) + esize, 1179 sizeof(struct GNUNET_CADET_AxHeader) + esize,
1180 0, &ax->HKr, 1180 0, &ax->HKr,
1181 &msg_hmac); 1181 &msg_hmac);
1182 if (0 != GNUNET_memcmp (&msg_hmac, 1182 if (0 != GNUNET_memcmp(&msg_hmac,
1183 &src->hmac)) 1183 &src->hmac))
1184 {
1185 static const char ctx[] = "axolotl ratchet";
1186 struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; /* RKp, NHKp, CKp */
1187 struct GNUNET_CRYPTO_SymmetricSessionKey HK;
1188 struct GNUNET_HashCode dh;
1189 struct GNUNET_CRYPTO_EcdhePublicKey *DHRp;
1190
1191 /* Try Next HK */
1192 t_hmac (&src->ax_header,
1193 sizeof (struct GNUNET_CADET_AxHeader) + esize,
1194 0,
1195 &ax->NHKr,
1196 &msg_hmac);
1197 if (0 != GNUNET_memcmp (&msg_hmac,
1198 &src->hmac))
1199 { 1184 {
1200 /* Try the skipped keys, if that fails, we're out of luck. */ 1185 static const char ctx[] = "axolotl ratchet";
1201 return try_old_ax_keys (ax, 1186 struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; /* RKp, NHKp, CKp */
1202 dst, 1187 struct GNUNET_CRYPTO_SymmetricSessionKey HK;
1203 src, 1188 struct GNUNET_HashCode dh;
1204 size); 1189 struct GNUNET_CRYPTO_EcdhePublicKey *DHRp;
1205 } 1190
1206 HK = ax->HKr; 1191 /* Try Next HK */
1207 ax->HKr = ax->NHKr; 1192 t_hmac(&src->ax_header,
1208 t_h_decrypt (ax, 1193 sizeof(struct GNUNET_CADET_AxHeader) + esize,
1209 src, 1194 0,
1210 &plaintext_header); 1195 &ax->NHKr,
1211 Np = ntohl (plaintext_header.ax_header.Ns); 1196 &msg_hmac);
1212 PNp = ntohl (plaintext_header.ax_header.PNs); 1197 if (0 != GNUNET_memcmp(&msg_hmac,
1213 DHRp = &plaintext_header.ax_header.DHRs; 1198 &src->hmac))
1214 store_ax_keys (ax, 1199 {
1215 &HK, 1200 /* Try the skipped keys, if that fails, we're out of luck. */
1216 PNp); 1201 return try_old_ax_keys(ax,
1217 1202 dst,
1218 /* RKp, NHKp, CKp = KDF (HMAC-HASH (RK, DH (DHRp, DHRs))) */ 1203 src,
1219 GNUNET_CRYPTO_ecc_ecdh (&ax->DHRs, 1204 size);
1220 DHRp, 1205 }
1221 &dh); 1206 HK = ax->HKr;
1222 t_ax_hmac_hash (&ax->RK, 1207 ax->HKr = ax->NHKr;
1223 &hmac, 1208 t_h_decrypt(ax,
1224 &dh, sizeof (dh)); 1209 src,
1225 GNUNET_CRYPTO_kdf (keys, sizeof (keys), 1210 &plaintext_header);
1226 ctx, sizeof (ctx), 1211 Np = ntohl(plaintext_header.ax_header.Ns);
1227 &hmac, sizeof (hmac), 1212 PNp = ntohl(plaintext_header.ax_header.PNs);
1228 NULL); 1213 DHRp = &plaintext_header.ax_header.DHRs;
1229 1214 store_ax_keys(ax,
1230 /* Commit "purported" keys */ 1215 &HK,
1231 ax->RK = keys[0]; 1216 PNp);
1232 ax->NHKr = keys[1]; 1217
1233 ax->CKr = keys[2]; 1218 /* RKp, NHKp, CKp = KDF (HMAC-HASH (RK, DH (DHRp, DHRs))) */
1234 ax->DHRr = *DHRp; 1219 GNUNET_CRYPTO_ecc_ecdh(&ax->DHRs,
1235 ax->Nr = 0; 1220 DHRp,
1236 ax->ratchet_allowed = GNUNET_YES; 1221 &dh);
1237 } 1222 t_ax_hmac_hash(&ax->RK,
1223 &hmac,
1224 &dh, sizeof(dh));
1225 GNUNET_CRYPTO_kdf(keys, sizeof(keys),
1226 ctx, sizeof(ctx),
1227 &hmac, sizeof(hmac),
1228 NULL);
1229
1230 /* Commit "purported" keys */
1231 ax->RK = keys[0];
1232 ax->NHKr = keys[1];
1233 ax->CKr = keys[2];
1234 ax->DHRr = *DHRp;
1235 ax->Nr = 0;
1236 ax->ratchet_allowed = GNUNET_YES;
1237 }
1238 else 1238 else
1239 { 1239 {
1240 t_h_decrypt (ax, 1240 t_h_decrypt(ax,
1241 src, 1241 src,
1242 &plaintext_header); 1242 &plaintext_header);
1243 Np = ntohl (plaintext_header.ax_header.Ns); 1243 Np = ntohl(plaintext_header.ax_header.Ns);
1244 PNp = ntohl (plaintext_header.ax_header.PNs); 1244 PNp = ntohl(plaintext_header.ax_header.PNs);
1245 } 1245 }
1246 if ( (Np != ax->Nr) && 1246 if ((Np != ax->Nr) &&
1247 (GNUNET_OK != store_ax_keys (ax, 1247 (GNUNET_OK != store_ax_keys(ax,
1248 &ax->HKr, 1248 &ax->HKr,
1249 Np)) ) 1249 Np)))
1250 { 1250 {
1251 /* Try the skipped keys, if that fails, we're out of luck. */ 1251 /* Try the skipped keys, if that fails, we're out of luck. */
1252 return try_old_ax_keys (ax, 1252 return try_old_ax_keys(ax,
1253 dst, 1253 dst,
1254 src, 1254 src,
1255 size); 1255 size);
1256 } 1256 }
1257 1257
1258 t_ax_decrypt (ax, 1258 t_ax_decrypt(ax,
1259 dst, 1259 dst,
1260 &src[1], 1260 &src[1],
1261 esize); 1261 esize);
1262 ax->Nr = Np + 1; 1262 ax->Nr = Np + 1;
1263 return esize; 1263 return esize;
1264} 1264}
@@ -1274,13 +1274,13 @@ t_ax_decrypt_and_validate (struct CadetTunnelAxolotl *ax,
1274 * @return #GNUNET_OK (continue to iterate) 1274 * @return #GNUNET_OK (continue to iterate)
1275 */ 1275 */
1276static int 1276static int
1277notify_tunnel_up_cb (void *cls, 1277notify_tunnel_up_cb(void *cls,
1278 uint32_t key, 1278 uint32_t key,
1279 void *value) 1279 void *value)
1280{ 1280{
1281 struct CadetChannel *ch = value; 1281 struct CadetChannel *ch = value;
1282 1282
1283 GCCH_tunnel_up (ch); 1283 GCCH_tunnel_up(ch);
1284 return GNUNET_OK; 1284 return GNUNET_OK;
1285} 1285}
1286 1286
@@ -1293,35 +1293,35 @@ notify_tunnel_up_cb (void *cls,
1293 * @param state New encryption state. 1293 * @param state New encryption state.
1294 */ 1294 */
1295void 1295void
1296GCT_change_estate (struct CadetTunnel *t, 1296GCT_change_estate(struct CadetTunnel *t,
1297 enum CadetTunnelEState state) 1297 enum CadetTunnelEState state)
1298{ 1298{
1299 enum CadetTunnelEState old = t->estate; 1299 enum CadetTunnelEState old = t->estate;
1300 1300
1301 t->estate = state; 1301 t->estate = state;
1302 LOG (GNUNET_ERROR_TYPE_DEBUG, 1302 LOG(GNUNET_ERROR_TYPE_DEBUG,
1303 "%s estate changed from %s to %s\n", 1303 "%s estate changed from %s to %s\n",
1304 GCT_2s (t), 1304 GCT_2s(t),
1305 estate2s (old), 1305 estate2s(old),
1306 estate2s (state)); 1306 estate2s(state));
1307 1307
1308 if ( (CADET_TUNNEL_KEY_OK != old) && 1308 if ((CADET_TUNNEL_KEY_OK != old) &&
1309 (CADET_TUNNEL_KEY_OK == t->estate) ) 1309 (CADET_TUNNEL_KEY_OK == t->estate))
1310 { 1310 {
1311 if (NULL != t->kx_task) 1311 if (NULL != t->kx_task)
1312 { 1312 {
1313 GNUNET_SCHEDULER_cancel (t->kx_task); 1313 GNUNET_SCHEDULER_cancel(t->kx_task);
1314 t->kx_task = NULL; 1314 t->kx_task = NULL;
1315 }
1316 /* notify all channels that have been waiting */
1317 GNUNET_CONTAINER_multihashmap32_iterate(t->channels,
1318 &notify_tunnel_up_cb,
1319 t);
1320 if (NULL != t->send_task)
1321 GNUNET_SCHEDULER_cancel(t->send_task);
1322 t->send_task = GNUNET_SCHEDULER_add_now(&trigger_transmissions,
1323 t);
1315 } 1324 }
1316 /* notify all channels that have been waiting */
1317 GNUNET_CONTAINER_multihashmap32_iterate (t->channels,
1318 &notify_tunnel_up_cb,
1319 t);
1320 if (NULL != t->send_task)
1321 GNUNET_SCHEDULER_cancel (t->send_task);
1322 t->send_task = GNUNET_SCHEDULER_add_now (&trigger_transmissions,
1323 t);
1324 }
1325} 1325}
1326 1326
1327 1327
@@ -1334,63 +1334,63 @@ GCT_change_estate (struct CadetTunnel *t,
1334 * @param ax axolotl key context to use 1334 * @param ax axolotl key context to use
1335 */ 1335 */
1336static void 1336static void
1337send_kx (struct CadetTunnel *t, 1337send_kx(struct CadetTunnel *t,
1338 struct CadetTConnection *ct, 1338 struct CadetTConnection *ct,
1339 struct CadetTunnelAxolotl *ax) 1339 struct CadetTunnelAxolotl *ax)
1340{ 1340{
1341 struct CadetConnection *cc; 1341 struct CadetConnection *cc;
1342 struct GNUNET_MQ_Envelope *env; 1342 struct GNUNET_MQ_Envelope *env;
1343 struct GNUNET_CADET_TunnelKeyExchangeMessage *msg; 1343 struct GNUNET_CADET_TunnelKeyExchangeMessage *msg;
1344 enum GNUNET_CADET_KX_Flags flags; 1344 enum GNUNET_CADET_KX_Flags flags;
1345 1345
1346 if (GNUNET_YES != alice_or_betty (GCP_get_id (t->destination))) 1346 if (GNUNET_YES != alice_or_betty(GCP_get_id(t->destination)))
1347 return; /* only Alice may send KX */ 1347 return; /* only Alice may send KX */
1348 if ( (NULL == ct) || 1348 if ((NULL == ct) ||
1349 (GNUNET_NO == ct->is_ready) ) 1349 (GNUNET_NO == ct->is_ready))
1350 ct = get_ready_connection (t); 1350 ct = get_ready_connection(t);
1351 if (NULL == ct) 1351 if (NULL == ct)
1352 { 1352 {
1353 LOG (GNUNET_ERROR_TYPE_DEBUG, 1353 LOG(GNUNET_ERROR_TYPE_DEBUG,
1354 "Wanted to send %s in state %s, but no connection is ready, deferring\n", 1354 "Wanted to send %s in state %s, but no connection is ready, deferring\n",
1355 GCT_2s (t), 1355 GCT_2s(t),
1356 estate2s (t->estate)); 1356 estate2s(t->estate));
1357 t->next_kx_attempt = GNUNET_TIME_absolute_get (); 1357 t->next_kx_attempt = GNUNET_TIME_absolute_get();
1358 return; 1358 return;
1359 } 1359 }
1360 cc = ct->cc; 1360 cc = ct->cc;
1361 env = GNUNET_MQ_msg (msg, 1361 env = GNUNET_MQ_msg(msg,
1362 GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX); 1362 GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX);
1363 flags = GNUNET_CADET_KX_FLAG_FORCE_REPLY; /* always for KX */ 1363 flags = GNUNET_CADET_KX_FLAG_FORCE_REPLY; /* always for KX */
1364 msg->flags = htonl (flags); 1364 msg->flags = htonl(flags);
1365 msg->cid = *GCC_get_id (cc); 1365 msg->cid = *GCC_get_id(cc);
1366 GNUNET_CRYPTO_ecdhe_key_get_public (&ax->kx_0, 1366 GNUNET_CRYPTO_ecdhe_key_get_public(&ax->kx_0,
1367 &msg->ephemeral_key); 1367 &msg->ephemeral_key);
1368#if DEBUG_KX 1368#if DEBUG_KX
1369 msg->ephemeral_key_XXX = ax->kx_0; 1369 msg->ephemeral_key_XXX = ax->kx_0;
1370 msg->private_key_XXX = *my_private_key; 1370 msg->private_key_XXX = *my_private_key;
1371#endif 1371#endif
1372 LOG (GNUNET_ERROR_TYPE_DEBUG, 1372 LOG(GNUNET_ERROR_TYPE_DEBUG,
1373 "Sending KX message to %s with ephemeral %s on CID %s\n", 1373 "Sending KX message to %s with ephemeral %s on CID %s\n",
1374 GCT_2s (t), 1374 GCT_2s(t),
1375 GNUNET_e2s (&msg->ephemeral_key), 1375 GNUNET_e2s(&msg->ephemeral_key),
1376 GNUNET_sh2s (&msg->cid.connection_of_tunnel)); 1376 GNUNET_sh2s(&msg->cid.connection_of_tunnel));
1377 GNUNET_CRYPTO_ecdhe_key_get_public (&ax->DHRs, 1377 GNUNET_CRYPTO_ecdhe_key_get_public(&ax->DHRs,
1378 &msg->ratchet_key); 1378 &msg->ratchet_key);
1379 mark_connection_unready (ct); 1379 mark_connection_unready(ct);
1380 t->kx_retry_delay = GNUNET_TIME_STD_BACKOFF (t->kx_retry_delay); 1380 t->kx_retry_delay = GNUNET_TIME_STD_BACKOFF(t->kx_retry_delay);
1381 t->next_kx_attempt = GNUNET_TIME_relative_to_absolute (t->kx_retry_delay); 1381 t->next_kx_attempt = GNUNET_TIME_relative_to_absolute(t->kx_retry_delay);
1382 if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) 1382 if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate)
1383 GCT_change_estate (t, 1383 GCT_change_estate(t,
1384 CADET_TUNNEL_KEY_AX_SENT); 1384 CADET_TUNNEL_KEY_AX_SENT);
1385 else if (CADET_TUNNEL_KEY_AX_RECV == t->estate) 1385 else if (CADET_TUNNEL_KEY_AX_RECV == t->estate)
1386 GCT_change_estate (t, 1386 GCT_change_estate(t,
1387 CADET_TUNNEL_KEY_AX_SENT_AND_RECV); 1387 CADET_TUNNEL_KEY_AX_SENT_AND_RECV);
1388 GCC_transmit (cc, 1388 GCC_transmit(cc,
1389 env); 1389 env);
1390 GNUNET_STATISTICS_update (stats, 1390 GNUNET_STATISTICS_update(stats,
1391 "# KX transmitted", 1391 "# KX transmitted",
1392 1, 1392 1,
1393 GNUNET_NO); 1393 GNUNET_NO);
1394} 1394}
1395 1395
1396 1396
@@ -1405,76 +1405,76 @@ send_kx (struct CadetTunnel *t,
1405 * (set if we would like to transmit right now, but cannot) 1405 * (set if we would like to transmit right now, but cannot)
1406 */ 1406 */
1407static void 1407static void
1408send_kx_auth (struct CadetTunnel *t, 1408send_kx_auth(struct CadetTunnel *t,
1409 struct CadetTConnection *ct, 1409 struct CadetTConnection *ct,
1410 struct CadetTunnelAxolotl *ax, 1410 struct CadetTunnelAxolotl *ax,
1411 int force_reply) 1411 int force_reply)
1412{ 1412{
1413 struct CadetConnection *cc; 1413 struct CadetConnection *cc;
1414 struct GNUNET_MQ_Envelope *env; 1414 struct GNUNET_MQ_Envelope *env;
1415 struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg; 1415 struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg;
1416 enum GNUNET_CADET_KX_Flags flags; 1416 enum GNUNET_CADET_KX_Flags flags;
1417 1417
1418 if ( (NULL == ct) || 1418 if ((NULL == ct) ||
1419 (GNUNET_NO == ct->is_ready) ) 1419 (GNUNET_NO == ct->is_ready))
1420 ct = get_ready_connection (t); 1420 ct = get_ready_connection(t);
1421 if (NULL == ct) 1421 if (NULL == ct)
1422 { 1422 {
1423 LOG (GNUNET_ERROR_TYPE_DEBUG, 1423 LOG(GNUNET_ERROR_TYPE_DEBUG,
1424 "Wanted to send KX_AUTH on %s, but no connection is ready, deferring\n", 1424 "Wanted to send KX_AUTH on %s, but no connection is ready, deferring\n",
1425 GCT_2s (t)); 1425 GCT_2s(t));
1426 t->next_kx_attempt = GNUNET_TIME_absolute_get (); 1426 t->next_kx_attempt = GNUNET_TIME_absolute_get();
1427 t->kx_auth_requested = GNUNET_YES; /* queue KX_AUTH independent of estate */ 1427 t->kx_auth_requested = GNUNET_YES; /* queue KX_AUTH independent of estate */
1428 return; 1428 return;
1429 } 1429 }
1430 t->kx_auth_requested = GNUNET_NO; /* clear flag */ 1430 t->kx_auth_requested = GNUNET_NO; /* clear flag */
1431 cc = ct->cc; 1431 cc = ct->cc;
1432 env = GNUNET_MQ_msg (msg, 1432 env = GNUNET_MQ_msg(msg,
1433 GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH); 1433 GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH);
1434 flags = GNUNET_CADET_KX_FLAG_NONE; 1434 flags = GNUNET_CADET_KX_FLAG_NONE;
1435 if (GNUNET_YES == force_reply) 1435 if (GNUNET_YES == force_reply)
1436 flags |= GNUNET_CADET_KX_FLAG_FORCE_REPLY; 1436 flags |= GNUNET_CADET_KX_FLAG_FORCE_REPLY;
1437 msg->kx.flags = htonl (flags); 1437 msg->kx.flags = htonl(flags);
1438 msg->kx.cid = *GCC_get_id (cc); 1438 msg->kx.cid = *GCC_get_id(cc);
1439 GNUNET_CRYPTO_ecdhe_key_get_public (&ax->kx_0, 1439 GNUNET_CRYPTO_ecdhe_key_get_public(&ax->kx_0,
1440 &msg->kx.ephemeral_key); 1440 &msg->kx.ephemeral_key);
1441 GNUNET_CRYPTO_ecdhe_key_get_public (&ax->DHRs, 1441 GNUNET_CRYPTO_ecdhe_key_get_public(&ax->DHRs,
1442 &msg->kx.ratchet_key); 1442 &msg->kx.ratchet_key);
1443#if DEBUG_KX 1443#if DEBUG_KX
1444 msg->kx.ephemeral_key_XXX = ax->kx_0; 1444 msg->kx.ephemeral_key_XXX = ax->kx_0;
1445 msg->kx.private_key_XXX = *my_private_key; 1445 msg->kx.private_key_XXX = *my_private_key;
1446 msg->r_ephemeral_key_XXX = ax->last_ephemeral; 1446 msg->r_ephemeral_key_XXX = ax->last_ephemeral;
1447#endif 1447#endif
1448 LOG (GNUNET_ERROR_TYPE_DEBUG, 1448 LOG(GNUNET_ERROR_TYPE_DEBUG,
1449 "Sending KX_AUTH message to %s with ephemeral %s on CID %s\n", 1449 "Sending KX_AUTH message to %s with ephemeral %s on CID %s\n",
1450 GCT_2s (t), 1450 GCT_2s(t),
1451 GNUNET_e2s (&msg->kx.ephemeral_key), 1451 GNUNET_e2s(&msg->kx.ephemeral_key),
1452 GNUNET_sh2s (&msg->kx.cid.connection_of_tunnel)); 1452 GNUNET_sh2s(&msg->kx.cid.connection_of_tunnel));
1453 1453
1454 /* Compute authenticator (this is the main difference to #send_kx()) */ 1454 /* Compute authenticator (this is the main difference to #send_kx()) */
1455 GNUNET_CRYPTO_hash (&ax->RK, 1455 GNUNET_CRYPTO_hash(&ax->RK,
1456 sizeof (ax->RK), 1456 sizeof(ax->RK),
1457 &msg->auth); 1457 &msg->auth);
1458 /* Compute when to be triggered again; actual job will 1458 /* Compute when to be triggered again; actual job will
1459 be scheduled via #connection_ready_cb() */ 1459 be scheduled via #connection_ready_cb() */
1460 t->kx_retry_delay 1460 t->kx_retry_delay
1461 = GNUNET_TIME_STD_BACKOFF (t->kx_retry_delay); 1461 = GNUNET_TIME_STD_BACKOFF(t->kx_retry_delay);
1462 t->next_kx_attempt 1462 t->next_kx_attempt
1463 = GNUNET_TIME_relative_to_absolute (t->kx_retry_delay); 1463 = GNUNET_TIME_relative_to_absolute(t->kx_retry_delay);
1464 1464
1465 /* Send via cc, mark it as unready */ 1465 /* Send via cc, mark it as unready */
1466 mark_connection_unready (ct); 1466 mark_connection_unready(ct);
1467 1467
1468 /* Update state machine, unless we are already OK */ 1468 /* Update state machine, unless we are already OK */
1469 if (CADET_TUNNEL_KEY_OK != t->estate) 1469 if (CADET_TUNNEL_KEY_OK != t->estate)
1470 GCT_change_estate (t, 1470 GCT_change_estate(t,
1471 CADET_TUNNEL_KEY_AX_AUTH_SENT); 1471 CADET_TUNNEL_KEY_AX_AUTH_SENT);
1472 GCC_transmit (cc, 1472 GCC_transmit(cc,
1473 env); 1473 env);
1474 GNUNET_STATISTICS_update (stats, 1474 GNUNET_STATISTICS_update(stats,
1475 "# KX_AUTH transmitted", 1475 "# KX_AUTH transmitted",
1476 1, 1476 1,
1477 GNUNET_NO); 1477 GNUNET_NO);
1478} 1478}
1479 1479
1480 1480
@@ -1484,14 +1484,14 @@ send_kx_auth (struct CadetTunnel *t,
1484 * @param ax state to free, but not memory of @a ax itself 1484 * @param ax state to free, but not memory of @a ax itself
1485 */ 1485 */
1486static void 1486static void
1487cleanup_ax (struct CadetTunnelAxolotl *ax) 1487cleanup_ax(struct CadetTunnelAxolotl *ax)
1488{ 1488{
1489 while (NULL != ax->skipped_head) 1489 while (NULL != ax->skipped_head)
1490 delete_skipped_key (ax, 1490 delete_skipped_key(ax,
1491 ax->skipped_head); 1491 ax->skipped_head);
1492 GNUNET_assert (0 == ax->skipped); 1492 GNUNET_assert(0 == ax->skipped);
1493 GNUNET_CRYPTO_ecdhe_key_clear (&ax->kx_0); 1493 GNUNET_CRYPTO_ecdhe_key_clear(&ax->kx_0);
1494 GNUNET_CRYPTO_ecdhe_key_clear (&ax->DHRs); 1494 GNUNET_CRYPTO_ecdhe_key_clear(&ax->DHRs);
1495} 1495}
1496 1496
1497 1497
@@ -1509,105 +1509,105 @@ cleanup_ax (struct CadetTunnelAxolotl *ax)
1509 * #GNUNET_SYSERR on hard errors (i.e. @a pid is #my_full_id) 1509 * #GNUNET_SYSERR on hard errors (i.e. @a pid is #my_full_id)
1510 */ 1510 */
1511static int 1511static int
1512update_ax_by_kx (struct CadetTunnelAxolotl *ax, 1512update_ax_by_kx(struct CadetTunnelAxolotl *ax,
1513 const struct GNUNET_PeerIdentity *pid, 1513 const struct GNUNET_PeerIdentity *pid,
1514 const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, 1514 const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key,
1515 const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key) 1515 const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key)
1516{ 1516{
1517 struct GNUNET_HashCode key_material[3]; 1517 struct GNUNET_HashCode key_material[3];
1518 struct GNUNET_CRYPTO_SymmetricSessionKey keys[5]; 1518 struct GNUNET_CRYPTO_SymmetricSessionKey keys[5];
1519 const char salt[] = "CADET Axolotl salt"; 1519 const char salt[] = "CADET Axolotl salt";
1520 int am_I_alice; 1520 int am_I_alice;
1521 1521
1522 if (GNUNET_SYSERR == (am_I_alice = alice_or_betty (pid))) 1522 if (GNUNET_SYSERR == (am_I_alice = alice_or_betty(pid)))
1523 { 1523 {
1524 GNUNET_break_op (0); 1524 GNUNET_break_op(0);
1525 return GNUNET_SYSERR; 1525 return GNUNET_SYSERR;
1526 } 1526 }
1527 if (0 == GNUNET_memcmp (&ax->DHRr, 1527 if (0 == GNUNET_memcmp(&ax->DHRr,
1528 ratchet_key)) 1528 ratchet_key))
1529 { 1529 {
1530 GNUNET_STATISTICS_update (stats, 1530 GNUNET_STATISTICS_update(stats,
1531 "# Ratchet key already known", 1531 "# Ratchet key already known",
1532 1, 1532 1,
1533 GNUNET_NO); 1533 GNUNET_NO);
1534 LOG (GNUNET_ERROR_TYPE_DEBUG, 1534 LOG(GNUNET_ERROR_TYPE_DEBUG,
1535 "Ratchet key already known. Ignoring KX.\n"); 1535 "Ratchet key already known. Ignoring KX.\n");
1536 return GNUNET_NO; 1536 return GNUNET_NO;
1537 } 1537 }
1538 1538
1539 ax->DHRr = *ratchet_key; 1539 ax->DHRr = *ratchet_key;
1540 ax->last_ephemeral = *ephemeral_key; 1540 ax->last_ephemeral = *ephemeral_key;
1541 /* ECDH A B0 */ 1541 /* ECDH A B0 */
1542 if (GNUNET_YES == am_I_alice) 1542 if (GNUNET_YES == am_I_alice)
1543 { 1543 {
1544 GNUNET_CRYPTO_eddsa_ecdh (my_private_key, /* a */ 1544 GNUNET_CRYPTO_eddsa_ecdh(my_private_key, /* a */
1545 ephemeral_key, /* B0 */ 1545 ephemeral_key, /* B0 */
1546 &key_material[0]); 1546 &key_material[0]);
1547 } 1547 }
1548 else 1548 else
1549 { 1549 {
1550 GNUNET_CRYPTO_ecdh_eddsa (&ax->kx_0, /* b0 */ 1550 GNUNET_CRYPTO_ecdh_eddsa(&ax->kx_0, /* b0 */
1551 &pid->public_key, /* A */ 1551 &pid->public_key, /* A */
1552 &key_material[0]); 1552 &key_material[0]);
1553 } 1553 }
1554 /* ECDH A0 B */ 1554 /* ECDH A0 B */
1555 if (GNUNET_YES == am_I_alice) 1555 if (GNUNET_YES == am_I_alice)
1556 { 1556 {
1557 GNUNET_CRYPTO_ecdh_eddsa (&ax->kx_0, /* a0 */ 1557 GNUNET_CRYPTO_ecdh_eddsa(&ax->kx_0, /* a0 */
1558 &pid->public_key, /* B */ 1558 &pid->public_key, /* B */
1559 &key_material[1]); 1559 &key_material[1]);
1560 } 1560 }
1561 else 1561 else
1562 { 1562 {
1563 GNUNET_CRYPTO_eddsa_ecdh (my_private_key, /* b */ 1563 GNUNET_CRYPTO_eddsa_ecdh(my_private_key, /* b */
1564 ephemeral_key, /* A0 */ 1564 ephemeral_key, /* A0 */
1565 &key_material[1]); 1565 &key_material[1]);
1566 } 1566 }
1567 1567
1568 /* ECDH A0 B0 */ 1568 /* ECDH A0 B0 */
1569 GNUNET_CRYPTO_ecc_ecdh (&ax->kx_0, /* a0 or b0 */ 1569 GNUNET_CRYPTO_ecc_ecdh(&ax->kx_0, /* a0 or b0 */
1570 ephemeral_key, /* B0 or A0 */ 1570 ephemeral_key, /* B0 or A0 */
1571 &key_material[2]); 1571 &key_material[2]);
1572 /* KDF */ 1572 /* KDF */
1573 GNUNET_CRYPTO_kdf (keys, sizeof (keys), 1573 GNUNET_CRYPTO_kdf(keys, sizeof(keys),
1574 salt, sizeof (salt), 1574 salt, sizeof(salt),
1575 &key_material, sizeof (key_material), 1575 &key_material, sizeof(key_material),
1576 NULL); 1576 NULL);
1577 1577
1578 if (0 == memcmp (&ax->RK, 1578 if (0 == memcmp(&ax->RK,
1579 &keys[0], 1579 &keys[0],
1580 sizeof (ax->RK))) 1580 sizeof(ax->RK)))
1581 { 1581 {
1582 LOG (GNUNET_ERROR_TYPE_DEBUG, 1582 LOG(GNUNET_ERROR_TYPE_DEBUG,
1583 "Root key already known. Ignoring KX.\n"); 1583 "Root key already known. Ignoring KX.\n");
1584 GNUNET_STATISTICS_update (stats, 1584 GNUNET_STATISTICS_update(stats,
1585 "# Root key already known", 1585 "# Root key already known",
1586 1, 1586 1,
1587 GNUNET_NO); 1587 GNUNET_NO);
1588 return GNUNET_NO; 1588 return GNUNET_NO;
1589 } 1589 }
1590 1590
1591 ax->RK = keys[0]; 1591 ax->RK = keys[0];
1592 if (GNUNET_YES == am_I_alice) 1592 if (GNUNET_YES == am_I_alice)
1593 { 1593 {
1594 ax->HKr = keys[1]; 1594 ax->HKr = keys[1];
1595 ax->NHKs = keys[2]; 1595 ax->NHKs = keys[2];
1596 ax->NHKr = keys[3]; 1596 ax->NHKr = keys[3];
1597 ax->CKr = keys[4]; 1597 ax->CKr = keys[4];
1598 ax->ratchet_flag = GNUNET_YES; 1598 ax->ratchet_flag = GNUNET_YES;
1599 } 1599 }
1600 else 1600 else
1601 { 1601 {
1602 ax->HKs = keys[1]; 1602 ax->HKs = keys[1];
1603 ax->NHKr = keys[2]; 1603 ax->NHKr = keys[2];
1604 ax->NHKs = keys[3]; 1604 ax->NHKs = keys[3];
1605 ax->CKs = keys[4]; 1605 ax->CKs = keys[4];
1606 ax->ratchet_flag = GNUNET_NO; 1606 ax->ratchet_flag = GNUNET_NO;
1607 ax->ratchet_expiration 1607 ax->ratchet_expiration
1608 = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get(), 1608 = GNUNET_TIME_absolute_add(GNUNET_TIME_absolute_get(),
1609 ratchet_time); 1609 ratchet_time);
1610 } 1610 }
1611 return GNUNET_OK; 1611 return GNUNET_OK;
1612} 1612}
1613 1613
@@ -1618,24 +1618,25 @@ update_ax_by_kx (struct CadetTunnelAxolotl *ax,
1618 * @param cls the `struct CadetTunnel` to do KX for. 1618 * @param cls the `struct CadetTunnel` to do KX for.
1619 */ 1619 */
1620static void 1620static void
1621retry_kx (void *cls) 1621retry_kx(void *cls)
1622{ 1622{
1623 struct CadetTunnel *t = cls; 1623 struct CadetTunnel *t = cls;
1624 struct CadetTunnelAxolotl *ax; 1624 struct CadetTunnelAxolotl *ax;
1625 1625
1626 t->kx_task = NULL; 1626 t->kx_task = NULL;
1627 LOG (GNUNET_ERROR_TYPE_DEBUG, 1627 LOG(GNUNET_ERROR_TYPE_DEBUG,
1628 "Trying to make KX progress on %s in state %s\n", 1628 "Trying to make KX progress on %s in state %s\n",
1629 GCT_2s (t), 1629 GCT_2s(t),
1630 estate2s (t->estate)); 1630 estate2s(t->estate));
1631 switch (t->estate) 1631 switch (t->estate)
1632 { 1632 {
1633 case CADET_TUNNEL_KEY_UNINITIALIZED: /* first attempt */ 1633 case CADET_TUNNEL_KEY_UNINITIALIZED: /* first attempt */
1634 case CADET_TUNNEL_KEY_AX_SENT: /* trying again */ 1634 case CADET_TUNNEL_KEY_AX_SENT: /* trying again */
1635 send_kx (t, 1635 send_kx(t,
1636 NULL, 1636 NULL,
1637 &t->ax); 1637 &t->ax);
1638 break; 1638 break;
1639
1639 case CADET_TUNNEL_KEY_AX_RECV: 1640 case CADET_TUNNEL_KEY_AX_RECV:
1640 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: 1641 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
1641 /* We are responding, so only require reply 1642 /* We are responding, so only require reply
@@ -1648,16 +1649,17 @@ retry_kx (void *cls)
1648 else 1649 else
1649 { 1650 {
1650 /* How can this be? */ 1651 /* How can this be? */
1651 GNUNET_break (0); 1652 GNUNET_break(0);
1652 ax = &t->ax; 1653 ax = &t->ax;
1653 } 1654 }
1654 send_kx_auth (t, 1655 send_kx_auth(t,
1655 NULL, 1656 NULL,
1656 ax, 1657 ax,
1657 (0 == GCT_count_channels (t)) 1658 (0 == GCT_count_channels(t))
1658 ? GNUNET_NO 1659 ? GNUNET_NO
1659 : GNUNET_YES); 1660 : GNUNET_YES);
1660 break; 1661 break;
1662
1661 case CADET_TUNNEL_KEY_AX_AUTH_SENT: 1663 case CADET_TUNNEL_KEY_AX_AUTH_SENT:
1662 /* We are responding, so only require reply 1664 /* We are responding, so only require reply
1663 if WE have a channel waiting. */ 1665 if WE have a channel waiting. */
@@ -1669,16 +1671,17 @@ retry_kx (void *cls)
1669 else 1671 else
1670 { 1672 {
1671 /* How can this be? */ 1673 /* How can this be? */
1672 GNUNET_break (0); 1674 GNUNET_break(0);
1673 ax = &t->ax; 1675 ax = &t->ax;
1674 } 1676 }
1675 send_kx_auth (t, 1677 send_kx_auth(t,
1676 NULL, 1678 NULL,
1677 ax, 1679 ax,
1678 (0 == GCT_count_channels (t)) 1680 (0 == GCT_count_channels(t))
1679 ? GNUNET_NO 1681 ? GNUNET_NO
1680 : GNUNET_YES); 1682 : GNUNET_YES);
1681 break; 1683 break;
1684
1682 case CADET_TUNNEL_KEY_OK: 1685 case CADET_TUNNEL_KEY_OK:
1683 /* Must have been the *other* peer asking us to 1686 /* Must have been the *other* peer asking us to
1684 respond with a KX_AUTH. */ 1687 respond with a KX_AUTH. */
@@ -1692,10 +1695,10 @@ retry_kx (void *cls)
1692 /* Sending AX_AUTH in response to AX_AUTH */ 1695 /* Sending AX_AUTH in response to AX_AUTH */
1693 ax = &t->ax; 1696 ax = &t->ax;
1694 } 1697 }
1695 send_kx_auth (t, 1698 send_kx_auth(t,
1696 NULL, 1699 NULL,
1697 ax, 1700 ax,
1698 GNUNET_NO); 1701 GNUNET_NO);
1699 break; 1702 break;
1700 } 1703 }
1701} 1704}
@@ -1710,101 +1713,101 @@ retry_kx (void *cls)
1710 * @param msg the key exchange message 1713 * @param msg the key exchange message
1711 */ 1714 */
1712void 1715void
1713GCT_handle_kx (struct CadetTConnection *ct, 1716GCT_handle_kx(struct CadetTConnection *ct,
1714 const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg) 1717 const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg)
1715{ 1718{
1716 struct CadetTunnel *t = ct->t; 1719 struct CadetTunnel *t = ct->t;
1717 int ret; 1720 int ret;
1718 1721
1719 GNUNET_STATISTICS_update (stats, 1722 GNUNET_STATISTICS_update(stats,
1720 "# KX received", 1723 "# KX received",
1721 1, 1724 1,
1722 GNUNET_NO); 1725 GNUNET_NO);
1723 if (GNUNET_YES == 1726 if (GNUNET_YES ==
1724 alice_or_betty (GCP_get_id (t->destination))) 1727 alice_or_betty(GCP_get_id(t->destination)))
1725 { 1728 {
1726 /* Betty/Bob is not allowed to send KX! */ 1729 /* Betty/Bob is not allowed to send KX! */
1727 GNUNET_break_op (0); 1730 GNUNET_break_op(0);
1728 return; 1731 return;
1729 } 1732 }
1730 LOG (GNUNET_ERROR_TYPE_DEBUG, 1733 LOG(GNUNET_ERROR_TYPE_DEBUG,
1731 "Received KX message from %s with ephemeral %s from %s on connection %s\n", 1734 "Received KX message from %s with ephemeral %s from %s on connection %s\n",
1732 GCT_2s (t), 1735 GCT_2s(t),
1733 GNUNET_e2s (&msg->ephemeral_key), 1736 GNUNET_e2s(&msg->ephemeral_key),
1734 GNUNET_i2s (GCP_get_id (t->destination)), 1737 GNUNET_i2s(GCP_get_id(t->destination)),
1735 GCC_2s (ct->cc)); 1738 GCC_2s(ct->cc));
1736#if 1 1739#if 1
1737 if ( (0 == 1740 if ((0 ==
1738 memcmp (&t->ax.DHRr, 1741 memcmp(&t->ax.DHRr,
1739 &msg->ratchet_key, 1742 &msg->ratchet_key,
1740 sizeof (msg->ratchet_key))) && 1743 sizeof(msg->ratchet_key))) &&
1741 (0 == 1744 (0 ==
1742 memcmp (&t->ax.last_ephemeral, 1745 memcmp(&t->ax.last_ephemeral,
1743 &msg->ephemeral_key, 1746 &msg->ephemeral_key,
1744 sizeof (msg->ephemeral_key))) ) 1747 sizeof(msg->ephemeral_key))))
1745 1748
1746 { 1749 {
1747 GNUNET_STATISTICS_update (stats, 1750 GNUNET_STATISTICS_update(stats,
1748 "# Duplicate KX received", 1751 "# Duplicate KX received",
1749 1, 1752 1,
1750 GNUNET_NO); 1753 GNUNET_NO);
1751 send_kx_auth (t, 1754 send_kx_auth(t,
1752 ct, 1755 ct,
1753 &t->ax, 1756 &t->ax,
1754 GNUNET_NO); 1757 GNUNET_NO);
1755 return; 1758 return;
1756 } 1759 }
1757#endif 1760#endif
1758 /* We only keep ONE unverified KX around, so if there is an existing one, 1761 /* We only keep ONE unverified KX around, so if there is an existing one,
1759 clean it up. */ 1762 clean it up. */
1760 if (NULL != t->unverified_ax) 1763 if (NULL != t->unverified_ax)
1761 { 1764 {
1762 if ( (0 == 1765 if ((0 ==
1763 memcmp (&t->unverified_ax->DHRr, 1766 memcmp(&t->unverified_ax->DHRr,
1764 &msg->ratchet_key, 1767 &msg->ratchet_key,
1765 sizeof (msg->ratchet_key))) && 1768 sizeof(msg->ratchet_key))) &&
1766 (0 == 1769 (0 ==
1767 memcmp (&t->unverified_ax->last_ephemeral, 1770 memcmp(&t->unverified_ax->last_ephemeral,
1768 &msg->ephemeral_key, 1771 &msg->ephemeral_key,
1769 sizeof (msg->ephemeral_key))) ) 1772 sizeof(msg->ephemeral_key))))
1770 { 1773 {
1771 GNUNET_STATISTICS_update (stats, 1774 GNUNET_STATISTICS_update(stats,
1772 "# Duplicate unverified KX received", 1775 "# Duplicate unverified KX received",
1773 1, 1776 1,
1774 GNUNET_NO); 1777 GNUNET_NO);
1775#if 1 1778#if 1
1776 send_kx_auth (t, 1779 send_kx_auth(t,
1777 ct, 1780 ct,
1778 t->unverified_ax, 1781 t->unverified_ax,
1779 GNUNET_NO); 1782 GNUNET_NO);
1780 return; 1783 return;
1781#endif 1784#endif
1785 }
1786 LOG(GNUNET_ERROR_TYPE_DEBUG,
1787 "Dropping old unverified KX state.\n");
1788 GNUNET_STATISTICS_update(stats,
1789 "# Unverified KX dropped for fresh KX",
1790 1,
1791 GNUNET_NO);
1792 GNUNET_break(NULL == t->unverified_ax->skipped_head);
1793 memset(t->unverified_ax,
1794 0,
1795 sizeof(struct CadetTunnelAxolotl));
1782 } 1796 }
1783 LOG (GNUNET_ERROR_TYPE_DEBUG,
1784 "Dropping old unverified KX state.\n");
1785 GNUNET_STATISTICS_update (stats,
1786 "# Unverified KX dropped for fresh KX",
1787 1,
1788 GNUNET_NO);
1789 GNUNET_break (NULL == t->unverified_ax->skipped_head);
1790 memset (t->unverified_ax,
1791 0,
1792 sizeof (struct CadetTunnelAxolotl));
1793 }
1794 else 1797 else
1795 { 1798 {
1796 LOG (GNUNET_ERROR_TYPE_DEBUG, 1799 LOG(GNUNET_ERROR_TYPE_DEBUG,
1797 "Creating fresh unverified KX for %s\n", 1800 "Creating fresh unverified KX for %s\n",
1798 GCT_2s (t)); 1801 GCT_2s(t));
1799 GNUNET_STATISTICS_update (stats, 1802 GNUNET_STATISTICS_update(stats,
1800 "# Fresh KX setup", 1803 "# Fresh KX setup",
1801 1, 1804 1,
1802 GNUNET_NO); 1805 GNUNET_NO);
1803 t->unverified_ax = GNUNET_new (struct CadetTunnelAxolotl); 1806 t->unverified_ax = GNUNET_new(struct CadetTunnelAxolotl);
1804 } 1807 }
1805 /* Set as the 'current' RK/DHRr the one we are currently using, 1808 /* Set as the 'current' RK/DHRr the one we are currently using,
1806 so that the duplicate-detection logic of 1809 so that the duplicate-detection logic of
1807 #update_ax_by_kx can work. */ 1810 #update_ax_by_kx can work. */
1808 t->unverified_ax->RK = t->ax.RK; 1811 t->unverified_ax->RK = t->ax.RK;
1809 t->unverified_ax->DHRr = t->ax.DHRr; 1812 t->unverified_ax->DHRr = t->ax.DHRr;
1810 t->unverified_ax->DHRs = t->ax.DHRs; 1813 t->unverified_ax->DHRs = t->ax.DHRs;
@@ -1812,101 +1815,101 @@ GCT_handle_kx (struct CadetTConnection *ct,
1812 t->unverified_attempts = 0; 1815 t->unverified_attempts = 0;
1813 1816
1814 /* Update 'ax' by the new key material */ 1817 /* Update 'ax' by the new key material */
1815 ret = update_ax_by_kx (t->unverified_ax, 1818 ret = update_ax_by_kx(t->unverified_ax,
1816 GCP_get_id (t->destination), 1819 GCP_get_id(t->destination),
1817 &msg->ephemeral_key, 1820 &msg->ephemeral_key,
1818 &msg->ratchet_key); 1821 &msg->ratchet_key);
1819 GNUNET_break (GNUNET_SYSERR != ret); 1822 GNUNET_break(GNUNET_SYSERR != ret);
1820 if (GNUNET_OK != ret) 1823 if (GNUNET_OK != ret)
1821 { 1824 {
1822 GNUNET_STATISTICS_update (stats, 1825 GNUNET_STATISTICS_update(stats,
1823 "# Useless KX", 1826 "# Useless KX",
1824 1, 1827 1,
1825 GNUNET_NO); 1828 GNUNET_NO);
1826 return; /* duplicate KX, nothing to do */ 1829 return; /* duplicate KX, nothing to do */
1827 } 1830 }
1828 /* move ahead in our state machine */ 1831 /* move ahead in our state machine */
1829 if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) 1832 if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate)
1830 GCT_change_estate (t, 1833 GCT_change_estate(t,
1831 CADET_TUNNEL_KEY_AX_RECV); 1834 CADET_TUNNEL_KEY_AX_RECV);
1832 else if (CADET_TUNNEL_KEY_AX_SENT == t->estate) 1835 else if (CADET_TUNNEL_KEY_AX_SENT == t->estate)
1833 GCT_change_estate (t, 1836 GCT_change_estate(t,
1834 CADET_TUNNEL_KEY_AX_SENT_AND_RECV); 1837 CADET_TUNNEL_KEY_AX_SENT_AND_RECV);
1835 1838
1836 /* KX is still not done, try again our end. */ 1839 /* KX is still not done, try again our end. */
1837 if (CADET_TUNNEL_KEY_OK != t->estate) 1840 if (CADET_TUNNEL_KEY_OK != t->estate)
1838 { 1841 {
1839 if (NULL != t->kx_task) 1842 if (NULL != t->kx_task)
1840 GNUNET_SCHEDULER_cancel (t->kx_task); 1843 GNUNET_SCHEDULER_cancel(t->kx_task);
1841 t->kx_task 1844 t->kx_task
1842 = GNUNET_SCHEDULER_add_now (&retry_kx, 1845 = GNUNET_SCHEDULER_add_now(&retry_kx,
1843 t); 1846 t);
1844 } 1847 }
1845} 1848}
1846 1849
1847 1850
1848#if DEBUG_KX 1851#if DEBUG_KX
1849static void 1852static void
1850check_ee (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, 1853check_ee(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1,
1851 const struct GNUNET_CRYPTO_EcdhePrivateKey *e2) 1854 const struct GNUNET_CRYPTO_EcdhePrivateKey *e2)
1852{ 1855{
1853 struct GNUNET_CRYPTO_EcdhePublicKey p1; 1856 struct GNUNET_CRYPTO_EcdhePublicKey p1;
1854 struct GNUNET_CRYPTO_EcdhePublicKey p2; 1857 struct GNUNET_CRYPTO_EcdhePublicKey p2;
1855 struct GNUNET_HashCode hc1; 1858 struct GNUNET_HashCode hc1;
1856 struct GNUNET_HashCode hc2; 1859 struct GNUNET_HashCode hc2;
1857 1860
1858 GNUNET_CRYPTO_ecdhe_key_get_public (e1, 1861 GNUNET_CRYPTO_ecdhe_key_get_public(e1,
1859 &p1); 1862 &p1);
1860 GNUNET_CRYPTO_ecdhe_key_get_public (e2, 1863 GNUNET_CRYPTO_ecdhe_key_get_public(e2,
1861 &p2); 1864 &p2);
1862 GNUNET_assert (GNUNET_OK == 1865 GNUNET_assert(GNUNET_OK ==
1863 GNUNET_CRYPTO_ecc_ecdh (e1, 1866 GNUNET_CRYPTO_ecc_ecdh(e1,
1864 &p2, 1867 &p2,
1865 &hc1)); 1868 &hc1));
1866 GNUNET_assert (GNUNET_OK == 1869 GNUNET_assert(GNUNET_OK ==
1867 GNUNET_CRYPTO_ecc_ecdh (e2, 1870 GNUNET_CRYPTO_ecc_ecdh(e2,
1868 &p1, 1871 &p1,
1869 &hc2)); 1872 &hc2));
1870 GNUNET_break (0 == GNUNET_memcmp (&hc1, 1873 GNUNET_break(0 == GNUNET_memcmp(&hc1,
1871 &hc2)); 1874 &hc2));
1872} 1875}
1873 1876
1874 1877
1875static void 1878static void
1876check_ed (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, 1879check_ed(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1,
1877 const struct GNUNET_CRYPTO_EddsaPrivateKey *e2) 1880 const struct GNUNET_CRYPTO_EddsaPrivateKey *e2)
1878{ 1881{
1879 struct GNUNET_CRYPTO_EcdhePublicKey p1; 1882 struct GNUNET_CRYPTO_EcdhePublicKey p1;
1880 struct GNUNET_CRYPTO_EddsaPublicKey p2; 1883 struct GNUNET_CRYPTO_EddsaPublicKey p2;
1881 struct GNUNET_HashCode hc1; 1884 struct GNUNET_HashCode hc1;
1882 struct GNUNET_HashCode hc2; 1885 struct GNUNET_HashCode hc2;
1883 1886
1884 GNUNET_CRYPTO_ecdhe_key_get_public (e1, 1887 GNUNET_CRYPTO_ecdhe_key_get_public(e1,
1885 &p1); 1888 &p1);
1886 GNUNET_CRYPTO_eddsa_key_get_public (e2, 1889 GNUNET_CRYPTO_eddsa_key_get_public(e2,
1887 &p2); 1890 &p2);
1888 GNUNET_assert (GNUNET_OK == 1891 GNUNET_assert(GNUNET_OK ==
1889 GNUNET_CRYPTO_ecdh_eddsa (e1, 1892 GNUNET_CRYPTO_ecdh_eddsa(e1,
1890 &p2, 1893 &p2,
1891 &hc1)); 1894 &hc1));
1892 GNUNET_assert (GNUNET_OK == 1895 GNUNET_assert(GNUNET_OK ==
1893 GNUNET_CRYPTO_eddsa_ecdh (e2, 1896 GNUNET_CRYPTO_eddsa_ecdh(e2,
1894 &p1, 1897 &p1,
1895 &hc2)); 1898 &hc2));
1896 GNUNET_break (0 == GNUNET_memcmp (&hc1, 1899 GNUNET_break(0 == GNUNET_memcmp(&hc1,
1897 &hc2)); 1900 &hc2));
1898} 1901}
1899 1902
1900 1903
1901static void 1904static void
1902test_crypto_bug (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, 1905test_crypto_bug(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1,
1903 const struct GNUNET_CRYPTO_EcdhePrivateKey *e2, 1906 const struct GNUNET_CRYPTO_EcdhePrivateKey *e2,
1904 const struct GNUNET_CRYPTO_EddsaPrivateKey *d1, 1907 const struct GNUNET_CRYPTO_EddsaPrivateKey *d1,
1905 const struct GNUNET_CRYPTO_EddsaPrivateKey *d2) 1908 const struct GNUNET_CRYPTO_EddsaPrivateKey *d2)
1906{ 1909{
1907 check_ee (e1, e2); 1910 check_ee(e1, e2);
1908 check_ed (e1, d2); 1911 check_ed(e1, d2);
1909 check_ed (e2, d1); 1912 check_ed(e2, d1);
1910} 1913}
1911 1914
1912#endif 1915#endif
@@ -1919,133 +1922,135 @@ test_crypto_bug (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1,
1919 * @param msg the key exchange message 1922 * @param msg the key exchange message
1920 */ 1923 */
1921void 1924void
1922GCT_handle_kx_auth (struct CadetTConnection *ct, 1925GCT_handle_kx_auth(struct CadetTConnection *ct,
1923 const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg) 1926 const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg)
1924{ 1927{
1925 struct CadetTunnel *t = ct->t; 1928 struct CadetTunnel *t = ct->t;
1926 struct CadetTunnelAxolotl ax_tmp; 1929 struct CadetTunnelAxolotl ax_tmp;
1927 struct GNUNET_HashCode kx_auth; 1930 struct GNUNET_HashCode kx_auth;
1928 int ret; 1931 int ret;
1929 1932
1930 GNUNET_STATISTICS_update (stats, 1933 GNUNET_STATISTICS_update(stats,
1931 "# KX_AUTH received", 1934 "# KX_AUTH received",
1932 1, 1935 1,
1933 GNUNET_NO); 1936 GNUNET_NO);
1934 if ( (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) || 1937 if ((CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) ||
1935 (CADET_TUNNEL_KEY_AX_RECV == t->estate) ) 1938 (CADET_TUNNEL_KEY_AX_RECV == t->estate))
1936 { 1939 {
1937 /* Confusing, we got a KX_AUTH before we even send our own 1940 /* Confusing, we got a KX_AUTH before we even send our own
1938 KX. This should not happen. We'll send our own KX ASAP anyway, 1941 KX. This should not happen. We'll send our own KX ASAP anyway,
1939 so let's ignore this here. */ 1942 so let's ignore this here. */
1940 GNUNET_break_op (0); 1943 GNUNET_break_op(0);
1941 return; 1944 return;
1942 } 1945 }
1943 LOG (GNUNET_ERROR_TYPE_DEBUG, 1946 LOG(GNUNET_ERROR_TYPE_DEBUG,
1944 "Handling KX_AUTH message from %s with ephemeral %s\n", 1947 "Handling KX_AUTH message from %s with ephemeral %s\n",
1945 GCT_2s (t), 1948 GCT_2s(t),
1946 GNUNET_e2s (&msg->kx.ephemeral_key)); 1949 GNUNET_e2s(&msg->kx.ephemeral_key));
1947 /* We do everything in ax_tmp until we've checked the authentication 1950 /* We do everything in ax_tmp until we've checked the authentication
1948 so we don't clobber anything we care about by accident. */ 1951 so we don't clobber anything we care about by accident. */
1949 ax_tmp = t->ax; 1952 ax_tmp = t->ax;
1950 1953
1951 /* Update 'ax' by the new key material */ 1954 /* Update 'ax' by the new key material */
1952 ret = update_ax_by_kx (&ax_tmp, 1955 ret = update_ax_by_kx(&ax_tmp,
1953 GCP_get_id (t->destination), 1956 GCP_get_id(t->destination),
1954 &msg->kx.ephemeral_key, 1957 &msg->kx.ephemeral_key,
1955 &msg->kx.ratchet_key); 1958 &msg->kx.ratchet_key);
1956 if (GNUNET_OK != ret) 1959 if (GNUNET_OK != ret)
1957 {
1958 if (GNUNET_NO == ret)
1959 GNUNET_STATISTICS_update (stats,
1960 "# redundant KX_AUTH received",
1961 1,
1962 GNUNET_NO);
1963 else
1964 GNUNET_break (0); /* connect to self!? */
1965 return;
1966 }
1967 GNUNET_CRYPTO_hash (&ax_tmp.RK,
1968 sizeof (ax_tmp.RK),
1969 &kx_auth);
1970 if (0 != GNUNET_memcmp (&kx_auth,
1971 &msg->auth))
1972 {
1973 /* This KX_AUTH is not using the latest KX/KX_AUTH data
1974 we transmitted to the sender, refuse it, try KX again. */
1975 GNUNET_STATISTICS_update (stats,
1976 "# KX_AUTH not using our last KX received (auth failure)",
1977 1,
1978 GNUNET_NO);
1979 LOG (GNUNET_ERROR_TYPE_WARNING,
1980 "KX AUTH mismatch!\n");
1981#if DEBUG_KX
1982 { 1960 {
1983 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key; 1961 if (GNUNET_NO == ret)
1984 1962 GNUNET_STATISTICS_update(stats,
1985 GNUNET_CRYPTO_ecdhe_key_get_public (&ax_tmp.kx_0, 1963 "# redundant KX_AUTH received",
1986 &ephemeral_key); 1964 1,
1987 if (0 != GNUNET_memcmp (&ephemeral_key, 1965 GNUNET_NO);
1988 &msg->r_ephemeral_key_XXX))
1989 {
1990 LOG (GNUNET_ERROR_TYPE_WARNING,
1991 "My ephemeral is %s!\n",
1992 GNUNET_e2s (&ephemeral_key));
1993 LOG (GNUNET_ERROR_TYPE_WARNING,
1994 "Response is for ephemeral %s!\n",
1995 GNUNET_e2s (&msg->r_ephemeral_key_XXX));
1996 }
1997 else 1966 else
1967 GNUNET_break(0); /* connect to self!? */
1968 return;
1969 }
1970 GNUNET_CRYPTO_hash(&ax_tmp.RK,
1971 sizeof(ax_tmp.RK),
1972 &kx_auth);
1973 if (0 != GNUNET_memcmp(&kx_auth,
1974 &msg->auth))
1975 {
1976 /* This KX_AUTH is not using the latest KX/KX_AUTH data
1977 we transmitted to the sender, refuse it, try KX again. */
1978 GNUNET_STATISTICS_update(stats,
1979 "# KX_AUTH not using our last KX received (auth failure)",
1980 1,
1981 GNUNET_NO);
1982 LOG(GNUNET_ERROR_TYPE_WARNING,
1983 "KX AUTH mismatch!\n");
1984#if DEBUG_KX
1998 { 1985 {
1999 test_crypto_bug (&ax_tmp.kx_0, 1986 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
2000 &msg->kx.ephemeral_key_XXX, 1987
2001 my_private_key, 1988 GNUNET_CRYPTO_ecdhe_key_get_public(&ax_tmp.kx_0,
2002 &msg->kx.private_key_XXX); 1989 &ephemeral_key);
1990 if (0 != GNUNET_memcmp(&ephemeral_key,
1991 &msg->r_ephemeral_key_XXX))
1992 {
1993 LOG(GNUNET_ERROR_TYPE_WARNING,
1994 "My ephemeral is %s!\n",
1995 GNUNET_e2s(&ephemeral_key));
1996 LOG(GNUNET_ERROR_TYPE_WARNING,
1997 "Response is for ephemeral %s!\n",
1998 GNUNET_e2s(&msg->r_ephemeral_key_XXX));
1999 }
2000 else
2001 {
2002 test_crypto_bug(&ax_tmp.kx_0,
2003 &msg->kx.ephemeral_key_XXX,
2004 my_private_key,
2005 &msg->kx.private_key_XXX);
2006 }
2003 } 2007 }
2004 }
2005#endif 2008#endif
2006 if (NULL == t->kx_task) 2009 if (NULL == t->kx_task)
2007 t->kx_task 2010 t->kx_task
2008 = GNUNET_SCHEDULER_add_at (t->next_kx_attempt, 2011 = GNUNET_SCHEDULER_add_at(t->next_kx_attempt,
2009 &retry_kx, 2012 &retry_kx,
2010 t); 2013 t);
2011 return; 2014 return;
2012 } 2015 }
2013 /* Yep, we're good. */ 2016 /* Yep, we're good. */
2014 t->ax = ax_tmp; 2017 t->ax = ax_tmp;
2015 if (NULL != t->unverified_ax) 2018 if (NULL != t->unverified_ax)
2016 { 2019 {
2017 /* We got some "stale" KX before, drop that. */ 2020 /* We got some "stale" KX before, drop that. */
2018 cleanup_ax (t->unverified_ax); 2021 cleanup_ax(t->unverified_ax);
2019 GNUNET_free (t->unverified_ax); 2022 GNUNET_free(t->unverified_ax);
2020 t->unverified_ax = NULL; 2023 t->unverified_ax = NULL;
2021 } 2024 }
2022 2025
2023 /* move ahead in our state machine */ 2026 /* move ahead in our state machine */
2024 switch (t->estate) 2027 switch (t->estate)
2025 { 2028 {
2026 case CADET_TUNNEL_KEY_UNINITIALIZED: 2029 case CADET_TUNNEL_KEY_UNINITIALIZED:
2027 case CADET_TUNNEL_KEY_AX_RECV: 2030 case CADET_TUNNEL_KEY_AX_RECV:
2028 /* Checked above, this is impossible. */ 2031 /* Checked above, this is impossible. */
2029 GNUNET_assert (0); 2032 GNUNET_assert(0);
2030 break; 2033 break;
2031 case CADET_TUNNEL_KEY_AX_SENT: /* This is the normal case */ 2034
2032 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: /* both peers started KX */ 2035 case CADET_TUNNEL_KEY_AX_SENT: /* This is the normal case */
2033 case CADET_TUNNEL_KEY_AX_AUTH_SENT: /* both peers now did KX_AUTH */ 2036 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: /* both peers started KX */
2034 GCT_change_estate (t, 2037 case CADET_TUNNEL_KEY_AX_AUTH_SENT: /* both peers now did KX_AUTH */
2035 CADET_TUNNEL_KEY_OK); 2038 GCT_change_estate(t,
2036 break; 2039 CADET_TUNNEL_KEY_OK);
2037 case CADET_TUNNEL_KEY_OK: 2040 break;
2038 /* Did not expect another KX_AUTH, but so what, still acceptable. 2041
2039 Nothing to do here. */ 2042 case CADET_TUNNEL_KEY_OK:
2040 break; 2043 /* Did not expect another KX_AUTH, but so what, still acceptable.
2041 } 2044 Nothing to do here. */
2042 if (0 != (GNUNET_CADET_KX_FLAG_FORCE_REPLY & ntohl (msg->kx.flags))) 2045 break;
2043 { 2046 }
2044 send_kx_auth (t, 2047 if (0 != (GNUNET_CADET_KX_FLAG_FORCE_REPLY & ntohl(msg->kx.flags)))
2045 NULL, 2048 {
2046 &t->ax, 2049 send_kx_auth(t,
2047 GNUNET_NO); 2050 NULL,
2048 } 2051 &t->ax,
2052 GNUNET_NO);
2053 }
2049} 2054}
2050 2055
2051 2056
@@ -2060,7 +2065,7 @@ GCT_handle_kx_auth (struct CadetTConnection *ct,
2060 * @return unused number that can uniquely identify a channel in the tunnel 2065 * @return unused number that can uniquely identify a channel in the tunnel
2061 */ 2066 */
2062static struct GNUNET_CADET_ChannelTunnelNumber 2067static struct GNUNET_CADET_ChannelTunnelNumber
2063get_next_free_ctn (struct CadetTunnel *t) 2068get_next_free_ctn(struct CadetTunnel *t)
2064{ 2069{
2065#define HIGH_BIT 0x8000000 2070#define HIGH_BIT 0x8000000
2066 struct GNUNET_CADET_ChannelTunnelNumber ret; 2071 struct GNUNET_CADET_ChannelTunnelNumber ret;
@@ -2068,23 +2073,23 @@ get_next_free_ctn (struct CadetTunnel *t)
2068 int cmp; 2073 int cmp;
2069 uint32_t highbit; 2074 uint32_t highbit;
2070 2075
2071 cmp = GNUNET_memcmp (&my_full_id, 2076 cmp = GNUNET_memcmp(&my_full_id,
2072 GCP_get_id (GCT_get_destination (t))); 2077 GCP_get_id(GCT_get_destination(t)));
2073 if (0 < cmp) 2078 if (0 < cmp)
2074 highbit = HIGH_BIT; 2079 highbit = HIGH_BIT;
2075 else if (0 > cmp) 2080 else if (0 > cmp)
2076 highbit = 0; 2081 highbit = 0;
2077 else 2082 else
2078 GNUNET_assert (0); // loopback must never go here! 2083 GNUNET_assert(0); // loopback must never go here!
2079 ctn = ntohl (t->next_ctn.cn); 2084 ctn = ntohl(t->next_ctn.cn);
2080 while (NULL != 2085 while (NULL !=
2081 GNUNET_CONTAINER_multihashmap32_get (t->channels, 2086 GNUNET_CONTAINER_multihashmap32_get(t->channels,
2082 ctn | highbit)) 2087 ctn | highbit))
2083 { 2088 {
2084 ctn = ((ctn + 1) & (~ HIGH_BIT)); 2089 ctn = ((ctn + 1) & (~HIGH_BIT));
2085 } 2090 }
2086 t->next_ctn.cn = htonl ((ctn + 1) & (~ HIGH_BIT)); 2091 t->next_ctn.cn = htonl((ctn + 1) & (~HIGH_BIT));
2087 ret.cn = htonl (ctn | highbit); 2092 ret.cn = htonl(ctn | highbit);
2088 return ret; 2093 return ret;
2089} 2094}
2090 2095
@@ -2099,50 +2104,53 @@ get_next_free_ctn (struct CadetTunnel *t)
2099 * @return unique number identifying @a ch within @a t 2104 * @return unique number identifying @a ch within @a t
2100 */ 2105 */
2101struct GNUNET_CADET_ChannelTunnelNumber 2106struct GNUNET_CADET_ChannelTunnelNumber
2102GCT_add_channel (struct CadetTunnel *t, 2107GCT_add_channel(struct CadetTunnel *t,
2103 struct CadetChannel *ch) 2108 struct CadetChannel *ch)
2104{ 2109{
2105 struct GNUNET_CADET_ChannelTunnelNumber ctn; 2110 struct GNUNET_CADET_ChannelTunnelNumber ctn;
2106 2111
2107 ctn = get_next_free_ctn (t); 2112 ctn = get_next_free_ctn(t);
2108 if (NULL != t->destroy_task) 2113 if (NULL != t->destroy_task)
2109 { 2114 {
2110 GNUNET_SCHEDULER_cancel (t->destroy_task); 2115 GNUNET_SCHEDULER_cancel(t->destroy_task);
2111 t->destroy_task = NULL; 2116 t->destroy_task = NULL;
2112 } 2117 }
2113 GNUNET_assert (GNUNET_YES == 2118 GNUNET_assert(GNUNET_YES ==
2114 GNUNET_CONTAINER_multihashmap32_put (t->channels, 2119 GNUNET_CONTAINER_multihashmap32_put(t->channels,
2115 ntohl (ctn.cn), 2120 ntohl(ctn.cn),
2116 ch, 2121 ch,
2117 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); 2122 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
2118 LOG (GNUNET_ERROR_TYPE_DEBUG, 2123 LOG(GNUNET_ERROR_TYPE_DEBUG,
2119 "Adding %s to %s\n", 2124 "Adding %s to %s\n",
2120 GCCH_2s (ch), 2125 GCCH_2s(ch),
2121 GCT_2s (t)); 2126 GCT_2s(t));
2122 switch (t->estate) 2127 switch (t->estate)
2123 { 2128 {
2124 case CADET_TUNNEL_KEY_UNINITIALIZED: 2129 case CADET_TUNNEL_KEY_UNINITIALIZED:
2125 /* waiting for connection to start KX */ 2130 /* waiting for connection to start KX */
2126 break; 2131 break;
2127 case CADET_TUNNEL_KEY_AX_RECV: 2132
2128 case CADET_TUNNEL_KEY_AX_SENT: 2133 case CADET_TUNNEL_KEY_AX_RECV:
2129 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: 2134 case CADET_TUNNEL_KEY_AX_SENT:
2130 /* we're currently waiting for KX to complete */ 2135 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
2131 break; 2136 /* we're currently waiting for KX to complete */
2132 case CADET_TUNNEL_KEY_AX_AUTH_SENT: 2137 break;
2133 /* waiting for OTHER peer to send us data, 2138
2134 we might need to prompt more aggressively! */ 2139 case CADET_TUNNEL_KEY_AX_AUTH_SENT:
2135 if (NULL == t->kx_task) 2140 /* waiting for OTHER peer to send us data,
2136 t->kx_task 2141 we might need to prompt more aggressively! */
2137 = GNUNET_SCHEDULER_add_at (t->next_kx_attempt, 2142 if (NULL == t->kx_task)
2138 &retry_kx, 2143 t->kx_task
2139 t); 2144 = GNUNET_SCHEDULER_add_at(t->next_kx_attempt,
2140 break; 2145 &retry_kx,
2141 case CADET_TUNNEL_KEY_OK: 2146 t);
2142 /* We are ready. Tell the new channel that we are up. */ 2147 break;
2143 GCCH_tunnel_up (ch); 2148
2144 break; 2149 case CADET_TUNNEL_KEY_OK:
2145 } 2150 /* We are ready. Tell the new channel that we are up. */
2151 GCCH_tunnel_up(ch);
2152 break;
2153 }
2146 return ctn; 2154 return ctn;
2147} 2155}
2148 2156
@@ -2154,25 +2162,25 @@ GCT_add_channel (struct CadetTunnel *t,
2154 * @param ct binding of connection to tunnel of the connection that was lost. 2162 * @param ct binding of connection to tunnel of the connection that was lost.
2155 */ 2163 */
2156void 2164void
2157GCT_connection_lost (struct CadetTConnection *ct) 2165GCT_connection_lost(struct CadetTConnection *ct)
2158{ 2166{
2159 struct CadetTunnel *t = ct->t; 2167 struct CadetTunnel *t = ct->t;
2160 2168
2161 if (GNUNET_YES == ct->is_ready) 2169 if (GNUNET_YES == ct->is_ready)
2162 { 2170 {
2163 GNUNET_CONTAINER_DLL_remove (t->connection_ready_head, 2171 GNUNET_CONTAINER_DLL_remove(t->connection_ready_head,
2164 t->connection_ready_tail, 2172 t->connection_ready_tail,
2165 ct); 2173 ct);
2166 t->num_ready_connections--; 2174 t->num_ready_connections--;
2167 } 2175 }
2168 else 2176 else
2169 { 2177 {
2170 GNUNET_CONTAINER_DLL_remove (t->connection_busy_head, 2178 GNUNET_CONTAINER_DLL_remove(t->connection_busy_head,
2171 t->connection_busy_tail, 2179 t->connection_busy_tail,
2172 ct); 2180 ct);
2173 t->num_busy_connections--; 2181 t->num_busy_connections--;
2174 } 2182 }
2175 GNUNET_free (ct); 2183 GNUNET_free(ct);
2176} 2184}
2177 2185
2178 2186
@@ -2183,15 +2191,15 @@ GCT_connection_lost (struct CadetTConnection *ct)
2183 * @param ct connection to clean up 2191 * @param ct connection to clean up
2184 */ 2192 */
2185static void 2193static void
2186destroy_t_connection (void *cls, 2194destroy_t_connection(void *cls,
2187 struct CadetTConnection *ct) 2195 struct CadetTConnection *ct)
2188{ 2196{
2189 struct CadetTunnel *t = cls; 2197 struct CadetTunnel *t = cls;
2190 struct CadetConnection *cc = ct->cc; 2198 struct CadetConnection *cc = ct->cc;
2191 2199
2192 GNUNET_assert (ct->t == t); 2200 GNUNET_assert(ct->t == t);
2193 GCT_connection_lost (ct); 2201 GCT_connection_lost(ct);
2194 GCC_destroy_without_tunnel (cc); 2202 GCC_destroy_without_tunnel(cc);
2195} 2203}
2196 2204
2197 2205
@@ -2201,56 +2209,56 @@ destroy_t_connection (void *cls,
2201 * @param cls the idle tunnel 2209 * @param cls the idle tunnel
2202 */ 2210 */
2203static void 2211static void
2204destroy_tunnel (void *cls) 2212destroy_tunnel(void *cls)
2205{ 2213{
2206 struct CadetTunnel *t = cls; 2214 struct CadetTunnel *t = cls;
2207 struct CadetTunnelQueueEntry *tq; 2215 struct CadetTunnelQueueEntry *tq;
2208 2216
2209 t->destroy_task = NULL; 2217 t->destroy_task = NULL;
2210 LOG (GNUNET_ERROR_TYPE_DEBUG, 2218 LOG(GNUNET_ERROR_TYPE_DEBUG,
2211 "Destroying idle %s\n", 2219 "Destroying idle %s\n",
2212 GCT_2s (t)); 2220 GCT_2s(t));
2213 GNUNET_assert (0 == GCT_count_channels (t)); 2221 GNUNET_assert(0 == GCT_count_channels(t));
2214 GCT_iterate_connections (t, 2222 GCT_iterate_connections(t,
2215 &destroy_t_connection, 2223 &destroy_t_connection,
2216 t); 2224 t);
2217 GNUNET_assert (NULL == t->connection_ready_head); 2225 GNUNET_assert(NULL == t->connection_ready_head);
2218 GNUNET_assert (NULL == t->connection_busy_head); 2226 GNUNET_assert(NULL == t->connection_busy_head);
2219 while (NULL != (tq = t->tq_head)) 2227 while (NULL != (tq = t->tq_head))
2220 { 2228 {
2221 if (NULL != tq->cont) 2229 if (NULL != tq->cont)
2222 tq->cont (tq->cont_cls, 2230 tq->cont(tq->cont_cls,
2223 NULL); 2231 NULL);
2224 GCT_send_cancel (tq); 2232 GCT_send_cancel(tq);
2225 } 2233 }
2226 GCP_drop_tunnel (t->destination, 2234 GCP_drop_tunnel(t->destination,
2227 t); 2235 t);
2228 GNUNET_CONTAINER_multihashmap32_destroy (t->channels); 2236 GNUNET_CONTAINER_multihashmap32_destroy(t->channels);
2229 if (NULL != t->maintain_connections_task) 2237 if (NULL != t->maintain_connections_task)
2230 { 2238 {
2231 GNUNET_SCHEDULER_cancel (t->maintain_connections_task); 2239 GNUNET_SCHEDULER_cancel(t->maintain_connections_task);
2232 t->maintain_connections_task = NULL; 2240 t->maintain_connections_task = NULL;
2233 } 2241 }
2234 if (NULL != t->send_task) 2242 if (NULL != t->send_task)
2235 { 2243 {
2236 GNUNET_SCHEDULER_cancel (t->send_task); 2244 GNUNET_SCHEDULER_cancel(t->send_task);
2237 t->send_task = NULL; 2245 t->send_task = NULL;
2238 } 2246 }
2239 if (NULL != t->kx_task) 2247 if (NULL != t->kx_task)
2240 { 2248 {
2241 GNUNET_SCHEDULER_cancel (t->kx_task); 2249 GNUNET_SCHEDULER_cancel(t->kx_task);
2242 t->kx_task = NULL; 2250 t->kx_task = NULL;
2243 } 2251 }
2244 GNUNET_MST_destroy (t->mst); 2252 GNUNET_MST_destroy(t->mst);
2245 GNUNET_MQ_destroy (t->mq); 2253 GNUNET_MQ_destroy(t->mq);
2246 if (NULL != t->unverified_ax) 2254 if (NULL != t->unverified_ax)
2247 { 2255 {
2248 cleanup_ax (t->unverified_ax); 2256 cleanup_ax(t->unverified_ax);
2249 GNUNET_free (t->unverified_ax); 2257 GNUNET_free(t->unverified_ax);
2250 } 2258 }
2251 cleanup_ax (&t->ax); 2259 cleanup_ax(&t->ax);
2252 GNUNET_assert (NULL == t->destroy_task); 2260 GNUNET_assert(NULL == t->destroy_task);
2253 GNUNET_free (t); 2261 GNUNET_free(t);
2254} 2262}
2255 2263
2256 2264
@@ -2262,27 +2270,27 @@ destroy_tunnel (void *cls)
2262 * @param ctn unique number identifying @a ch within @a t 2270 * @param ctn unique number identifying @a ch within @a t
2263 */ 2271 */
2264void 2272void
2265GCT_remove_channel (struct CadetTunnel *t, 2273GCT_remove_channel(struct CadetTunnel *t,
2266 struct CadetChannel *ch, 2274 struct CadetChannel *ch,
2267 struct GNUNET_CADET_ChannelTunnelNumber ctn) 2275 struct GNUNET_CADET_ChannelTunnelNumber ctn)
2268{ 2276{
2269 LOG (GNUNET_ERROR_TYPE_DEBUG, 2277 LOG(GNUNET_ERROR_TYPE_DEBUG,
2270 "Removing %s from %s\n", 2278 "Removing %s from %s\n",
2271 GCCH_2s (ch), 2279 GCCH_2s(ch),
2272 GCT_2s (t)); 2280 GCT_2s(t));
2273 GNUNET_assert (GNUNET_YES == 2281 GNUNET_assert(GNUNET_YES ==
2274 GNUNET_CONTAINER_multihashmap32_remove (t->channels, 2282 GNUNET_CONTAINER_multihashmap32_remove(t->channels,
2275 ntohl (ctn.cn), 2283 ntohl(ctn.cn),
2276 ch)); 2284 ch));
2277 if ( (0 == 2285 if ((0 ==
2278 GCT_count_channels (t)) && 2286 GCT_count_channels(t)) &&
2279 (NULL == t->destroy_task) ) 2287 (NULL == t->destroy_task))
2280 { 2288 {
2281 t->destroy_task 2289 t->destroy_task
2282 = GNUNET_SCHEDULER_add_delayed (IDLE_DESTROY_DELAY, 2290 = GNUNET_SCHEDULER_add_delayed(IDLE_DESTROY_DELAY,
2283 &destroy_tunnel, 2291 &destroy_tunnel,
2284 t); 2292 t);
2285 } 2293 }
2286} 2294}
2287 2295
2288 2296
@@ -2295,14 +2303,14 @@ GCT_remove_channel (struct CadetTunnel *t,
2295 * @return #GNUNET_OK (continue to iterate) 2303 * @return #GNUNET_OK (continue to iterate)
2296 */ 2304 */
2297static int 2305static int
2298destroy_remaining_channels (void *cls, 2306destroy_remaining_channels(void *cls,
2299 uint32_t key, 2307 uint32_t key,
2300 void *value) 2308 void *value)
2301{ 2309{
2302 struct CadetChannel *ch = value; 2310 struct CadetChannel *ch = value;
2303 2311
2304 GCCH_handle_remote_destroy (ch, 2312 GCCH_handle_remote_destroy(ch,
2305 NULL); 2313 NULL);
2306 return GNUNET_OK; 2314 return GNUNET_OK;
2307} 2315}
2308 2316
@@ -2313,20 +2321,20 @@ destroy_remaining_channels (void *cls,
2313 * @param t tunnel to destroy 2321 * @param t tunnel to destroy
2314 */ 2322 */
2315void 2323void
2316GCT_destroy_tunnel_now (struct CadetTunnel *t) 2324GCT_destroy_tunnel_now(struct CadetTunnel *t)
2317{ 2325{
2318 GNUNET_assert (GNUNET_YES == shutting_down); 2326 GNUNET_assert(GNUNET_YES == shutting_down);
2319 GNUNET_CONTAINER_multihashmap32_iterate (t->channels, 2327 GNUNET_CONTAINER_multihashmap32_iterate(t->channels,
2320 &destroy_remaining_channels, 2328 &destroy_remaining_channels,
2321 t); 2329 t);
2322 GNUNET_assert (0 == 2330 GNUNET_assert(0 ==
2323 GCT_count_channels (t)); 2331 GCT_count_channels(t));
2324 if (NULL != t->destroy_task) 2332 if (NULL != t->destroy_task)
2325 { 2333 {
2326 GNUNET_SCHEDULER_cancel (t->destroy_task); 2334 GNUNET_SCHEDULER_cancel(t->destroy_task);
2327 t->destroy_task = NULL; 2335 t->destroy_task = NULL;
2328 } 2336 }
2329 destroy_tunnel (t); 2337 destroy_tunnel(t);
2330} 2338}
2331 2339
2332 2340
@@ -2338,40 +2346,40 @@ GCT_destroy_tunnel_now (struct CadetTunnel *t)
2338 * @param ct connection to use for transmission (is ready) 2346 * @param ct connection to use for transmission (is ready)
2339 */ 2347 */
2340static void 2348static void
2341try_send_normal_payload (struct CadetTunnel *t, 2349try_send_normal_payload(struct CadetTunnel *t,
2342 struct CadetTConnection *ct) 2350 struct CadetTConnection *ct)
2343{ 2351{
2344 struct CadetTunnelQueueEntry *tq; 2352 struct CadetTunnelQueueEntry *tq;
2345 2353
2346 GNUNET_assert (GNUNET_YES == ct->is_ready); 2354 GNUNET_assert(GNUNET_YES == ct->is_ready);
2347 tq = t->tq_head; 2355 tq = t->tq_head;
2348 if (NULL == tq) 2356 if (NULL == tq)
2349 { 2357 {
2350 /* no messages pending right now */ 2358 /* no messages pending right now */
2351 LOG (GNUNET_ERROR_TYPE_DEBUG, 2359 LOG(GNUNET_ERROR_TYPE_DEBUG,
2352 "Not sending payload of %s on ready %s (nothing pending)\n", 2360 "Not sending payload of %s on ready %s (nothing pending)\n",
2353 GCT_2s (t), 2361 GCT_2s(t),
2354 GCC_2s (ct->cc)); 2362 GCC_2s(ct->cc));
2355 return; 2363 return;
2356 } 2364 }
2357 /* ready to send message 'tq' on tunnel 'ct' */ 2365 /* ready to send message 'tq' on tunnel 'ct' */
2358 GNUNET_assert (t == tq->t); 2366 GNUNET_assert(t == tq->t);
2359 GNUNET_CONTAINER_DLL_remove (t->tq_head, 2367 GNUNET_CONTAINER_DLL_remove(t->tq_head,
2360 t->tq_tail, 2368 t->tq_tail,
2361 tq); 2369 tq);
2362 if (NULL != tq->cid) 2370 if (NULL != tq->cid)
2363 *tq->cid = *GCC_get_id (ct->cc); 2371 *tq->cid = *GCC_get_id(ct->cc);
2364 mark_connection_unready (ct); 2372 mark_connection_unready(ct);
2365 LOG (GNUNET_ERROR_TYPE_DEBUG, 2373 LOG(GNUNET_ERROR_TYPE_DEBUG,
2366 "Sending payload of %s on %s\n", 2374 "Sending payload of %s on %s\n",
2367 GCT_2s (t), 2375 GCT_2s(t),
2368 GCC_2s (ct->cc)); 2376 GCC_2s(ct->cc));
2369 GCC_transmit (ct->cc, 2377 GCC_transmit(ct->cc,
2370 tq->env); 2378 tq->env);
2371 if (NULL != tq->cont) 2379 if (NULL != tq->cont)
2372 tq->cont (tq->cont_cls, 2380 tq->cont(tq->cont_cls,
2373 GCC_get_id (ct->cc)); 2381 GCC_get_id(ct->cc));
2374 GNUNET_free (tq); 2382 GNUNET_free(tq);
2375} 2383}
2376 2384
2377 2385
@@ -2384,95 +2392,97 @@ try_send_normal_payload (struct CadetTunnel *t,
2384 * #GNUNET_NO if connection are no longer ready 2392 * #GNUNET_NO if connection are no longer ready
2385 */ 2393 */
2386static void 2394static void
2387connection_ready_cb (void *cls, 2395connection_ready_cb(void *cls,
2388 int is_ready) 2396 int is_ready)
2389{ 2397{
2390 struct CadetTConnection *ct = cls; 2398 struct CadetTConnection *ct = cls;
2391 struct CadetTunnel *t = ct->t; 2399 struct CadetTunnel *t = ct->t;
2392 2400
2393 if (GNUNET_NO == is_ready) 2401 if (GNUNET_NO == is_ready)
2394 { 2402 {
2395 LOG (GNUNET_ERROR_TYPE_DEBUG, 2403 LOG(GNUNET_ERROR_TYPE_DEBUG,
2396 "%s no longer ready for %s\n", 2404 "%s no longer ready for %s\n",
2397 GCC_2s (ct->cc), 2405 GCC_2s(ct->cc),
2398 GCT_2s (t)); 2406 GCT_2s(t));
2399 mark_connection_unready (ct); 2407 mark_connection_unready(ct);
2400 return; 2408 return;
2401 } 2409 }
2402 GNUNET_assert (GNUNET_NO == ct->is_ready); 2410 GNUNET_assert(GNUNET_NO == ct->is_ready);
2403 GNUNET_CONTAINER_DLL_remove (t->connection_busy_head, 2411 GNUNET_CONTAINER_DLL_remove(t->connection_busy_head,
2404 t->connection_busy_tail, 2412 t->connection_busy_tail,
2405 ct); 2413 ct);
2406 GNUNET_assert (0 < t->num_busy_connections); 2414 GNUNET_assert(0 < t->num_busy_connections);
2407 t->num_busy_connections--; 2415 t->num_busy_connections--;
2408 ct->is_ready = GNUNET_YES; 2416 ct->is_ready = GNUNET_YES;
2409 GNUNET_CONTAINER_DLL_insert_tail (t->connection_ready_head, 2417 GNUNET_CONTAINER_DLL_insert_tail(t->connection_ready_head,
2410 t->connection_ready_tail, 2418 t->connection_ready_tail,
2411 ct); 2419 ct);
2412 t->num_ready_connections++; 2420 t->num_ready_connections++;
2413 2421
2414 LOG (GNUNET_ERROR_TYPE_DEBUG, 2422 LOG(GNUNET_ERROR_TYPE_DEBUG,
2415 "%s now ready for %s in state %s\n", 2423 "%s now ready for %s in state %s\n",
2416 GCC_2s (ct->cc), 2424 GCC_2s(ct->cc),
2417 GCT_2s (t), 2425 GCT_2s(t),
2418 estate2s (t->estate)); 2426 estate2s(t->estate));
2419 switch (t->estate) 2427 switch (t->estate)
2420 {
2421 case CADET_TUNNEL_KEY_UNINITIALIZED:
2422 /* Do not begin KX if WE have no channels waiting! */
2423 if (0 != GNUNET_TIME_absolute_get_remaining (t->next_kx_attempt).rel_value_us)
2424 return; /* wait for timeout before retrying */
2425 /* We are uninitialized, just transmit immediately,
2426 without undue delay. */
2427 if (NULL != t->kx_task)
2428 {
2429 GNUNET_SCHEDULER_cancel (t->kx_task);
2430 t->kx_task = NULL;
2431 }
2432 send_kx (t,
2433 ct,
2434 &t->ax);
2435 if ( (0 ==
2436 GCT_count_channels (t)) &&
2437 (NULL == t->destroy_task) )
2438 {
2439 t->destroy_task
2440 = GNUNET_SCHEDULER_add_delayed (IDLE_DESTROY_DELAY,
2441 &destroy_tunnel,
2442 t);
2443 }
2444 break;
2445 case CADET_TUNNEL_KEY_AX_RECV:
2446 case CADET_TUNNEL_KEY_AX_SENT:
2447 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
2448 case CADET_TUNNEL_KEY_AX_AUTH_SENT:
2449 /* we're currently waiting for KX to complete, schedule job */
2450 if (NULL == t->kx_task)
2451 t->kx_task
2452 = GNUNET_SCHEDULER_add_at (t->next_kx_attempt,
2453 &retry_kx,
2454 t);
2455 break;
2456 case CADET_TUNNEL_KEY_OK:
2457 if (GNUNET_YES == t->kx_auth_requested)
2458 { 2428 {
2459 if (0 != GNUNET_TIME_absolute_get_remaining (t->next_kx_attempt).rel_value_us) 2429 case CADET_TUNNEL_KEY_UNINITIALIZED:
2460 return; /* wait for timeout */ 2430 /* Do not begin KX if WE have no channels waiting! */
2431 if (0 != GNUNET_TIME_absolute_get_remaining(t->next_kx_attempt).rel_value_us)
2432 return; /* wait for timeout before retrying */
2433 /* We are uninitialized, just transmit immediately,
2434 without undue delay. */
2461 if (NULL != t->kx_task) 2435 if (NULL != t->kx_task)
2462 { 2436 {
2463 GNUNET_SCHEDULER_cancel (t->kx_task); 2437 GNUNET_SCHEDULER_cancel(t->kx_task);
2464 t->kx_task = NULL; 2438 t->kx_task = NULL;
2465 } 2439 }
2466 send_kx_auth (t, 2440 send_kx(t,
2467 ct, 2441 ct,
2468 &t->ax, 2442 &t->ax);
2469 GNUNET_NO); 2443 if ((0 ==
2470 return; 2444 GCT_count_channels(t)) &&
2445 (NULL == t->destroy_task))
2446 {
2447 t->destroy_task
2448 = GNUNET_SCHEDULER_add_delayed(IDLE_DESTROY_DELAY,
2449 &destroy_tunnel,
2450 t);
2451 }
2452 break;
2453
2454 case CADET_TUNNEL_KEY_AX_RECV:
2455 case CADET_TUNNEL_KEY_AX_SENT:
2456 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
2457 case CADET_TUNNEL_KEY_AX_AUTH_SENT:
2458 /* we're currently waiting for KX to complete, schedule job */
2459 if (NULL == t->kx_task)
2460 t->kx_task
2461 = GNUNET_SCHEDULER_add_at(t->next_kx_attempt,
2462 &retry_kx,
2463 t);
2464 break;
2465
2466 case CADET_TUNNEL_KEY_OK:
2467 if (GNUNET_YES == t->kx_auth_requested)
2468 {
2469 if (0 != GNUNET_TIME_absolute_get_remaining(t->next_kx_attempt).rel_value_us)
2470 return; /* wait for timeout */
2471 if (NULL != t->kx_task)
2472 {
2473 GNUNET_SCHEDULER_cancel(t->kx_task);
2474 t->kx_task = NULL;
2475 }
2476 send_kx_auth(t,
2477 ct,
2478 &t->ax,
2479 GNUNET_NO);
2480 return;
2481 }
2482 try_send_normal_payload(t,
2483 ct);
2484 break;
2471 } 2485 }
2472 try_send_normal_payload (t,
2473 ct);
2474 break;
2475 }
2476} 2486}
2477 2487
2478 2488
@@ -2485,7 +2495,7 @@ connection_ready_cb (void *cls,
2485 * @param cls the `struct CadetTunnel` to process messages on 2495 * @param cls the `struct CadetTunnel` to process messages on
2486 */ 2496 */
2487static void 2497static void
2488trigger_transmissions (void *cls) 2498trigger_transmissions(void *cls)
2489{ 2499{
2490 struct CadetTunnel *t = cls; 2500 struct CadetTunnel *t = cls;
2491 struct CadetTConnection *ct; 2501 struct CadetTConnection *ct;
@@ -2493,11 +2503,11 @@ trigger_transmissions (void *cls)
2493 t->send_task = NULL; 2503 t->send_task = NULL;
2494 if (NULL == t->tq_head) 2504 if (NULL == t->tq_head)
2495 return; /* no messages pending right now */ 2505 return; /* no messages pending right now */
2496 ct = get_ready_connection (t); 2506 ct = get_ready_connection(t);
2497 if (NULL == ct) 2507 if (NULL == ct)
2498 return; /* no connections ready */ 2508 return; /* no connections ready */
2499 try_send_normal_payload (t, 2509 try_send_normal_payload(t,
2500 ct); 2510 ct);
2501} 2511}
2502 2512
2503 2513
@@ -2505,9 +2515,7 @@ trigger_transmissions (void *cls)
2505 * Closure for #evaluate_connection. Used to assemble summary information 2515 * Closure for #evaluate_connection. Used to assemble summary information
2506 * about the existing connections so we can evaluate a new path. 2516 * about the existing connections so we can evaluate a new path.
2507 */ 2517 */
2508struct EvaluationSummary 2518struct EvaluationSummary {
2509{
2510
2511 /** 2519 /**
2512 * Minimum length of any of our connections, `UINT_MAX` if we have none. 2520 * Minimum length of any of our connections, `UINT_MAX` if we have none.
2513 */ 2521 */
@@ -2548,7 +2556,6 @@ struct EvaluationSummary
2548 * Set to #GNUNET_YES if we have a connection over @e path already. 2556 * Set to #GNUNET_YES if we have a connection over @e path already.
2549 */ 2557 */
2550 int duplicate; 2558 int duplicate;
2551
2552}; 2559};
2553 2560
2554 2561
@@ -2560,8 +2567,8 @@ struct EvaluationSummary
2560 * @param ct a connection to include in the summary 2567 * @param ct a connection to include in the summary
2561 */ 2568 */
2562static void 2569static void
2563evaluate_connection (void *cls, 2570evaluate_connection(void *cls,
2564 struct CadetTConnection *ct) 2571 struct CadetTConnection *ct)
2565{ 2572{
2566 struct EvaluationSummary *es = cls; 2573 struct EvaluationSummary *es = cls;
2567 struct CadetConnection *cc = ct->cc; 2574 struct CadetConnection *cc = ct->cc;
@@ -2574,79 +2581,79 @@ evaluate_connection (void *cls,
2574 double score; 2581 double score;
2575 double success_rate; 2582 double success_rate;
2576 2583
2577 ps = GCC_get_path (cc, 2584 ps = GCC_get_path(cc,
2578 &ct_length); 2585 &ct_length);
2579 LOG (GNUNET_ERROR_TYPE_DEBUG, 2586 LOG(GNUNET_ERROR_TYPE_DEBUG,
2580 "Evaluating path %s of existing %s\n", 2587 "Evaluating path %s of existing %s\n",
2581 GCPP_2s (ps), 2588 GCPP_2s(ps),
2582 GCC_2s (cc)); 2589 GCC_2s(cc));
2583 if (ps == es->path) 2590 if (ps == es->path)
2584 {
2585 LOG (GNUNET_ERROR_TYPE_DEBUG,
2586 "Ignoring duplicate path %s.\n",
2587 GCPP_2s (es->path));
2588 es->duplicate = GNUNET_YES;
2589 return;
2590 }
2591 if (NULL != es->path)
2592 {
2593 int duplicate = GNUNET_YES;
2594
2595 for (unsigned int i=0;i<ct_length;i++)
2596 {
2597 GNUNET_assert (GCPP_get_length (es->path) > i);
2598 if (GCPP_get_peer_at_offset (es->path,
2599 i) !=
2600 GCPP_get_peer_at_offset (ps,
2601 i))
2602 {
2603 duplicate = GNUNET_NO;
2604 break;
2605 }
2606 }
2607 if (GNUNET_YES == duplicate)
2608 { 2591 {
2609 LOG (GNUNET_ERROR_TYPE_DEBUG, 2592 LOG(GNUNET_ERROR_TYPE_DEBUG,
2610 "Ignoring overlapping path %s.\n", 2593 "Ignoring duplicate path %s.\n",
2611 GCPP_2s (es->path)); 2594 GCPP_2s(es->path));
2612 es->duplicate = GNUNET_YES; 2595 es->duplicate = GNUNET_YES;
2613 return; 2596 return;
2614 } 2597 }
2615 else 2598 if (NULL != es->path)
2616 { 2599 {
2617 LOG (GNUNET_ERROR_TYPE_DEBUG, 2600 int duplicate = GNUNET_YES;
2618 "Known path %s differs from proposed path\n", 2601
2619 GCPP_2s (ps)); 2602 for (unsigned int i = 0; i < ct_length; i++)
2603 {
2604 GNUNET_assert(GCPP_get_length(es->path) > i);
2605 if (GCPP_get_peer_at_offset(es->path,
2606 i) !=
2607 GCPP_get_peer_at_offset(ps,
2608 i))
2609 {
2610 duplicate = GNUNET_NO;
2611 break;
2612 }
2613 }
2614 if (GNUNET_YES == duplicate)
2615 {
2616 LOG(GNUNET_ERROR_TYPE_DEBUG,
2617 "Ignoring overlapping path %s.\n",
2618 GCPP_2s(es->path));
2619 es->duplicate = GNUNET_YES;
2620 return;
2621 }
2622 else
2623 {
2624 LOG(GNUNET_ERROR_TYPE_DEBUG,
2625 "Known path %s differs from proposed path\n",
2626 GCPP_2s(ps));
2627 }
2620 } 2628 }
2621 }
2622 2629
2623 ct_desirability = GCPP_get_desirability (ps); 2630 ct_desirability = GCPP_get_desirability(ps);
2624 metrics = GCC_get_metrics (cc); 2631 metrics = GCC_get_metrics(cc);
2625 uptime = GNUNET_TIME_absolute_get_duration (metrics->age); 2632 uptime = GNUNET_TIME_absolute_get_duration(metrics->age);
2626 last_use = GNUNET_TIME_absolute_get_duration (metrics->last_use); 2633 last_use = GNUNET_TIME_absolute_get_duration(metrics->last_use);
2627 /* We add 1.0 here to avoid division by zero. */ 2634 /* We add 1.0 here to avoid division by zero. */
2628 success_rate = (metrics->num_acked_transmissions + 1.0) / (metrics->num_successes + 1.0); 2635 success_rate = (metrics->num_acked_transmissions + 1.0) / (metrics->num_successes + 1.0);
2629 score 2636 score
2630 = ct_desirability 2637 = ct_desirability
2631 + 100.0 / (1.0 + ct_length) /* longer paths = better */ 2638 + 100.0 / (1.0 + ct_length) /* longer paths = better */
2632 + sqrt (uptime.rel_value_us / 60000000LL) /* larger uptime = better */ 2639 + sqrt(uptime.rel_value_us / 60000000LL) /* larger uptime = better */
2633 - last_use.rel_value_us / 1000L; /* longer idle = worse */ 2640 - last_use.rel_value_us / 1000L; /* longer idle = worse */
2634 score *= success_rate; /* weigh overall by success rate */ 2641 score *= success_rate; /* weigh overall by success rate */
2635 2642
2636 if ( (NULL == es->worst) || 2643 if ((NULL == es->worst) ||
2637 (score < es->worst_score) ) 2644 (score < es->worst_score))
2638 { 2645 {
2639 es->worst = ct; 2646 es->worst = ct;
2640 es->worst_score = score; 2647 es->worst_score = score;
2641 } 2648 }
2642 es->min_length = GNUNET_MIN (es->min_length, 2649 es->min_length = GNUNET_MIN(es->min_length,
2643 ct_length); 2650 ct_length);
2644 es->max_length = GNUNET_MAX (es->max_length, 2651 es->max_length = GNUNET_MAX(es->max_length,
2645 ct_length); 2652 ct_length);
2646 es->min_desire = GNUNET_MIN (es->min_desire, 2653 es->min_desire = GNUNET_MIN(es->min_desire,
2647 ct_desirability); 2654 ct_desirability);
2648 es->max_desire = GNUNET_MAX (es->max_desire, 2655 es->max_desire = GNUNET_MAX(es->max_desire,
2649 ct_desirability); 2656 ct_desirability);
2650} 2657}
2651 2658
2652 2659
@@ -2660,17 +2667,17 @@ evaluate_connection (void *cls,
2660 * @return #GNUNET_YES (should keep iterating) 2667 * @return #GNUNET_YES (should keep iterating)
2661 */ 2668 */
2662static int 2669static int
2663consider_path_cb (void *cls, 2670consider_path_cb(void *cls,
2664 struct CadetPeerPath *path, 2671 struct CadetPeerPath *path,
2665 unsigned int off) 2672 unsigned int off)
2666{ 2673{
2667 struct CadetTunnel *t = cls; 2674 struct CadetTunnel *t = cls;
2668 struct EvaluationSummary es; 2675 struct EvaluationSummary es;
2669 struct CadetTConnection *ct; 2676 struct CadetTConnection *ct;
2670 2677
2671 GNUNET_assert (off < GCPP_get_length (path)); 2678 GNUNET_assert(off < GCPP_get_length(path));
2672 GNUNET_assert (GCPP_get_peer_at_offset (path, 2679 GNUNET_assert(GCPP_get_peer_at_offset(path,
2673 off) == t->destination); 2680 off) == t->destination);
2674 es.min_length = UINT_MAX; 2681 es.min_length = UINT_MAX;
2675 es.max_length = 0; 2682 es.max_length = 0;
2676 es.max_desire = 0; 2683 es.max_desire = 0;
@@ -2680,16 +2687,16 @@ consider_path_cb (void *cls,
2680 es.worst = NULL; 2687 es.worst = NULL;
2681 2688
2682 /* Compute evaluation summary over existing connections. */ 2689 /* Compute evaluation summary over existing connections. */
2683 LOG (GNUNET_ERROR_TYPE_DEBUG, 2690 LOG(GNUNET_ERROR_TYPE_DEBUG,
2684 "Evaluating proposed path %s for target %s\n", 2691 "Evaluating proposed path %s for target %s\n",
2685 GCPP_2s (path), 2692 GCPP_2s(path),
2686 GCT_2s (t)); 2693 GCT_2s(t));
2687 /* FIXME: suspect this does not ACTUALLY iterate 2694 /* FIXME: suspect this does not ACTUALLY iterate
2688 over all existing paths, otherwise dup detection 2695 over all existing paths, otherwise dup detection
2689 should work!!! */ 2696 should work!!! */
2690 GCT_iterate_connections (t, 2697 GCT_iterate_connections(t,
2691 &evaluate_connection, 2698 &evaluate_connection,
2692 &es); 2699 &es);
2693 if (GNUNET_YES == es.duplicate) 2700 if (GNUNET_YES == es.duplicate)
2694 return GNUNET_YES; 2701 return GNUNET_YES;
2695 2702
@@ -2700,54 +2707,54 @@ consider_path_cb (void *cls,
2700 /* We iterate by increasing path length; if we have enough paths and 2707 /* We iterate by increasing path length; if we have enough paths and
2701 this one is more than twice as long than what we are currently 2708 this one is more than twice as long than what we are currently
2702 using, then ignore all of these super-long ones! */ 2709 using, then ignore all of these super-long ones! */
2703 if ( (GCT_count_any_connections (t) > DESIRED_CONNECTIONS_PER_TUNNEL) && 2710 if ((GCT_count_any_connections(t) > DESIRED_CONNECTIONS_PER_TUNNEL) &&
2704 (es.min_length * 2 < off) && 2711 (es.min_length * 2 < off) &&
2705 (es.max_length < off) ) 2712 (es.max_length < off))
2706 { 2713 {
2707 LOG (GNUNET_ERROR_TYPE_DEBUG, 2714 LOG(GNUNET_ERROR_TYPE_DEBUG,
2708 "Ignoring paths of length %u, they are way too long.\n", 2715 "Ignoring paths of length %u, they are way too long.\n",
2709 es.min_length * 2); 2716 es.min_length * 2);
2710 return GNUNET_NO; 2717 return GNUNET_NO;
2711 } 2718 }
2712 /* If we have enough paths and this one looks no better, ignore it. */ 2719 /* If we have enough paths and this one looks no better, ignore it. */
2713 if ( (GCT_count_any_connections (t) >= DESIRED_CONNECTIONS_PER_TUNNEL) && 2720 if ((GCT_count_any_connections(t) >= DESIRED_CONNECTIONS_PER_TUNNEL) &&
2714 (es.min_length < GCPP_get_length (path)) && 2721 (es.min_length < GCPP_get_length(path)) &&
2715 (es.min_desire > GCPP_get_desirability (path)) && 2722 (es.min_desire > GCPP_get_desirability(path)) &&
2716 (es.max_length < off) ) 2723 (es.max_length < off))
2717 { 2724 {
2718 LOG (GNUNET_ERROR_TYPE_DEBUG, 2725 LOG(GNUNET_ERROR_TYPE_DEBUG,
2719 "Ignoring path (%u/%llu) to %s, got something better already.\n", 2726 "Ignoring path (%u/%llu) to %s, got something better already.\n",
2720 GCPP_get_length (path), 2727 GCPP_get_length(path),
2721 (unsigned long long) GCPP_get_desirability (path), 2728 (unsigned long long)GCPP_get_desirability(path),
2722 GCP_2s (t->destination)); 2729 GCP_2s(t->destination));
2723 return GNUNET_YES; 2730 return GNUNET_YES;
2724 } 2731 }
2725 2732
2726 /* Path is interesting (better by some metric, or we don't have 2733 /* Path is interesting (better by some metric, or we don't have
2727 enough paths yet). */ 2734 enough paths yet). */
2728 ct = GNUNET_new (struct CadetTConnection); 2735 ct = GNUNET_new(struct CadetTConnection);
2729 ct->created = GNUNET_TIME_absolute_get (); 2736 ct->created = GNUNET_TIME_absolute_get();
2730 ct->t = t; 2737 ct->t = t;
2731 ct->cc = GCC_create (t->destination, 2738 ct->cc = GCC_create(t->destination,
2732 path, 2739 path,
2733 off, 2740 off,
2734 ct, 2741 ct,
2735 &connection_ready_cb, 2742 &connection_ready_cb,
2736 ct); 2743 ct);
2737 2744
2738 /* FIXME: schedule job to kill connection (and path?) if it takes 2745 /* FIXME: schedule job to kill connection (and path?) if it takes
2739 too long to get ready! (And track performance data on how long 2746 too long to get ready! (And track performance data on how long
2740 other connections took with the tunnel!) 2747 other connections took with the tunnel!)
2741 => Note: to be done within 'connection'-logic! */ 2748 => Note: to be done within 'connection'-logic! */
2742 GNUNET_CONTAINER_DLL_insert (t->connection_busy_head, 2749 GNUNET_CONTAINER_DLL_insert(t->connection_busy_head,
2743 t->connection_busy_tail, 2750 t->connection_busy_tail,
2744 ct); 2751 ct);
2745 t->num_busy_connections++; 2752 t->num_busy_connections++;
2746 LOG (GNUNET_ERROR_TYPE_DEBUG, 2753 LOG(GNUNET_ERROR_TYPE_DEBUG,
2747 "Found interesting path %s for %s, created %s\n", 2754 "Found interesting path %s for %s, created %s\n",
2748 GCPP_2s (path), 2755 GCPP_2s(path),
2749 GCT_2s (t), 2756 GCT_2s(t),
2750 GCC_2s (ct->cc)); 2757 GCC_2s(ct->cc));
2751 return GNUNET_YES; 2758 return GNUNET_YES;
2752} 2759}
2753 2760
@@ -2766,16 +2773,16 @@ consider_path_cb (void *cls,
2766 * @param cls the `struct CadetTunnel` 2773 * @param cls the `struct CadetTunnel`
2767 */ 2774 */
2768static void 2775static void
2769maintain_connections_cb (void *cls) 2776maintain_connections_cb(void *cls)
2770{ 2777{
2771 struct CadetTunnel *t = cls; 2778 struct CadetTunnel *t = cls;
2772 struct GNUNET_TIME_Relative delay; 2779 struct GNUNET_TIME_Relative delay;
2773 struct EvaluationSummary es; 2780 struct EvaluationSummary es;
2774 2781
2775 t->maintain_connections_task = NULL; 2782 t->maintain_connections_task = NULL;
2776 LOG (GNUNET_ERROR_TYPE_DEBUG, 2783 LOG(GNUNET_ERROR_TYPE_DEBUG,
2777 "Performing connection maintenance for %s.\n", 2784 "Performing connection maintenance for %s.\n",
2778 GCT_2s (t)); 2785 GCT_2s(t));
2779 2786
2780 es.min_length = UINT_MAX; 2787 es.min_length = UINT_MAX;
2781 es.max_length = 0; 2788 es.max_length = 0;
@@ -2784,21 +2791,21 @@ maintain_connections_cb (void *cls)
2784 es.path = NULL; 2791 es.path = NULL;
2785 es.worst = NULL; 2792 es.worst = NULL;
2786 es.duplicate = GNUNET_NO; 2793 es.duplicate = GNUNET_NO;
2787 GCT_iterate_connections (t, 2794 GCT_iterate_connections(t,
2788 &evaluate_connection, 2795 &evaluate_connection,
2789 &es); 2796 &es);
2790 if ( (NULL != es.worst) && 2797 if ((NULL != es.worst) &&
2791 (GCT_count_any_connections (t) > DESIRED_CONNECTIONS_PER_TUNNEL) ) 2798 (GCT_count_any_connections(t) > DESIRED_CONNECTIONS_PER_TUNNEL))
2792 { 2799 {
2793 /* Clear out worst-performing connection 'es.worst'. */ 2800 /* Clear out worst-performing connection 'es.worst'. */
2794 destroy_t_connection (t, 2801 destroy_t_connection(t,
2795 es.worst); 2802 es.worst);
2796 } 2803 }
2797 2804
2798 /* Consider additional paths */ 2805 /* Consider additional paths */
2799 (void) GCP_iterate_paths (t->destination, 2806 (void)GCP_iterate_paths(t->destination,
2800 &consider_path_cb, 2807 &consider_path_cb,
2801 t); 2808 t);
2802 2809
2803 /* FIXME: calculate when to try again based on how well we are doing; 2810 /* FIXME: calculate when to try again based on how well we are doing;
2804 in particular, if we have to few connections, we might be able 2811 in particular, if we have to few connections, we might be able
@@ -2810,9 +2817,9 @@ maintain_connections_cb (void *cls)
2810 and then reduce the frequency accordingly. */ 2817 and then reduce the frequency accordingly. */
2811 delay = GNUNET_TIME_UNIT_MINUTES; 2818 delay = GNUNET_TIME_UNIT_MINUTES;
2812 t->maintain_connections_task 2819 t->maintain_connections_task
2813 = GNUNET_SCHEDULER_add_delayed (delay, 2820 = GNUNET_SCHEDULER_add_delayed(delay,
2814 &maintain_connections_cb, 2821 &maintain_connections_cb,
2815 t); 2822 t);
2816} 2823}
2817 2824
2818 2825
@@ -2825,18 +2832,18 @@ maintain_connections_cb (void *cls)
2825 * @param off offset of the destination on path @a path 2832 * @param off offset of the destination on path @a path
2826 */ 2833 */
2827void 2834void
2828GCT_consider_path (struct CadetTunnel *t, 2835GCT_consider_path(struct CadetTunnel *t,
2829 struct CadetPeerPath *p, 2836 struct CadetPeerPath *p,
2830 unsigned int off) 2837 unsigned int off)
2831{ 2838{
2832 LOG (GNUNET_ERROR_TYPE_DEBUG, 2839 LOG(GNUNET_ERROR_TYPE_DEBUG,
2833 "Considering %s for %s (offset %u)\n", 2840 "Considering %s for %s (offset %u)\n",
2834 GCPP_2s (p), 2841 GCPP_2s(p),
2835 GCT_2s (t), 2842 GCT_2s(t),
2836 off); 2843 off);
2837 (void) consider_path_cb (t, 2844 (void)consider_path_cb(t,
2838 p, 2845 p,
2839 off); 2846 off);
2840} 2847}
2841 2848
2842 2849
@@ -2847,18 +2854,18 @@ GCT_consider_path (struct CadetTunnel *t,
2847 * @param msg the message we received on the tunnel 2854 * @param msg the message we received on the tunnel
2848 */ 2855 */
2849static void 2856static void
2850handle_plaintext_keepalive (void *cls, 2857handle_plaintext_keepalive(void *cls,
2851 const struct GNUNET_MessageHeader *msg) 2858 const struct GNUNET_MessageHeader *msg)
2852{ 2859{
2853 struct CadetTunnel *t = cls; 2860 struct CadetTunnel *t = cls;
2854 2861
2855 LOG (GNUNET_ERROR_TYPE_DEBUG, 2862 LOG(GNUNET_ERROR_TYPE_DEBUG,
2856 "Received KEEPALIVE on %s\n", 2863 "Received KEEPALIVE on %s\n",
2857 GCT_2s (t)); 2864 GCT_2s(t));
2858 GNUNET_STATISTICS_update (stats, 2865 GNUNET_STATISTICS_update(stats,
2859 "# keepalives received", 2866 "# keepalives received",
2860 1, 2867 1,
2861 GNUNET_NO); 2868 GNUNET_NO);
2862} 2869}
2863 2870
2864 2871
@@ -2870,8 +2877,8 @@ handle_plaintext_keepalive (void *cls,
2870 * @return #GNUNET_OK (any variable-size payload goes) 2877 * @return #GNUNET_OK (any variable-size payload goes)
2871 */ 2878 */
2872static int 2879static int
2873check_plaintext_data (void *cls, 2880check_plaintext_data(void *cls,
2874 const struct GNUNET_CADET_ChannelAppDataMessage *msg) 2881 const struct GNUNET_CADET_ChannelAppDataMessage *msg)
2875{ 2882{
2876 return GNUNET_OK; 2883 return GNUNET_OK;
2877} 2884}
@@ -2885,29 +2892,29 @@ check_plaintext_data (void *cls,
2885 * @param msg the message we received on the tunnel 2892 * @param msg the message we received on the tunnel
2886 */ 2893 */
2887static void 2894static void
2888handle_plaintext_data (void *cls, 2895handle_plaintext_data(void *cls,
2889 const struct GNUNET_CADET_ChannelAppDataMessage *msg) 2896 const struct GNUNET_CADET_ChannelAppDataMessage *msg)
2890{ 2897{
2891 struct CadetTunnel *t = cls; 2898 struct CadetTunnel *t = cls;
2892 struct CadetChannel *ch; 2899 struct CadetChannel *ch;
2893 2900
2894 ch = lookup_channel (t, 2901 ch = lookup_channel(t,
2895 msg->ctn); 2902 msg->ctn);
2896 if (NULL == ch) 2903 if (NULL == ch)
2897 { 2904 {
2898 /* We don't know about such a channel, might have been destroyed on our 2905 /* We don't know about such a channel, might have been destroyed on our
2899 end in the meantime, or never existed. Send back a DESTROY. */ 2906 end in the meantime, or never existed. Send back a DESTROY. */
2900 LOG (GNUNET_ERROR_TYPE_DEBUG, 2907 LOG(GNUNET_ERROR_TYPE_DEBUG,
2901 "Received %u bytes of application data for unknown channel %u, sending DESTROY\n", 2908 "Received %u bytes of application data for unknown channel %u, sending DESTROY\n",
2902 (unsigned int) (ntohs (msg->header.size) - sizeof (*msg)), 2909 (unsigned int)(ntohs(msg->header.size) - sizeof(*msg)),
2903 ntohl (msg->ctn.cn)); 2910 ntohl(msg->ctn.cn));
2904 GCT_send_channel_destroy (t, 2911 GCT_send_channel_destroy(t,
2905 msg->ctn); 2912 msg->ctn);
2906 return; 2913 return;
2907 } 2914 }
2908 GCCH_handle_channel_plaintext_data (ch, 2915 GCCH_handle_channel_plaintext_data(ch,
2909 GCC_get_id (t->current_ct->cc), 2916 GCC_get_id(t->current_ct->cc),
2910 msg); 2917 msg);
2911} 2918}
2912 2919
2913 2920
@@ -2920,28 +2927,28 @@ handle_plaintext_data (void *cls,
2920 * @param ack the message we received on the tunnel 2927 * @param ack the message we received on the tunnel
2921 */ 2928 */
2922static void 2929static void
2923handle_plaintext_data_ack (void *cls, 2930handle_plaintext_data_ack(void *cls,
2924 const struct GNUNET_CADET_ChannelDataAckMessage *ack) 2931 const struct GNUNET_CADET_ChannelDataAckMessage *ack)
2925{ 2932{
2926 struct CadetTunnel *t = cls; 2933 struct CadetTunnel *t = cls;
2927 struct CadetChannel *ch; 2934 struct CadetChannel *ch;
2928 2935
2929 ch = lookup_channel (t, 2936 ch = lookup_channel(t,
2930 ack->ctn); 2937 ack->ctn);
2931 if (NULL == ch) 2938 if (NULL == ch)
2932 { 2939 {
2933 /* We don't know about such a channel, might have been destroyed on our 2940 /* We don't know about such a channel, might have been destroyed on our
2934 end in the meantime, or never existed. Send back a DESTROY. */ 2941 end in the meantime, or never existed. Send back a DESTROY. */
2935 LOG (GNUNET_ERROR_TYPE_DEBUG, 2942 LOG(GNUNET_ERROR_TYPE_DEBUG,
2936 "Received DATA_ACK for unknown channel %u, sending DESTROY\n", 2943 "Received DATA_ACK for unknown channel %u, sending DESTROY\n",
2937 ntohl (ack->ctn.cn)); 2944 ntohl(ack->ctn.cn));
2938 GCT_send_channel_destroy (t, 2945 GCT_send_channel_destroy(t,
2939 ack->ctn); 2946 ack->ctn);
2940 return; 2947 return;
2941 } 2948 }
2942 GCCH_handle_channel_plaintext_data_ack (ch, 2949 GCCH_handle_channel_plaintext_data_ack(ch,
2943 GCC_get_id (t->current_ct->cc), 2950 GCC_get_id(t->current_ct->cc),
2944 ack); 2951 ack);
2945} 2952}
2946 2953
2947 2954
@@ -2953,43 +2960,43 @@ handle_plaintext_data_ack (void *cls,
2953 * @param copen the message we received on the tunnel 2960 * @param copen the message we received on the tunnel
2954 */ 2961 */
2955static void 2962static void
2956handle_plaintext_channel_open (void *cls, 2963handle_plaintext_channel_open(void *cls,
2957 const struct GNUNET_CADET_ChannelOpenMessage *copen) 2964 const struct GNUNET_CADET_ChannelOpenMessage *copen)
2958{ 2965{
2959 struct CadetTunnel *t = cls; 2966 struct CadetTunnel *t = cls;
2960 struct CadetChannel *ch; 2967 struct CadetChannel *ch;
2961 2968
2962 ch = GNUNET_CONTAINER_multihashmap32_get (t->channels, 2969 ch = GNUNET_CONTAINER_multihashmap32_get(t->channels,
2963 ntohl (copen->ctn.cn)); 2970 ntohl(copen->ctn.cn));
2964 if (NULL != ch) 2971 if (NULL != ch)
2965 { 2972 {
2966 LOG (GNUNET_ERROR_TYPE_DEBUG, 2973 LOG(GNUNET_ERROR_TYPE_DEBUG,
2967 "Received duplicate channel CHANNEL_OPEN on h_port %s from %s (%s), resending ACK\n", 2974 "Received duplicate channel CHANNEL_OPEN on h_port %s from %s (%s), resending ACK\n",
2968 GNUNET_h2s (&copen->h_port), 2975 GNUNET_h2s(&copen->h_port),
2969 GCT_2s (t), 2976 GCT_2s(t),
2970 GCCH_2s (ch)); 2977 GCCH_2s(ch));
2971 GCCH_handle_duplicate_open (ch, 2978 GCCH_handle_duplicate_open(ch,
2972 GCC_get_id (t->current_ct->cc)); 2979 GCC_get_id(t->current_ct->cc));
2973 return; 2980 return;
2974 } 2981 }
2975 LOG (GNUNET_ERROR_TYPE_DEBUG, 2982 LOG(GNUNET_ERROR_TYPE_DEBUG,
2976 "Received CHANNEL_OPEN on h_port %s from %s\n", 2983 "Received CHANNEL_OPEN on h_port %s from %s\n",
2977 GNUNET_h2s (&copen->h_port), 2984 GNUNET_h2s(&copen->h_port),
2978 GCT_2s (t)); 2985 GCT_2s(t));
2979 ch = GCCH_channel_incoming_new (t, 2986 ch = GCCH_channel_incoming_new(t,
2980 copen->ctn, 2987 copen->ctn,
2981 &copen->h_port, 2988 &copen->h_port,
2982 ntohl (copen->opt)); 2989 ntohl(copen->opt));
2983 if (NULL != t->destroy_task) 2990 if (NULL != t->destroy_task)
2984 { 2991 {
2985 GNUNET_SCHEDULER_cancel (t->destroy_task); 2992 GNUNET_SCHEDULER_cancel(t->destroy_task);
2986 t->destroy_task = NULL; 2993 t->destroy_task = NULL;
2987 } 2994 }
2988 GNUNET_assert (GNUNET_OK == 2995 GNUNET_assert(GNUNET_OK ==
2989 GNUNET_CONTAINER_multihashmap32_put (t->channels, 2996 GNUNET_CONTAINER_multihashmap32_put(t->channels,
2990 ntohl (copen->ctn.cn), 2997 ntohl(copen->ctn.cn),
2991 ch, 2998 ch,
2992 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); 2999 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
2993} 3000}
2994 3001
2995 3002
@@ -3000,22 +3007,22 @@ handle_plaintext_channel_open (void *cls,
3000 * @param ctn ID of the channel to destroy 3007 * @param ctn ID of the channel to destroy
3001 */ 3008 */
3002void 3009void
3003GCT_send_channel_destroy (struct CadetTunnel *t, 3010GCT_send_channel_destroy(struct CadetTunnel *t,
3004 struct GNUNET_CADET_ChannelTunnelNumber ctn) 3011 struct GNUNET_CADET_ChannelTunnelNumber ctn)
3005{ 3012{
3006 struct GNUNET_CADET_ChannelDestroyMessage msg; 3013 struct GNUNET_CADET_ChannelDestroyMessage msg;
3007 3014
3008 LOG (GNUNET_ERROR_TYPE_DEBUG, 3015 LOG(GNUNET_ERROR_TYPE_DEBUG,
3009 "Sending DESTORY message for channel ID %u\n", 3016 "Sending DESTORY message for channel ID %u\n",
3010 ntohl (ctn.cn)); 3017 ntohl(ctn.cn));
3011 msg.header.size = htons (sizeof (msg)); 3018 msg.header.size = htons(sizeof(msg));
3012 msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY); 3019 msg.header.type = htons(GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY);
3013 msg.reserved = htonl (0); 3020 msg.reserved = htonl(0);
3014 msg.ctn = ctn; 3021 msg.ctn = ctn;
3015 GCT_send (t, 3022 GCT_send(t,
3016 &msg.header, 3023 &msg.header,
3017 NULL, 3024 NULL,
3018 NULL); 3025 NULL);
3019} 3026}
3020 3027
3021 3028
@@ -3028,32 +3035,32 @@ GCT_send_channel_destroy (struct CadetTunnel *t,
3028 * @param cm the message we received on the tunnel 3035 * @param cm the message we received on the tunnel
3029 */ 3036 */
3030static void 3037static void
3031handle_plaintext_channel_open_ack (void *cls, 3038handle_plaintext_channel_open_ack(void *cls,
3032 const struct GNUNET_CADET_ChannelOpenAckMessage *cm) 3039 const struct GNUNET_CADET_ChannelOpenAckMessage *cm)
3033{ 3040{
3034 struct CadetTunnel *t = cls; 3041 struct CadetTunnel *t = cls;
3035 struct CadetChannel *ch; 3042 struct CadetChannel *ch;
3036 3043
3037 ch = lookup_channel (t, 3044 ch = lookup_channel(t,
3038 cm->ctn); 3045 cm->ctn);
3039 if (NULL == ch) 3046 if (NULL == ch)
3040 { 3047 {
3041 /* We don't know about such a channel, might have been destroyed on our 3048 /* We don't know about such a channel, might have been destroyed on our
3042 end in the meantime, or never existed. Send back a DESTROY. */ 3049 end in the meantime, or never existed. Send back a DESTROY. */
3043 LOG (GNUNET_ERROR_TYPE_DEBUG, 3050 LOG(GNUNET_ERROR_TYPE_DEBUG,
3044 "Received channel OPEN_ACK for unknown channel %u, sending DESTROY\n", 3051 "Received channel OPEN_ACK for unknown channel %u, sending DESTROY\n",
3045 ntohl (cm->ctn.cn)); 3052 ntohl(cm->ctn.cn));
3046 GCT_send_channel_destroy (t, 3053 GCT_send_channel_destroy(t,
3047 cm->ctn); 3054 cm->ctn);
3048 return; 3055 return;
3049 } 3056 }
3050 LOG (GNUNET_ERROR_TYPE_DEBUG, 3057 LOG(GNUNET_ERROR_TYPE_DEBUG,
3051 "Received channel OPEN_ACK on channel %s from %s\n", 3058 "Received channel OPEN_ACK on channel %s from %s\n",
3052 GCCH_2s (ch), 3059 GCCH_2s(ch),
3053 GCT_2s (t)); 3060 GCT_2s(t));
3054 GCCH_handle_channel_open_ack (ch, 3061 GCCH_handle_channel_open_ack(ch,
3055 GCC_get_id (t->current_ct->cc), 3062 GCC_get_id(t->current_ct->cc),
3056 &cm->port); 3063 &cm->port);
3057} 3064}
3058 3065
3059 3066
@@ -3065,29 +3072,29 @@ handle_plaintext_channel_open_ack (void *cls,
3065 * @param cm the message we received on the tunnel 3072 * @param cm the message we received on the tunnel
3066 */ 3073 */
3067static void 3074static void
3068handle_plaintext_channel_destroy (void *cls, 3075handle_plaintext_channel_destroy(void *cls,
3069 const struct GNUNET_CADET_ChannelDestroyMessage *cm) 3076 const struct GNUNET_CADET_ChannelDestroyMessage *cm)
3070{ 3077{
3071 struct CadetTunnel *t = cls; 3078 struct CadetTunnel *t = cls;
3072 struct CadetChannel *ch; 3079 struct CadetChannel *ch;
3073 3080
3074 ch = lookup_channel (t, 3081 ch = lookup_channel(t,
3075 cm->ctn); 3082 cm->ctn);
3076 if (NULL == ch) 3083 if (NULL == ch)
3077 { 3084 {
3078 /* We don't know about such a channel, might have been destroyed on our 3085 /* We don't know about such a channel, might have been destroyed on our
3079 end in the meantime, or never existed. */ 3086 end in the meantime, or never existed. */
3080 LOG (GNUNET_ERROR_TYPE_DEBUG, 3087 LOG(GNUNET_ERROR_TYPE_DEBUG,
3081 "Received channel DESTORY for unknown channel %u. Ignoring.\n", 3088 "Received channel DESTORY for unknown channel %u. Ignoring.\n",
3082 ntohl (cm->ctn.cn)); 3089 ntohl(cm->ctn.cn));
3083 return; 3090 return;
3084 } 3091 }
3085 LOG (GNUNET_ERROR_TYPE_DEBUG, 3092 LOG(GNUNET_ERROR_TYPE_DEBUG,
3086 "Received channel DESTROY on %s from %s\n", 3093 "Received channel DESTROY on %s from %s\n",
3087 GCCH_2s (ch), 3094 GCCH_2s(ch),
3088 GCT_2s (t)); 3095 GCT_2s(t));
3089 GCCH_handle_remote_destroy (ch, 3096 GCCH_handle_remote_destroy(ch,
3090 GCC_get_id (t->current_ct->cc)); 3097 GCC_get_id(t->current_ct->cc));
3091} 3098}
3092 3099
3093 3100
@@ -3102,14 +3109,14 @@ handle_plaintext_channel_destroy (void *cls,
3102 * #GNUNET_SYSERR to stop further processing with error 3109 * #GNUNET_SYSERR to stop further processing with error
3103 */ 3110 */
3104static int 3111static int
3105handle_decrypted (void *cls, 3112handle_decrypted(void *cls,
3106 const struct GNUNET_MessageHeader *msg) 3113 const struct GNUNET_MessageHeader *msg)
3107{ 3114{
3108 struct CadetTunnel *t = cls; 3115 struct CadetTunnel *t = cls;
3109 3116
3110 GNUNET_assert (NULL != t->current_ct); 3117 GNUNET_assert(NULL != t->current_ct);
3111 GNUNET_MQ_inject_message (t->mq, 3118 GNUNET_MQ_inject_message(t->mq,
3112 msg); 3119 msg);
3113 return GNUNET_OK; 3120 return GNUNET_OK;
3114} 3121}
3115 3122
@@ -3122,10 +3129,10 @@ handle_decrypted (void *cls,
3122 * @param error error code 3129 * @param error error code
3123 */ 3130 */
3124static void 3131static void
3125decrypted_error_cb (void *cls, 3132decrypted_error_cb(void *cls,
3126 enum GNUNET_MQ_Error error) 3133 enum GNUNET_MQ_Error error)
3127{ 3134{
3128 GNUNET_break_op (0); 3135 GNUNET_break_op(0);
3129} 3136}
3130 3137
3131 3138
@@ -3137,55 +3144,55 @@ decrypted_error_cb (void *cls,
3137 * @return new tunnel to @a destination 3144 * @return new tunnel to @a destination
3138 */ 3145 */
3139struct CadetTunnel * 3146struct CadetTunnel *
3140GCT_create_tunnel (struct CadetPeer *destination) 3147GCT_create_tunnel(struct CadetPeer *destination)
3141{ 3148{
3142 struct CadetTunnel *t = GNUNET_new (struct CadetTunnel); 3149 struct CadetTunnel *t = GNUNET_new(struct CadetTunnel);
3143 struct GNUNET_MQ_MessageHandler handlers[] = { 3150 struct GNUNET_MQ_MessageHandler handlers[] = {
3144 GNUNET_MQ_hd_fixed_size (plaintext_keepalive, 3151 GNUNET_MQ_hd_fixed_size(plaintext_keepalive,
3145 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE, 3152 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE,
3146 struct GNUNET_MessageHeader, 3153 struct GNUNET_MessageHeader,
3147 t), 3154 t),
3148 GNUNET_MQ_hd_var_size (plaintext_data, 3155 GNUNET_MQ_hd_var_size(plaintext_data,
3149 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA, 3156 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA,
3150 struct GNUNET_CADET_ChannelAppDataMessage, 3157 struct GNUNET_CADET_ChannelAppDataMessage,
3151 t), 3158 t),
3152 GNUNET_MQ_hd_fixed_size (plaintext_data_ack, 3159 GNUNET_MQ_hd_fixed_size(plaintext_data_ack,
3153 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK, 3160 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK,
3154 struct GNUNET_CADET_ChannelDataAckMessage, 3161 struct GNUNET_CADET_ChannelDataAckMessage,
3155 t), 3162 t),
3156 GNUNET_MQ_hd_fixed_size (plaintext_channel_open, 3163 GNUNET_MQ_hd_fixed_size(plaintext_channel_open,
3157 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN, 3164 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN,
3158 struct GNUNET_CADET_ChannelOpenMessage, 3165 struct GNUNET_CADET_ChannelOpenMessage,
3159 t), 3166 t),
3160 GNUNET_MQ_hd_fixed_size (plaintext_channel_open_ack, 3167 GNUNET_MQ_hd_fixed_size(plaintext_channel_open_ack,
3161 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK, 3168 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK,
3162 struct GNUNET_CADET_ChannelOpenAckMessage, 3169 struct GNUNET_CADET_ChannelOpenAckMessage,
3163 t), 3170 t),
3164 GNUNET_MQ_hd_fixed_size (plaintext_channel_destroy, 3171 GNUNET_MQ_hd_fixed_size(plaintext_channel_destroy,
3165 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY, 3172 GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY,
3166 struct GNUNET_CADET_ChannelDestroyMessage, 3173 struct GNUNET_CADET_ChannelDestroyMessage,
3167 t), 3174 t),
3168 GNUNET_MQ_handler_end () 3175 GNUNET_MQ_handler_end()
3169 }; 3176 };
3170 3177
3171 t->kx_retry_delay = INITIAL_KX_RETRY_DELAY; 3178 t->kx_retry_delay = INITIAL_KX_RETRY_DELAY;
3172 new_ephemeral (&t->ax); 3179 new_ephemeral(&t->ax);
3173 GNUNET_assert (GNUNET_OK == 3180 GNUNET_assert(GNUNET_OK ==
3174 GNUNET_CRYPTO_ecdhe_key_create2 (&t->ax.kx_0)); 3181 GNUNET_CRYPTO_ecdhe_key_create2(&t->ax.kx_0));
3175 t->destination = destination; 3182 t->destination = destination;
3176 t->channels = GNUNET_CONTAINER_multihashmap32_create (8); 3183 t->channels = GNUNET_CONTAINER_multihashmap32_create(8);
3177 t->maintain_connections_task 3184 t->maintain_connections_task
3178 = GNUNET_SCHEDULER_add_now (&maintain_connections_cb, 3185 = GNUNET_SCHEDULER_add_now(&maintain_connections_cb,
3179 t); 3186 t);
3180 t->mq = GNUNET_MQ_queue_for_callbacks (NULL, 3187 t->mq = GNUNET_MQ_queue_for_callbacks(NULL,
3181 NULL, 3188 NULL,
3182 NULL, 3189 NULL,
3183 NULL, 3190 NULL,
3184 handlers, 3191 handlers,
3185 &decrypted_error_cb, 3192 &decrypted_error_cb,
3186 t); 3193 t);
3187 t->mst = GNUNET_MST_create (&handle_decrypted, 3194 t->mst = GNUNET_MST_create(&handle_decrypted,
3188 t); 3195 t);
3189 return t; 3196 return t;
3190} 3197}
3191 3198
@@ -3201,42 +3208,42 @@ GCT_create_tunnel (struct CadetPeer *destination)
3201 * #GNUNET_SYSERR on failure (duplicate connection) 3208 * #GNUNET_SYSERR on failure (duplicate connection)
3202 */ 3209 */
3203int 3210int
3204GCT_add_inbound_connection (struct CadetTunnel *t, 3211GCT_add_inbound_connection(struct CadetTunnel *t,
3205 const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, 3212 const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid,
3206 struct CadetPeerPath *path) 3213 struct CadetPeerPath *path)
3207{ 3214{
3208 struct CadetTConnection *ct; 3215 struct CadetTConnection *ct;
3209 3216
3210 ct = GNUNET_new (struct CadetTConnection); 3217 ct = GNUNET_new(struct CadetTConnection);
3211 ct->created = GNUNET_TIME_absolute_get (); 3218 ct->created = GNUNET_TIME_absolute_get();
3212 ct->t = t; 3219 ct->t = t;
3213 ct->cc = GCC_create_inbound (t->destination, 3220 ct->cc = GCC_create_inbound(t->destination,
3214 path, 3221 path,
3215 ct, 3222 ct,
3216 cid, 3223 cid,
3217 &connection_ready_cb, 3224 &connection_ready_cb,
3218 ct); 3225 ct);
3219 if (NULL == ct->cc) 3226 if (NULL == ct->cc)
3220 { 3227 {
3221 LOG (GNUNET_ERROR_TYPE_DEBUG, 3228 LOG(GNUNET_ERROR_TYPE_DEBUG,
3222 "%s refused inbound %s (duplicate)\n", 3229 "%s refused inbound %s (duplicate)\n",
3223 GCT_2s (t), 3230 GCT_2s(t),
3224 GCC_2s (ct->cc)); 3231 GCC_2s(ct->cc));
3225 GNUNET_free (ct); 3232 GNUNET_free(ct);
3226 return GNUNET_SYSERR; 3233 return GNUNET_SYSERR;
3227 } 3234 }
3228 /* FIXME: schedule job to kill connection (and path?) if it takes 3235 /* FIXME: schedule job to kill connection (and path?) if it takes
3229 too long to get ready! (And track performance data on how long 3236 too long to get ready! (And track performance data on how long
3230 other connections took with the tunnel!) 3237 other connections took with the tunnel!)
3231 => Note: to be done within 'connection'-logic! */ 3238 => Note: to be done within 'connection'-logic! */
3232 GNUNET_CONTAINER_DLL_insert (t->connection_busy_head, 3239 GNUNET_CONTAINER_DLL_insert(t->connection_busy_head,
3233 t->connection_busy_tail, 3240 t->connection_busy_tail,
3234 ct); 3241 ct);
3235 t->num_busy_connections++; 3242 t->num_busy_connections++;
3236 LOG (GNUNET_ERROR_TYPE_DEBUG, 3243 LOG(GNUNET_ERROR_TYPE_DEBUG,
3237 "%s has new %s\n", 3244 "%s has new %s\n",
3238 GCT_2s (t), 3245 GCT_2s(t),
3239 GCC_2s (ct->cc)); 3246 GCC_2s(ct->cc));
3240 return GNUNET_OK; 3247 return GNUNET_OK;
3241} 3248}
3242 3249
@@ -3248,174 +3255,177 @@ GCT_add_inbound_connection (struct CadetTunnel *t,
3248 * @param msg the encrypted message to decrypt 3255 * @param msg the encrypted message to decrypt
3249 */ 3256 */
3250void 3257void
3251GCT_handle_encrypted (struct CadetTConnection *ct, 3258GCT_handle_encrypted(struct CadetTConnection *ct,
3252 const struct GNUNET_CADET_TunnelEncryptedMessage *msg) 3259 const struct GNUNET_CADET_TunnelEncryptedMessage *msg)
3253{ 3260{
3254 struct CadetTunnel *t = ct->t; 3261 struct CadetTunnel *t = ct->t;
3255 uint16_t size = ntohs (msg->header.size); 3262 uint16_t size = ntohs(msg->header.size);
3256 char cbuf [size] GNUNET_ALIGN; 3263 char cbuf [size] GNUNET_ALIGN;
3257 ssize_t decrypted_size; 3264 ssize_t decrypted_size;
3258 3265
3259 LOG (GNUNET_ERROR_TYPE_DEBUG, 3266 LOG(GNUNET_ERROR_TYPE_DEBUG,
3260 "%s received %u bytes of encrypted data in state %d\n", 3267 "%s received %u bytes of encrypted data in state %d\n",
3261 GCT_2s (t), 3268 GCT_2s(t),
3262 (unsigned int) size, 3269 (unsigned int)size,
3263 t->estate); 3270 t->estate);
3264 3271
3265 switch (t->estate) 3272 switch (t->estate)
3266 { 3273 {
3267 case CADET_TUNNEL_KEY_UNINITIALIZED: 3274 case CADET_TUNNEL_KEY_UNINITIALIZED:
3268 case CADET_TUNNEL_KEY_AX_RECV: 3275 case CADET_TUNNEL_KEY_AX_RECV:
3269 /* We did not even SEND our KX, how can the other peer 3276 /* We did not even SEND our KX, how can the other peer
3270 send us encrypted data? Must have been that we went 3277 send us encrypted data? Must have been that we went
3271 down and the other peer still things we are up. 3278 down and the other peer still things we are up.
3272 Let's send it KX back. */ 3279 Let's send it KX back. */
3273 GNUNET_STATISTICS_update (stats, 3280 GNUNET_STATISTICS_update(stats,
3274 "# received encrypted without any KX", 3281 "# received encrypted without any KX",
3275 1, 3282 1,
3276 GNUNET_NO); 3283 GNUNET_NO);
3277 if (NULL != t->kx_task) 3284 if (NULL != t->kx_task)
3278 { 3285 {
3279 GNUNET_SCHEDULER_cancel (t->kx_task); 3286 GNUNET_SCHEDULER_cancel(t->kx_task);
3280 t->kx_task = NULL; 3287 t->kx_task = NULL;
3281 } 3288 }
3282 send_kx (t, 3289 send_kx(t,
3283 ct, 3290 ct,
3284 &t->ax); 3291 &t->ax);
3285 return; 3292 return;
3286 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: 3293
3287 /* We send KX, and other peer send KX to us at the same time. 3294 case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
3288 Neither KX is AUTH'ed, so let's try KX_AUTH this time. */ 3295 /* We send KX, and other peer send KX to us at the same time.
3289 GNUNET_STATISTICS_update (stats, 3296 Neither KX is AUTH'ed, so let's try KX_AUTH this time. */
3290 "# received encrypted without KX_AUTH", 3297 GNUNET_STATISTICS_update(stats,
3291 1, 3298 "# received encrypted without KX_AUTH",
3292 GNUNET_NO); 3299 1,
3293 if (NULL != t->kx_task) 3300 GNUNET_NO);
3294 { 3301 if (NULL != t->kx_task)
3295 GNUNET_SCHEDULER_cancel (t->kx_task); 3302 {
3296 t->kx_task = NULL; 3303 GNUNET_SCHEDULER_cancel(t->kx_task);
3297 } 3304 t->kx_task = NULL;
3298 send_kx_auth (t, 3305 }
3299 ct, 3306 send_kx_auth(t,
3300 &t->ax, 3307 ct,
3301 GNUNET_YES); 3308 &t->ax,
3302 return; 3309 GNUNET_YES);
3303 case CADET_TUNNEL_KEY_AX_SENT: 3310 return;
3304 /* We did not get the KX of the other peer, but that 3311
3305 might have been lost. Send our KX again immediately. */ 3312 case CADET_TUNNEL_KEY_AX_SENT:
3306 GNUNET_STATISTICS_update (stats, 3313 /* We did not get the KX of the other peer, but that
3307 "# received encrypted without KX", 3314 might have been lost. Send our KX again immediately. */
3308 1, 3315 GNUNET_STATISTICS_update(stats,
3309 GNUNET_NO); 3316 "# received encrypted without KX",
3310 if (NULL != t->kx_task) 3317 1,
3311 { 3318 GNUNET_NO);
3312 GNUNET_SCHEDULER_cancel (t->kx_task); 3319 if (NULL != t->kx_task)
3313 t->kx_task = NULL; 3320 {
3314 } 3321 GNUNET_SCHEDULER_cancel(t->kx_task);
3315 send_kx (t, 3322 t->kx_task = NULL;
3316 ct, 3323 }
3317 &t->ax); 3324 send_kx(t,
3318 return; 3325 ct,
3319 case CADET_TUNNEL_KEY_AX_AUTH_SENT: 3326 &t->ax);
3327 return;
3328
3329 case CADET_TUNNEL_KEY_AX_AUTH_SENT:
3320 /* Great, first payload, we might graduate to OK! */ 3330 /* Great, first payload, we might graduate to OK! */
3321 case CADET_TUNNEL_KEY_OK: 3331 case CADET_TUNNEL_KEY_OK:
3322 /* We are up and running, all good. */ 3332 /* We are up and running, all good. */
3323 break; 3333 break;
3324 } 3334 }
3325 3335
3326 decrypted_size = -1; 3336 decrypted_size = -1;
3327 if (CADET_TUNNEL_KEY_OK == t->estate) 3337 if (CADET_TUNNEL_KEY_OK == t->estate)
3328 { 3338 {
3329 /* We have well-established key material available, 3339 /* We have well-established key material available,
3330 try that. (This is the common case.) */ 3340 try that. (This is the common case.) */
3331 decrypted_size = t_ax_decrypt_and_validate (&t->ax, 3341 decrypted_size = t_ax_decrypt_and_validate(&t->ax,
3332 cbuf, 3342 cbuf,
3333 msg, 3343 msg,
3334 size); 3344 size);
3335 }
3336
3337 if ( (-1 == decrypted_size) &&
3338 (NULL != t->unverified_ax) )
3339 {
3340 /* We have un-authenticated KX material available. We should try
3341 this as a back-up option, in case the sender crashed and
3342 switched keys. */
3343 decrypted_size = t_ax_decrypt_and_validate (t->unverified_ax,
3344 cbuf,
3345 msg,
3346 size);
3347 if (-1 != decrypted_size)
3348 {
3349 /* It worked! Treat this as authentication of the AX data! */
3350 cleanup_ax (&t->ax);
3351 t->ax = *t->unverified_ax;
3352 GNUNET_free (t->unverified_ax);
3353 t->unverified_ax = NULL;
3354 } 3345 }
3355 if (CADET_TUNNEL_KEY_AX_AUTH_SENT == t->estate) 3346
3347 if ((-1 == decrypted_size) &&
3348 (NULL != t->unverified_ax))
3356 { 3349 {
3357 /* First time it worked, move tunnel into production! */ 3350 /* We have un-authenticated KX material available. We should try
3358 GCT_change_estate (t, 3351 this as a back-up option, in case the sender crashed and
3359 CADET_TUNNEL_KEY_OK); 3352 switched keys. */
3360 if (NULL != t->send_task) 3353 decrypted_size = t_ax_decrypt_and_validate(t->unverified_ax,
3361 GNUNET_SCHEDULER_cancel (t->send_task); 3354 cbuf,
3362 t->send_task = GNUNET_SCHEDULER_add_now (&trigger_transmissions, 3355 msg,
3363 t); 3356 size);
3357 if (-1 != decrypted_size)
3358 {
3359 /* It worked! Treat this as authentication of the AX data! */
3360 cleanup_ax(&t->ax);
3361 t->ax = *t->unverified_ax;
3362 GNUNET_free(t->unverified_ax);
3363 t->unverified_ax = NULL;
3364 }
3365 if (CADET_TUNNEL_KEY_AX_AUTH_SENT == t->estate)
3366 {
3367 /* First time it worked, move tunnel into production! */
3368 GCT_change_estate(t,
3369 CADET_TUNNEL_KEY_OK);
3370 if (NULL != t->send_task)
3371 GNUNET_SCHEDULER_cancel(t->send_task);
3372 t->send_task = GNUNET_SCHEDULER_add_now(&trigger_transmissions,
3373 t);
3374 }
3364 } 3375 }
3365 }
3366 if (NULL != t->unverified_ax) 3376 if (NULL != t->unverified_ax)
3367 { 3377 {
3368 /* We had unverified KX material that was useless; so increment 3378 /* We had unverified KX material that was useless; so increment
3369 counter and eventually move to ignore it. Note that we even do 3379 counter and eventually move to ignore it. Note that we even do
3370 this increment if we successfully decrypted with the old KX 3380 this increment if we successfully decrypted with the old KX
3371 material and thus didn't even both with the new one. This is 3381 material and thus didn't even both with the new one. This is
3372 the ideal case, as a malicious injection of bogus KX data 3382 the ideal case, as a malicious injection of bogus KX data
3373 basically only causes us to increment a counter a few times. */ 3383 basically only causes us to increment a counter a few times. */
3374 t->unverified_attempts++; 3384 t->unverified_attempts++;
3375 LOG (GNUNET_ERROR_TYPE_DEBUG, 3385 LOG(GNUNET_ERROR_TYPE_DEBUG,
3376 "Failed to decrypt message with unverified KX data %u times\n", 3386 "Failed to decrypt message with unverified KX data %u times\n",
3377 t->unverified_attempts); 3387 t->unverified_attempts);
3378 if (t->unverified_attempts > MAX_UNVERIFIED_ATTEMPTS) 3388 if (t->unverified_attempts > MAX_UNVERIFIED_ATTEMPTS)
3379 { 3389 {
3380 cleanup_ax (t->unverified_ax); 3390 cleanup_ax(t->unverified_ax);
3381 GNUNET_free (t->unverified_ax); 3391 GNUNET_free(t->unverified_ax);
3382 t->unverified_ax = NULL; 3392 t->unverified_ax = NULL;
3393 }
3383 } 3394 }
3384 }
3385 3395
3386 if (-1 == decrypted_size) 3396 if (-1 == decrypted_size)
3387 { 3397 {
3388 /* Decryption failed for good, complain. */ 3398 /* Decryption failed for good, complain. */
3389 LOG (GNUNET_ERROR_TYPE_WARNING, 3399 LOG(GNUNET_ERROR_TYPE_WARNING,
3390 "%s failed to decrypt and validate encrypted data, retrying KX\n", 3400 "%s failed to decrypt and validate encrypted data, retrying KX\n",
3391 GCT_2s (t)); 3401 GCT_2s(t));
3392 GNUNET_STATISTICS_update (stats, 3402 GNUNET_STATISTICS_update(stats,
3393 "# unable to decrypt", 3403 "# unable to decrypt",
3394 1, 3404 1,
3395 GNUNET_NO); 3405 GNUNET_NO);
3396 if (NULL != t->kx_task) 3406 if (NULL != t->kx_task)
3397 { 3407 {
3398 GNUNET_SCHEDULER_cancel (t->kx_task); 3408 GNUNET_SCHEDULER_cancel(t->kx_task);
3399 t->kx_task = NULL; 3409 t->kx_task = NULL;
3410 }
3411 send_kx(t,
3412 ct,
3413 &t->ax);
3414 return;
3400 } 3415 }
3401 send_kx (t, 3416 GNUNET_STATISTICS_update(stats,
3402 ct, 3417 "# decrypted bytes",
3403 &t->ax); 3418 decrypted_size,
3404 return; 3419 GNUNET_NO);
3405 }
3406 GNUNET_STATISTICS_update (stats,
3407 "# decrypted bytes",
3408 decrypted_size,
3409 GNUNET_NO);
3410 3420
3411 /* The MST will ultimately call #handle_decrypted() on each message. */ 3421 /* The MST will ultimately call #handle_decrypted() on each message. */
3412 t->current_ct = ct; 3422 t->current_ct = ct;
3413 GNUNET_break_op (GNUNET_OK == 3423 GNUNET_break_op(GNUNET_OK ==
3414 GNUNET_MST_from_buffer (t->mst, 3424 GNUNET_MST_from_buffer(t->mst,
3415 cbuf, 3425 cbuf,
3416 decrypted_size, 3426 decrypted_size,
3417 GNUNET_YES, 3427 GNUNET_YES,
3418 GNUNET_NO)); 3428 GNUNET_NO));
3419 t->current_ct = NULL; 3429 t->current_ct = NULL;
3420} 3430}
3421 3431
@@ -3431,10 +3441,10 @@ GCT_handle_encrypted (struct CadetTConnection *ct,
3431 * @return Handle to cancel message 3441 * @return Handle to cancel message
3432 */ 3442 */
3433struct CadetTunnelQueueEntry * 3443struct CadetTunnelQueueEntry *
3434GCT_send (struct CadetTunnel *t, 3444GCT_send(struct CadetTunnel *t,
3435 const struct GNUNET_MessageHeader *message, 3445 const struct GNUNET_MessageHeader *message,
3436 GCT_SendContinuation cont, 3446 GCT_SendContinuation cont,
3437 void *cont_cls) 3447 void *cont_cls)
3438{ 3448{
3439 struct CadetTunnelQueueEntry *tq; 3449 struct CadetTunnelQueueEntry *tq;
3440 uint16_t payload_size; 3450 uint16_t payload_size;
@@ -3442,55 +3452,55 @@ GCT_send (struct CadetTunnel *t,
3442 struct GNUNET_CADET_TunnelEncryptedMessage *ax_msg; 3452 struct GNUNET_CADET_TunnelEncryptedMessage *ax_msg;
3443 3453
3444 if (CADET_TUNNEL_KEY_OK != t->estate) 3454 if (CADET_TUNNEL_KEY_OK != t->estate)
3445 { 3455 {
3446 GNUNET_break (0); 3456 GNUNET_break(0);
3447 return NULL; 3457 return NULL;
3448 } 3458 }
3449 payload_size = ntohs (message->size); 3459 payload_size = ntohs(message->size);
3450 LOG (GNUNET_ERROR_TYPE_DEBUG, 3460 LOG(GNUNET_ERROR_TYPE_DEBUG,
3451 "Encrypting %u bytes for %s\n", 3461 "Encrypting %u bytes for %s\n",
3452 (unsigned int) payload_size, 3462 (unsigned int)payload_size,
3453 GCT_2s (t)); 3463 GCT_2s(t));
3454 env = GNUNET_MQ_msg_extra (ax_msg, 3464 env = GNUNET_MQ_msg_extra(ax_msg,
3455 payload_size,
3456 GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED);
3457 t_ax_encrypt (&t->ax,
3458 &ax_msg[1],
3459 message,
3460 payload_size);
3461 GNUNET_STATISTICS_update (stats,
3462 "# encrypted bytes",
3463 payload_size, 3465 payload_size,
3464 GNUNET_NO); 3466 GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED);
3465 ax_msg->ax_header.Ns = htonl (t->ax.Ns++); 3467 t_ax_encrypt(&t->ax,
3466 ax_msg->ax_header.PNs = htonl (t->ax.PNs); 3468 &ax_msg[1],
3469 message,
3470 payload_size);
3471 GNUNET_STATISTICS_update(stats,
3472 "# encrypted bytes",
3473 payload_size,
3474 GNUNET_NO);
3475 ax_msg->ax_header.Ns = htonl(t->ax.Ns++);
3476 ax_msg->ax_header.PNs = htonl(t->ax.PNs);
3467 /* FIXME: we should do this once, not once per message; 3477 /* FIXME: we should do this once, not once per message;
3468 this is a point multiplication, and DHRs does not 3478 this is a point multiplication, and DHRs does not
3469 change all the time. */ 3479 change all the time. */
3470 GNUNET_CRYPTO_ecdhe_key_get_public (&t->ax.DHRs, 3480 GNUNET_CRYPTO_ecdhe_key_get_public(&t->ax.DHRs,
3471 &ax_msg->ax_header.DHRs); 3481 &ax_msg->ax_header.DHRs);
3472 t_h_encrypt (&t->ax, 3482 t_h_encrypt(&t->ax,
3473 ax_msg); 3483 ax_msg);
3474 t_hmac (&ax_msg->ax_header, 3484 t_hmac(&ax_msg->ax_header,
3475 sizeof (struct GNUNET_CADET_AxHeader) + payload_size, 3485 sizeof(struct GNUNET_CADET_AxHeader) + payload_size,
3476 0, 3486 0,
3477 &t->ax.HKs, 3487 &t->ax.HKs,
3478 &ax_msg->hmac); 3488 &ax_msg->hmac);
3479 3489
3480 tq = GNUNET_malloc (sizeof (*tq)); 3490 tq = GNUNET_malloc(sizeof(*tq));
3481 tq->t = t; 3491 tq->t = t;
3482 tq->env = env; 3492 tq->env = env;
3483 tq->cid = &ax_msg->cid; /* will initialize 'ax_msg->cid' once we know the connection */ 3493 tq->cid = &ax_msg->cid; /* will initialize 'ax_msg->cid' once we know the connection */
3484 tq->cont = cont; 3494 tq->cont = cont;
3485 tq->cont_cls = cont_cls; 3495 tq->cont_cls = cont_cls;
3486 GNUNET_CONTAINER_DLL_insert_tail (t->tq_head, 3496 GNUNET_CONTAINER_DLL_insert_tail(t->tq_head,
3487 t->tq_tail, 3497 t->tq_tail,
3488 tq); 3498 tq);
3489 if (NULL != t->send_task) 3499 if (NULL != t->send_task)
3490 GNUNET_SCHEDULER_cancel (t->send_task); 3500 GNUNET_SCHEDULER_cancel(t->send_task);
3491 t->send_task 3501 t->send_task
3492 = GNUNET_SCHEDULER_add_now (&trigger_transmissions, 3502 = GNUNET_SCHEDULER_add_now(&trigger_transmissions,
3493 t); 3503 t);
3494 return tq; 3504 return tq;
3495} 3505}
3496 3506
@@ -3505,15 +3515,15 @@ GCT_send (struct CadetTunnel *t,
3505 * @param tq Handle to the queue entry to cancel. 3515 * @param tq Handle to the queue entry to cancel.
3506 */ 3516 */
3507void 3517void
3508GCT_send_cancel (struct CadetTunnelQueueEntry *tq) 3518GCT_send_cancel(struct CadetTunnelQueueEntry *tq)
3509{ 3519{
3510 struct CadetTunnel *t = tq->t; 3520 struct CadetTunnel *t = tq->t;
3511 3521
3512 GNUNET_CONTAINER_DLL_remove (t->tq_head, 3522 GNUNET_CONTAINER_DLL_remove(t->tq_head,
3513 t->tq_tail, 3523 t->tq_tail,
3514 tq); 3524 tq);
3515 GNUNET_MQ_discard (tq->env); 3525 GNUNET_MQ_discard(tq->env);
3516 GNUNET_free (tq); 3526 GNUNET_free(tq);
3517} 3527}
3518 3528
3519 3529
@@ -3525,35 +3535,35 @@ GCT_send_cancel (struct CadetTunnelQueueEntry *tq)
3525 * @param iter_cls Closure for @c iter. 3535 * @param iter_cls Closure for @c iter.
3526 */ 3536 */
3527void 3537void
3528GCT_iterate_connections (struct CadetTunnel *t, 3538GCT_iterate_connections(struct CadetTunnel *t,
3529 GCT_ConnectionIterator iter, 3539 GCT_ConnectionIterator iter,
3530 void *iter_cls) 3540 void *iter_cls)
3531{ 3541{
3532 struct CadetTConnection *n; 3542 struct CadetTConnection *n;
3543
3533 for (struct CadetTConnection *ct = t->connection_ready_head; 3544 for (struct CadetTConnection *ct = t->connection_ready_head;
3534 NULL != ct; 3545 NULL != ct;
3535 ct = n) 3546 ct = n)
3536 { 3547 {
3537 n = ct->next; 3548 n = ct->next;
3538 iter (iter_cls, 3549 iter(iter_cls,
3539 ct); 3550 ct);
3540 } 3551 }
3541 for (struct CadetTConnection *ct = t->connection_busy_head; 3552 for (struct CadetTConnection *ct = t->connection_busy_head;
3542 NULL != ct; 3553 NULL != ct;
3543 ct = n) 3554 ct = n)
3544 { 3555 {
3545 n = ct->next; 3556 n = ct->next;
3546 iter (iter_cls, 3557 iter(iter_cls,
3547 ct); 3558 ct);
3548 } 3559 }
3549} 3560}
3550 3561
3551 3562
3552/** 3563/**
3553 * Closure for #iterate_channels_cb. 3564 * Closure for #iterate_channels_cb.
3554 */ 3565 */
3555struct ChanIterCls 3566struct ChanIterCls {
3556{
3557 /** 3567 /**
3558 * Function to call. 3568 * Function to call.
3559 */ 3569 */
@@ -3575,15 +3585,15 @@ struct ChanIterCls
3575 * @return #GNUNET_OK 3585 * @return #GNUNET_OK
3576 */ 3586 */
3577static int 3587static int
3578iterate_channels_cb (void *cls, 3588iterate_channels_cb(void *cls,
3579 uint32_t key, 3589 uint32_t key,
3580 void *value) 3590 void *value)
3581{ 3591{
3582 struct ChanIterCls *ctx = cls; 3592 struct ChanIterCls *ctx = cls;
3583 struct CadetChannel *ch = value; 3593 struct CadetChannel *ch = value;
3584 3594
3585 ctx->iter (ctx->iter_cls, 3595 ctx->iter(ctx->iter_cls,
3586 ch); 3596 ch);
3587 return GNUNET_OK; 3597 return GNUNET_OK;
3588} 3598}
3589 3599
@@ -3596,18 +3606,17 @@ iterate_channels_cb (void *cls,
3596 * @param iter_cls Closure for @c iter. 3606 * @param iter_cls Closure for @c iter.
3597 */ 3607 */
3598void 3608void
3599GCT_iterate_channels (struct CadetTunnel *t, 3609GCT_iterate_channels(struct CadetTunnel *t,
3600 GCT_ChannelIterator iter, 3610 GCT_ChannelIterator iter,
3601 void *iter_cls) 3611 void *iter_cls)
3602{ 3612{
3603 struct ChanIterCls ctx; 3613 struct ChanIterCls ctx;
3604 3614
3605 ctx.iter = iter; 3615 ctx.iter = iter;
3606 ctx.iter_cls = iter_cls; 3616 ctx.iter_cls = iter_cls;
3607 GNUNET_CONTAINER_multihashmap32_iterate (t->channels, 3617 GNUNET_CONTAINER_multihashmap32_iterate(t->channels,
3608 &iterate_channels_cb, 3618 &iterate_channels_cb,
3609 &ctx); 3619 &ctx);
3610
3611} 3620}
3612 3621
3613 3622
@@ -3620,19 +3629,19 @@ GCT_iterate_channels (struct CadetTunnel *t,
3620 * @return #GNUNET_OK (continue iteration) 3629 * @return #GNUNET_OK (continue iteration)
3621 */ 3630 */
3622static int 3631static int
3623debug_channel (void *cls, 3632debug_channel(void *cls,
3624 uint32_t key, 3633 uint32_t key,
3625 void *value) 3634 void *value)
3626{ 3635{
3627 const enum GNUNET_ErrorType *level = cls; 3636 const enum GNUNET_ErrorType *level = cls;
3628 struct CadetChannel *ch = value; 3637 struct CadetChannel *ch = value;
3629 3638
3630 GCCH_debug (ch, *level); 3639 GCCH_debug(ch, *level);
3631 return GNUNET_OK; 3640 return GNUNET_OK;
3632} 3641}
3633 3642
3634 3643
3635#define LOG2(level, ...) GNUNET_log_from_nocheck(level,"cadet-tun",__VA_ARGS__) 3644#define LOG2(level, ...) GNUNET_log_from_nocheck(level, "cadet-tun", __VA_ARGS__)
3636 3645
3637 3646
3638/** 3647/**
@@ -3642,41 +3651,41 @@ debug_channel (void *cls,
3642 * @param level Debug level to use. 3651 * @param level Debug level to use.
3643 */ 3652 */
3644void 3653void
3645GCT_debug (const struct CadetTunnel *t, 3654GCT_debug(const struct CadetTunnel *t,
3646 enum GNUNET_ErrorType level) 3655 enum GNUNET_ErrorType level)
3647{ 3656{
3648#if !defined(GNUNET_CULL_LOGGING) 3657#if !defined(GNUNET_CULL_LOGGING)
3649 struct CadetTConnection *iter_c; 3658 struct CadetTConnection *iter_c;
3650 int do_log; 3659 int do_log;
3651 3660
3652 do_log = GNUNET_get_log_call_status (level & (~GNUNET_ERROR_TYPE_BULK), 3661 do_log = GNUNET_get_log_call_status(level & (~GNUNET_ERROR_TYPE_BULK),
3653 "cadet-tun", 3662 "cadet-tun",
3654 __FILE__, __FUNCTION__, __LINE__); 3663 __FILE__, __FUNCTION__, __LINE__);
3655 if (0 == do_log) 3664 if (0 == do_log)
3656 return; 3665 return;
3657 3666
3658 LOG2 (level, 3667 LOG2(level,
3659 "TTT TUNNEL TOWARDS %s in estate %s tq_len: %u #cons: %u\n", 3668 "TTT TUNNEL TOWARDS %s in estate %s tq_len: %u #cons: %u\n",
3660 GCT_2s (t), 3669 GCT_2s(t),
3661 estate2s (t->estate), 3670 estate2s(t->estate),
3662 t->tq_len, 3671 t->tq_len,
3663 GCT_count_any_connections (t)); 3672 GCT_count_any_connections(t));
3664 LOG2 (level, 3673 LOG2(level,
3665 "TTT channels:\n"); 3674 "TTT channels:\n");
3666 GNUNET_CONTAINER_multihashmap32_iterate (t->channels, 3675 GNUNET_CONTAINER_multihashmap32_iterate(t->channels,
3667 &debug_channel, 3676 &debug_channel,
3668 &level); 3677 &level);
3669 LOG2 (level, 3678 LOG2(level,
3670 "TTT connections:\n"); 3679 "TTT connections:\n");
3671 for (iter_c = t->connection_ready_head; NULL != iter_c; iter_c = iter_c->next) 3680 for (iter_c = t->connection_ready_head; NULL != iter_c; iter_c = iter_c->next)
3672 GCC_debug (iter_c->cc, 3681 GCC_debug(iter_c->cc,
3673 level); 3682 level);
3674 for (iter_c = t->connection_busy_head; NULL != iter_c; iter_c = iter_c->next) 3683 for (iter_c = t->connection_busy_head; NULL != iter_c; iter_c = iter_c->next)
3675 GCC_debug (iter_c->cc, 3684 GCC_debug(iter_c->cc,
3676 level); 3685 level);
3677 3686
3678 LOG2 (level, 3687 LOG2(level,
3679 "TTT TUNNEL END\n"); 3688 "TTT TUNNEL END\n");
3680#endif 3689#endif
3681} 3690}
3682 3691
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-25 04:34:10 +0000