diff options
Diffstat (limited to 'src/cadet/gnunet-service-cadet_tunnels.c')
-rw-r--r-- | src/cadet/gnunet-service-cadet_tunnels.c | 3506 |
1 files changed, 1763 insertions, 1743 deletions
diff --git a/src/cadet/gnunet-service-cadet_tunnels.c b/src/cadet/gnunet-service-cadet_tunnels.c index c73f8cdbe..6f2dd1d8d 100644 --- a/src/cadet/gnunet-service-cadet_tunnels.c +++ b/src/cadet/gnunet-service-cadet_tunnels.c | |||
@@ -42,7 +42,7 @@ | |||
42 | #include "gnunet-service-cadet_paths.h" | 42 | #include "gnunet-service-cadet_paths.h" |
43 | 43 | ||
44 | 44 | ||
45 | #define LOG(level, ...) GNUNET_log_from(level, "cadet-tun", __VA_ARGS__) | 45 | #define LOG(level, ...) GNUNET_log_from (level, "cadet-tun", __VA_ARGS__) |
46 | 46 | ||
47 | /** | 47 | /** |
48 | * How often do we try to decrypt payload with unverified key | 48 | * How often do we try to decrypt payload with unverified key |
@@ -54,13 +54,15 @@ | |||
54 | /** | 54 | /** |
55 | * How long do we wait until tearing down an idle tunnel? | 55 | * How long do we wait until tearing down an idle tunnel? |
56 | */ | 56 | */ |
57 | #define IDLE_DESTROY_DELAY GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 90) | 57 | #define IDLE_DESTROY_DELAY GNUNET_TIME_relative_multiply ( \ |
58 | GNUNET_TIME_UNIT_SECONDS, 90) | ||
58 | 59 | ||
59 | /** | 60 | /** |
60 | * How long do we wait initially before retransmitting the KX? | 61 | * How long do we wait initially before retransmitting the KX? |
61 | * TODO: replace by 2 RTT if/once we have connection-level RTT data! | 62 | * TODO: replace by 2 RTT if/once we have connection-level RTT data! |
62 | */ | 63 | */ |
63 | #define INITIAL_KX_RETRY_DELAY GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MILLISECONDS, 250) | 64 | #define INITIAL_KX_RETRY_DELAY GNUNET_TIME_relative_multiply ( \ |
65 | GNUNET_TIME_UNIT_MILLISECONDS, 250) | ||
64 | 66 | ||
65 | /** | 67 | /** |
66 | * Maximum number of skipped keys we keep in memory per tunnel. | 68 | * Maximum number of skipped keys we keep in memory per tunnel. |
@@ -77,7 +79,8 @@ | |||
77 | /** | 79 | /** |
78 | * Struct to old keys for skipped messages while advancing the Axolotl ratchet. | 80 | * Struct to old keys for skipped messages while advancing the Axolotl ratchet. |
79 | */ | 81 | */ |
80 | struct CadetTunnelSkippedKey { | 82 | struct CadetTunnelSkippedKey |
83 | { | ||
81 | /** | 84 | /** |
82 | * DLL next. | 85 | * DLL next. |
83 | */ | 86 | */ |
@@ -113,7 +116,8 @@ struct CadetTunnelSkippedKey { | |||
113 | /** | 116 | /** |
114 | * Axolotl data, according to https://github.com/trevp/axolotl/wiki . | 117 | * Axolotl data, according to https://github.com/trevp/axolotl/wiki . |
115 | */ | 118 | */ |
116 | struct CadetTunnelAxolotl { | 119 | struct CadetTunnelAxolotl |
120 | { | ||
117 | /** | 121 | /** |
118 | * A (double linked) list of stored message keys and associated header keys | 122 | * A (double linked) list of stored message keys and associated header keys |
119 | * for "skipped" messages, i.e. messages that have not been | 123 | * for "skipped" messages, i.e. messages that have not been |
@@ -252,7 +256,8 @@ struct CadetTunnelAxolotl { | |||
252 | /** | 256 | /** |
253 | * Struct used to save messages in a non-ready tunnel to send once connected. | 257 | * Struct used to save messages in a non-ready tunnel to send once connected. |
254 | */ | 258 | */ |
255 | struct CadetTunnelQueueEntry { | 259 | struct CadetTunnelQueueEntry |
260 | { | ||
256 | /** | 261 | /** |
257 | * We are entries in a DLL | 262 | * We are entries in a DLL |
258 | */ | 263 | */ |
@@ -294,7 +299,8 @@ struct CadetTunnelQueueEntry { | |||
294 | /** | 299 | /** |
295 | * Struct containing all information regarding a tunnel to a peer. | 300 | * Struct containing all information regarding a tunnel to a peer. |
296 | */ | 301 | */ |
297 | struct CadetTunnel { | 302 | struct CadetTunnel |
303 | { | ||
298 | /** | 304 | /** |
299 | * Destination of the tunnel. | 305 | * Destination of the tunnel. |
300 | */ | 306 | */ |
@@ -459,19 +465,19 @@ struct CadetTunnel { | |||
459 | * @return #GNUNET_YES for Alice, #GNUNET_NO for Betty, #GNUNET_SYSERR if talking to myself | 465 | * @return #GNUNET_YES for Alice, #GNUNET_NO for Betty, #GNUNET_SYSERR if talking to myself |
460 | */ | 466 | */ |
461 | static int | 467 | static int |
462 | alice_or_betty(const struct GNUNET_PeerIdentity *other) | 468 | alice_or_betty (const struct GNUNET_PeerIdentity *other) |
463 | { | 469 | { |
464 | if (0 > GNUNET_memcmp(&my_full_id, | 470 | if (0 > GNUNET_memcmp (&my_full_id, |
465 | other)) | 471 | other)) |
466 | return GNUNET_YES; | 472 | return GNUNET_YES; |
467 | else if (0 < GNUNET_memcmp(&my_full_id, | 473 | else if (0 < GNUNET_memcmp (&my_full_id, |
468 | other)) | 474 | other)) |
469 | return GNUNET_NO; | 475 | return GNUNET_NO; |
470 | else | 476 | else |
471 | { | 477 | { |
472 | GNUNET_break_op(0); | 478 | GNUNET_break_op (0); |
473 | return GNUNET_SYSERR; | 479 | return GNUNET_SYSERR; |
474 | } | 480 | } |
475 | } | 481 | } |
476 | 482 | ||
477 | 483 | ||
@@ -482,20 +488,20 @@ alice_or_betty(const struct GNUNET_PeerIdentity *other) | |||
482 | * @param ct connection to move to unready status | 488 | * @param ct connection to move to unready status |
483 | */ | 489 | */ |
484 | static void | 490 | static void |
485 | mark_connection_unready(struct CadetTConnection *ct) | 491 | mark_connection_unready (struct CadetTConnection *ct) |
486 | { | 492 | { |
487 | struct CadetTunnel *t = ct->t; | 493 | struct CadetTunnel *t = ct->t; |
488 | 494 | ||
489 | GNUNET_assert(GNUNET_YES == ct->is_ready); | 495 | GNUNET_assert (GNUNET_YES == ct->is_ready); |
490 | GNUNET_CONTAINER_DLL_remove(t->connection_ready_head, | 496 | GNUNET_CONTAINER_DLL_remove (t->connection_ready_head, |
491 | t->connection_ready_tail, | 497 | t->connection_ready_tail, |
492 | ct); | 498 | ct); |
493 | GNUNET_assert(0 < t->num_ready_connections); | 499 | GNUNET_assert (0 < t->num_ready_connections); |
494 | t->num_ready_connections--; | 500 | t->num_ready_connections--; |
495 | ct->is_ready = GNUNET_NO; | 501 | ct->is_ready = GNUNET_NO; |
496 | GNUNET_CONTAINER_DLL_insert(t->connection_busy_head, | 502 | GNUNET_CONTAINER_DLL_insert (t->connection_busy_head, |
497 | t->connection_busy_tail, | 503 | t->connection_busy_tail, |
498 | ct); | 504 | ct); |
499 | t->num_busy_connections++; | 505 | t->num_busy_connections++; |
500 | } | 506 | } |
501 | 507 | ||
@@ -508,16 +514,16 @@ mark_connection_unready(struct CadetTConnection *ct) | |||
508 | * @return Static string the destination peer's ID. | 514 | * @return Static string the destination peer's ID. |
509 | */ | 515 | */ |
510 | const char * | 516 | const char * |
511 | GCT_2s(const struct CadetTunnel *t) | 517 | GCT_2s (const struct CadetTunnel *t) |
512 | { | 518 | { |
513 | static char buf[64]; | 519 | static char buf[64]; |
514 | 520 | ||
515 | if (NULL == t) | 521 | if (NULL == t) |
516 | return "Tunnel(NULL)"; | 522 | return "Tunnel(NULL)"; |
517 | GNUNET_snprintf(buf, | 523 | GNUNET_snprintf (buf, |
518 | sizeof(buf), | 524 | sizeof(buf), |
519 | "Tunnel %s", | 525 | "Tunnel %s", |
520 | GNUNET_i2s(GCP_get_id(t->destination))); | 526 | GNUNET_i2s (GCP_get_id (t->destination))); |
521 | return buf; | 527 | return buf; |
522 | } | 528 | } |
523 | 529 | ||
@@ -530,37 +536,37 @@ GCT_2s(const struct CadetTunnel *t) | |||
530 | * @return String representation. | 536 | * @return String representation. |
531 | */ | 537 | */ |
532 | static const char * | 538 | static const char * |
533 | estate2s(enum CadetTunnelEState es) | 539 | estate2s (enum CadetTunnelEState es) |
534 | { | 540 | { |
535 | static char buf[32]; | 541 | static char buf[32]; |
536 | 542 | ||
537 | switch (es) | 543 | switch (es) |
538 | { | 544 | { |
539 | case CADET_TUNNEL_KEY_UNINITIALIZED: | 545 | case CADET_TUNNEL_KEY_UNINITIALIZED: |
540 | return "CADET_TUNNEL_KEY_UNINITIALIZED"; | 546 | return "CADET_TUNNEL_KEY_UNINITIALIZED"; |
541 | 547 | ||
542 | case CADET_TUNNEL_KEY_AX_RECV: | 548 | case CADET_TUNNEL_KEY_AX_RECV: |
543 | return "CADET_TUNNEL_KEY_AX_RECV"; | 549 | return "CADET_TUNNEL_KEY_AX_RECV"; |
544 | 550 | ||
545 | case CADET_TUNNEL_KEY_AX_SENT: | 551 | case CADET_TUNNEL_KEY_AX_SENT: |
546 | return "CADET_TUNNEL_KEY_AX_SENT"; | 552 | return "CADET_TUNNEL_KEY_AX_SENT"; |
547 | 553 | ||
548 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: | 554 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: |
549 | return "CADET_TUNNEL_KEY_AX_SENT_AND_RECV"; | 555 | return "CADET_TUNNEL_KEY_AX_SENT_AND_RECV"; |
550 | 556 | ||
551 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: | 557 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: |
552 | return "CADET_TUNNEL_KEY_AX_AUTH_SENT"; | 558 | return "CADET_TUNNEL_KEY_AX_AUTH_SENT"; |
553 | 559 | ||
554 | case CADET_TUNNEL_KEY_OK: | 560 | case CADET_TUNNEL_KEY_OK: |
555 | return "CADET_TUNNEL_KEY_OK"; | 561 | return "CADET_TUNNEL_KEY_OK"; |
556 | 562 | ||
557 | default: | 563 | default: |
558 | GNUNET_snprintf(buf, | 564 | GNUNET_snprintf (buf, |
559 | sizeof(buf), | 565 | sizeof(buf), |
560 | "%u (UNKNOWN STATE)", | 566 | "%u (UNKNOWN STATE)", |
561 | es); | 567 | es); |
562 | return buf; | 568 | return buf; |
563 | } | 569 | } |
564 | } | 570 | } |
565 | 571 | ||
566 | 572 | ||
@@ -571,7 +577,7 @@ estate2s(enum CadetTunnelEState es) | |||
571 | * @return the destination of the tunnel | 577 | * @return the destination of the tunnel |
572 | */ | 578 | */ |
573 | struct CadetPeer * | 579 | struct CadetPeer * |
574 | GCT_get_destination(struct CadetTunnel *t) | 580 | GCT_get_destination (struct CadetTunnel *t) |
575 | { | 581 | { |
576 | return t->destination; | 582 | return t->destination; |
577 | } | 583 | } |
@@ -585,9 +591,9 @@ GCT_get_destination(struct CadetTunnel *t) | |||
585 | * @return Number of channels. | 591 | * @return Number of channels. |
586 | */ | 592 | */ |
587 | unsigned int | 593 | unsigned int |
588 | GCT_count_channels(struct CadetTunnel *t) | 594 | GCT_count_channels (struct CadetTunnel *t) |
589 | { | 595 | { |
590 | return GNUNET_CONTAINER_multihashmap32_size(t->channels); | 596 | return GNUNET_CONTAINER_multihashmap32_size (t->channels); |
591 | } | 597 | } |
592 | 598 | ||
593 | 599 | ||
@@ -599,11 +605,11 @@ GCT_count_channels(struct CadetTunnel *t) | |||
599 | * @return NULL if channel does not exist | 605 | * @return NULL if channel does not exist |
600 | */ | 606 | */ |
601 | struct CadetChannel * | 607 | struct CadetChannel * |
602 | lookup_channel(struct CadetTunnel *t, | 608 | lookup_channel (struct CadetTunnel *t, |
603 | struct GNUNET_CADET_ChannelTunnelNumber ctn) | 609 | struct GNUNET_CADET_ChannelTunnelNumber ctn) |
604 | { | 610 | { |
605 | return GNUNET_CONTAINER_multihashmap32_get(t->channels, | 611 | return GNUNET_CONTAINER_multihashmap32_get (t->channels, |
606 | ntohl(ctn.cn)); | 612 | ntohl (ctn.cn)); |
607 | } | 613 | } |
608 | 614 | ||
609 | 615 | ||
@@ -615,7 +621,7 @@ lookup_channel(struct CadetTunnel *t, | |||
615 | * @return Number of connections created, either being established or ready. | 621 | * @return Number of connections created, either being established or ready. |
616 | */ | 622 | */ |
617 | unsigned int | 623 | unsigned int |
618 | GCT_count_any_connections(const struct CadetTunnel *t) | 624 | GCT_count_any_connections (const struct CadetTunnel *t) |
619 | { | 625 | { |
620 | return t->num_ready_connections + t->num_busy_connections; | 626 | return t->num_ready_connections + t->num_busy_connections; |
621 | } | 627 | } |
@@ -629,12 +635,12 @@ GCT_count_any_connections(const struct CadetTunnel *t) | |||
629 | * @return NULL if we have no connection that is ready | 635 | * @return NULL if we have no connection that is ready |
630 | */ | 636 | */ |
631 | static struct CadetTConnection * | 637 | static struct CadetTConnection * |
632 | get_ready_connection(struct CadetTunnel *t) | 638 | get_ready_connection (struct CadetTunnel *t) |
633 | { | 639 | { |
634 | struct CadetTConnection *hd = t->connection_ready_head; | 640 | struct CadetTConnection *hd = t->connection_ready_head; |
635 | 641 | ||
636 | GNUNET_assert((NULL == hd) || | 642 | GNUNET_assert ((NULL == hd) || |
637 | (GNUNET_YES == hd->is_ready)); | 643 | (GNUNET_YES == hd->is_ready)); |
638 | return hd; | 644 | return hd; |
639 | } | 645 | } |
640 | 646 | ||
@@ -647,7 +653,7 @@ get_ready_connection(struct CadetTunnel *t) | |||
647 | * @return Tunnel's encryption state. | 653 | * @return Tunnel's encryption state. |
648 | */ | 654 | */ |
649 | enum CadetTunnelEState | 655 | enum CadetTunnelEState |
650 | GCT_get_estate(struct CadetTunnel *t) | 656 | GCT_get_estate (struct CadetTunnel *t) |
651 | { | 657 | { |
652 | return t->estate; | 658 | return t->estate; |
653 | } | 659 | } |
@@ -662,7 +668,7 @@ GCT_get_estate(struct CadetTunnel *t) | |||
662 | * @param cls the `struct CadetTunnel` to process messages on | 668 | * @param cls the `struct CadetTunnel` to process messages on |
663 | */ | 669 | */ |
664 | static void | 670 | static void |
665 | trigger_transmissions(void *cls); | 671 | trigger_transmissions (void *cls); |
666 | 672 | ||
667 | 673 | ||
668 | /* ************************************** start core crypto ***************************** */ | 674 | /* ************************************** start core crypto ***************************** */ |
@@ -674,12 +680,12 @@ trigger_transmissions(void *cls); | |||
674 | * @param ax key material to update | 680 | * @param ax key material to update |
675 | */ | 681 | */ |
676 | static void | 682 | static void |
677 | new_ephemeral(struct CadetTunnelAxolotl *ax) | 683 | new_ephemeral (struct CadetTunnelAxolotl *ax) |
678 | { | 684 | { |
679 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 685 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
680 | "Creating new ephemeral ratchet key (DHRs)\n"); | 686 | "Creating new ephemeral ratchet key (DHRs)\n"); |
681 | GNUNET_assert(GNUNET_OK == | 687 | GNUNET_assert (GNUNET_OK == |
682 | GNUNET_CRYPTO_ecdhe_key_create2(&ax->DHRs)); | 688 | GNUNET_CRYPTO_ecdhe_key_create2 (&ax->DHRs)); |
683 | } | 689 | } |
684 | 690 | ||
685 | 691 | ||
@@ -693,31 +699,31 @@ new_ephemeral(struct CadetTunnelAxolotl *ax) | |||
693 | * @param hmac[out] Destination to store the HMAC. | 699 | * @param hmac[out] Destination to store the HMAC. |
694 | */ | 700 | */ |
695 | static void | 701 | static void |
696 | t_hmac(const void *plaintext, | 702 | t_hmac (const void *plaintext, |
697 | size_t size, | 703 | size_t size, |
698 | uint32_t iv, | 704 | uint32_t iv, |
699 | const struct GNUNET_CRYPTO_SymmetricSessionKey *key, | 705 | const struct GNUNET_CRYPTO_SymmetricSessionKey *key, |
700 | struct GNUNET_ShortHashCode *hmac) | 706 | struct GNUNET_ShortHashCode *hmac) |
701 | { | 707 | { |
702 | static const char ctx[] = "cadet authentication key"; | 708 | static const char ctx[] = "cadet authentication key"; |
703 | struct GNUNET_CRYPTO_AuthKey auth_key; | 709 | struct GNUNET_CRYPTO_AuthKey auth_key; |
704 | struct GNUNET_HashCode hash; | 710 | struct GNUNET_HashCode hash; |
705 | 711 | ||
706 | GNUNET_CRYPTO_hmac_derive_key(&auth_key, | 712 | GNUNET_CRYPTO_hmac_derive_key (&auth_key, |
707 | key, | 713 | key, |
708 | &iv, sizeof(iv), | 714 | &iv, sizeof(iv), |
709 | key, sizeof(*key), | 715 | key, sizeof(*key), |
710 | ctx, sizeof(ctx), | 716 | ctx, sizeof(ctx), |
711 | NULL); | 717 | NULL); |
712 | /* Two step: GNUNET_ShortHash is only 256 bits, | 718 | /* Two step: GNUNET_ShortHash is only 256 bits, |
713 | GNUNET_HashCode is 512, so we truncate. */ | 719 | GNUNET_HashCode is 512, so we truncate. */ |
714 | GNUNET_CRYPTO_hmac(&auth_key, | 720 | GNUNET_CRYPTO_hmac (&auth_key, |
715 | plaintext, | 721 | plaintext, |
716 | size, | 722 | size, |
717 | &hash); | 723 | &hash); |
718 | GNUNET_memcpy(hmac, | 724 | GNUNET_memcpy (hmac, |
719 | &hash, | 725 | &hash, |
720 | sizeof(*hmac)); | 726 | sizeof(*hmac)); |
721 | } | 727 | } |
722 | 728 | ||
723 | 729 | ||
@@ -730,22 +736,22 @@ t_hmac(const void *plaintext, | |||
730 | * @param len Length of @a source. | 736 | * @param len Length of @a source. |
731 | */ | 737 | */ |
732 | static void | 738 | static void |
733 | t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, | 739 | t_ax_hmac_hash (const struct GNUNET_CRYPTO_SymmetricSessionKey *key, |
734 | struct GNUNET_HashCode *hash, | 740 | struct GNUNET_HashCode *hash, |
735 | const void *source, | 741 | const void *source, |
736 | unsigned int len) | 742 | unsigned int len) |
737 | { | 743 | { |
738 | static const char ctx[] = "axolotl HMAC-HASH"; | 744 | static const char ctx[] = "axolotl HMAC-HASH"; |
739 | struct GNUNET_CRYPTO_AuthKey auth_key; | 745 | struct GNUNET_CRYPTO_AuthKey auth_key; |
740 | 746 | ||
741 | GNUNET_CRYPTO_hmac_derive_key(&auth_key, | 747 | GNUNET_CRYPTO_hmac_derive_key (&auth_key, |
742 | key, | 748 | key, |
743 | ctx, sizeof(ctx), | 749 | ctx, sizeof(ctx), |
744 | NULL); | 750 | NULL); |
745 | GNUNET_CRYPTO_hmac(&auth_key, | 751 | GNUNET_CRYPTO_hmac (&auth_key, |
746 | source, | 752 | source, |
747 | len, | 753 | len, |
748 | hash); | 754 | hash); |
749 | } | 755 | } |
750 | 756 | ||
751 | 757 | ||
@@ -758,22 +764,22 @@ t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, | |||
758 | * @param len Length of @a source. | 764 | * @param len Length of @a source. |
759 | */ | 765 | */ |
760 | static void | 766 | static void |
761 | t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, | 767 | t_hmac_derive_key (const struct GNUNET_CRYPTO_SymmetricSessionKey *key, |
762 | struct GNUNET_CRYPTO_SymmetricSessionKey *out, | 768 | struct GNUNET_CRYPTO_SymmetricSessionKey *out, |
763 | const void *source, | 769 | const void *source, |
764 | unsigned int len) | 770 | unsigned int len) |
765 | { | 771 | { |
766 | static const char ctx[] = "axolotl derive key"; | 772 | static const char ctx[] = "axolotl derive key"; |
767 | struct GNUNET_HashCode h; | 773 | struct GNUNET_HashCode h; |
768 | 774 | ||
769 | t_ax_hmac_hash(key, | 775 | t_ax_hmac_hash (key, |
770 | &h, | 776 | &h, |
771 | source, | 777 | source, |
772 | len); | 778 | len); |
773 | GNUNET_CRYPTO_kdf(out, sizeof(*out), | 779 | GNUNET_CRYPTO_kdf (out, sizeof(*out), |
774 | ctx, sizeof(ctx), | 780 | ctx, sizeof(ctx), |
775 | &h, sizeof(h), | 781 | &h, sizeof(h), |
776 | NULL); | 782 | NULL); |
777 | } | 783 | } |
778 | 784 | ||
779 | 785 | ||
@@ -786,10 +792,10 @@ t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, | |||
786 | * @param size Size of the buffers at @a src and @a dst | 792 | * @param size Size of the buffers at @a src and @a dst |
787 | */ | 793 | */ |
788 | static void | 794 | static void |
789 | t_ax_encrypt(struct CadetTunnelAxolotl *ax, | 795 | t_ax_encrypt (struct CadetTunnelAxolotl *ax, |
790 | void *dst, | 796 | void *dst, |
791 | const void *src, | 797 | const void *src, |
792 | size_t size) | 798 | size_t size) |
793 | { | 799 | { |
794 | struct GNUNET_CRYPTO_SymmetricSessionKey MK; | 800 | struct GNUNET_CRYPTO_SymmetricSessionKey MK; |
795 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 801 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
@@ -798,66 +804,67 @@ t_ax_encrypt(struct CadetTunnelAxolotl *ax, | |||
798 | ax->ratchet_counter++; | 804 | ax->ratchet_counter++; |
799 | if ((GNUNET_YES == ax->ratchet_allowed) && | 805 | if ((GNUNET_YES == ax->ratchet_allowed) && |
800 | ((ratchet_messages <= ax->ratchet_counter) || | 806 | ((ratchet_messages <= ax->ratchet_counter) || |
801 | (0 == GNUNET_TIME_absolute_get_remaining(ax->ratchet_expiration).rel_value_us))) | 807 | (0 == GNUNET_TIME_absolute_get_remaining ( |
802 | { | 808 | ax->ratchet_expiration).rel_value_us))) |
803 | ax->ratchet_flag = GNUNET_YES; | 809 | { |
804 | } | 810 | ax->ratchet_flag = GNUNET_YES; |
811 | } | ||
805 | if (GNUNET_YES == ax->ratchet_flag) | 812 | if (GNUNET_YES == ax->ratchet_flag) |
806 | { | 813 | { |
807 | /* Advance ratchet */ | 814 | /* Advance ratchet */ |
808 | struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; | 815 | struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; |
809 | struct GNUNET_HashCode dh; | 816 | struct GNUNET_HashCode dh; |
810 | struct GNUNET_HashCode hmac; | 817 | struct GNUNET_HashCode hmac; |
811 | static const char ctx[] = "axolotl ratchet"; | 818 | static const char ctx[] = "axolotl ratchet"; |
812 | 819 | ||
813 | new_ephemeral(ax); | 820 | new_ephemeral (ax); |
814 | ax->HKs = ax->NHKs; | 821 | ax->HKs = ax->NHKs; |
815 | 822 | ||
816 | /* RK, NHKs, CKs = KDF( HMAC-HASH(RK, DH(DHRs, DHRr)) ) */ | 823 | /* RK, NHKs, CKs = KDF( HMAC-HASH(RK, DH(DHRs, DHRr)) ) */ |
817 | GNUNET_CRYPTO_ecc_ecdh(&ax->DHRs, | 824 | GNUNET_CRYPTO_ecc_ecdh (&ax->DHRs, |
818 | &ax->DHRr, | 825 | &ax->DHRr, |
819 | &dh); | 826 | &dh); |
820 | t_ax_hmac_hash(&ax->RK, | 827 | t_ax_hmac_hash (&ax->RK, |
821 | &hmac, | 828 | &hmac, |
822 | &dh, | 829 | &dh, |
823 | sizeof(dh)); | 830 | sizeof(dh)); |
824 | GNUNET_CRYPTO_kdf(keys, sizeof(keys), | 831 | GNUNET_CRYPTO_kdf (keys, sizeof(keys), |
825 | ctx, sizeof(ctx), | 832 | ctx, sizeof(ctx), |
826 | &hmac, sizeof(hmac), | 833 | &hmac, sizeof(hmac), |
827 | NULL); | 834 | NULL); |
828 | ax->RK = keys[0]; | 835 | ax->RK = keys[0]; |
829 | ax->NHKs = keys[1]; | 836 | ax->NHKs = keys[1]; |
830 | ax->CKs = keys[2]; | 837 | ax->CKs = keys[2]; |
831 | 838 | ||
832 | ax->PNs = ax->Ns; | 839 | ax->PNs = ax->Ns; |
833 | ax->Ns = 0; | 840 | ax->Ns = 0; |
834 | ax->ratchet_flag = GNUNET_NO; | 841 | ax->ratchet_flag = GNUNET_NO; |
835 | ax->ratchet_allowed = GNUNET_NO; | 842 | ax->ratchet_allowed = GNUNET_NO; |
836 | ax->ratchet_counter = 0; | 843 | ax->ratchet_counter = 0; |
837 | ax->ratchet_expiration | 844 | ax->ratchet_expiration |
838 | = GNUNET_TIME_absolute_add(GNUNET_TIME_absolute_get(), | 845 | = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get (), |
839 | ratchet_time); | 846 | ratchet_time); |
840 | } | 847 | } |
841 | 848 | ||
842 | t_hmac_derive_key(&ax->CKs, | 849 | t_hmac_derive_key (&ax->CKs, |
843 | &MK, | 850 | &MK, |
844 | "0", | 851 | "0", |
845 | 1); | 852 | 1); |
846 | GNUNET_CRYPTO_symmetric_derive_iv(&iv, | 853 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, |
847 | &MK, | 854 | &MK, |
848 | NULL, 0, | 855 | NULL, 0, |
849 | NULL); | 856 | NULL); |
850 | 857 | ||
851 | out_size = GNUNET_CRYPTO_symmetric_encrypt(src, | 858 | out_size = GNUNET_CRYPTO_symmetric_encrypt (src, |
852 | size, | 859 | size, |
853 | &MK, | 860 | &MK, |
854 | &iv, | 861 | &iv, |
855 | dst); | 862 | dst); |
856 | GNUNET_assert(size == out_size); | 863 | GNUNET_assert (size == out_size); |
857 | t_hmac_derive_key(&ax->CKs, | 864 | t_hmac_derive_key (&ax->CKs, |
858 | &ax->CKs, | 865 | &ax->CKs, |
859 | "1", | 866 | "1", |
860 | 1); | 867 | 1); |
861 | } | 868 | } |
862 | 869 | ||
863 | 870 | ||
@@ -870,34 +877,34 @@ t_ax_encrypt(struct CadetTunnelAxolotl *ax, | |||
870 | * @param size Size of the @a src and @a dst buffers | 877 | * @param size Size of the @a src and @a dst buffers |
871 | */ | 878 | */ |
872 | static void | 879 | static void |
873 | t_ax_decrypt(struct CadetTunnelAxolotl *ax, | 880 | t_ax_decrypt (struct CadetTunnelAxolotl *ax, |
874 | void *dst, | 881 | void *dst, |
875 | const void *src, | 882 | const void *src, |
876 | size_t size) | 883 | size_t size) |
877 | { | 884 | { |
878 | struct GNUNET_CRYPTO_SymmetricSessionKey MK; | 885 | struct GNUNET_CRYPTO_SymmetricSessionKey MK; |
879 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 886 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
880 | size_t out_size; | 887 | size_t out_size; |
881 | 888 | ||
882 | t_hmac_derive_key(&ax->CKr, | 889 | t_hmac_derive_key (&ax->CKr, |
883 | &MK, | 890 | &MK, |
884 | "0", | 891 | "0", |
885 | 1); | 892 | 1); |
886 | GNUNET_CRYPTO_symmetric_derive_iv(&iv, | 893 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, |
887 | &MK, | 894 | &MK, |
888 | NULL, 0, | 895 | NULL, 0, |
889 | NULL); | 896 | NULL); |
890 | GNUNET_assert(size >= sizeof(struct GNUNET_MessageHeader)); | 897 | GNUNET_assert (size >= sizeof(struct GNUNET_MessageHeader)); |
891 | out_size = GNUNET_CRYPTO_symmetric_decrypt(src, | 898 | out_size = GNUNET_CRYPTO_symmetric_decrypt (src, |
892 | size, | 899 | size, |
893 | &MK, | 900 | &MK, |
894 | &iv, | 901 | &iv, |
895 | dst); | 902 | dst); |
896 | GNUNET_assert(out_size == size); | 903 | GNUNET_assert (out_size == size); |
897 | t_hmac_derive_key(&ax->CKr, | 904 | t_hmac_derive_key (&ax->CKr, |
898 | &ax->CKr, | 905 | &ax->CKr, |
899 | "1", | 906 | "1", |
900 | 1); | 907 | 1); |
901 | } | 908 | } |
902 | 909 | ||
903 | 910 | ||
@@ -908,22 +915,23 @@ t_ax_decrypt(struct CadetTunnelAxolotl *ax, | |||
908 | * @param[in|out] msg Message whose header to encrypt. | 915 | * @param[in|out] msg Message whose header to encrypt. |
909 | */ | 916 | */ |
910 | static void | 917 | static void |
911 | t_h_encrypt(struct CadetTunnelAxolotl *ax, | 918 | t_h_encrypt (struct CadetTunnelAxolotl *ax, |
912 | struct GNUNET_CADET_TunnelEncryptedMessage *msg) | 919 | struct GNUNET_CADET_TunnelEncryptedMessage *msg) |
913 | { | 920 | { |
914 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 921 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
915 | size_t out_size; | 922 | size_t out_size; |
916 | 923 | ||
917 | GNUNET_CRYPTO_symmetric_derive_iv(&iv, | 924 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, |
918 | &ax->HKs, | 925 | &ax->HKs, |
919 | NULL, 0, | 926 | NULL, 0, |
920 | NULL); | 927 | NULL); |
921 | out_size = GNUNET_CRYPTO_symmetric_encrypt(&msg->ax_header, | 928 | out_size = GNUNET_CRYPTO_symmetric_encrypt (&msg->ax_header, |
922 | sizeof(struct GNUNET_CADET_AxHeader), | 929 | sizeof(struct |
923 | &ax->HKs, | 930 | GNUNET_CADET_AxHeader), |
924 | &iv, | 931 | &ax->HKs, |
925 | &msg->ax_header); | 932 | &iv, |
926 | GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == out_size); | 933 | &msg->ax_header); |
934 | GNUNET_assert (sizeof(struct GNUNET_CADET_AxHeader) == out_size); | ||
927 | } | 935 | } |
928 | 936 | ||
929 | 937 | ||
@@ -935,23 +943,24 @@ t_h_encrypt(struct CadetTunnelAxolotl *ax, | |||
935 | * @param dst Where to decrypt header to. | 943 | * @param dst Where to decrypt header to. |
936 | */ | 944 | */ |
937 | static void | 945 | static void |
938 | t_h_decrypt(struct CadetTunnelAxolotl *ax, | 946 | t_h_decrypt (struct CadetTunnelAxolotl *ax, |
939 | const struct GNUNET_CADET_TunnelEncryptedMessage *src, | 947 | const struct GNUNET_CADET_TunnelEncryptedMessage *src, |
940 | struct GNUNET_CADET_TunnelEncryptedMessage *dst) | 948 | struct GNUNET_CADET_TunnelEncryptedMessage *dst) |
941 | { | 949 | { |
942 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; | 950 | struct GNUNET_CRYPTO_SymmetricInitializationVector iv; |
943 | size_t out_size; | 951 | size_t out_size; |
944 | 952 | ||
945 | GNUNET_CRYPTO_symmetric_derive_iv(&iv, | 953 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, |
946 | &ax->HKr, | 954 | &ax->HKr, |
947 | NULL, 0, | 955 | NULL, 0, |
948 | NULL); | 956 | NULL); |
949 | out_size = GNUNET_CRYPTO_symmetric_decrypt(&src->ax_header.Ns, | 957 | out_size = GNUNET_CRYPTO_symmetric_decrypt (&src->ax_header.Ns, |
950 | sizeof(struct GNUNET_CADET_AxHeader), | 958 | sizeof(struct |
951 | &ax->HKr, | 959 | GNUNET_CADET_AxHeader), |
952 | &iv, | 960 | &ax->HKr, |
953 | &dst->ax_header.Ns); | 961 | &iv, |
954 | GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == out_size); | 962 | &dst->ax_header.Ns); |
963 | GNUNET_assert (sizeof(struct GNUNET_CADET_AxHeader) == out_size); | ||
955 | } | 964 | } |
956 | 965 | ||
957 | 966 | ||
@@ -962,13 +971,13 @@ t_h_decrypt(struct CadetTunnelAxolotl *ax, | |||
962 | * @param key Key to delete. | 971 | * @param key Key to delete. |
963 | */ | 972 | */ |
964 | static void | 973 | static void |
965 | delete_skipped_key(struct CadetTunnelAxolotl *ax, | 974 | delete_skipped_key (struct CadetTunnelAxolotl *ax, |
966 | struct CadetTunnelSkippedKey *key) | 975 | struct CadetTunnelSkippedKey *key) |
967 | { | 976 | { |
968 | GNUNET_CONTAINER_DLL_remove(ax->skipped_head, | 977 | GNUNET_CONTAINER_DLL_remove (ax->skipped_head, |
969 | ax->skipped_tail, | 978 | ax->skipped_tail, |
970 | key); | 979 | key); |
971 | GNUNET_free(key); | 980 | GNUNET_free (key); |
972 | ax->skipped--; | 981 | ax->skipped--; |
973 | } | 982 | } |
974 | 983 | ||
@@ -984,10 +993,10 @@ delete_skipped_key(struct CadetTunnelAxolotl *ax, | |||
984 | * @return Size of the decrypted data, -1 if an error was encountered. | 993 | * @return Size of the decrypted data, -1 if an error was encountered. |
985 | */ | 994 | */ |
986 | static ssize_t | 995 | static ssize_t |
987 | try_old_ax_keys(struct CadetTunnelAxolotl *ax, | 996 | try_old_ax_keys (struct CadetTunnelAxolotl *ax, |
988 | void *dst, | 997 | void *dst, |
989 | const struct GNUNET_CADET_TunnelEncryptedMessage *src, | 998 | const struct GNUNET_CADET_TunnelEncryptedMessage *src, |
990 | size_t size) | 999 | size_t size) |
991 | { | 1000 | { |
992 | struct CadetTunnelSkippedKey *key; | 1001 | struct CadetTunnelSkippedKey *key; |
993 | struct GNUNET_ShortHashCode *hmac; | 1002 | struct GNUNET_ShortHashCode *hmac; |
@@ -999,70 +1008,70 @@ try_old_ax_keys(struct CadetTunnelAxolotl *ax, | |||
999 | size_t len; | 1008 | size_t len; |
1000 | unsigned int N; | 1009 | unsigned int N; |
1001 | 1010 | ||
1002 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1011 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1003 | "Trying skipped keys\n"); | 1012 | "Trying skipped keys\n"); |
1004 | hmac = &plaintext_header.hmac; | 1013 | hmac = &plaintext_header.hmac; |
1005 | esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage); | 1014 | esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage); |
1006 | 1015 | ||
1007 | /* Find a correct Header Key */ | 1016 | /* Find a correct Header Key */ |
1008 | valid_HK = NULL; | 1017 | valid_HK = NULL; |
1009 | for (key = ax->skipped_head; NULL != key; key = key->next) | 1018 | for (key = ax->skipped_head; NULL != key; key = key->next) |
1010 | { | 1019 | { |
1011 | t_hmac(&src->ax_header, | 1020 | t_hmac (&src->ax_header, |
1012 | sizeof(struct GNUNET_CADET_AxHeader) + esize, | 1021 | sizeof(struct GNUNET_CADET_AxHeader) + esize, |
1013 | 0, | 1022 | 0, |
1014 | &key->HK, | 1023 | &key->HK, |
1015 | hmac); | 1024 | hmac); |
1016 | if (0 == GNUNET_memcmp(hmac, | 1025 | if (0 == GNUNET_memcmp (hmac, |
1017 | &src->hmac)) | 1026 | &src->hmac)) |
1018 | { | 1027 | { |
1019 | valid_HK = &key->HK; | 1028 | valid_HK = &key->HK; |
1020 | break; | 1029 | break; |
1021 | } | ||
1022 | } | 1030 | } |
1031 | } | ||
1023 | if (NULL == key) | 1032 | if (NULL == key) |
1024 | return -1; | 1033 | return -1; |
1025 | 1034 | ||
1026 | /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */ | 1035 | /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */ |
1027 | GNUNET_assert(size > sizeof(struct GNUNET_CADET_TunnelEncryptedMessage)); | 1036 | GNUNET_assert (size > sizeof(struct GNUNET_CADET_TunnelEncryptedMessage)); |
1028 | len = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage); | 1037 | len = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage); |
1029 | GNUNET_assert(len >= sizeof(struct GNUNET_MessageHeader)); | 1038 | GNUNET_assert (len >= sizeof(struct GNUNET_MessageHeader)); |
1030 | 1039 | ||
1031 | /* Decrypt header */ | 1040 | /* Decrypt header */ |
1032 | GNUNET_CRYPTO_symmetric_derive_iv(&iv, | 1041 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, |
1033 | &key->HK, | 1042 | &key->HK, |
1034 | NULL, 0, | 1043 | NULL, 0, |
1035 | NULL); | 1044 | NULL); |
1036 | res = GNUNET_CRYPTO_symmetric_decrypt(&src->ax_header.Ns, | 1045 | res = GNUNET_CRYPTO_symmetric_decrypt (&src->ax_header.Ns, |
1037 | sizeof(struct GNUNET_CADET_AxHeader), | 1046 | sizeof(struct GNUNET_CADET_AxHeader), |
1038 | &key->HK, | 1047 | &key->HK, |
1039 | &iv, | 1048 | &iv, |
1040 | &plaintext_header.ax_header.Ns); | 1049 | &plaintext_header.ax_header.Ns); |
1041 | GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == res); | 1050 | GNUNET_assert (sizeof(struct GNUNET_CADET_AxHeader) == res); |
1042 | 1051 | ||
1043 | /* Find the correct message key */ | 1052 | /* Find the correct message key */ |
1044 | N = ntohl(plaintext_header.ax_header.Ns); | 1053 | N = ntohl (plaintext_header.ax_header.Ns); |
1045 | while ((NULL != key) && | 1054 | while ((NULL != key) && |
1046 | (N != key->Kn)) | 1055 | (N != key->Kn)) |
1047 | key = key->next; | 1056 | key = key->next; |
1048 | if ((NULL == key) || | 1057 | if ((NULL == key) || |
1049 | (0 != GNUNET_memcmp(&key->HK, | 1058 | (0 != GNUNET_memcmp (&key->HK, |
1050 | valid_HK))) | 1059 | valid_HK))) |
1051 | return -1; | 1060 | return -1; |
1052 | 1061 | ||
1053 | /* Decrypt payload */ | 1062 | /* Decrypt payload */ |
1054 | GNUNET_CRYPTO_symmetric_derive_iv(&iv, | 1063 | GNUNET_CRYPTO_symmetric_derive_iv (&iv, |
1055 | &key->MK, | 1064 | &key->MK, |
1056 | NULL, | 1065 | NULL, |
1057 | 0, | 1066 | 0, |
1058 | NULL); | 1067 | NULL); |
1059 | res = GNUNET_CRYPTO_symmetric_decrypt(&src[1], | 1068 | res = GNUNET_CRYPTO_symmetric_decrypt (&src[1], |
1060 | len, | 1069 | len, |
1061 | &key->MK, | 1070 | &key->MK, |
1062 | &iv, | 1071 | &iv, |
1063 | dst); | 1072 | dst); |
1064 | delete_skipped_key(ax, | 1073 | delete_skipped_key (ax, |
1065 | key); | 1074 | key); |
1066 | return res; | 1075 | return res; |
1067 | } | 1076 | } |
1068 | 1077 | ||
@@ -1074,26 +1083,26 @@ try_old_ax_keys(struct CadetTunnelAxolotl *ax, | |||
1074 | * @param HKr Header Key to use. | 1083 | * @param HKr Header Key to use. |
1075 | */ | 1084 | */ |
1076 | static void | 1085 | static void |
1077 | store_skipped_key(struct CadetTunnelAxolotl *ax, | 1086 | store_skipped_key (struct CadetTunnelAxolotl *ax, |
1078 | const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr) | 1087 | const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr) |
1079 | { | 1088 | { |
1080 | struct CadetTunnelSkippedKey *key; | 1089 | struct CadetTunnelSkippedKey *key; |
1081 | 1090 | ||
1082 | key = GNUNET_new(struct CadetTunnelSkippedKey); | 1091 | key = GNUNET_new (struct CadetTunnelSkippedKey); |
1083 | key->timestamp = GNUNET_TIME_absolute_get(); | 1092 | key->timestamp = GNUNET_TIME_absolute_get (); |
1084 | key->Kn = ax->Nr; | 1093 | key->Kn = ax->Nr; |
1085 | key->HK = ax->HKr; | 1094 | key->HK = ax->HKr; |
1086 | t_hmac_derive_key(&ax->CKr, | 1095 | t_hmac_derive_key (&ax->CKr, |
1087 | &key->MK, | 1096 | &key->MK, |
1088 | "0", | 1097 | "0", |
1089 | 1); | 1098 | 1); |
1090 | t_hmac_derive_key(&ax->CKr, | 1099 | t_hmac_derive_key (&ax->CKr, |
1091 | &ax->CKr, | 1100 | &ax->CKr, |
1092 | "1", | 1101 | "1", |
1093 | 1); | 1102 | 1); |
1094 | GNUNET_CONTAINER_DLL_insert(ax->skipped_head, | 1103 | GNUNET_CONTAINER_DLL_insert (ax->skipped_head, |
1095 | ax->skipped_tail, | 1104 | ax->skipped_tail, |
1096 | key); | 1105 | key); |
1097 | ax->skipped++; | 1106 | ax->skipped++; |
1098 | ax->Nr++; | 1107 | ax->Nr++; |
1099 | } | 1108 | } |
@@ -1110,41 +1119,41 @@ store_skipped_key(struct CadetTunnelAxolotl *ax, | |||
1110 | * #GNUNET_SYSERR if an error ocurred (@a Np not expected). | 1119 | * #GNUNET_SYSERR if an error ocurred (@a Np not expected). |
1111 | */ | 1120 | */ |
1112 | static int | 1121 | static int |
1113 | store_ax_keys(struct CadetTunnelAxolotl *ax, | 1122 | store_ax_keys (struct CadetTunnelAxolotl *ax, |
1114 | const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr, | 1123 | const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr, |
1115 | uint32_t Np) | 1124 | uint32_t Np) |
1116 | { | 1125 | { |
1117 | int gap; | 1126 | int gap; |
1118 | 1127 | ||
1119 | gap = Np - ax->Nr; | 1128 | gap = Np - ax->Nr; |
1120 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1129 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1121 | "Storing skipped keys [%u, %u)\n", | 1130 | "Storing skipped keys [%u, %u)\n", |
1122 | ax->Nr, | 1131 | ax->Nr, |
1123 | Np); | 1132 | Np); |
1124 | if (MAX_KEY_GAP < gap) | 1133 | if (MAX_KEY_GAP < gap) |
1125 | { | 1134 | { |
1126 | /* Avoid DoS (forcing peer to do more than #MAX_KEY_GAP HMAC operations) */ | 1135 | /* Avoid DoS (forcing peer to do more than #MAX_KEY_GAP HMAC operations) */ |
1127 | /* TODO: start new key exchange on return */ | 1136 | /* TODO: start new key exchange on return */ |
1128 | GNUNET_break_op(0); | 1137 | GNUNET_break_op (0); |
1129 | LOG(GNUNET_ERROR_TYPE_WARNING, | 1138 | LOG (GNUNET_ERROR_TYPE_WARNING, |
1130 | "Got message %u, expected %u+\n", | 1139 | "Got message %u, expected %u+\n", |
1131 | Np, | 1140 | Np, |
1132 | ax->Nr); | 1141 | ax->Nr); |
1133 | return GNUNET_SYSERR; | 1142 | return GNUNET_SYSERR; |
1134 | } | 1143 | } |
1135 | if (0 > gap) | 1144 | if (0 > gap) |
1136 | { | 1145 | { |
1137 | /* Delayed message: don't store keys, flag to try old keys. */ | 1146 | /* Delayed message: don't store keys, flag to try old keys. */ |
1138 | return GNUNET_SYSERR; | 1147 | return GNUNET_SYSERR; |
1139 | } | 1148 | } |
1140 | 1149 | ||
1141 | while (ax->Nr < Np) | 1150 | while (ax->Nr < Np) |
1142 | store_skipped_key(ax, | 1151 | store_skipped_key (ax, |
1143 | HKr); | 1152 | HKr); |
1144 | 1153 | ||
1145 | while (ax->skipped > MAX_SKIPPED_KEYS) | 1154 | while (ax->skipped > MAX_SKIPPED_KEYS) |
1146 | delete_skipped_key(ax, | 1155 | delete_skipped_key (ax, |
1147 | ax->skipped_tail); | 1156 | ax->skipped_tail); |
1148 | return GNUNET_OK; | 1157 | return GNUNET_OK; |
1149 | } | 1158 | } |
1150 | 1159 | ||
@@ -1160,10 +1169,11 @@ store_ax_keys(struct CadetTunnelAxolotl *ax, | |||
1160 | * @return Size of the decrypted data, -1 if an error was encountered. | 1169 | * @return Size of the decrypted data, -1 if an error was encountered. |
1161 | */ | 1170 | */ |
1162 | static ssize_t | 1171 | static ssize_t |
1163 | t_ax_decrypt_and_validate(struct CadetTunnelAxolotl *ax, | 1172 | t_ax_decrypt_and_validate (struct CadetTunnelAxolotl *ax, |
1164 | void *dst, | 1173 | void *dst, |
1165 | const struct GNUNET_CADET_TunnelEncryptedMessage *src, | 1174 | const struct |
1166 | size_t size) | 1175 | GNUNET_CADET_TunnelEncryptedMessage *src, |
1176 | size_t size) | ||
1167 | { | 1177 | { |
1168 | struct GNUNET_ShortHashCode msg_hmac; | 1178 | struct GNUNET_ShortHashCode msg_hmac; |
1169 | struct GNUNET_HashCode hmac; | 1179 | struct GNUNET_HashCode hmac; |
@@ -1175,90 +1185,90 @@ t_ax_decrypt_and_validate(struct CadetTunnelAxolotl *ax, | |||
1175 | esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage); | 1185 | esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage); |
1176 | 1186 | ||
1177 | /* Try current HK */ | 1187 | /* Try current HK */ |
1178 | t_hmac(&src->ax_header, | 1188 | t_hmac (&src->ax_header, |
1179 | sizeof(struct GNUNET_CADET_AxHeader) + esize, | 1189 | sizeof(struct GNUNET_CADET_AxHeader) + esize, |
1180 | 0, &ax->HKr, | 1190 | 0, &ax->HKr, |
1181 | &msg_hmac); | 1191 | &msg_hmac); |
1182 | if (0 != GNUNET_memcmp(&msg_hmac, | 1192 | if (0 != GNUNET_memcmp (&msg_hmac, |
1183 | &src->hmac)) | 1193 | &src->hmac)) |
1194 | { | ||
1195 | static const char ctx[] = "axolotl ratchet"; | ||
1196 | struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; /* RKp, NHKp, CKp */ | ||
1197 | struct GNUNET_CRYPTO_SymmetricSessionKey HK; | ||
1198 | struct GNUNET_HashCode dh; | ||
1199 | struct GNUNET_CRYPTO_EcdhePublicKey *DHRp; | ||
1200 | |||
1201 | /* Try Next HK */ | ||
1202 | t_hmac (&src->ax_header, | ||
1203 | sizeof(struct GNUNET_CADET_AxHeader) + esize, | ||
1204 | 0, | ||
1205 | &ax->NHKr, | ||
1206 | &msg_hmac); | ||
1207 | if (0 != GNUNET_memcmp (&msg_hmac, | ||
1208 | &src->hmac)) | ||
1184 | { | 1209 | { |
1185 | static const char ctx[] = "axolotl ratchet"; | 1210 | /* Try the skipped keys, if that fails, we're out of luck. */ |
1186 | struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; /* RKp, NHKp, CKp */ | 1211 | return try_old_ax_keys (ax, |
1187 | struct GNUNET_CRYPTO_SymmetricSessionKey HK; | 1212 | dst, |
1188 | struct GNUNET_HashCode dh; | 1213 | src, |
1189 | struct GNUNET_CRYPTO_EcdhePublicKey *DHRp; | 1214 | size); |
1190 | 1215 | } | |
1191 | /* Try Next HK */ | 1216 | HK = ax->HKr; |
1192 | t_hmac(&src->ax_header, | 1217 | ax->HKr = ax->NHKr; |
1193 | sizeof(struct GNUNET_CADET_AxHeader) + esize, | 1218 | t_h_decrypt (ax, |
1194 | 0, | 1219 | src, |
1195 | &ax->NHKr, | 1220 | &plaintext_header); |
1196 | &msg_hmac); | 1221 | Np = ntohl (plaintext_header.ax_header.Ns); |
1197 | if (0 != GNUNET_memcmp(&msg_hmac, | 1222 | PNp = ntohl (plaintext_header.ax_header.PNs); |
1198 | &src->hmac)) | 1223 | DHRp = &plaintext_header.ax_header.DHRs; |
1199 | { | 1224 | store_ax_keys (ax, |
1200 | /* Try the skipped keys, if that fails, we're out of luck. */ | 1225 | &HK, |
1201 | return try_old_ax_keys(ax, | 1226 | PNp); |
1202 | dst, | 1227 | |
1203 | src, | 1228 | /* RKp, NHKp, CKp = KDF (HMAC-HASH (RK, DH (DHRp, DHRs))) */ |
1204 | size); | 1229 | GNUNET_CRYPTO_ecc_ecdh (&ax->DHRs, |
1205 | } | 1230 | DHRp, |
1206 | HK = ax->HKr; | 1231 | &dh); |
1207 | ax->HKr = ax->NHKr; | 1232 | t_ax_hmac_hash (&ax->RK, |
1208 | t_h_decrypt(ax, | 1233 | &hmac, |
1209 | src, | 1234 | &dh, sizeof(dh)); |
1210 | &plaintext_header); | 1235 | GNUNET_CRYPTO_kdf (keys, sizeof(keys), |
1211 | Np = ntohl(plaintext_header.ax_header.Ns); | 1236 | ctx, sizeof(ctx), |
1212 | PNp = ntohl(plaintext_header.ax_header.PNs); | 1237 | &hmac, sizeof(hmac), |
1213 | DHRp = &plaintext_header.ax_header.DHRs; | 1238 | NULL); |
1214 | store_ax_keys(ax, | 1239 | |
1215 | &HK, | 1240 | /* Commit "purported" keys */ |
1216 | PNp); | 1241 | ax->RK = keys[0]; |
1217 | 1242 | ax->NHKr = keys[1]; | |
1218 | /* RKp, NHKp, CKp = KDF (HMAC-HASH (RK, DH (DHRp, DHRs))) */ | 1243 | ax->CKr = keys[2]; |
1219 | GNUNET_CRYPTO_ecc_ecdh(&ax->DHRs, | 1244 | ax->DHRr = *DHRp; |
1220 | DHRp, | 1245 | ax->Nr = 0; |
1221 | &dh); | 1246 | ax->ratchet_allowed = GNUNET_YES; |
1222 | t_ax_hmac_hash(&ax->RK, | 1247 | } |
1223 | &hmac, | ||
1224 | &dh, sizeof(dh)); | ||
1225 | GNUNET_CRYPTO_kdf(keys, sizeof(keys), | ||
1226 | ctx, sizeof(ctx), | ||
1227 | &hmac, sizeof(hmac), | ||
1228 | NULL); | ||
1229 | |||
1230 | /* Commit "purported" keys */ | ||
1231 | ax->RK = keys[0]; | ||
1232 | ax->NHKr = keys[1]; | ||
1233 | ax->CKr = keys[2]; | ||
1234 | ax->DHRr = *DHRp; | ||
1235 | ax->Nr = 0; | ||
1236 | ax->ratchet_allowed = GNUNET_YES; | ||
1237 | } | ||
1238 | else | 1248 | else |
1239 | { | 1249 | { |
1240 | t_h_decrypt(ax, | 1250 | t_h_decrypt (ax, |
1241 | src, | 1251 | src, |
1242 | &plaintext_header); | 1252 | &plaintext_header); |
1243 | Np = ntohl(plaintext_header.ax_header.Ns); | 1253 | Np = ntohl (plaintext_header.ax_header.Ns); |
1244 | PNp = ntohl(plaintext_header.ax_header.PNs); | 1254 | PNp = ntohl (plaintext_header.ax_header.PNs); |
1245 | } | 1255 | } |
1246 | if ((Np != ax->Nr) && | 1256 | if ((Np != ax->Nr) && |
1247 | (GNUNET_OK != store_ax_keys(ax, | 1257 | (GNUNET_OK != store_ax_keys (ax, |
1248 | &ax->HKr, | 1258 | &ax->HKr, |
1249 | Np))) | 1259 | Np))) |
1250 | { | 1260 | { |
1251 | /* Try the skipped keys, if that fails, we're out of luck. */ | 1261 | /* Try the skipped keys, if that fails, we're out of luck. */ |
1252 | return try_old_ax_keys(ax, | 1262 | return try_old_ax_keys (ax, |
1253 | dst, | 1263 | dst, |
1254 | src, | 1264 | src, |
1255 | size); | 1265 | size); |
1256 | } | 1266 | } |
1257 | 1267 | ||
1258 | t_ax_decrypt(ax, | 1268 | t_ax_decrypt (ax, |
1259 | dst, | 1269 | dst, |
1260 | &src[1], | 1270 | &src[1], |
1261 | esize); | 1271 | esize); |
1262 | ax->Nr = Np + 1; | 1272 | ax->Nr = Np + 1; |
1263 | return esize; | 1273 | return esize; |
1264 | } | 1274 | } |
@@ -1274,13 +1284,13 @@ t_ax_decrypt_and_validate(struct CadetTunnelAxolotl *ax, | |||
1274 | * @return #GNUNET_OK (continue to iterate) | 1284 | * @return #GNUNET_OK (continue to iterate) |
1275 | */ | 1285 | */ |
1276 | static int | 1286 | static int |
1277 | notify_tunnel_up_cb(void *cls, | 1287 | notify_tunnel_up_cb (void *cls, |
1278 | uint32_t key, | 1288 | uint32_t key, |
1279 | void *value) | 1289 | void *value) |
1280 | { | 1290 | { |
1281 | struct CadetChannel *ch = value; | 1291 | struct CadetChannel *ch = value; |
1282 | 1292 | ||
1283 | GCCH_tunnel_up(ch); | 1293 | GCCH_tunnel_up (ch); |
1284 | return GNUNET_OK; | 1294 | return GNUNET_OK; |
1285 | } | 1295 | } |
1286 | 1296 | ||
@@ -1293,35 +1303,35 @@ notify_tunnel_up_cb(void *cls, | |||
1293 | * @param state New encryption state. | 1303 | * @param state New encryption state. |
1294 | */ | 1304 | */ |
1295 | void | 1305 | void |
1296 | GCT_change_estate(struct CadetTunnel *t, | 1306 | GCT_change_estate (struct CadetTunnel *t, |
1297 | enum CadetTunnelEState state) | 1307 | enum CadetTunnelEState state) |
1298 | { | 1308 | { |
1299 | enum CadetTunnelEState old = t->estate; | 1309 | enum CadetTunnelEState old = t->estate; |
1300 | 1310 | ||
1301 | t->estate = state; | 1311 | t->estate = state; |
1302 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1312 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1303 | "%s estate changed from %s to %s\n", | 1313 | "%s estate changed from %s to %s\n", |
1304 | GCT_2s(t), | 1314 | GCT_2s (t), |
1305 | estate2s(old), | 1315 | estate2s (old), |
1306 | estate2s(state)); | 1316 | estate2s (state)); |
1307 | 1317 | ||
1308 | if ((CADET_TUNNEL_KEY_OK != old) && | 1318 | if ((CADET_TUNNEL_KEY_OK != old) && |
1309 | (CADET_TUNNEL_KEY_OK == t->estate)) | 1319 | (CADET_TUNNEL_KEY_OK == t->estate)) |
1320 | { | ||
1321 | if (NULL != t->kx_task) | ||
1310 | { | 1322 | { |
1311 | if (NULL != t->kx_task) | 1323 | GNUNET_SCHEDULER_cancel (t->kx_task); |
1312 | { | 1324 | t->kx_task = NULL; |
1313 | GNUNET_SCHEDULER_cancel(t->kx_task); | ||
1314 | t->kx_task = NULL; | ||
1315 | } | ||
1316 | /* notify all channels that have been waiting */ | ||
1317 | GNUNET_CONTAINER_multihashmap32_iterate(t->channels, | ||
1318 | ¬ify_tunnel_up_cb, | ||
1319 | t); | ||
1320 | if (NULL != t->send_task) | ||
1321 | GNUNET_SCHEDULER_cancel(t->send_task); | ||
1322 | t->send_task = GNUNET_SCHEDULER_add_now(&trigger_transmissions, | ||
1323 | t); | ||
1324 | } | 1325 | } |
1326 | /* notify all channels that have been waiting */ | ||
1327 | GNUNET_CONTAINER_multihashmap32_iterate (t->channels, | ||
1328 | ¬ify_tunnel_up_cb, | ||
1329 | t); | ||
1330 | if (NULL != t->send_task) | ||
1331 | GNUNET_SCHEDULER_cancel (t->send_task); | ||
1332 | t->send_task = GNUNET_SCHEDULER_add_now (&trigger_transmissions, | ||
1333 | t); | ||
1334 | } | ||
1325 | } | 1335 | } |
1326 | 1336 | ||
1327 | 1337 | ||
@@ -1334,63 +1344,63 @@ GCT_change_estate(struct CadetTunnel *t, | |||
1334 | * @param ax axolotl key context to use | 1344 | * @param ax axolotl key context to use |
1335 | */ | 1345 | */ |
1336 | static void | 1346 | static void |
1337 | send_kx(struct CadetTunnel *t, | 1347 | send_kx (struct CadetTunnel *t, |
1338 | struct CadetTConnection *ct, | 1348 | struct CadetTConnection *ct, |
1339 | struct CadetTunnelAxolotl *ax) | 1349 | struct CadetTunnelAxolotl *ax) |
1340 | { | 1350 | { |
1341 | struct CadetConnection *cc; | 1351 | struct CadetConnection *cc; |
1342 | struct GNUNET_MQ_Envelope *env; | 1352 | struct GNUNET_MQ_Envelope *env; |
1343 | struct GNUNET_CADET_TunnelKeyExchangeMessage *msg; | 1353 | struct GNUNET_CADET_TunnelKeyExchangeMessage *msg; |
1344 | enum GNUNET_CADET_KX_Flags flags; | 1354 | enum GNUNET_CADET_KX_Flags flags; |
1345 | 1355 | ||
1346 | if (GNUNET_YES != alice_or_betty(GCP_get_id(t->destination))) | 1356 | if (GNUNET_YES != alice_or_betty (GCP_get_id (t->destination))) |
1347 | return; /* only Alice may send KX */ | 1357 | return; /* only Alice may send KX */ |
1348 | if ((NULL == ct) || | 1358 | if ((NULL == ct) || |
1349 | (GNUNET_NO == ct->is_ready)) | 1359 | (GNUNET_NO == ct->is_ready)) |
1350 | ct = get_ready_connection(t); | 1360 | ct = get_ready_connection (t); |
1351 | if (NULL == ct) | 1361 | if (NULL == ct) |
1352 | { | 1362 | { |
1353 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1363 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1354 | "Wanted to send %s in state %s, but no connection is ready, deferring\n", | 1364 | "Wanted to send %s in state %s, but no connection is ready, deferring\n", |
1355 | GCT_2s(t), | 1365 | GCT_2s (t), |
1356 | estate2s(t->estate)); | 1366 | estate2s (t->estate)); |
1357 | t->next_kx_attempt = GNUNET_TIME_absolute_get(); | 1367 | t->next_kx_attempt = GNUNET_TIME_absolute_get (); |
1358 | return; | 1368 | return; |
1359 | } | 1369 | } |
1360 | cc = ct->cc; | 1370 | cc = ct->cc; |
1361 | env = GNUNET_MQ_msg(msg, | 1371 | env = GNUNET_MQ_msg (msg, |
1362 | GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX); | 1372 | GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX); |
1363 | flags = GNUNET_CADET_KX_FLAG_FORCE_REPLY; /* always for KX */ | 1373 | flags = GNUNET_CADET_KX_FLAG_FORCE_REPLY; /* always for KX */ |
1364 | msg->flags = htonl(flags); | 1374 | msg->flags = htonl (flags); |
1365 | msg->cid = *GCC_get_id(cc); | 1375 | msg->cid = *GCC_get_id (cc); |
1366 | GNUNET_CRYPTO_ecdhe_key_get_public(&ax->kx_0, | 1376 | GNUNET_CRYPTO_ecdhe_key_get_public (&ax->kx_0, |
1367 | &msg->ephemeral_key); | 1377 | &msg->ephemeral_key); |
1368 | #if DEBUG_KX | 1378 | #if DEBUG_KX |
1369 | msg->ephemeral_key_XXX = ax->kx_0; | 1379 | msg->ephemeral_key_XXX = ax->kx_0; |
1370 | msg->private_key_XXX = *my_private_key; | 1380 | msg->private_key_XXX = *my_private_key; |
1371 | #endif | 1381 | #endif |
1372 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1382 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1373 | "Sending KX message to %s with ephemeral %s on CID %s\n", | 1383 | "Sending KX message to %s with ephemeral %s on CID %s\n", |
1374 | GCT_2s(t), | 1384 | GCT_2s (t), |
1375 | GNUNET_e2s(&msg->ephemeral_key), | 1385 | GNUNET_e2s (&msg->ephemeral_key), |
1376 | GNUNET_sh2s(&msg->cid.connection_of_tunnel)); | 1386 | GNUNET_sh2s (&msg->cid.connection_of_tunnel)); |
1377 | GNUNET_CRYPTO_ecdhe_key_get_public(&ax->DHRs, | 1387 | GNUNET_CRYPTO_ecdhe_key_get_public (&ax->DHRs, |
1378 | &msg->ratchet_key); | 1388 | &msg->ratchet_key); |
1379 | mark_connection_unready(ct); | 1389 | mark_connection_unready (ct); |
1380 | t->kx_retry_delay = GNUNET_TIME_STD_BACKOFF(t->kx_retry_delay); | 1390 | t->kx_retry_delay = GNUNET_TIME_STD_BACKOFF (t->kx_retry_delay); |
1381 | t->next_kx_attempt = GNUNET_TIME_relative_to_absolute(t->kx_retry_delay); | 1391 | t->next_kx_attempt = GNUNET_TIME_relative_to_absolute (t->kx_retry_delay); |
1382 | if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) | 1392 | if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) |
1383 | GCT_change_estate(t, | 1393 | GCT_change_estate (t, |
1384 | CADET_TUNNEL_KEY_AX_SENT); | 1394 | CADET_TUNNEL_KEY_AX_SENT); |
1385 | else if (CADET_TUNNEL_KEY_AX_RECV == t->estate) | 1395 | else if (CADET_TUNNEL_KEY_AX_RECV == t->estate) |
1386 | GCT_change_estate(t, | 1396 | GCT_change_estate (t, |
1387 | CADET_TUNNEL_KEY_AX_SENT_AND_RECV); | 1397 | CADET_TUNNEL_KEY_AX_SENT_AND_RECV); |
1388 | GCC_transmit(cc, | 1398 | GCC_transmit (cc, |
1389 | env); | 1399 | env); |
1390 | GNUNET_STATISTICS_update(stats, | 1400 | GNUNET_STATISTICS_update (stats, |
1391 | "# KX transmitted", | 1401 | "# KX transmitted", |
1392 | 1, | 1402 | 1, |
1393 | GNUNET_NO); | 1403 | GNUNET_NO); |
1394 | } | 1404 | } |
1395 | 1405 | ||
1396 | 1406 | ||
@@ -1405,10 +1415,10 @@ send_kx(struct CadetTunnel *t, | |||
1405 | * (set if we would like to transmit right now, but cannot) | 1415 | * (set if we would like to transmit right now, but cannot) |
1406 | */ | 1416 | */ |
1407 | static void | 1417 | static void |
1408 | send_kx_auth(struct CadetTunnel *t, | 1418 | send_kx_auth (struct CadetTunnel *t, |
1409 | struct CadetTConnection *ct, | 1419 | struct CadetTConnection *ct, |
1410 | struct CadetTunnelAxolotl *ax, | 1420 | struct CadetTunnelAxolotl *ax, |
1411 | int force_reply) | 1421 | int force_reply) |
1412 | { | 1422 | { |
1413 | struct CadetConnection *cc; | 1423 | struct CadetConnection *cc; |
1414 | struct GNUNET_MQ_Envelope *env; | 1424 | struct GNUNET_MQ_Envelope *env; |
@@ -1417,64 +1427,64 @@ send_kx_auth(struct CadetTunnel *t, | |||
1417 | 1427 | ||
1418 | if ((NULL == ct) || | 1428 | if ((NULL == ct) || |
1419 | (GNUNET_NO == ct->is_ready)) | 1429 | (GNUNET_NO == ct->is_ready)) |
1420 | ct = get_ready_connection(t); | 1430 | ct = get_ready_connection (t); |
1421 | if (NULL == ct) | 1431 | if (NULL == ct) |
1422 | { | 1432 | { |
1423 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1433 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1424 | "Wanted to send KX_AUTH on %s, but no connection is ready, deferring\n", | 1434 | "Wanted to send KX_AUTH on %s, but no connection is ready, deferring\n", |
1425 | GCT_2s(t)); | 1435 | GCT_2s (t)); |
1426 | t->next_kx_attempt = GNUNET_TIME_absolute_get(); | 1436 | t->next_kx_attempt = GNUNET_TIME_absolute_get (); |
1427 | t->kx_auth_requested = GNUNET_YES; /* queue KX_AUTH independent of estate */ | 1437 | t->kx_auth_requested = GNUNET_YES; /* queue KX_AUTH independent of estate */ |
1428 | return; | 1438 | return; |
1429 | } | 1439 | } |
1430 | t->kx_auth_requested = GNUNET_NO; /* clear flag */ | 1440 | t->kx_auth_requested = GNUNET_NO; /* clear flag */ |
1431 | cc = ct->cc; | 1441 | cc = ct->cc; |
1432 | env = GNUNET_MQ_msg(msg, | 1442 | env = GNUNET_MQ_msg (msg, |
1433 | GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH); | 1443 | GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH); |
1434 | flags = GNUNET_CADET_KX_FLAG_NONE; | 1444 | flags = GNUNET_CADET_KX_FLAG_NONE; |
1435 | if (GNUNET_YES == force_reply) | 1445 | if (GNUNET_YES == force_reply) |
1436 | flags |= GNUNET_CADET_KX_FLAG_FORCE_REPLY; | 1446 | flags |= GNUNET_CADET_KX_FLAG_FORCE_REPLY; |
1437 | msg->kx.flags = htonl(flags); | 1447 | msg->kx.flags = htonl (flags); |
1438 | msg->kx.cid = *GCC_get_id(cc); | 1448 | msg->kx.cid = *GCC_get_id (cc); |
1439 | GNUNET_CRYPTO_ecdhe_key_get_public(&ax->kx_0, | 1449 | GNUNET_CRYPTO_ecdhe_key_get_public (&ax->kx_0, |
1440 | &msg->kx.ephemeral_key); | 1450 | &msg->kx.ephemeral_key); |
1441 | GNUNET_CRYPTO_ecdhe_key_get_public(&ax->DHRs, | 1451 | GNUNET_CRYPTO_ecdhe_key_get_public (&ax->DHRs, |
1442 | &msg->kx.ratchet_key); | 1452 | &msg->kx.ratchet_key); |
1443 | #if DEBUG_KX | 1453 | #if DEBUG_KX |
1444 | msg->kx.ephemeral_key_XXX = ax->kx_0; | 1454 | msg->kx.ephemeral_key_XXX = ax->kx_0; |
1445 | msg->kx.private_key_XXX = *my_private_key; | 1455 | msg->kx.private_key_XXX = *my_private_key; |
1446 | msg->r_ephemeral_key_XXX = ax->last_ephemeral; | 1456 | msg->r_ephemeral_key_XXX = ax->last_ephemeral; |
1447 | #endif | 1457 | #endif |
1448 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1458 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1449 | "Sending KX_AUTH message to %s with ephemeral %s on CID %s\n", | 1459 | "Sending KX_AUTH message to %s with ephemeral %s on CID %s\n", |
1450 | GCT_2s(t), | 1460 | GCT_2s (t), |
1451 | GNUNET_e2s(&msg->kx.ephemeral_key), | 1461 | GNUNET_e2s (&msg->kx.ephemeral_key), |
1452 | GNUNET_sh2s(&msg->kx.cid.connection_of_tunnel)); | 1462 | GNUNET_sh2s (&msg->kx.cid.connection_of_tunnel)); |
1453 | 1463 | ||
1454 | /* Compute authenticator (this is the main difference to #send_kx()) */ | 1464 | /* Compute authenticator (this is the main difference to #send_kx()) */ |
1455 | GNUNET_CRYPTO_hash(&ax->RK, | 1465 | GNUNET_CRYPTO_hash (&ax->RK, |
1456 | sizeof(ax->RK), | 1466 | sizeof(ax->RK), |
1457 | &msg->auth); | 1467 | &msg->auth); |
1458 | /* Compute when to be triggered again; actual job will | 1468 | /* Compute when to be triggered again; actual job will |
1459 | be scheduled via #connection_ready_cb() */ | 1469 | be scheduled via #connection_ready_cb() */ |
1460 | t->kx_retry_delay | 1470 | t->kx_retry_delay |
1461 | = GNUNET_TIME_STD_BACKOFF(t->kx_retry_delay); | 1471 | = GNUNET_TIME_STD_BACKOFF (t->kx_retry_delay); |
1462 | t->next_kx_attempt | 1472 | t->next_kx_attempt |
1463 | = GNUNET_TIME_relative_to_absolute(t->kx_retry_delay); | 1473 | = GNUNET_TIME_relative_to_absolute (t->kx_retry_delay); |
1464 | 1474 | ||
1465 | /* Send via cc, mark it as unready */ | 1475 | /* Send via cc, mark it as unready */ |
1466 | mark_connection_unready(ct); | 1476 | mark_connection_unready (ct); |
1467 | 1477 | ||
1468 | /* Update state machine, unless we are already OK */ | 1478 | /* Update state machine, unless we are already OK */ |
1469 | if (CADET_TUNNEL_KEY_OK != t->estate) | 1479 | if (CADET_TUNNEL_KEY_OK != t->estate) |
1470 | GCT_change_estate(t, | 1480 | GCT_change_estate (t, |
1471 | CADET_TUNNEL_KEY_AX_AUTH_SENT); | 1481 | CADET_TUNNEL_KEY_AX_AUTH_SENT); |
1472 | GCC_transmit(cc, | 1482 | GCC_transmit (cc, |
1473 | env); | 1483 | env); |
1474 | GNUNET_STATISTICS_update(stats, | 1484 | GNUNET_STATISTICS_update (stats, |
1475 | "# KX_AUTH transmitted", | 1485 | "# KX_AUTH transmitted", |
1476 | 1, | 1486 | 1, |
1477 | GNUNET_NO); | 1487 | GNUNET_NO); |
1478 | } | 1488 | } |
1479 | 1489 | ||
1480 | 1490 | ||
@@ -1484,14 +1494,14 @@ send_kx_auth(struct CadetTunnel *t, | |||
1484 | * @param ax state to free, but not memory of @a ax itself | 1494 | * @param ax state to free, but not memory of @a ax itself |
1485 | */ | 1495 | */ |
1486 | static void | 1496 | static void |
1487 | cleanup_ax(struct CadetTunnelAxolotl *ax) | 1497 | cleanup_ax (struct CadetTunnelAxolotl *ax) |
1488 | { | 1498 | { |
1489 | while (NULL != ax->skipped_head) | 1499 | while (NULL != ax->skipped_head) |
1490 | delete_skipped_key(ax, | 1500 | delete_skipped_key (ax, |
1491 | ax->skipped_head); | 1501 | ax->skipped_head); |
1492 | GNUNET_assert(0 == ax->skipped); | 1502 | GNUNET_assert (0 == ax->skipped); |
1493 | GNUNET_CRYPTO_ecdhe_key_clear(&ax->kx_0); | 1503 | GNUNET_CRYPTO_ecdhe_key_clear (&ax->kx_0); |
1494 | GNUNET_CRYPTO_ecdhe_key_clear(&ax->DHRs); | 1504 | GNUNET_CRYPTO_ecdhe_key_clear (&ax->DHRs); |
1495 | } | 1505 | } |
1496 | 1506 | ||
1497 | 1507 | ||
@@ -1509,105 +1519,105 @@ cleanup_ax(struct CadetTunnelAxolotl *ax) | |||
1509 | * #GNUNET_SYSERR on hard errors (i.e. @a pid is #my_full_id) | 1519 | * #GNUNET_SYSERR on hard errors (i.e. @a pid is #my_full_id) |
1510 | */ | 1520 | */ |
1511 | static int | 1521 | static int |
1512 | update_ax_by_kx(struct CadetTunnelAxolotl *ax, | 1522 | update_ax_by_kx (struct CadetTunnelAxolotl *ax, |
1513 | const struct GNUNET_PeerIdentity *pid, | 1523 | const struct GNUNET_PeerIdentity *pid, |
1514 | const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, | 1524 | const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, |
1515 | const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key) | 1525 | const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key) |
1516 | { | 1526 | { |
1517 | struct GNUNET_HashCode key_material[3]; | 1527 | struct GNUNET_HashCode key_material[3]; |
1518 | struct GNUNET_CRYPTO_SymmetricSessionKey keys[5]; | 1528 | struct GNUNET_CRYPTO_SymmetricSessionKey keys[5]; |
1519 | const char salt[] = "CADET Axolotl salt"; | 1529 | const char salt[] = "CADET Axolotl salt"; |
1520 | int am_I_alice; | 1530 | int am_I_alice; |
1521 | 1531 | ||
1522 | if (GNUNET_SYSERR == (am_I_alice = alice_or_betty(pid))) | 1532 | if (GNUNET_SYSERR == (am_I_alice = alice_or_betty (pid))) |
1523 | { | 1533 | { |
1524 | GNUNET_break_op(0); | 1534 | GNUNET_break_op (0); |
1525 | return GNUNET_SYSERR; | 1535 | return GNUNET_SYSERR; |
1526 | } | 1536 | } |
1527 | if (0 == GNUNET_memcmp(&ax->DHRr, | 1537 | if (0 == GNUNET_memcmp (&ax->DHRr, |
1528 | ratchet_key)) | 1538 | ratchet_key)) |
1529 | { | 1539 | { |
1530 | GNUNET_STATISTICS_update(stats, | 1540 | GNUNET_STATISTICS_update (stats, |
1531 | "# Ratchet key already known", | 1541 | "# Ratchet key already known", |
1532 | 1, | 1542 | 1, |
1533 | GNUNET_NO); | 1543 | GNUNET_NO); |
1534 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1544 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1535 | "Ratchet key already known. Ignoring KX.\n"); | 1545 | "Ratchet key already known. Ignoring KX.\n"); |
1536 | return GNUNET_NO; | 1546 | return GNUNET_NO; |
1537 | } | 1547 | } |
1538 | 1548 | ||
1539 | ax->DHRr = *ratchet_key; | 1549 | ax->DHRr = *ratchet_key; |
1540 | ax->last_ephemeral = *ephemeral_key; | 1550 | ax->last_ephemeral = *ephemeral_key; |
1541 | /* ECDH A B0 */ | 1551 | /* ECDH A B0 */ |
1542 | if (GNUNET_YES == am_I_alice) | 1552 | if (GNUNET_YES == am_I_alice) |
1543 | { | 1553 | { |
1544 | GNUNET_CRYPTO_eddsa_ecdh(my_private_key, /* a */ | 1554 | GNUNET_CRYPTO_eddsa_ecdh (my_private_key, /* a */ |
1545 | ephemeral_key, /* B0 */ | 1555 | ephemeral_key, /* B0 */ |
1546 | &key_material[0]); | 1556 | &key_material[0]); |
1547 | } | 1557 | } |
1548 | else | 1558 | else |
1549 | { | 1559 | { |
1550 | GNUNET_CRYPTO_ecdh_eddsa(&ax->kx_0, /* b0 */ | 1560 | GNUNET_CRYPTO_ecdh_eddsa (&ax->kx_0, /* b0 */ |
1551 | &pid->public_key, /* A */ | 1561 | &pid->public_key, /* A */ |
1552 | &key_material[0]); | 1562 | &key_material[0]); |
1553 | } | 1563 | } |
1554 | /* ECDH A0 B */ | 1564 | /* ECDH A0 B */ |
1555 | if (GNUNET_YES == am_I_alice) | 1565 | if (GNUNET_YES == am_I_alice) |
1556 | { | 1566 | { |
1557 | GNUNET_CRYPTO_ecdh_eddsa(&ax->kx_0, /* a0 */ | 1567 | GNUNET_CRYPTO_ecdh_eddsa (&ax->kx_0, /* a0 */ |
1558 | &pid->public_key, /* B */ | 1568 | &pid->public_key, /* B */ |
1559 | &key_material[1]); | 1569 | &key_material[1]); |
1560 | } | 1570 | } |
1561 | else | 1571 | else |
1562 | { | 1572 | { |
1563 | GNUNET_CRYPTO_eddsa_ecdh(my_private_key, /* b */ | 1573 | GNUNET_CRYPTO_eddsa_ecdh (my_private_key, /* b */ |
1564 | ephemeral_key, /* A0 */ | 1574 | ephemeral_key, /* A0 */ |
1565 | &key_material[1]); | 1575 | &key_material[1]); |
1566 | } | 1576 | } |
1567 | 1577 | ||
1568 | /* ECDH A0 B0 */ | 1578 | /* ECDH A0 B0 */ |
1569 | GNUNET_CRYPTO_ecc_ecdh(&ax->kx_0, /* a0 or b0 */ | 1579 | GNUNET_CRYPTO_ecc_ecdh (&ax->kx_0, /* a0 or b0 */ |
1570 | ephemeral_key, /* B0 or A0 */ | 1580 | ephemeral_key, /* B0 or A0 */ |
1571 | &key_material[2]); | 1581 | &key_material[2]); |
1572 | /* KDF */ | 1582 | /* KDF */ |
1573 | GNUNET_CRYPTO_kdf(keys, sizeof(keys), | 1583 | GNUNET_CRYPTO_kdf (keys, sizeof(keys), |
1574 | salt, sizeof(salt), | 1584 | salt, sizeof(salt), |
1575 | &key_material, sizeof(key_material), | 1585 | &key_material, sizeof(key_material), |
1576 | NULL); | 1586 | NULL); |
1577 | 1587 | ||
1578 | if (0 == memcmp(&ax->RK, | 1588 | if (0 == memcmp (&ax->RK, |
1579 | &keys[0], | 1589 | &keys[0], |
1580 | sizeof(ax->RK))) | 1590 | sizeof(ax->RK))) |
1581 | { | 1591 | { |
1582 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1592 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1583 | "Root key already known. Ignoring KX.\n"); | 1593 | "Root key already known. Ignoring KX.\n"); |
1584 | GNUNET_STATISTICS_update(stats, | 1594 | GNUNET_STATISTICS_update (stats, |
1585 | "# Root key already known", | 1595 | "# Root key already known", |
1586 | 1, | 1596 | 1, |
1587 | GNUNET_NO); | 1597 | GNUNET_NO); |
1588 | return GNUNET_NO; | 1598 | return GNUNET_NO; |
1589 | } | 1599 | } |
1590 | 1600 | ||
1591 | ax->RK = keys[0]; | 1601 | ax->RK = keys[0]; |
1592 | if (GNUNET_YES == am_I_alice) | 1602 | if (GNUNET_YES == am_I_alice) |
1593 | { | 1603 | { |
1594 | ax->HKr = keys[1]; | 1604 | ax->HKr = keys[1]; |
1595 | ax->NHKs = keys[2]; | 1605 | ax->NHKs = keys[2]; |
1596 | ax->NHKr = keys[3]; | 1606 | ax->NHKr = keys[3]; |
1597 | ax->CKr = keys[4]; | 1607 | ax->CKr = keys[4]; |
1598 | ax->ratchet_flag = GNUNET_YES; | 1608 | ax->ratchet_flag = GNUNET_YES; |
1599 | } | 1609 | } |
1600 | else | 1610 | else |
1601 | { | 1611 | { |
1602 | ax->HKs = keys[1]; | 1612 | ax->HKs = keys[1]; |
1603 | ax->NHKr = keys[2]; | 1613 | ax->NHKr = keys[2]; |
1604 | ax->NHKs = keys[3]; | 1614 | ax->NHKs = keys[3]; |
1605 | ax->CKs = keys[4]; | 1615 | ax->CKs = keys[4]; |
1606 | ax->ratchet_flag = GNUNET_NO; | 1616 | ax->ratchet_flag = GNUNET_NO; |
1607 | ax->ratchet_expiration | 1617 | ax->ratchet_expiration |
1608 | = GNUNET_TIME_absolute_add(GNUNET_TIME_absolute_get(), | 1618 | = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get (), |
1609 | ratchet_time); | 1619 | ratchet_time); |
1610 | } | 1620 | } |
1611 | return GNUNET_OK; | 1621 | return GNUNET_OK; |
1612 | } | 1622 | } |
1613 | 1623 | ||
@@ -1618,89 +1628,89 @@ update_ax_by_kx(struct CadetTunnelAxolotl *ax, | |||
1618 | * @param cls the `struct CadetTunnel` to do KX for. | 1628 | * @param cls the `struct CadetTunnel` to do KX for. |
1619 | */ | 1629 | */ |
1620 | static void | 1630 | static void |
1621 | retry_kx(void *cls) | 1631 | retry_kx (void *cls) |
1622 | { | 1632 | { |
1623 | struct CadetTunnel *t = cls; | 1633 | struct CadetTunnel *t = cls; |
1624 | struct CadetTunnelAxolotl *ax; | 1634 | struct CadetTunnelAxolotl *ax; |
1625 | 1635 | ||
1626 | t->kx_task = NULL; | 1636 | t->kx_task = NULL; |
1627 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1637 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1628 | "Trying to make KX progress on %s in state %s\n", | 1638 | "Trying to make KX progress on %s in state %s\n", |
1629 | GCT_2s(t), | 1639 | GCT_2s (t), |
1630 | estate2s(t->estate)); | 1640 | estate2s (t->estate)); |
1631 | switch (t->estate) | 1641 | switch (t->estate) |
1632 | { | 1642 | { |
1633 | case CADET_TUNNEL_KEY_UNINITIALIZED: /* first attempt */ | 1643 | case CADET_TUNNEL_KEY_UNINITIALIZED: /* first attempt */ |
1634 | case CADET_TUNNEL_KEY_AX_SENT: /* trying again */ | 1644 | case CADET_TUNNEL_KEY_AX_SENT: /* trying again */ |
1635 | send_kx(t, | 1645 | send_kx (t, |
1636 | NULL, | 1646 | NULL, |
1637 | &t->ax); | 1647 | &t->ax); |
1638 | break; | 1648 | break; |
1639 | 1649 | ||
1640 | case CADET_TUNNEL_KEY_AX_RECV: | 1650 | case CADET_TUNNEL_KEY_AX_RECV: |
1641 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: | 1651 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: |
1642 | /* We are responding, so only require reply | 1652 | /* We are responding, so only require reply |
1643 | if WE have a channel waiting. */ | 1653 | if WE have a channel waiting. */ |
1644 | if (NULL != t->unverified_ax) | 1654 | if (NULL != t->unverified_ax) |
1645 | { | 1655 | { |
1646 | /* Send AX_AUTH so we might get this one verified */ | 1656 | /* Send AX_AUTH so we might get this one verified */ |
1647 | ax = t->unverified_ax; | 1657 | ax = t->unverified_ax; |
1648 | } | 1658 | } |
1649 | else | 1659 | else |
1650 | { | 1660 | { |
1651 | /* How can this be? */ | 1661 | /* How can this be? */ |
1652 | GNUNET_break(0); | 1662 | GNUNET_break (0); |
1653 | ax = &t->ax; | 1663 | ax = &t->ax; |
1654 | } | 1664 | } |
1655 | send_kx_auth(t, | 1665 | send_kx_auth (t, |
1656 | NULL, | 1666 | NULL, |
1657 | ax, | 1667 | ax, |
1658 | (0 == GCT_count_channels(t)) | 1668 | (0 == GCT_count_channels (t)) |
1659 | ? GNUNET_NO | 1669 | ? GNUNET_NO |
1660 | : GNUNET_YES); | 1670 | : GNUNET_YES); |
1661 | break; | 1671 | break; |
1662 | 1672 | ||
1663 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: | 1673 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: |
1664 | /* We are responding, so only require reply | 1674 | /* We are responding, so only require reply |
1665 | if WE have a channel waiting. */ | 1675 | if WE have a channel waiting. */ |
1666 | if (NULL != t->unverified_ax) | 1676 | if (NULL != t->unverified_ax) |
1667 | { | 1677 | { |
1668 | /* Send AX_AUTH so we might get this one verified */ | 1678 | /* Send AX_AUTH so we might get this one verified */ |
1669 | ax = t->unverified_ax; | 1679 | ax = t->unverified_ax; |
1670 | } | 1680 | } |
1671 | else | 1681 | else |
1672 | { | 1682 | { |
1673 | /* How can this be? */ | 1683 | /* How can this be? */ |
1674 | GNUNET_break(0); | 1684 | GNUNET_break (0); |
1675 | ax = &t->ax; | 1685 | ax = &t->ax; |
1676 | } | 1686 | } |
1677 | send_kx_auth(t, | 1687 | send_kx_auth (t, |
1678 | NULL, | 1688 | NULL, |
1679 | ax, | 1689 | ax, |
1680 | (0 == GCT_count_channels(t)) | 1690 | (0 == GCT_count_channels (t)) |
1681 | ? GNUNET_NO | 1691 | ? GNUNET_NO |
1682 | : GNUNET_YES); | 1692 | : GNUNET_YES); |
1683 | break; | 1693 | break; |
1684 | 1694 | ||
1685 | case CADET_TUNNEL_KEY_OK: | 1695 | case CADET_TUNNEL_KEY_OK: |
1686 | /* Must have been the *other* peer asking us to | 1696 | /* Must have been the *other* peer asking us to |
1687 | respond with a KX_AUTH. */ | 1697 | respond with a KX_AUTH. */ |
1688 | if (NULL != t->unverified_ax) | 1698 | if (NULL != t->unverified_ax) |
1689 | { | 1699 | { |
1690 | /* Sending AX_AUTH in response to AX so we might get this one verified */ | 1700 | /* Sending AX_AUTH in response to AX so we might get this one verified */ |
1691 | ax = t->unverified_ax; | 1701 | ax = t->unverified_ax; |
1692 | } | ||
1693 | else | ||
1694 | { | ||
1695 | /* Sending AX_AUTH in response to AX_AUTH */ | ||
1696 | ax = &t->ax; | ||
1697 | } | ||
1698 | send_kx_auth(t, | ||
1699 | NULL, | ||
1700 | ax, | ||
1701 | GNUNET_NO); | ||
1702 | break; | ||
1703 | } | 1702 | } |
1703 | else | ||
1704 | { | ||
1705 | /* Sending AX_AUTH in response to AX_AUTH */ | ||
1706 | ax = &t->ax; | ||
1707 | } | ||
1708 | send_kx_auth (t, | ||
1709 | NULL, | ||
1710 | ax, | ||
1711 | GNUNET_NO); | ||
1712 | break; | ||
1713 | } | ||
1704 | } | 1714 | } |
1705 | 1715 | ||
1706 | 1716 | ||
@@ -1713,98 +1723,98 @@ retry_kx(void *cls) | |||
1713 | * @param msg the key exchange message | 1723 | * @param msg the key exchange message |
1714 | */ | 1724 | */ |
1715 | void | 1725 | void |
1716 | GCT_handle_kx(struct CadetTConnection *ct, | 1726 | GCT_handle_kx (struct CadetTConnection *ct, |
1717 | const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg) | 1727 | const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg) |
1718 | { | 1728 | { |
1719 | struct CadetTunnel *t = ct->t; | 1729 | struct CadetTunnel *t = ct->t; |
1720 | int ret; | 1730 | int ret; |
1721 | 1731 | ||
1722 | GNUNET_STATISTICS_update(stats, | 1732 | GNUNET_STATISTICS_update (stats, |
1723 | "# KX received", | 1733 | "# KX received", |
1724 | 1, | 1734 | 1, |
1725 | GNUNET_NO); | 1735 | GNUNET_NO); |
1726 | if (GNUNET_YES == | 1736 | if (GNUNET_YES == |
1727 | alice_or_betty(GCP_get_id(t->destination))) | 1737 | alice_or_betty (GCP_get_id (t->destination))) |
1728 | { | 1738 | { |
1729 | /* Betty/Bob is not allowed to send KX! */ | 1739 | /* Betty/Bob is not allowed to send KX! */ |
1730 | GNUNET_break_op(0); | 1740 | GNUNET_break_op (0); |
1731 | return; | 1741 | return; |
1732 | } | 1742 | } |
1733 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1743 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1734 | "Received KX message from %s with ephemeral %s from %s on connection %s\n", | 1744 | "Received KX message from %s with ephemeral %s from %s on connection %s\n", |
1735 | GCT_2s(t), | 1745 | GCT_2s (t), |
1736 | GNUNET_e2s(&msg->ephemeral_key), | 1746 | GNUNET_e2s (&msg->ephemeral_key), |
1737 | GNUNET_i2s(GCP_get_id(t->destination)), | 1747 | GNUNET_i2s (GCP_get_id (t->destination)), |
1738 | GCC_2s(ct->cc)); | 1748 | GCC_2s (ct->cc)); |
1739 | #if 1 | 1749 | #if 1 |
1740 | if ((0 == | 1750 | if ((0 == |
1741 | memcmp(&t->ax.DHRr, | 1751 | memcmp (&t->ax.DHRr, |
1742 | &msg->ratchet_key, | 1752 | &msg->ratchet_key, |
1743 | sizeof(msg->ratchet_key))) && | 1753 | sizeof(msg->ratchet_key))) && |
1744 | (0 == | 1754 | (0 == |
1745 | memcmp(&t->ax.last_ephemeral, | 1755 | memcmp (&t->ax.last_ephemeral, |
1746 | &msg->ephemeral_key, | 1756 | &msg->ephemeral_key, |
1747 | sizeof(msg->ephemeral_key)))) | 1757 | sizeof(msg->ephemeral_key)))) |
1748 | 1758 | ||
1749 | { | 1759 | { |
1750 | GNUNET_STATISTICS_update(stats, | 1760 | GNUNET_STATISTICS_update (stats, |
1751 | "# Duplicate KX received", | 1761 | "# Duplicate KX received", |
1752 | 1, | 1762 | 1, |
1753 | GNUNET_NO); | 1763 | GNUNET_NO); |
1754 | send_kx_auth(t, | 1764 | send_kx_auth (t, |
1755 | ct, | 1765 | ct, |
1756 | &t->ax, | 1766 | &t->ax, |
1757 | GNUNET_NO); | 1767 | GNUNET_NO); |
1758 | return; | 1768 | return; |
1759 | } | 1769 | } |
1760 | #endif | 1770 | #endif |
1761 | /* We only keep ONE unverified KX around, so if there is an existing one, | 1771 | /* We only keep ONE unverified KX around, so if there is an existing one, |
1762 | clean it up. */ | 1772 | clean it up. */ |
1763 | if (NULL != t->unverified_ax) | 1773 | if (NULL != t->unverified_ax) |
1764 | { | 1774 | { |
1765 | if ((0 == | 1775 | if ((0 == |
1766 | memcmp(&t->unverified_ax->DHRr, | 1776 | memcmp (&t->unverified_ax->DHRr, |
1767 | &msg->ratchet_key, | 1777 | &msg->ratchet_key, |
1768 | sizeof(msg->ratchet_key))) && | 1778 | sizeof(msg->ratchet_key))) && |
1769 | (0 == | 1779 | (0 == |
1770 | memcmp(&t->unverified_ax->last_ephemeral, | 1780 | memcmp (&t->unverified_ax->last_ephemeral, |
1771 | &msg->ephemeral_key, | 1781 | &msg->ephemeral_key, |
1772 | sizeof(msg->ephemeral_key)))) | 1782 | sizeof(msg->ephemeral_key)))) |
1773 | { | 1783 | { |
1774 | GNUNET_STATISTICS_update(stats, | 1784 | GNUNET_STATISTICS_update (stats, |
1775 | "# Duplicate unverified KX received", | 1785 | "# Duplicate unverified KX received", |
1776 | 1, | 1786 | 1, |
1777 | GNUNET_NO); | 1787 | GNUNET_NO); |
1778 | #if 1 | 1788 | #if 1 |
1779 | send_kx_auth(t, | 1789 | send_kx_auth (t, |
1780 | ct, | 1790 | ct, |
1781 | t->unverified_ax, | 1791 | t->unverified_ax, |
1782 | GNUNET_NO); | 1792 | GNUNET_NO); |
1783 | return; | 1793 | return; |
1784 | #endif | 1794 | #endif |
1785 | } | ||
1786 | LOG(GNUNET_ERROR_TYPE_DEBUG, | ||
1787 | "Dropping old unverified KX state.\n"); | ||
1788 | GNUNET_STATISTICS_update(stats, | ||
1789 | "# Unverified KX dropped for fresh KX", | ||
1790 | 1, | ||
1791 | GNUNET_NO); | ||
1792 | GNUNET_break(NULL == t->unverified_ax->skipped_head); | ||
1793 | memset(t->unverified_ax, | ||
1794 | 0, | ||
1795 | sizeof(struct CadetTunnelAxolotl)); | ||
1796 | } | 1795 | } |
1796 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
1797 | "Dropping old unverified KX state.\n"); | ||
1798 | GNUNET_STATISTICS_update (stats, | ||
1799 | "# Unverified KX dropped for fresh KX", | ||
1800 | 1, | ||
1801 | GNUNET_NO); | ||
1802 | GNUNET_break (NULL == t->unverified_ax->skipped_head); | ||
1803 | memset (t->unverified_ax, | ||
1804 | 0, | ||
1805 | sizeof(struct CadetTunnelAxolotl)); | ||
1806 | } | ||
1797 | else | 1807 | else |
1798 | { | 1808 | { |
1799 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1809 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1800 | "Creating fresh unverified KX for %s\n", | 1810 | "Creating fresh unverified KX for %s\n", |
1801 | GCT_2s(t)); | 1811 | GCT_2s (t)); |
1802 | GNUNET_STATISTICS_update(stats, | 1812 | GNUNET_STATISTICS_update (stats, |
1803 | "# Fresh KX setup", | 1813 | "# Fresh KX setup", |
1804 | 1, | 1814 | 1, |
1805 | GNUNET_NO); | 1815 | GNUNET_NO); |
1806 | t->unverified_ax = GNUNET_new(struct CadetTunnelAxolotl); | 1816 | t->unverified_ax = GNUNET_new (struct CadetTunnelAxolotl); |
1807 | } | 1817 | } |
1808 | /* Set as the 'current' RK/DHRr the one we are currently using, | 1818 | /* Set as the 'current' RK/DHRr the one we are currently using, |
1809 | so that the duplicate-detection logic of | 1819 | so that the duplicate-detection logic of |
1810 | #update_ax_by_kx can work. */ | 1820 | #update_ax_by_kx can work. */ |
@@ -1815,101 +1825,101 @@ GCT_handle_kx(struct CadetTConnection *ct, | |||
1815 | t->unverified_attempts = 0; | 1825 | t->unverified_attempts = 0; |
1816 | 1826 | ||
1817 | /* Update 'ax' by the new key material */ | 1827 | /* Update 'ax' by the new key material */ |
1818 | ret = update_ax_by_kx(t->unverified_ax, | 1828 | ret = update_ax_by_kx (t->unverified_ax, |
1819 | GCP_get_id(t->destination), | 1829 | GCP_get_id (t->destination), |
1820 | &msg->ephemeral_key, | 1830 | &msg->ephemeral_key, |
1821 | &msg->ratchet_key); | 1831 | &msg->ratchet_key); |
1822 | GNUNET_break(GNUNET_SYSERR != ret); | 1832 | GNUNET_break (GNUNET_SYSERR != ret); |
1823 | if (GNUNET_OK != ret) | 1833 | if (GNUNET_OK != ret) |
1824 | { | 1834 | { |
1825 | GNUNET_STATISTICS_update(stats, | 1835 | GNUNET_STATISTICS_update (stats, |
1826 | "# Useless KX", | 1836 | "# Useless KX", |
1827 | 1, | 1837 | 1, |
1828 | GNUNET_NO); | 1838 | GNUNET_NO); |
1829 | return; /* duplicate KX, nothing to do */ | 1839 | return; /* duplicate KX, nothing to do */ |
1830 | } | 1840 | } |
1831 | /* move ahead in our state machine */ | 1841 | /* move ahead in our state machine */ |
1832 | if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) | 1842 | if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) |
1833 | GCT_change_estate(t, | 1843 | GCT_change_estate (t, |
1834 | CADET_TUNNEL_KEY_AX_RECV); | 1844 | CADET_TUNNEL_KEY_AX_RECV); |
1835 | else if (CADET_TUNNEL_KEY_AX_SENT == t->estate) | 1845 | else if (CADET_TUNNEL_KEY_AX_SENT == t->estate) |
1836 | GCT_change_estate(t, | 1846 | GCT_change_estate (t, |
1837 | CADET_TUNNEL_KEY_AX_SENT_AND_RECV); | 1847 | CADET_TUNNEL_KEY_AX_SENT_AND_RECV); |
1838 | 1848 | ||
1839 | /* KX is still not done, try again our end. */ | 1849 | /* KX is still not done, try again our end. */ |
1840 | if (CADET_TUNNEL_KEY_OK != t->estate) | 1850 | if (CADET_TUNNEL_KEY_OK != t->estate) |
1841 | { | 1851 | { |
1842 | if (NULL != t->kx_task) | 1852 | if (NULL != t->kx_task) |
1843 | GNUNET_SCHEDULER_cancel(t->kx_task); | 1853 | GNUNET_SCHEDULER_cancel (t->kx_task); |
1844 | t->kx_task | 1854 | t->kx_task |
1845 | = GNUNET_SCHEDULER_add_now(&retry_kx, | 1855 | = GNUNET_SCHEDULER_add_now (&retry_kx, |
1846 | t); | 1856 | t); |
1847 | } | 1857 | } |
1848 | } | 1858 | } |
1849 | 1859 | ||
1850 | 1860 | ||
1851 | #if DEBUG_KX | 1861 | #if DEBUG_KX |
1852 | static void | 1862 | static void |
1853 | check_ee(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, | 1863 | check_ee (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, |
1854 | const struct GNUNET_CRYPTO_EcdhePrivateKey *e2) | 1864 | const struct GNUNET_CRYPTO_EcdhePrivateKey *e2) |
1855 | { | 1865 | { |
1856 | struct GNUNET_CRYPTO_EcdhePublicKey p1; | 1866 | struct GNUNET_CRYPTO_EcdhePublicKey p1; |
1857 | struct GNUNET_CRYPTO_EcdhePublicKey p2; | 1867 | struct GNUNET_CRYPTO_EcdhePublicKey p2; |
1858 | struct GNUNET_HashCode hc1; | 1868 | struct GNUNET_HashCode hc1; |
1859 | struct GNUNET_HashCode hc2; | 1869 | struct GNUNET_HashCode hc2; |
1860 | 1870 | ||
1861 | GNUNET_CRYPTO_ecdhe_key_get_public(e1, | 1871 | GNUNET_CRYPTO_ecdhe_key_get_public (e1, |
1862 | &p1); | 1872 | &p1); |
1863 | GNUNET_CRYPTO_ecdhe_key_get_public(e2, | 1873 | GNUNET_CRYPTO_ecdhe_key_get_public (e2, |
1864 | &p2); | 1874 | &p2); |
1865 | GNUNET_assert(GNUNET_OK == | 1875 | GNUNET_assert (GNUNET_OK == |
1866 | GNUNET_CRYPTO_ecc_ecdh(e1, | 1876 | GNUNET_CRYPTO_ecc_ecdh (e1, |
1867 | &p2, | 1877 | &p2, |
1868 | &hc1)); | 1878 | &hc1)); |
1869 | GNUNET_assert(GNUNET_OK == | 1879 | GNUNET_assert (GNUNET_OK == |
1870 | GNUNET_CRYPTO_ecc_ecdh(e2, | 1880 | GNUNET_CRYPTO_ecc_ecdh (e2, |
1871 | &p1, | 1881 | &p1, |
1872 | &hc2)); | 1882 | &hc2)); |
1873 | GNUNET_break(0 == GNUNET_memcmp(&hc1, | 1883 | GNUNET_break (0 == GNUNET_memcmp (&hc1, |
1874 | &hc2)); | 1884 | &hc2)); |
1875 | } | 1885 | } |
1876 | 1886 | ||
1877 | 1887 | ||
1878 | static void | 1888 | static void |
1879 | check_ed(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, | 1889 | check_ed (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, |
1880 | const struct GNUNET_CRYPTO_EddsaPrivateKey *e2) | 1890 | const struct GNUNET_CRYPTO_EddsaPrivateKey *e2) |
1881 | { | 1891 | { |
1882 | struct GNUNET_CRYPTO_EcdhePublicKey p1; | 1892 | struct GNUNET_CRYPTO_EcdhePublicKey p1; |
1883 | struct GNUNET_CRYPTO_EddsaPublicKey p2; | 1893 | struct GNUNET_CRYPTO_EddsaPublicKey p2; |
1884 | struct GNUNET_HashCode hc1; | 1894 | struct GNUNET_HashCode hc1; |
1885 | struct GNUNET_HashCode hc2; | 1895 | struct GNUNET_HashCode hc2; |
1886 | 1896 | ||
1887 | GNUNET_CRYPTO_ecdhe_key_get_public(e1, | 1897 | GNUNET_CRYPTO_ecdhe_key_get_public (e1, |
1888 | &p1); | 1898 | &p1); |
1889 | GNUNET_CRYPTO_eddsa_key_get_public(e2, | 1899 | GNUNET_CRYPTO_eddsa_key_get_public (e2, |
1890 | &p2); | 1900 | &p2); |
1891 | GNUNET_assert(GNUNET_OK == | 1901 | GNUNET_assert (GNUNET_OK == |
1892 | GNUNET_CRYPTO_ecdh_eddsa(e1, | 1902 | GNUNET_CRYPTO_ecdh_eddsa (e1, |
1893 | &p2, | 1903 | &p2, |
1894 | &hc1)); | 1904 | &hc1)); |
1895 | GNUNET_assert(GNUNET_OK == | 1905 | GNUNET_assert (GNUNET_OK == |
1896 | GNUNET_CRYPTO_eddsa_ecdh(e2, | 1906 | GNUNET_CRYPTO_eddsa_ecdh (e2, |
1897 | &p1, | 1907 | &p1, |
1898 | &hc2)); | 1908 | &hc2)); |
1899 | GNUNET_break(0 == GNUNET_memcmp(&hc1, | 1909 | GNUNET_break (0 == GNUNET_memcmp (&hc1, |
1900 | &hc2)); | 1910 | &hc2)); |
1901 | } | 1911 | } |
1902 | 1912 | ||
1903 | 1913 | ||
1904 | static void | 1914 | static void |
1905 | test_crypto_bug(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, | 1915 | test_crypto_bug (const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, |
1906 | const struct GNUNET_CRYPTO_EcdhePrivateKey *e2, | 1916 | const struct GNUNET_CRYPTO_EcdhePrivateKey *e2, |
1907 | const struct GNUNET_CRYPTO_EddsaPrivateKey *d1, | 1917 | const struct GNUNET_CRYPTO_EddsaPrivateKey *d1, |
1908 | const struct GNUNET_CRYPTO_EddsaPrivateKey *d2) | 1918 | const struct GNUNET_CRYPTO_EddsaPrivateKey *d2) |
1909 | { | 1919 | { |
1910 | check_ee(e1, e2); | 1920 | check_ee (e1, e2); |
1911 | check_ed(e1, d2); | 1921 | check_ed (e1, d2); |
1912 | check_ed(e2, d1); | 1922 | check_ed (e2, d1); |
1913 | } | 1923 | } |
1914 | 1924 | ||
1915 | #endif | 1925 | #endif |
@@ -1922,135 +1932,135 @@ test_crypto_bug(const struct GNUNET_CRYPTO_EcdhePrivateKey *e1, | |||
1922 | * @param msg the key exchange message | 1932 | * @param msg the key exchange message |
1923 | */ | 1933 | */ |
1924 | void | 1934 | void |
1925 | GCT_handle_kx_auth(struct CadetTConnection *ct, | 1935 | GCT_handle_kx_auth (struct CadetTConnection *ct, |
1926 | const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg) | 1936 | const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg) |
1927 | { | 1937 | { |
1928 | struct CadetTunnel *t = ct->t; | 1938 | struct CadetTunnel *t = ct->t; |
1929 | struct CadetTunnelAxolotl ax_tmp; | 1939 | struct CadetTunnelAxolotl ax_tmp; |
1930 | struct GNUNET_HashCode kx_auth; | 1940 | struct GNUNET_HashCode kx_auth; |
1931 | int ret; | 1941 | int ret; |
1932 | 1942 | ||
1933 | GNUNET_STATISTICS_update(stats, | 1943 | GNUNET_STATISTICS_update (stats, |
1934 | "# KX_AUTH received", | 1944 | "# KX_AUTH received", |
1935 | 1, | 1945 | 1, |
1936 | GNUNET_NO); | 1946 | GNUNET_NO); |
1937 | if ((CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) || | 1947 | if ((CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) || |
1938 | (CADET_TUNNEL_KEY_AX_RECV == t->estate)) | 1948 | (CADET_TUNNEL_KEY_AX_RECV == t->estate)) |
1939 | { | 1949 | { |
1940 | /* Confusing, we got a KX_AUTH before we even send our own | 1950 | /* Confusing, we got a KX_AUTH before we even send our own |
1941 | KX. This should not happen. We'll send our own KX ASAP anyway, | 1951 | KX. This should not happen. We'll send our own KX ASAP anyway, |
1942 | so let's ignore this here. */ | 1952 | so let's ignore this here. */ |
1943 | GNUNET_break_op(0); | 1953 | GNUNET_break_op (0); |
1944 | return; | 1954 | return; |
1945 | } | 1955 | } |
1946 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 1956 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
1947 | "Handling KX_AUTH message from %s with ephemeral %s\n", | 1957 | "Handling KX_AUTH message from %s with ephemeral %s\n", |
1948 | GCT_2s(t), | 1958 | GCT_2s (t), |
1949 | GNUNET_e2s(&msg->kx.ephemeral_key)); | 1959 | GNUNET_e2s (&msg->kx.ephemeral_key)); |
1950 | /* We do everything in ax_tmp until we've checked the authentication | 1960 | /* We do everything in ax_tmp until we've checked the authentication |
1951 | so we don't clobber anything we care about by accident. */ | 1961 | so we don't clobber anything we care about by accident. */ |
1952 | ax_tmp = t->ax; | 1962 | ax_tmp = t->ax; |
1953 | 1963 | ||
1954 | /* Update 'ax' by the new key material */ | 1964 | /* Update 'ax' by the new key material */ |
1955 | ret = update_ax_by_kx(&ax_tmp, | 1965 | ret = update_ax_by_kx (&ax_tmp, |
1956 | GCP_get_id(t->destination), | 1966 | GCP_get_id (t->destination), |
1957 | &msg->kx.ephemeral_key, | 1967 | &msg->kx.ephemeral_key, |
1958 | &msg->kx.ratchet_key); | 1968 | &msg->kx.ratchet_key); |
1959 | if (GNUNET_OK != ret) | 1969 | if (GNUNET_OK != ret) |
1970 | { | ||
1971 | if (GNUNET_NO == ret) | ||
1972 | GNUNET_STATISTICS_update (stats, | ||
1973 | "# redundant KX_AUTH received", | ||
1974 | 1, | ||
1975 | GNUNET_NO); | ||
1976 | else | ||
1977 | GNUNET_break (0); /* connect to self!? */ | ||
1978 | return; | ||
1979 | } | ||
1980 | GNUNET_CRYPTO_hash (&ax_tmp.RK, | ||
1981 | sizeof(ax_tmp.RK), | ||
1982 | &kx_auth); | ||
1983 | if (0 != GNUNET_memcmp (&kx_auth, | ||
1984 | &msg->auth)) | ||
1985 | { | ||
1986 | /* This KX_AUTH is not using the latest KX/KX_AUTH data | ||
1987 | we transmitted to the sender, refuse it, try KX again. */ | ||
1988 | GNUNET_STATISTICS_update (stats, | ||
1989 | "# KX_AUTH not using our last KX received (auth failure)", | ||
1990 | 1, | ||
1991 | GNUNET_NO); | ||
1992 | LOG (GNUNET_ERROR_TYPE_WARNING, | ||
1993 | "KX AUTH mismatch!\n"); | ||
1994 | #if DEBUG_KX | ||
1960 | { | 1995 | { |
1961 | if (GNUNET_NO == ret) | 1996 | struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key; |
1962 | GNUNET_STATISTICS_update(stats, | 1997 | |
1963 | "# redundant KX_AUTH received", | 1998 | GNUNET_CRYPTO_ecdhe_key_get_public (&ax_tmp.kx_0, |
1964 | 1, | 1999 | &ephemeral_key); |
1965 | GNUNET_NO); | 2000 | if (0 != GNUNET_memcmp (&ephemeral_key, |
2001 | &msg->r_ephemeral_key_XXX)) | ||
2002 | { | ||
2003 | LOG (GNUNET_ERROR_TYPE_WARNING, | ||
2004 | "My ephemeral is %s!\n", | ||
2005 | GNUNET_e2s (&ephemeral_key)); | ||
2006 | LOG (GNUNET_ERROR_TYPE_WARNING, | ||
2007 | "Response is for ephemeral %s!\n", | ||
2008 | GNUNET_e2s (&msg->r_ephemeral_key_XXX)); | ||
2009 | } | ||
1966 | else | 2010 | else |
1967 | GNUNET_break(0); /* connect to self!? */ | ||
1968 | return; | ||
1969 | } | ||
1970 | GNUNET_CRYPTO_hash(&ax_tmp.RK, | ||
1971 | sizeof(ax_tmp.RK), | ||
1972 | &kx_auth); | ||
1973 | if (0 != GNUNET_memcmp(&kx_auth, | ||
1974 | &msg->auth)) | ||
1975 | { | ||
1976 | /* This KX_AUTH is not using the latest KX/KX_AUTH data | ||
1977 | we transmitted to the sender, refuse it, try KX again. */ | ||
1978 | GNUNET_STATISTICS_update(stats, | ||
1979 | "# KX_AUTH not using our last KX received (auth failure)", | ||
1980 | 1, | ||
1981 | GNUNET_NO); | ||
1982 | LOG(GNUNET_ERROR_TYPE_WARNING, | ||
1983 | "KX AUTH mismatch!\n"); | ||
1984 | #if DEBUG_KX | ||
1985 | { | 2011 | { |
1986 | struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key; | 2012 | test_crypto_bug (&ax_tmp.kx_0, |
1987 | 2013 | &msg->kx.ephemeral_key_XXX, | |
1988 | GNUNET_CRYPTO_ecdhe_key_get_public(&ax_tmp.kx_0, | 2014 | my_private_key, |
1989 | &ephemeral_key); | 2015 | &msg->kx.private_key_XXX); |
1990 | if (0 != GNUNET_memcmp(&ephemeral_key, | ||
1991 | &msg->r_ephemeral_key_XXX)) | ||
1992 | { | ||
1993 | LOG(GNUNET_ERROR_TYPE_WARNING, | ||
1994 | "My ephemeral is %s!\n", | ||
1995 | GNUNET_e2s(&ephemeral_key)); | ||
1996 | LOG(GNUNET_ERROR_TYPE_WARNING, | ||
1997 | "Response is for ephemeral %s!\n", | ||
1998 | GNUNET_e2s(&msg->r_ephemeral_key_XXX)); | ||
1999 | } | ||
2000 | else | ||
2001 | { | ||
2002 | test_crypto_bug(&ax_tmp.kx_0, | ||
2003 | &msg->kx.ephemeral_key_XXX, | ||
2004 | my_private_key, | ||
2005 | &msg->kx.private_key_XXX); | ||
2006 | } | ||
2007 | } | 2016 | } |
2008 | #endif | ||
2009 | if (NULL == t->kx_task) | ||
2010 | t->kx_task | ||
2011 | = GNUNET_SCHEDULER_add_at(t->next_kx_attempt, | ||
2012 | &retry_kx, | ||
2013 | t); | ||
2014 | return; | ||
2015 | } | 2017 | } |
2018 | #endif | ||
2019 | if (NULL == t->kx_task) | ||
2020 | t->kx_task | ||
2021 | = GNUNET_SCHEDULER_add_at (t->next_kx_attempt, | ||
2022 | &retry_kx, | ||
2023 | t); | ||
2024 | return; | ||
2025 | } | ||
2016 | /* Yep, we're good. */ | 2026 | /* Yep, we're good. */ |
2017 | t->ax = ax_tmp; | 2027 | t->ax = ax_tmp; |
2018 | if (NULL != t->unverified_ax) | 2028 | if (NULL != t->unverified_ax) |
2019 | { | 2029 | { |
2020 | /* We got some "stale" KX before, drop that. */ | 2030 | /* We got some "stale" KX before, drop that. */ |
2021 | cleanup_ax(t->unverified_ax); | 2031 | cleanup_ax (t->unverified_ax); |
2022 | GNUNET_free(t->unverified_ax); | 2032 | GNUNET_free (t->unverified_ax); |
2023 | t->unverified_ax = NULL; | 2033 | t->unverified_ax = NULL; |
2024 | } | 2034 | } |
2025 | 2035 | ||
2026 | /* move ahead in our state machine */ | 2036 | /* move ahead in our state machine */ |
2027 | switch (t->estate) | 2037 | switch (t->estate) |
2028 | { | 2038 | { |
2029 | case CADET_TUNNEL_KEY_UNINITIALIZED: | 2039 | case CADET_TUNNEL_KEY_UNINITIALIZED: |
2030 | case CADET_TUNNEL_KEY_AX_RECV: | 2040 | case CADET_TUNNEL_KEY_AX_RECV: |
2031 | /* Checked above, this is impossible. */ | 2041 | /* Checked above, this is impossible. */ |
2032 | GNUNET_assert(0); | 2042 | GNUNET_assert (0); |
2033 | break; | 2043 | break; |
2034 | 2044 | ||
2035 | case CADET_TUNNEL_KEY_AX_SENT: /* This is the normal case */ | 2045 | case CADET_TUNNEL_KEY_AX_SENT: /* This is the normal case */ |
2036 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: /* both peers started KX */ | 2046 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: /* both peers started KX */ |
2037 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: /* both peers now did KX_AUTH */ | 2047 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: /* both peers now did KX_AUTH */ |
2038 | GCT_change_estate(t, | 2048 | GCT_change_estate (t, |
2039 | CADET_TUNNEL_KEY_OK); | 2049 | CADET_TUNNEL_KEY_OK); |
2040 | break; | 2050 | break; |
2041 | 2051 | ||
2042 | case CADET_TUNNEL_KEY_OK: | 2052 | case CADET_TUNNEL_KEY_OK: |
2043 | /* Did not expect another KX_AUTH, but so what, still acceptable. | 2053 | /* Did not expect another KX_AUTH, but so what, still acceptable. |
2044 | Nothing to do here. */ | 2054 | Nothing to do here. */ |
2045 | break; | 2055 | break; |
2046 | } | 2056 | } |
2047 | if (0 != (GNUNET_CADET_KX_FLAG_FORCE_REPLY & ntohl(msg->kx.flags))) | 2057 | if (0 != (GNUNET_CADET_KX_FLAG_FORCE_REPLY & ntohl (msg->kx.flags))) |
2048 | { | 2058 | { |
2049 | send_kx_auth(t, | 2059 | send_kx_auth (t, |
2050 | NULL, | 2060 | NULL, |
2051 | &t->ax, | 2061 | &t->ax, |
2052 | GNUNET_NO); | 2062 | GNUNET_NO); |
2053 | } | 2063 | } |
2054 | } | 2064 | } |
2055 | 2065 | ||
2056 | 2066 | ||
@@ -2065,7 +2075,7 @@ GCT_handle_kx_auth(struct CadetTConnection *ct, | |||
2065 | * @return unused number that can uniquely identify a channel in the tunnel | 2075 | * @return unused number that can uniquely identify a channel in the tunnel |
2066 | */ | 2076 | */ |
2067 | static struct GNUNET_CADET_ChannelTunnelNumber | 2077 | static struct GNUNET_CADET_ChannelTunnelNumber |
2068 | get_next_free_ctn(struct CadetTunnel *t) | 2078 | get_next_free_ctn (struct CadetTunnel *t) |
2069 | { | 2079 | { |
2070 | #define HIGH_BIT 0x8000000 | 2080 | #define HIGH_BIT 0x8000000 |
2071 | struct GNUNET_CADET_ChannelTunnelNumber ret; | 2081 | struct GNUNET_CADET_ChannelTunnelNumber ret; |
@@ -2073,23 +2083,23 @@ get_next_free_ctn(struct CadetTunnel *t) | |||
2073 | int cmp; | 2083 | int cmp; |
2074 | uint32_t highbit; | 2084 | uint32_t highbit; |
2075 | 2085 | ||
2076 | cmp = GNUNET_memcmp(&my_full_id, | 2086 | cmp = GNUNET_memcmp (&my_full_id, |
2077 | GCP_get_id(GCT_get_destination(t))); | 2087 | GCP_get_id (GCT_get_destination (t))); |
2078 | if (0 < cmp) | 2088 | if (0 < cmp) |
2079 | highbit = HIGH_BIT; | 2089 | highbit = HIGH_BIT; |
2080 | else if (0 > cmp) | 2090 | else if (0 > cmp) |
2081 | highbit = 0; | 2091 | highbit = 0; |
2082 | else | 2092 | else |
2083 | GNUNET_assert(0); // loopback must never go here! | 2093 | GNUNET_assert (0); // loopback must never go here! |
2084 | ctn = ntohl(t->next_ctn.cn); | 2094 | ctn = ntohl (t->next_ctn.cn); |
2085 | while (NULL != | 2095 | while (NULL != |
2086 | GNUNET_CONTAINER_multihashmap32_get(t->channels, | 2096 | GNUNET_CONTAINER_multihashmap32_get (t->channels, |
2087 | ctn | highbit)) | 2097 | ctn | highbit)) |
2088 | { | 2098 | { |
2089 | ctn = ((ctn + 1) & (~HIGH_BIT)); | 2099 | ctn = ((ctn + 1) & (~HIGH_BIT)); |
2090 | } | 2100 | } |
2091 | t->next_ctn.cn = htonl((ctn + 1) & (~HIGH_BIT)); | 2101 | t->next_ctn.cn = htonl ((ctn + 1) & (~HIGH_BIT)); |
2092 | ret.cn = htonl(ctn | highbit); | 2102 | ret.cn = htonl (ctn | highbit); |
2093 | return ret; | 2103 | return ret; |
2094 | } | 2104 | } |
2095 | 2105 | ||
@@ -2104,53 +2114,53 @@ get_next_free_ctn(struct CadetTunnel *t) | |||
2104 | * @return unique number identifying @a ch within @a t | 2114 | * @return unique number identifying @a ch within @a t |
2105 | */ | 2115 | */ |
2106 | struct GNUNET_CADET_ChannelTunnelNumber | 2116 | struct GNUNET_CADET_ChannelTunnelNumber |
2107 | GCT_add_channel(struct CadetTunnel *t, | 2117 | GCT_add_channel (struct CadetTunnel *t, |
2108 | struct CadetChannel *ch) | 2118 | struct CadetChannel *ch) |
2109 | { | 2119 | { |
2110 | struct GNUNET_CADET_ChannelTunnelNumber ctn; | 2120 | struct GNUNET_CADET_ChannelTunnelNumber ctn; |
2111 | 2121 | ||
2112 | ctn = get_next_free_ctn(t); | 2122 | ctn = get_next_free_ctn (t); |
2113 | if (NULL != t->destroy_task) | 2123 | if (NULL != t->destroy_task) |
2114 | { | 2124 | { |
2115 | GNUNET_SCHEDULER_cancel(t->destroy_task); | 2125 | GNUNET_SCHEDULER_cancel (t->destroy_task); |
2116 | t->destroy_task = NULL; | 2126 | t->destroy_task = NULL; |
2117 | } | 2127 | } |
2118 | GNUNET_assert(GNUNET_YES == | 2128 | GNUNET_assert (GNUNET_YES == |
2119 | GNUNET_CONTAINER_multihashmap32_put(t->channels, | 2129 | GNUNET_CONTAINER_multihashmap32_put (t->channels, |
2120 | ntohl(ctn.cn), | 2130 | ntohl (ctn.cn), |
2121 | ch, | 2131 | ch, |
2122 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); | 2132 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); |
2123 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2133 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2124 | "Adding %s to %s\n", | 2134 | "Adding %s to %s\n", |
2125 | GCCH_2s(ch), | 2135 | GCCH_2s (ch), |
2126 | GCT_2s(t)); | 2136 | GCT_2s (t)); |
2127 | switch (t->estate) | 2137 | switch (t->estate) |
2128 | { | 2138 | { |
2129 | case CADET_TUNNEL_KEY_UNINITIALIZED: | 2139 | case CADET_TUNNEL_KEY_UNINITIALIZED: |
2130 | /* waiting for connection to start KX */ | 2140 | /* waiting for connection to start KX */ |
2131 | break; | 2141 | break; |
2132 | 2142 | ||
2133 | case CADET_TUNNEL_KEY_AX_RECV: | 2143 | case CADET_TUNNEL_KEY_AX_RECV: |
2134 | case CADET_TUNNEL_KEY_AX_SENT: | 2144 | case CADET_TUNNEL_KEY_AX_SENT: |
2135 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: | 2145 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: |
2136 | /* we're currently waiting for KX to complete */ | 2146 | /* we're currently waiting for KX to complete */ |
2137 | break; | 2147 | break; |
2138 | 2148 | ||
2139 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: | 2149 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: |
2140 | /* waiting for OTHER peer to send us data, | 2150 | /* waiting for OTHER peer to send us data, |
2141 | we might need to prompt more aggressively! */ | 2151 | we might need to prompt more aggressively! */ |
2142 | if (NULL == t->kx_task) | 2152 | if (NULL == t->kx_task) |
2143 | t->kx_task | 2153 | t->kx_task |
2144 | = GNUNET_SCHEDULER_add_at(t->next_kx_attempt, | 2154 | = GNUNET_SCHEDULER_add_at (t->next_kx_attempt, |
2145 | &retry_kx, | 2155 | &retry_kx, |
2146 | t); | 2156 | t); |
2147 | break; | 2157 | break; |
2148 | 2158 | ||
2149 | case CADET_TUNNEL_KEY_OK: | 2159 | case CADET_TUNNEL_KEY_OK: |
2150 | /* We are ready. Tell the new channel that we are up. */ | 2160 | /* We are ready. Tell the new channel that we are up. */ |
2151 | GCCH_tunnel_up(ch); | 2161 | GCCH_tunnel_up (ch); |
2152 | break; | 2162 | break; |
2153 | } | 2163 | } |
2154 | return ctn; | 2164 | return ctn; |
2155 | } | 2165 | } |
2156 | 2166 | ||
@@ -2162,25 +2172,25 @@ GCT_add_channel(struct CadetTunnel *t, | |||
2162 | * @param ct binding of connection to tunnel of the connection that was lost. | 2172 | * @param ct binding of connection to tunnel of the connection that was lost. |
2163 | */ | 2173 | */ |
2164 | void | 2174 | void |
2165 | GCT_connection_lost(struct CadetTConnection *ct) | 2175 | GCT_connection_lost (struct CadetTConnection *ct) |
2166 | { | 2176 | { |
2167 | struct CadetTunnel *t = ct->t; | 2177 | struct CadetTunnel *t = ct->t; |
2168 | 2178 | ||
2169 | if (GNUNET_YES == ct->is_ready) | 2179 | if (GNUNET_YES == ct->is_ready) |
2170 | { | 2180 | { |
2171 | GNUNET_CONTAINER_DLL_remove(t->connection_ready_head, | 2181 | GNUNET_CONTAINER_DLL_remove (t->connection_ready_head, |
2172 | t->connection_ready_tail, | 2182 | t->connection_ready_tail, |
2173 | ct); | 2183 | ct); |
2174 | t->num_ready_connections--; | 2184 | t->num_ready_connections--; |
2175 | } | 2185 | } |
2176 | else | 2186 | else |
2177 | { | 2187 | { |
2178 | GNUNET_CONTAINER_DLL_remove(t->connection_busy_head, | 2188 | GNUNET_CONTAINER_DLL_remove (t->connection_busy_head, |
2179 | t->connection_busy_tail, | 2189 | t->connection_busy_tail, |
2180 | ct); | 2190 | ct); |
2181 | t->num_busy_connections--; | 2191 | t->num_busy_connections--; |
2182 | } | 2192 | } |
2183 | GNUNET_free(ct); | 2193 | GNUNET_free (ct); |
2184 | } | 2194 | } |
2185 | 2195 | ||
2186 | 2196 | ||
@@ -2191,15 +2201,15 @@ GCT_connection_lost(struct CadetTConnection *ct) | |||
2191 | * @param ct connection to clean up | 2201 | * @param ct connection to clean up |
2192 | */ | 2202 | */ |
2193 | static void | 2203 | static void |
2194 | destroy_t_connection(void *cls, | 2204 | destroy_t_connection (void *cls, |
2195 | struct CadetTConnection *ct) | 2205 | struct CadetTConnection *ct) |
2196 | { | 2206 | { |
2197 | struct CadetTunnel *t = cls; | 2207 | struct CadetTunnel *t = cls; |
2198 | struct CadetConnection *cc = ct->cc; | 2208 | struct CadetConnection *cc = ct->cc; |
2199 | 2209 | ||
2200 | GNUNET_assert(ct->t == t); | 2210 | GNUNET_assert (ct->t == t); |
2201 | GCT_connection_lost(ct); | 2211 | GCT_connection_lost (ct); |
2202 | GCC_destroy_without_tunnel(cc); | 2212 | GCC_destroy_without_tunnel (cc); |
2203 | } | 2213 | } |
2204 | 2214 | ||
2205 | 2215 | ||
@@ -2209,56 +2219,56 @@ destroy_t_connection(void *cls, | |||
2209 | * @param cls the idle tunnel | 2219 | * @param cls the idle tunnel |
2210 | */ | 2220 | */ |
2211 | static void | 2221 | static void |
2212 | destroy_tunnel(void *cls) | 2222 | destroy_tunnel (void *cls) |
2213 | { | 2223 | { |
2214 | struct CadetTunnel *t = cls; | 2224 | struct CadetTunnel *t = cls; |
2215 | struct CadetTunnelQueueEntry *tq; | 2225 | struct CadetTunnelQueueEntry *tq; |
2216 | 2226 | ||
2217 | t->destroy_task = NULL; | 2227 | t->destroy_task = NULL; |
2218 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2228 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2219 | "Destroying idle %s\n", | 2229 | "Destroying idle %s\n", |
2220 | GCT_2s(t)); | 2230 | GCT_2s (t)); |
2221 | GNUNET_assert(0 == GCT_count_channels(t)); | 2231 | GNUNET_assert (0 == GCT_count_channels (t)); |
2222 | GCT_iterate_connections(t, | 2232 | GCT_iterate_connections (t, |
2223 | &destroy_t_connection, | 2233 | &destroy_t_connection, |
2224 | t); | 2234 | t); |
2225 | GNUNET_assert(NULL == t->connection_ready_head); | 2235 | GNUNET_assert (NULL == t->connection_ready_head); |
2226 | GNUNET_assert(NULL == t->connection_busy_head); | 2236 | GNUNET_assert (NULL == t->connection_busy_head); |
2227 | while (NULL != (tq = t->tq_head)) | 2237 | while (NULL != (tq = t->tq_head)) |
2228 | { | 2238 | { |
2229 | if (NULL != tq->cont) | 2239 | if (NULL != tq->cont) |
2230 | tq->cont(tq->cont_cls, | 2240 | tq->cont (tq->cont_cls, |
2231 | NULL); | 2241 | NULL); |
2232 | GCT_send_cancel(tq); | 2242 | GCT_send_cancel (tq); |
2233 | } | 2243 | } |
2234 | GCP_drop_tunnel(t->destination, | 2244 | GCP_drop_tunnel (t->destination, |
2235 | t); | 2245 | t); |
2236 | GNUNET_CONTAINER_multihashmap32_destroy(t->channels); | 2246 | GNUNET_CONTAINER_multihashmap32_destroy (t->channels); |
2237 | if (NULL != t->maintain_connections_task) | 2247 | if (NULL != t->maintain_connections_task) |
2238 | { | 2248 | { |
2239 | GNUNET_SCHEDULER_cancel(t->maintain_connections_task); | 2249 | GNUNET_SCHEDULER_cancel (t->maintain_connections_task); |
2240 | t->maintain_connections_task = NULL; | 2250 | t->maintain_connections_task = NULL; |
2241 | } | 2251 | } |
2242 | if (NULL != t->send_task) | 2252 | if (NULL != t->send_task) |
2243 | { | 2253 | { |
2244 | GNUNET_SCHEDULER_cancel(t->send_task); | 2254 | GNUNET_SCHEDULER_cancel (t->send_task); |
2245 | t->send_task = NULL; | 2255 | t->send_task = NULL; |
2246 | } | 2256 | } |
2247 | if (NULL != t->kx_task) | 2257 | if (NULL != t->kx_task) |
2248 | { | 2258 | { |
2249 | GNUNET_SCHEDULER_cancel(t->kx_task); | 2259 | GNUNET_SCHEDULER_cancel (t->kx_task); |
2250 | t->kx_task = NULL; | 2260 | t->kx_task = NULL; |
2251 | } | 2261 | } |
2252 | GNUNET_MST_destroy(t->mst); | 2262 | GNUNET_MST_destroy (t->mst); |
2253 | GNUNET_MQ_destroy(t->mq); | 2263 | GNUNET_MQ_destroy (t->mq); |
2254 | if (NULL != t->unverified_ax) | 2264 | if (NULL != t->unverified_ax) |
2255 | { | 2265 | { |
2256 | cleanup_ax(t->unverified_ax); | 2266 | cleanup_ax (t->unverified_ax); |
2257 | GNUNET_free(t->unverified_ax); | 2267 | GNUNET_free (t->unverified_ax); |
2258 | } | 2268 | } |
2259 | cleanup_ax(&t->ax); | 2269 | cleanup_ax (&t->ax); |
2260 | GNUNET_assert(NULL == t->destroy_task); | 2270 | GNUNET_assert (NULL == t->destroy_task); |
2261 | GNUNET_free(t); | 2271 | GNUNET_free (t); |
2262 | } | 2272 | } |
2263 | 2273 | ||
2264 | 2274 | ||
@@ -2270,27 +2280,27 @@ destroy_tunnel(void *cls) | |||
2270 | * @param ctn unique number identifying @a ch within @a t | 2280 | * @param ctn unique number identifying @a ch within @a t |
2271 | */ | 2281 | */ |
2272 | void | 2282 | void |
2273 | GCT_remove_channel(struct CadetTunnel *t, | 2283 | GCT_remove_channel (struct CadetTunnel *t, |
2274 | struct CadetChannel *ch, | 2284 | struct CadetChannel *ch, |
2275 | struct GNUNET_CADET_ChannelTunnelNumber ctn) | 2285 | struct GNUNET_CADET_ChannelTunnelNumber ctn) |
2276 | { | 2286 | { |
2277 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2287 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2278 | "Removing %s from %s\n", | 2288 | "Removing %s from %s\n", |
2279 | GCCH_2s(ch), | 2289 | GCCH_2s (ch), |
2280 | GCT_2s(t)); | 2290 | GCT_2s (t)); |
2281 | GNUNET_assert(GNUNET_YES == | 2291 | GNUNET_assert (GNUNET_YES == |
2282 | GNUNET_CONTAINER_multihashmap32_remove(t->channels, | 2292 | GNUNET_CONTAINER_multihashmap32_remove (t->channels, |
2283 | ntohl(ctn.cn), | 2293 | ntohl (ctn.cn), |
2284 | ch)); | 2294 | ch)); |
2285 | if ((0 == | 2295 | if ((0 == |
2286 | GCT_count_channels(t)) && | 2296 | GCT_count_channels (t)) && |
2287 | (NULL == t->destroy_task)) | 2297 | (NULL == t->destroy_task)) |
2288 | { | 2298 | { |
2289 | t->destroy_task | 2299 | t->destroy_task |
2290 | = GNUNET_SCHEDULER_add_delayed(IDLE_DESTROY_DELAY, | 2300 | = GNUNET_SCHEDULER_add_delayed (IDLE_DESTROY_DELAY, |
2291 | &destroy_tunnel, | 2301 | &destroy_tunnel, |
2292 | t); | 2302 | t); |
2293 | } | 2303 | } |
2294 | } | 2304 | } |
2295 | 2305 | ||
2296 | 2306 | ||
@@ -2303,14 +2313,14 @@ GCT_remove_channel(struct CadetTunnel *t, | |||
2303 | * @return #GNUNET_OK (continue to iterate) | 2313 | * @return #GNUNET_OK (continue to iterate) |
2304 | */ | 2314 | */ |
2305 | static int | 2315 | static int |
2306 | destroy_remaining_channels(void *cls, | 2316 | destroy_remaining_channels (void *cls, |
2307 | uint32_t key, | 2317 | uint32_t key, |
2308 | void *value) | 2318 | void *value) |
2309 | { | 2319 | { |
2310 | struct CadetChannel *ch = value; | 2320 | struct CadetChannel *ch = value; |
2311 | 2321 | ||
2312 | GCCH_handle_remote_destroy(ch, | 2322 | GCCH_handle_remote_destroy (ch, |
2313 | NULL); | 2323 | NULL); |
2314 | return GNUNET_OK; | 2324 | return GNUNET_OK; |
2315 | } | 2325 | } |
2316 | 2326 | ||
@@ -2321,20 +2331,20 @@ destroy_remaining_channels(void *cls, | |||
2321 | * @param t tunnel to destroy | 2331 | * @param t tunnel to destroy |
2322 | */ | 2332 | */ |
2323 | void | 2333 | void |
2324 | GCT_destroy_tunnel_now(struct CadetTunnel *t) | 2334 | GCT_destroy_tunnel_now (struct CadetTunnel *t) |
2325 | { | 2335 | { |
2326 | GNUNET_assert(GNUNET_YES == shutting_down); | 2336 | GNUNET_assert (GNUNET_YES == shutting_down); |
2327 | GNUNET_CONTAINER_multihashmap32_iterate(t->channels, | 2337 | GNUNET_CONTAINER_multihashmap32_iterate (t->channels, |
2328 | &destroy_remaining_channels, | 2338 | &destroy_remaining_channels, |
2329 | t); | 2339 | t); |
2330 | GNUNET_assert(0 == | 2340 | GNUNET_assert (0 == |
2331 | GCT_count_channels(t)); | 2341 | GCT_count_channels (t)); |
2332 | if (NULL != t->destroy_task) | 2342 | if (NULL != t->destroy_task) |
2333 | { | 2343 | { |
2334 | GNUNET_SCHEDULER_cancel(t->destroy_task); | 2344 | GNUNET_SCHEDULER_cancel (t->destroy_task); |
2335 | t->destroy_task = NULL; | 2345 | t->destroy_task = NULL; |
2336 | } | 2346 | } |
2337 | destroy_tunnel(t); | 2347 | destroy_tunnel (t); |
2338 | } | 2348 | } |
2339 | 2349 | ||
2340 | 2350 | ||
@@ -2346,40 +2356,40 @@ GCT_destroy_tunnel_now(struct CadetTunnel *t) | |||
2346 | * @param ct connection to use for transmission (is ready) | 2356 | * @param ct connection to use for transmission (is ready) |
2347 | */ | 2357 | */ |
2348 | static void | 2358 | static void |
2349 | try_send_normal_payload(struct CadetTunnel *t, | 2359 | try_send_normal_payload (struct CadetTunnel *t, |
2350 | struct CadetTConnection *ct) | 2360 | struct CadetTConnection *ct) |
2351 | { | 2361 | { |
2352 | struct CadetTunnelQueueEntry *tq; | 2362 | struct CadetTunnelQueueEntry *tq; |
2353 | 2363 | ||
2354 | GNUNET_assert(GNUNET_YES == ct->is_ready); | 2364 | GNUNET_assert (GNUNET_YES == ct->is_ready); |
2355 | tq = t->tq_head; | 2365 | tq = t->tq_head; |
2356 | if (NULL == tq) | 2366 | if (NULL == tq) |
2357 | { | 2367 | { |
2358 | /* no messages pending right now */ | 2368 | /* no messages pending right now */ |
2359 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2369 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2360 | "Not sending payload of %s on ready %s (nothing pending)\n", | 2370 | "Not sending payload of %s on ready %s (nothing pending)\n", |
2361 | GCT_2s(t), | 2371 | GCT_2s (t), |
2362 | GCC_2s(ct->cc)); | 2372 | GCC_2s (ct->cc)); |
2363 | return; | 2373 | return; |
2364 | } | 2374 | } |
2365 | /* ready to send message 'tq' on tunnel 'ct' */ | 2375 | /* ready to send message 'tq' on tunnel 'ct' */ |
2366 | GNUNET_assert(t == tq->t); | 2376 | GNUNET_assert (t == tq->t); |
2367 | GNUNET_CONTAINER_DLL_remove(t->tq_head, | 2377 | GNUNET_CONTAINER_DLL_remove (t->tq_head, |
2368 | t->tq_tail, | 2378 | t->tq_tail, |
2369 | tq); | 2379 | tq); |
2370 | if (NULL != tq->cid) | 2380 | if (NULL != tq->cid) |
2371 | *tq->cid = *GCC_get_id(ct->cc); | 2381 | *tq->cid = *GCC_get_id (ct->cc); |
2372 | mark_connection_unready(ct); | 2382 | mark_connection_unready (ct); |
2373 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2383 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2374 | "Sending payload of %s on %s\n", | 2384 | "Sending payload of %s on %s\n", |
2375 | GCT_2s(t), | 2385 | GCT_2s (t), |
2376 | GCC_2s(ct->cc)); | 2386 | GCC_2s (ct->cc)); |
2377 | GCC_transmit(ct->cc, | 2387 | GCC_transmit (ct->cc, |
2378 | tq->env); | 2388 | tq->env); |
2379 | if (NULL != tq->cont) | 2389 | if (NULL != tq->cont) |
2380 | tq->cont(tq->cont_cls, | 2390 | tq->cont (tq->cont_cls, |
2381 | GCC_get_id(ct->cc)); | 2391 | GCC_get_id (ct->cc)); |
2382 | GNUNET_free(tq); | 2392 | GNUNET_free (tq); |
2383 | } | 2393 | } |
2384 | 2394 | ||
2385 | 2395 | ||
@@ -2392,97 +2402,99 @@ try_send_normal_payload(struct CadetTunnel *t, | |||
2392 | * #GNUNET_NO if connection are no longer ready | 2402 | * #GNUNET_NO if connection are no longer ready |
2393 | */ | 2403 | */ |
2394 | static void | 2404 | static void |
2395 | connection_ready_cb(void *cls, | 2405 | connection_ready_cb (void *cls, |
2396 | int is_ready) | 2406 | int is_ready) |
2397 | { | 2407 | { |
2398 | struct CadetTConnection *ct = cls; | 2408 | struct CadetTConnection *ct = cls; |
2399 | struct CadetTunnel *t = ct->t; | 2409 | struct CadetTunnel *t = ct->t; |
2400 | 2410 | ||
2401 | if (GNUNET_NO == is_ready) | 2411 | if (GNUNET_NO == is_ready) |
2402 | { | 2412 | { |
2403 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2413 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2404 | "%s no longer ready for %s\n", | 2414 | "%s no longer ready for %s\n", |
2405 | GCC_2s(ct->cc), | 2415 | GCC_2s (ct->cc), |
2406 | GCT_2s(t)); | 2416 | GCT_2s (t)); |
2407 | mark_connection_unready(ct); | 2417 | mark_connection_unready (ct); |
2408 | return; | 2418 | return; |
2409 | } | 2419 | } |
2410 | GNUNET_assert(GNUNET_NO == ct->is_ready); | 2420 | GNUNET_assert (GNUNET_NO == ct->is_ready); |
2411 | GNUNET_CONTAINER_DLL_remove(t->connection_busy_head, | 2421 | GNUNET_CONTAINER_DLL_remove (t->connection_busy_head, |
2412 | t->connection_busy_tail, | 2422 | t->connection_busy_tail, |
2413 | ct); | 2423 | ct); |
2414 | GNUNET_assert(0 < t->num_busy_connections); | 2424 | GNUNET_assert (0 < t->num_busy_connections); |
2415 | t->num_busy_connections--; | 2425 | t->num_busy_connections--; |
2416 | ct->is_ready = GNUNET_YES; | 2426 | ct->is_ready = GNUNET_YES; |
2417 | GNUNET_CONTAINER_DLL_insert_tail(t->connection_ready_head, | 2427 | GNUNET_CONTAINER_DLL_insert_tail (t->connection_ready_head, |
2418 | t->connection_ready_tail, | 2428 | t->connection_ready_tail, |
2419 | ct); | 2429 | ct); |
2420 | t->num_ready_connections++; | 2430 | t->num_ready_connections++; |
2421 | 2431 | ||
2422 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2432 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2423 | "%s now ready for %s in state %s\n", | 2433 | "%s now ready for %s in state %s\n", |
2424 | GCC_2s(ct->cc), | 2434 | GCC_2s (ct->cc), |
2425 | GCT_2s(t), | 2435 | GCT_2s (t), |
2426 | estate2s(t->estate)); | 2436 | estate2s (t->estate)); |
2427 | switch (t->estate) | 2437 | switch (t->estate) |
2438 | { | ||
2439 | case CADET_TUNNEL_KEY_UNINITIALIZED: | ||
2440 | /* Do not begin KX if WE have no channels waiting! */ | ||
2441 | if (0 != GNUNET_TIME_absolute_get_remaining ( | ||
2442 | t->next_kx_attempt).rel_value_us) | ||
2443 | return; /* wait for timeout before retrying */ | ||
2444 | /* We are uninitialized, just transmit immediately, | ||
2445 | without undue delay. */ | ||
2446 | if (NULL != t->kx_task) | ||
2447 | { | ||
2448 | GNUNET_SCHEDULER_cancel (t->kx_task); | ||
2449 | t->kx_task = NULL; | ||
2450 | } | ||
2451 | send_kx (t, | ||
2452 | ct, | ||
2453 | &t->ax); | ||
2454 | if ((0 == | ||
2455 | GCT_count_channels (t)) && | ||
2456 | (NULL == t->destroy_task)) | ||
2428 | { | 2457 | { |
2429 | case CADET_TUNNEL_KEY_UNINITIALIZED: | 2458 | t->destroy_task |
2430 | /* Do not begin KX if WE have no channels waiting! */ | 2459 | = GNUNET_SCHEDULER_add_delayed (IDLE_DESTROY_DELAY, |
2431 | if (0 != GNUNET_TIME_absolute_get_remaining(t->next_kx_attempt).rel_value_us) | 2460 | &destroy_tunnel, |
2432 | return; /* wait for timeout before retrying */ | 2461 | t); |
2433 | /* We are uninitialized, just transmit immediately, | 2462 | } |
2434 | without undue delay. */ | 2463 | break; |
2435 | if (NULL != t->kx_task) | ||
2436 | { | ||
2437 | GNUNET_SCHEDULER_cancel(t->kx_task); | ||
2438 | t->kx_task = NULL; | ||
2439 | } | ||
2440 | send_kx(t, | ||
2441 | ct, | ||
2442 | &t->ax); | ||
2443 | if ((0 == | ||
2444 | GCT_count_channels(t)) && | ||
2445 | (NULL == t->destroy_task)) | ||
2446 | { | ||
2447 | t->destroy_task | ||
2448 | = GNUNET_SCHEDULER_add_delayed(IDLE_DESTROY_DELAY, | ||
2449 | &destroy_tunnel, | ||
2450 | t); | ||
2451 | } | ||
2452 | break; | ||
2453 | 2464 | ||
2454 | case CADET_TUNNEL_KEY_AX_RECV: | 2465 | case CADET_TUNNEL_KEY_AX_RECV: |
2455 | case CADET_TUNNEL_KEY_AX_SENT: | 2466 | case CADET_TUNNEL_KEY_AX_SENT: |
2456 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: | 2467 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: |
2457 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: | 2468 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: |
2458 | /* we're currently waiting for KX to complete, schedule job */ | 2469 | /* we're currently waiting for KX to complete, schedule job */ |
2459 | if (NULL == t->kx_task) | 2470 | if (NULL == t->kx_task) |
2460 | t->kx_task | 2471 | t->kx_task |
2461 | = GNUNET_SCHEDULER_add_at(t->next_kx_attempt, | 2472 | = GNUNET_SCHEDULER_add_at (t->next_kx_attempt, |
2462 | &retry_kx, | 2473 | &retry_kx, |
2463 | t); | 2474 | t); |
2464 | break; | 2475 | break; |
2465 | 2476 | ||
2466 | case CADET_TUNNEL_KEY_OK: | 2477 | case CADET_TUNNEL_KEY_OK: |
2467 | if (GNUNET_YES == t->kx_auth_requested) | 2478 | if (GNUNET_YES == t->kx_auth_requested) |
2468 | { | 2479 | { |
2469 | if (0 != GNUNET_TIME_absolute_get_remaining(t->next_kx_attempt).rel_value_us) | 2480 | if (0 != GNUNET_TIME_absolute_get_remaining ( |
2470 | return; /* wait for timeout */ | 2481 | t->next_kx_attempt).rel_value_us) |
2471 | if (NULL != t->kx_task) | 2482 | return; /* wait for timeout */ |
2472 | { | 2483 | if (NULL != t->kx_task) |
2473 | GNUNET_SCHEDULER_cancel(t->kx_task); | 2484 | { |
2474 | t->kx_task = NULL; | 2485 | GNUNET_SCHEDULER_cancel (t->kx_task); |
2475 | } | 2486 | t->kx_task = NULL; |
2476 | send_kx_auth(t, | 2487 | } |
2477 | ct, | 2488 | send_kx_auth (t, |
2478 | &t->ax, | 2489 | ct, |
2479 | GNUNET_NO); | 2490 | &t->ax, |
2480 | return; | 2491 | GNUNET_NO); |
2481 | } | 2492 | return; |
2482 | try_send_normal_payload(t, | ||
2483 | ct); | ||
2484 | break; | ||
2485 | } | 2493 | } |
2494 | try_send_normal_payload (t, | ||
2495 | ct); | ||
2496 | break; | ||
2497 | } | ||
2486 | } | 2498 | } |
2487 | 2499 | ||
2488 | 2500 | ||
@@ -2495,7 +2507,7 @@ connection_ready_cb(void *cls, | |||
2495 | * @param cls the `struct CadetTunnel` to process messages on | 2507 | * @param cls the `struct CadetTunnel` to process messages on |
2496 | */ | 2508 | */ |
2497 | static void | 2509 | static void |
2498 | trigger_transmissions(void *cls) | 2510 | trigger_transmissions (void *cls) |
2499 | { | 2511 | { |
2500 | struct CadetTunnel *t = cls; | 2512 | struct CadetTunnel *t = cls; |
2501 | struct CadetTConnection *ct; | 2513 | struct CadetTConnection *ct; |
@@ -2503,11 +2515,11 @@ trigger_transmissions(void *cls) | |||
2503 | t->send_task = NULL; | 2515 | t->send_task = NULL; |
2504 | if (NULL == t->tq_head) | 2516 | if (NULL == t->tq_head) |
2505 | return; /* no messages pending right now */ | 2517 | return; /* no messages pending right now */ |
2506 | ct = get_ready_connection(t); | 2518 | ct = get_ready_connection (t); |
2507 | if (NULL == ct) | 2519 | if (NULL == ct) |
2508 | return; /* no connections ready */ | 2520 | return; /* no connections ready */ |
2509 | try_send_normal_payload(t, | 2521 | try_send_normal_payload (t, |
2510 | ct); | 2522 | ct); |
2511 | } | 2523 | } |
2512 | 2524 | ||
2513 | 2525 | ||
@@ -2515,7 +2527,8 @@ trigger_transmissions(void *cls) | |||
2515 | * Closure for #evaluate_connection. Used to assemble summary information | 2527 | * Closure for #evaluate_connection. Used to assemble summary information |
2516 | * about the existing connections so we can evaluate a new path. | 2528 | * about the existing connections so we can evaluate a new path. |
2517 | */ | 2529 | */ |
2518 | struct EvaluationSummary { | 2530 | struct EvaluationSummary |
2531 | { | ||
2519 | /** | 2532 | /** |
2520 | * Minimum length of any of our connections, `UINT_MAX` if we have none. | 2533 | * Minimum length of any of our connections, `UINT_MAX` if we have none. |
2521 | */ | 2534 | */ |
@@ -2567,8 +2580,8 @@ struct EvaluationSummary { | |||
2567 | * @param ct a connection to include in the summary | 2580 | * @param ct a connection to include in the summary |
2568 | */ | 2581 | */ |
2569 | static void | 2582 | static void |
2570 | evaluate_connection(void *cls, | 2583 | evaluate_connection (void *cls, |
2571 | struct CadetTConnection *ct) | 2584 | struct CadetTConnection *ct) |
2572 | { | 2585 | { |
2573 | struct EvaluationSummary *es = cls; | 2586 | struct EvaluationSummary *es = cls; |
2574 | struct CadetConnection *cc = ct->cc; | 2587 | struct CadetConnection *cc = ct->cc; |
@@ -2581,79 +2594,80 @@ evaluate_connection(void *cls, | |||
2581 | double score; | 2594 | double score; |
2582 | double success_rate; | 2595 | double success_rate; |
2583 | 2596 | ||
2584 | ps = GCC_get_path(cc, | 2597 | ps = GCC_get_path (cc, |
2585 | &ct_length); | 2598 | &ct_length); |
2586 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2599 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2587 | "Evaluating path %s of existing %s\n", | 2600 | "Evaluating path %s of existing %s\n", |
2588 | GCPP_2s(ps), | 2601 | GCPP_2s (ps), |
2589 | GCC_2s(cc)); | 2602 | GCC_2s (cc)); |
2590 | if (ps == es->path) | 2603 | if (ps == es->path) |
2604 | { | ||
2605 | LOG (GNUNET_ERROR_TYPE_DEBUG, | ||
2606 | "Ignoring duplicate path %s.\n", | ||
2607 | GCPP_2s (es->path)); | ||
2608 | es->duplicate = GNUNET_YES; | ||
2609 | return; | ||
2610 | } | ||
2611 | if (NULL != es->path) | ||
2612 | { | ||
2613 | int duplicate = GNUNET_YES; | ||
2614 | |||
2615 | for (unsigned int i = 0; i < ct_length; i++) | ||
2616 | { | ||
2617 | GNUNET_assert (GCPP_get_length (es->path) > i); | ||
2618 | if (GCPP_get_peer_at_offset (es->path, | ||
2619 | i) != | ||
2620 | GCPP_get_peer_at_offset (ps, | ||
2621 | i)) | ||
2622 | { | ||
2623 | duplicate = GNUNET_NO; | ||
2624 | break; | ||
2625 | } | ||
2626 | } | ||
2627 | if (GNUNET_YES == duplicate) | ||
2591 | { | 2628 | { |
2592 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2629 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2593 | "Ignoring duplicate path %s.\n", | 2630 | "Ignoring overlapping path %s.\n", |
2594 | GCPP_2s(es->path)); | 2631 | GCPP_2s (es->path)); |
2595 | es->duplicate = GNUNET_YES; | 2632 | es->duplicate = GNUNET_YES; |
2596 | return; | 2633 | return; |
2597 | } | 2634 | } |
2598 | if (NULL != es->path) | 2635 | else |
2599 | { | 2636 | { |
2600 | int duplicate = GNUNET_YES; | 2637 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2601 | 2638 | "Known path %s differs from proposed path\n", | |
2602 | for (unsigned int i = 0; i < ct_length; i++) | 2639 | GCPP_2s (ps)); |
2603 | { | ||
2604 | GNUNET_assert(GCPP_get_length(es->path) > i); | ||
2605 | if (GCPP_get_peer_at_offset(es->path, | ||
2606 | i) != | ||
2607 | GCPP_get_peer_at_offset(ps, | ||
2608 | i)) | ||
2609 | { | ||
2610 | duplicate = GNUNET_NO; | ||
2611 | break; | ||
2612 | } | ||
2613 | } | ||
2614 | if (GNUNET_YES == duplicate) | ||
2615 | { | ||
2616 | LOG(GNUNET_ERROR_TYPE_DEBUG, | ||
2617 | "Ignoring overlapping path %s.\n", | ||
2618 | GCPP_2s(es->path)); | ||
2619 | es->duplicate = GNUNET_YES; | ||
2620 | return; | ||
2621 | } | ||
2622 | else | ||
2623 | { | ||
2624 | LOG(GNUNET_ERROR_TYPE_DEBUG, | ||
2625 | "Known path %s differs from proposed path\n", | ||
2626 | GCPP_2s(ps)); | ||
2627 | } | ||
2628 | } | 2640 | } |
2641 | } | ||
2629 | 2642 | ||
2630 | ct_desirability = GCPP_get_desirability(ps); | 2643 | ct_desirability = GCPP_get_desirability (ps); |
2631 | metrics = GCC_get_metrics(cc); | 2644 | metrics = GCC_get_metrics (cc); |
2632 | uptime = GNUNET_TIME_absolute_get_duration(metrics->age); | 2645 | uptime = GNUNET_TIME_absolute_get_duration (metrics->age); |
2633 | last_use = GNUNET_TIME_absolute_get_duration(metrics->last_use); | 2646 | last_use = GNUNET_TIME_absolute_get_duration (metrics->last_use); |
2634 | /* We add 1.0 here to avoid division by zero. */ | 2647 | /* We add 1.0 here to avoid division by zero. */ |
2635 | success_rate = (metrics->num_acked_transmissions + 1.0) / (metrics->num_successes + 1.0); | 2648 | success_rate = (metrics->num_acked_transmissions + 1.0) |
2649 | / (metrics->num_successes + 1.0); | ||
2636 | score | 2650 | score |
2637 | = ct_desirability | 2651 | = ct_desirability |
2638 | + 100.0 / (1.0 + ct_length) /* longer paths = better */ | 2652 | + 100.0 / (1.0 + ct_length) /* longer paths = better */ |
2639 | + sqrt(uptime.rel_value_us / 60000000LL) /* larger uptime = better */ | 2653 | + sqrt (uptime.rel_value_us / 60000000LL) /* larger uptime = better */ |
2640 | - last_use.rel_value_us / 1000L; /* longer idle = worse */ | 2654 | - last_use.rel_value_us / 1000L; /* longer idle = worse */ |
2641 | score *= success_rate; /* weigh overall by success rate */ | 2655 | score *= success_rate; /* weigh overall by success rate */ |
2642 | 2656 | ||
2643 | if ((NULL == es->worst) || | 2657 | if ((NULL == es->worst) || |
2644 | (score < es->worst_score)) | 2658 | (score < es->worst_score)) |
2645 | { | 2659 | { |
2646 | es->worst = ct; | 2660 | es->worst = ct; |
2647 | es->worst_score = score; | 2661 | es->worst_score = score; |
2648 | } | 2662 | } |
2649 | es->min_length = GNUNET_MIN(es->min_length, | 2663 | es->min_length = GNUNET_MIN (es->min_length, |
2650 | ct_length); | 2664 | ct_length); |
2651 | es->max_length = GNUNET_MAX(es->max_length, | 2665 | es->max_length = GNUNET_MAX (es->max_length, |
2652 | ct_length); | 2666 | ct_length); |
2653 | es->min_desire = GNUNET_MIN(es->min_desire, | 2667 | es->min_desire = GNUNET_MIN (es->min_desire, |
2654 | ct_desirability); | 2668 | ct_desirability); |
2655 | es->max_desire = GNUNET_MAX(es->max_desire, | 2669 | es->max_desire = GNUNET_MAX (es->max_desire, |
2656 | ct_desirability); | 2670 | ct_desirability); |
2657 | } | 2671 | } |
2658 | 2672 | ||
2659 | 2673 | ||
@@ -2667,17 +2681,17 @@ evaluate_connection(void *cls, | |||
2667 | * @return #GNUNET_YES (should keep iterating) | 2681 | * @return #GNUNET_YES (should keep iterating) |
2668 | */ | 2682 | */ |
2669 | static int | 2683 | static int |
2670 | consider_path_cb(void *cls, | 2684 | consider_path_cb (void *cls, |
2671 | struct CadetPeerPath *path, | 2685 | struct CadetPeerPath *path, |
2672 | unsigned int off) | 2686 | unsigned int off) |
2673 | { | 2687 | { |
2674 | struct CadetTunnel *t = cls; | 2688 | struct CadetTunnel *t = cls; |
2675 | struct EvaluationSummary es; | 2689 | struct EvaluationSummary es; |
2676 | struct CadetTConnection *ct; | 2690 | struct CadetTConnection *ct; |
2677 | 2691 | ||
2678 | GNUNET_assert(off < GCPP_get_length(path)); | 2692 | GNUNET_assert (off < GCPP_get_length (path)); |
2679 | GNUNET_assert(GCPP_get_peer_at_offset(path, | 2693 | GNUNET_assert (GCPP_get_peer_at_offset (path, |
2680 | off) == t->destination); | 2694 | off) == t->destination); |
2681 | es.min_length = UINT_MAX; | 2695 | es.min_length = UINT_MAX; |
2682 | es.max_length = 0; | 2696 | es.max_length = 0; |
2683 | es.max_desire = 0; | 2697 | es.max_desire = 0; |
@@ -2687,16 +2701,16 @@ consider_path_cb(void *cls, | |||
2687 | es.worst = NULL; | 2701 | es.worst = NULL; |
2688 | 2702 | ||
2689 | /* Compute evaluation summary over existing connections. */ | 2703 | /* Compute evaluation summary over existing connections. */ |
2690 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2704 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2691 | "Evaluating proposed path %s for target %s\n", | 2705 | "Evaluating proposed path %s for target %s\n", |
2692 | GCPP_2s(path), | 2706 | GCPP_2s (path), |
2693 | GCT_2s(t)); | 2707 | GCT_2s (t)); |
2694 | /* FIXME: suspect this does not ACTUALLY iterate | 2708 | /* FIXME: suspect this does not ACTUALLY iterate |
2695 | over all existing paths, otherwise dup detection | 2709 | over all existing paths, otherwise dup detection |
2696 | should work!!! */ | 2710 | should work!!! */ |
2697 | GCT_iterate_connections(t, | 2711 | GCT_iterate_connections (t, |
2698 | &evaluate_connection, | 2712 | &evaluate_connection, |
2699 | &es); | 2713 | &es); |
2700 | if (GNUNET_YES == es.duplicate) | 2714 | if (GNUNET_YES == es.duplicate) |
2701 | return GNUNET_YES; | 2715 | return GNUNET_YES; |
2702 | 2716 | ||
@@ -2707,54 +2721,54 @@ consider_path_cb(void *cls, | |||
2707 | /* We iterate by increasing path length; if we have enough paths and | 2721 | /* We iterate by increasing path length; if we have enough paths and |
2708 | this one is more than twice as long than what we are currently | 2722 | this one is more than twice as long than what we are currently |
2709 | using, then ignore all of these super-long ones! */ | 2723 | using, then ignore all of these super-long ones! */ |
2710 | if ((GCT_count_any_connections(t) > DESIRED_CONNECTIONS_PER_TUNNEL) && | 2724 | if ((GCT_count_any_connections (t) > DESIRED_CONNECTIONS_PER_TUNNEL) && |
2711 | (es.min_length * 2 < off) && | 2725 | (es.min_length * 2 < off) && |
2712 | (es.max_length < off)) | 2726 | (es.max_length < off)) |
2713 | { | 2727 | { |
2714 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2728 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2715 | "Ignoring paths of length %u, they are way too long.\n", | 2729 | "Ignoring paths of length %u, they are way too long.\n", |
2716 | es.min_length * 2); | 2730 | es.min_length * 2); |
2717 | return GNUNET_NO; | 2731 | return GNUNET_NO; |
2718 | } | 2732 | } |
2719 | /* If we have enough paths and this one looks no better, ignore it. */ | 2733 | /* If we have enough paths and this one looks no better, ignore it. */ |
2720 | if ((GCT_count_any_connections(t) >= DESIRED_CONNECTIONS_PER_TUNNEL) && | 2734 | if ((GCT_count_any_connections (t) >= DESIRED_CONNECTIONS_PER_TUNNEL) && |
2721 | (es.min_length < GCPP_get_length(path)) && | 2735 | (es.min_length < GCPP_get_length (path)) && |
2722 | (es.min_desire > GCPP_get_desirability(path)) && | 2736 | (es.min_desire > GCPP_get_desirability (path)) && |
2723 | (es.max_length < off)) | 2737 | (es.max_length < off)) |
2724 | { | 2738 | { |
2725 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2739 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2726 | "Ignoring path (%u/%llu) to %s, got something better already.\n", | 2740 | "Ignoring path (%u/%llu) to %s, got something better already.\n", |
2727 | GCPP_get_length(path), | 2741 | GCPP_get_length (path), |
2728 | (unsigned long long)GCPP_get_desirability(path), | 2742 | (unsigned long long) GCPP_get_desirability (path), |
2729 | GCP_2s(t->destination)); | 2743 | GCP_2s (t->destination)); |
2730 | return GNUNET_YES; | 2744 | return GNUNET_YES; |
2731 | } | 2745 | } |
2732 | 2746 | ||
2733 | /* Path is interesting (better by some metric, or we don't have | 2747 | /* Path is interesting (better by some metric, or we don't have |
2734 | enough paths yet). */ | 2748 | enough paths yet). */ |
2735 | ct = GNUNET_new(struct CadetTConnection); | 2749 | ct = GNUNET_new (struct CadetTConnection); |
2736 | ct->created = GNUNET_TIME_absolute_get(); | 2750 | ct->created = GNUNET_TIME_absolute_get (); |
2737 | ct->t = t; | 2751 | ct->t = t; |
2738 | ct->cc = GCC_create(t->destination, | 2752 | ct->cc = GCC_create (t->destination, |
2739 | path, | 2753 | path, |
2740 | off, | 2754 | off, |
2741 | ct, | 2755 | ct, |
2742 | &connection_ready_cb, | 2756 | &connection_ready_cb, |
2743 | ct); | 2757 | ct); |
2744 | 2758 | ||
2745 | /* FIXME: schedule job to kill connection (and path?) if it takes | 2759 | /* FIXME: schedule job to kill connection (and path?) if it takes |
2746 | too long to get ready! (And track performance data on how long | 2760 | too long to get ready! (And track performance data on how long |
2747 | other connections took with the tunnel!) | 2761 | other connections took with the tunnel!) |
2748 | => Note: to be done within 'connection'-logic! */ | 2762 | => Note: to be done within 'connection'-logic! */ |
2749 | GNUNET_CONTAINER_DLL_insert(t->connection_busy_head, | 2763 | GNUNET_CONTAINER_DLL_insert (t->connection_busy_head, |
2750 | t->connection_busy_tail, | 2764 | t->connection_busy_tail, |
2751 | ct); | 2765 | ct); |
2752 | t->num_busy_connections++; | 2766 | t->num_busy_connections++; |
2753 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2767 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2754 | "Found interesting path %s for %s, created %s\n", | 2768 | "Found interesting path %s for %s, created %s\n", |
2755 | GCPP_2s(path), | 2769 | GCPP_2s (path), |
2756 | GCT_2s(t), | 2770 | GCT_2s (t), |
2757 | GCC_2s(ct->cc)); | 2771 | GCC_2s (ct->cc)); |
2758 | return GNUNET_YES; | 2772 | return GNUNET_YES; |
2759 | } | 2773 | } |
2760 | 2774 | ||
@@ -2773,16 +2787,16 @@ consider_path_cb(void *cls, | |||
2773 | * @param cls the `struct CadetTunnel` | 2787 | * @param cls the `struct CadetTunnel` |
2774 | */ | 2788 | */ |
2775 | static void | 2789 | static void |
2776 | maintain_connections_cb(void *cls) | 2790 | maintain_connections_cb (void *cls) |
2777 | { | 2791 | { |
2778 | struct CadetTunnel *t = cls; | 2792 | struct CadetTunnel *t = cls; |
2779 | struct GNUNET_TIME_Relative delay; | 2793 | struct GNUNET_TIME_Relative delay; |
2780 | struct EvaluationSummary es; | 2794 | struct EvaluationSummary es; |
2781 | 2795 | ||
2782 | t->maintain_connections_task = NULL; | 2796 | t->maintain_connections_task = NULL; |
2783 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2797 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2784 | "Performing connection maintenance for %s.\n", | 2798 | "Performing connection maintenance for %s.\n", |
2785 | GCT_2s(t)); | 2799 | GCT_2s (t)); |
2786 | 2800 | ||
2787 | es.min_length = UINT_MAX; | 2801 | es.min_length = UINT_MAX; |
2788 | es.max_length = 0; | 2802 | es.max_length = 0; |
@@ -2791,21 +2805,21 @@ maintain_connections_cb(void *cls) | |||
2791 | es.path = NULL; | 2805 | es.path = NULL; |
2792 | es.worst = NULL; | 2806 | es.worst = NULL; |
2793 | es.duplicate = GNUNET_NO; | 2807 | es.duplicate = GNUNET_NO; |
2794 | GCT_iterate_connections(t, | 2808 | GCT_iterate_connections (t, |
2795 | &evaluate_connection, | 2809 | &evaluate_connection, |
2796 | &es); | 2810 | &es); |
2797 | if ((NULL != es.worst) && | 2811 | if ((NULL != es.worst) && |
2798 | (GCT_count_any_connections(t) > DESIRED_CONNECTIONS_PER_TUNNEL)) | 2812 | (GCT_count_any_connections (t) > DESIRED_CONNECTIONS_PER_TUNNEL)) |
2799 | { | 2813 | { |
2800 | /* Clear out worst-performing connection 'es.worst'. */ | 2814 | /* Clear out worst-performing connection 'es.worst'. */ |
2801 | destroy_t_connection(t, | 2815 | destroy_t_connection (t, |
2802 | es.worst); | 2816 | es.worst); |
2803 | } | 2817 | } |
2804 | 2818 | ||
2805 | /* Consider additional paths */ | 2819 | /* Consider additional paths */ |
2806 | (void)GCP_iterate_paths(t->destination, | 2820 | (void) GCP_iterate_paths (t->destination, |
2807 | &consider_path_cb, | 2821 | &consider_path_cb, |
2808 | t); | 2822 | t); |
2809 | 2823 | ||
2810 | /* FIXME: calculate when to try again based on how well we are doing; | 2824 | /* FIXME: calculate when to try again based on how well we are doing; |
2811 | in particular, if we have to few connections, we might be able | 2825 | in particular, if we have to few connections, we might be able |
@@ -2817,9 +2831,9 @@ maintain_connections_cb(void *cls) | |||
2817 | and then reduce the frequency accordingly. */ | 2831 | and then reduce the frequency accordingly. */ |
2818 | delay = GNUNET_TIME_UNIT_MINUTES; | 2832 | delay = GNUNET_TIME_UNIT_MINUTES; |
2819 | t->maintain_connections_task | 2833 | t->maintain_connections_task |
2820 | = GNUNET_SCHEDULER_add_delayed(delay, | 2834 | = GNUNET_SCHEDULER_add_delayed (delay, |
2821 | &maintain_connections_cb, | 2835 | &maintain_connections_cb, |
2822 | t); | 2836 | t); |
2823 | } | 2837 | } |
2824 | 2838 | ||
2825 | 2839 | ||
@@ -2832,18 +2846,18 @@ maintain_connections_cb(void *cls) | |||
2832 | * @param off offset of the destination on path @a path | 2846 | * @param off offset of the destination on path @a path |
2833 | */ | 2847 | */ |
2834 | void | 2848 | void |
2835 | GCT_consider_path(struct CadetTunnel *t, | 2849 | GCT_consider_path (struct CadetTunnel *t, |
2836 | struct CadetPeerPath *p, | 2850 | struct CadetPeerPath *p, |
2837 | unsigned int off) | 2851 | unsigned int off) |
2838 | { | 2852 | { |
2839 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2853 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2840 | "Considering %s for %s (offset %u)\n", | 2854 | "Considering %s for %s (offset %u)\n", |
2841 | GCPP_2s(p), | 2855 | GCPP_2s (p), |
2842 | GCT_2s(t), | 2856 | GCT_2s (t), |
2843 | off); | 2857 | off); |
2844 | (void)consider_path_cb(t, | 2858 | (void) consider_path_cb (t, |
2845 | p, | 2859 | p, |
2846 | off); | 2860 | off); |
2847 | } | 2861 | } |
2848 | 2862 | ||
2849 | 2863 | ||
@@ -2854,18 +2868,18 @@ GCT_consider_path(struct CadetTunnel *t, | |||
2854 | * @param msg the message we received on the tunnel | 2868 | * @param msg the message we received on the tunnel |
2855 | */ | 2869 | */ |
2856 | static void | 2870 | static void |
2857 | handle_plaintext_keepalive(void *cls, | 2871 | handle_plaintext_keepalive (void *cls, |
2858 | const struct GNUNET_MessageHeader *msg) | 2872 | const struct GNUNET_MessageHeader *msg) |
2859 | { | 2873 | { |
2860 | struct CadetTunnel *t = cls; | 2874 | struct CadetTunnel *t = cls; |
2861 | 2875 | ||
2862 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2876 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2863 | "Received KEEPALIVE on %s\n", | 2877 | "Received KEEPALIVE on %s\n", |
2864 | GCT_2s(t)); | 2878 | GCT_2s (t)); |
2865 | GNUNET_STATISTICS_update(stats, | 2879 | GNUNET_STATISTICS_update (stats, |
2866 | "# keepalives received", | 2880 | "# keepalives received", |
2867 | 1, | 2881 | 1, |
2868 | GNUNET_NO); | 2882 | GNUNET_NO); |
2869 | } | 2883 | } |
2870 | 2884 | ||
2871 | 2885 | ||
@@ -2877,8 +2891,8 @@ handle_plaintext_keepalive(void *cls, | |||
2877 | * @return #GNUNET_OK (any variable-size payload goes) | 2891 | * @return #GNUNET_OK (any variable-size payload goes) |
2878 | */ | 2892 | */ |
2879 | static int | 2893 | static int |
2880 | check_plaintext_data(void *cls, | 2894 | check_plaintext_data (void *cls, |
2881 | const struct GNUNET_CADET_ChannelAppDataMessage *msg) | 2895 | const struct GNUNET_CADET_ChannelAppDataMessage *msg) |
2882 | { | 2896 | { |
2883 | return GNUNET_OK; | 2897 | return GNUNET_OK; |
2884 | } | 2898 | } |
@@ -2892,29 +2906,29 @@ check_plaintext_data(void *cls, | |||
2892 | * @param msg the message we received on the tunnel | 2906 | * @param msg the message we received on the tunnel |
2893 | */ | 2907 | */ |
2894 | static void | 2908 | static void |
2895 | handle_plaintext_data(void *cls, | 2909 | handle_plaintext_data (void *cls, |
2896 | const struct GNUNET_CADET_ChannelAppDataMessage *msg) | 2910 | const struct GNUNET_CADET_ChannelAppDataMessage *msg) |
2897 | { | 2911 | { |
2898 | struct CadetTunnel *t = cls; | 2912 | struct CadetTunnel *t = cls; |
2899 | struct CadetChannel *ch; | 2913 | struct CadetChannel *ch; |
2900 | 2914 | ||
2901 | ch = lookup_channel(t, | 2915 | ch = lookup_channel (t, |
2902 | msg->ctn); | 2916 | msg->ctn); |
2903 | if (NULL == ch) | 2917 | if (NULL == ch) |
2904 | { | 2918 | { |
2905 | /* We don't know about such a channel, might have been destroyed on our | 2919 | /* We don't know about such a channel, might have been destroyed on our |
2906 | end in the meantime, or never existed. Send back a DESTROY. */ | 2920 | end in the meantime, or never existed. Send back a DESTROY. */ |
2907 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2921 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2908 | "Received %u bytes of application data for unknown channel %u, sending DESTROY\n", | 2922 | "Received %u bytes of application data for unknown channel %u, sending DESTROY\n", |
2909 | (unsigned int)(ntohs(msg->header.size) - sizeof(*msg)), | 2923 | (unsigned int) (ntohs (msg->header.size) - sizeof(*msg)), |
2910 | ntohl(msg->ctn.cn)); | 2924 | ntohl (msg->ctn.cn)); |
2911 | GCT_send_channel_destroy(t, | 2925 | GCT_send_channel_destroy (t, |
2912 | msg->ctn); | 2926 | msg->ctn); |
2913 | return; | 2927 | return; |
2914 | } | 2928 | } |
2915 | GCCH_handle_channel_plaintext_data(ch, | 2929 | GCCH_handle_channel_plaintext_data (ch, |
2916 | GCC_get_id(t->current_ct->cc), | 2930 | GCC_get_id (t->current_ct->cc), |
2917 | msg); | 2931 | msg); |
2918 | } | 2932 | } |
2919 | 2933 | ||
2920 | 2934 | ||
@@ -2927,28 +2941,28 @@ handle_plaintext_data(void *cls, | |||
2927 | * @param ack the message we received on the tunnel | 2941 | * @param ack the message we received on the tunnel |
2928 | */ | 2942 | */ |
2929 | static void | 2943 | static void |
2930 | handle_plaintext_data_ack(void *cls, | 2944 | handle_plaintext_data_ack (void *cls, |
2931 | const struct GNUNET_CADET_ChannelDataAckMessage *ack) | 2945 | const struct GNUNET_CADET_ChannelDataAckMessage *ack) |
2932 | { | 2946 | { |
2933 | struct CadetTunnel *t = cls; | 2947 | struct CadetTunnel *t = cls; |
2934 | struct CadetChannel *ch; | 2948 | struct CadetChannel *ch; |
2935 | 2949 | ||
2936 | ch = lookup_channel(t, | 2950 | ch = lookup_channel (t, |
2937 | ack->ctn); | 2951 | ack->ctn); |
2938 | if (NULL == ch) | 2952 | if (NULL == ch) |
2939 | { | 2953 | { |
2940 | /* We don't know about such a channel, might have been destroyed on our | 2954 | /* We don't know about such a channel, might have been destroyed on our |
2941 | end in the meantime, or never existed. Send back a DESTROY. */ | 2955 | end in the meantime, or never existed. Send back a DESTROY. */ |
2942 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2956 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2943 | "Received DATA_ACK for unknown channel %u, sending DESTROY\n", | 2957 | "Received DATA_ACK for unknown channel %u, sending DESTROY\n", |
2944 | ntohl(ack->ctn.cn)); | 2958 | ntohl (ack->ctn.cn)); |
2945 | GCT_send_channel_destroy(t, | 2959 | GCT_send_channel_destroy (t, |
2946 | ack->ctn); | 2960 | ack->ctn); |
2947 | return; | 2961 | return; |
2948 | } | 2962 | } |
2949 | GCCH_handle_channel_plaintext_data_ack(ch, | 2963 | GCCH_handle_channel_plaintext_data_ack (ch, |
2950 | GCC_get_id(t->current_ct->cc), | 2964 | GCC_get_id (t->current_ct->cc), |
2951 | ack); | 2965 | ack); |
2952 | } | 2966 | } |
2953 | 2967 | ||
2954 | 2968 | ||
@@ -2960,43 +2974,44 @@ handle_plaintext_data_ack(void *cls, | |||
2960 | * @param copen the message we received on the tunnel | 2974 | * @param copen the message we received on the tunnel |
2961 | */ | 2975 | */ |
2962 | static void | 2976 | static void |
2963 | handle_plaintext_channel_open(void *cls, | 2977 | handle_plaintext_channel_open (void *cls, |
2964 | const struct GNUNET_CADET_ChannelOpenMessage *copen) | 2978 | const struct |
2979 | GNUNET_CADET_ChannelOpenMessage *copen) | ||
2965 | { | 2980 | { |
2966 | struct CadetTunnel *t = cls; | 2981 | struct CadetTunnel *t = cls; |
2967 | struct CadetChannel *ch; | 2982 | struct CadetChannel *ch; |
2968 | 2983 | ||
2969 | ch = GNUNET_CONTAINER_multihashmap32_get(t->channels, | 2984 | ch = GNUNET_CONTAINER_multihashmap32_get (t->channels, |
2970 | ntohl(copen->ctn.cn)); | 2985 | ntohl (copen->ctn.cn)); |
2971 | if (NULL != ch) | 2986 | if (NULL != ch) |
2972 | { | 2987 | { |
2973 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2988 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2974 | "Received duplicate channel CHANNEL_OPEN on h_port %s from %s (%s), resending ACK\n", | 2989 | "Received duplicate channel CHANNEL_OPEN on h_port %s from %s (%s), resending ACK\n", |
2975 | GNUNET_h2s(&copen->h_port), | 2990 | GNUNET_h2s (&copen->h_port), |
2976 | GCT_2s(t), | 2991 | GCT_2s (t), |
2977 | GCCH_2s(ch)); | 2992 | GCCH_2s (ch)); |
2978 | GCCH_handle_duplicate_open(ch, | 2993 | GCCH_handle_duplicate_open (ch, |
2979 | GCC_get_id(t->current_ct->cc)); | 2994 | GCC_get_id (t->current_ct->cc)); |
2980 | return; | 2995 | return; |
2981 | } | 2996 | } |
2982 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 2997 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
2983 | "Received CHANNEL_OPEN on h_port %s from %s\n", | 2998 | "Received CHANNEL_OPEN on h_port %s from %s\n", |
2984 | GNUNET_h2s(&copen->h_port), | 2999 | GNUNET_h2s (&copen->h_port), |
2985 | GCT_2s(t)); | 3000 | GCT_2s (t)); |
2986 | ch = GCCH_channel_incoming_new(t, | 3001 | ch = GCCH_channel_incoming_new (t, |
2987 | copen->ctn, | 3002 | copen->ctn, |
2988 | &copen->h_port, | 3003 | &copen->h_port, |
2989 | ntohl(copen->opt)); | 3004 | ntohl (copen->opt)); |
2990 | if (NULL != t->destroy_task) | 3005 | if (NULL != t->destroy_task) |
2991 | { | 3006 | { |
2992 | GNUNET_SCHEDULER_cancel(t->destroy_task); | 3007 | GNUNET_SCHEDULER_cancel (t->destroy_task); |
2993 | t->destroy_task = NULL; | 3008 | t->destroy_task = NULL; |
2994 | } | 3009 | } |
2995 | GNUNET_assert(GNUNET_OK == | 3010 | GNUNET_assert (GNUNET_OK == |
2996 | GNUNET_CONTAINER_multihashmap32_put(t->channels, | 3011 | GNUNET_CONTAINER_multihashmap32_put (t->channels, |
2997 | ntohl(copen->ctn.cn), | 3012 | ntohl (copen->ctn.cn), |
2998 | ch, | 3013 | ch, |
2999 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); | 3014 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); |
3000 | } | 3015 | } |
3001 | 3016 | ||
3002 | 3017 | ||
@@ -3007,22 +3022,22 @@ handle_plaintext_channel_open(void *cls, | |||
3007 | * @param ctn ID of the channel to destroy | 3022 | * @param ctn ID of the channel to destroy |
3008 | */ | 3023 | */ |
3009 | void | 3024 | void |
3010 | GCT_send_channel_destroy(struct CadetTunnel *t, | 3025 | GCT_send_channel_destroy (struct CadetTunnel *t, |
3011 | struct GNUNET_CADET_ChannelTunnelNumber ctn) | 3026 | struct GNUNET_CADET_ChannelTunnelNumber ctn) |
3012 | { | 3027 | { |
3013 | struct GNUNET_CADET_ChannelDestroyMessage msg; | 3028 | struct GNUNET_CADET_ChannelDestroyMessage msg; |
3014 | 3029 | ||
3015 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3030 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3016 | "Sending DESTORY message for channel ID %u\n", | 3031 | "Sending DESTORY message for channel ID %u\n", |
3017 | ntohl(ctn.cn)); | 3032 | ntohl (ctn.cn)); |
3018 | msg.header.size = htons(sizeof(msg)); | 3033 | msg.header.size = htons (sizeof(msg)); |
3019 | msg.header.type = htons(GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY); | 3034 | msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY); |
3020 | msg.reserved = htonl(0); | 3035 | msg.reserved = htonl (0); |
3021 | msg.ctn = ctn; | 3036 | msg.ctn = ctn; |
3022 | GCT_send(t, | 3037 | GCT_send (t, |
3023 | &msg.header, | 3038 | &msg.header, |
3024 | NULL, | 3039 | NULL, |
3025 | NULL); | 3040 | NULL); |
3026 | } | 3041 | } |
3027 | 3042 | ||
3028 | 3043 | ||
@@ -3035,32 +3050,33 @@ GCT_send_channel_destroy(struct CadetTunnel *t, | |||
3035 | * @param cm the message we received on the tunnel | 3050 | * @param cm the message we received on the tunnel |
3036 | */ | 3051 | */ |
3037 | static void | 3052 | static void |
3038 | handle_plaintext_channel_open_ack(void *cls, | 3053 | handle_plaintext_channel_open_ack (void *cls, |
3039 | const struct GNUNET_CADET_ChannelOpenAckMessage *cm) | 3054 | const struct |
3055 | GNUNET_CADET_ChannelOpenAckMessage *cm) | ||
3040 | { | 3056 | { |
3041 | struct CadetTunnel *t = cls; | 3057 | struct CadetTunnel *t = cls; |
3042 | struct CadetChannel *ch; | 3058 | struct CadetChannel *ch; |
3043 | 3059 | ||
3044 | ch = lookup_channel(t, | 3060 | ch = lookup_channel (t, |
3045 | cm->ctn); | 3061 | cm->ctn); |
3046 | if (NULL == ch) | 3062 | if (NULL == ch) |
3047 | { | 3063 | { |
3048 | /* We don't know about such a channel, might have been destroyed on our | 3064 | /* We don't know about such a channel, might have been destroyed on our |
3049 | end in the meantime, or never existed. Send back a DESTROY. */ | 3065 | end in the meantime, or never existed. Send back a DESTROY. */ |
3050 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3066 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3051 | "Received channel OPEN_ACK for unknown channel %u, sending DESTROY\n", | 3067 | "Received channel OPEN_ACK for unknown channel %u, sending DESTROY\n", |
3052 | ntohl(cm->ctn.cn)); | 3068 | ntohl (cm->ctn.cn)); |
3053 | GCT_send_channel_destroy(t, | 3069 | GCT_send_channel_destroy (t, |
3054 | cm->ctn); | 3070 | cm->ctn); |
3055 | return; | 3071 | return; |
3056 | } | 3072 | } |
3057 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3073 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3058 | "Received channel OPEN_ACK on channel %s from %s\n", | 3074 | "Received channel OPEN_ACK on channel %s from %s\n", |
3059 | GCCH_2s(ch), | 3075 | GCCH_2s (ch), |
3060 | GCT_2s(t)); | 3076 | GCT_2s (t)); |
3061 | GCCH_handle_channel_open_ack(ch, | 3077 | GCCH_handle_channel_open_ack (ch, |
3062 | GCC_get_id(t->current_ct->cc), | 3078 | GCC_get_id (t->current_ct->cc), |
3063 | &cm->port); | 3079 | &cm->port); |
3064 | } | 3080 | } |
3065 | 3081 | ||
3066 | 3082 | ||
@@ -3072,29 +3088,30 @@ handle_plaintext_channel_open_ack(void *cls, | |||
3072 | * @param cm the message we received on the tunnel | 3088 | * @param cm the message we received on the tunnel |
3073 | */ | 3089 | */ |
3074 | static void | 3090 | static void |
3075 | handle_plaintext_channel_destroy(void *cls, | 3091 | handle_plaintext_channel_destroy (void *cls, |
3076 | const struct GNUNET_CADET_ChannelDestroyMessage *cm) | 3092 | const struct |
3093 | GNUNET_CADET_ChannelDestroyMessage *cm) | ||
3077 | { | 3094 | { |
3078 | struct CadetTunnel *t = cls; | 3095 | struct CadetTunnel *t = cls; |
3079 | struct CadetChannel *ch; | 3096 | struct CadetChannel *ch; |
3080 | 3097 | ||
3081 | ch = lookup_channel(t, | 3098 | ch = lookup_channel (t, |
3082 | cm->ctn); | 3099 | cm->ctn); |
3083 | if (NULL == ch) | 3100 | if (NULL == ch) |
3084 | { | 3101 | { |
3085 | /* We don't know about such a channel, might have been destroyed on our | 3102 | /* We don't know about such a channel, might have been destroyed on our |
3086 | end in the meantime, or never existed. */ | 3103 | end in the meantime, or never existed. */ |
3087 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3104 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3088 | "Received channel DESTORY for unknown channel %u. Ignoring.\n", | 3105 | "Received channel DESTORY for unknown channel %u. Ignoring.\n", |
3089 | ntohl(cm->ctn.cn)); | 3106 | ntohl (cm->ctn.cn)); |
3090 | return; | 3107 | return; |
3091 | } | 3108 | } |
3092 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3109 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3093 | "Received channel DESTROY on %s from %s\n", | 3110 | "Received channel DESTROY on %s from %s\n", |
3094 | GCCH_2s(ch), | 3111 | GCCH_2s (ch), |
3095 | GCT_2s(t)); | 3112 | GCT_2s (t)); |
3096 | GCCH_handle_remote_destroy(ch, | 3113 | GCCH_handle_remote_destroy (ch, |
3097 | GCC_get_id(t->current_ct->cc)); | 3114 | GCC_get_id (t->current_ct->cc)); |
3098 | } | 3115 | } |
3099 | 3116 | ||
3100 | 3117 | ||
@@ -3109,14 +3126,14 @@ handle_plaintext_channel_destroy(void *cls, | |||
3109 | * #GNUNET_SYSERR to stop further processing with error | 3126 | * #GNUNET_SYSERR to stop further processing with error |
3110 | */ | 3127 | */ |
3111 | static int | 3128 | static int |
3112 | handle_decrypted(void *cls, | 3129 | handle_decrypted (void *cls, |
3113 | const struct GNUNET_MessageHeader *msg) | 3130 | const struct GNUNET_MessageHeader *msg) |
3114 | { | 3131 | { |
3115 | struct CadetTunnel *t = cls; | 3132 | struct CadetTunnel *t = cls; |
3116 | 3133 | ||
3117 | GNUNET_assert(NULL != t->current_ct); | 3134 | GNUNET_assert (NULL != t->current_ct); |
3118 | GNUNET_MQ_inject_message(t->mq, | 3135 | GNUNET_MQ_inject_message (t->mq, |
3119 | msg); | 3136 | msg); |
3120 | return GNUNET_OK; | 3137 | return GNUNET_OK; |
3121 | } | 3138 | } |
3122 | 3139 | ||
@@ -3129,10 +3146,10 @@ handle_decrypted(void *cls, | |||
3129 | * @param error error code | 3146 | * @param error error code |
3130 | */ | 3147 | */ |
3131 | static void | 3148 | static void |
3132 | decrypted_error_cb(void *cls, | 3149 | decrypted_error_cb (void *cls, |
3133 | enum GNUNET_MQ_Error error) | 3150 | enum GNUNET_MQ_Error error) |
3134 | { | 3151 | { |
3135 | GNUNET_break_op(0); | 3152 | GNUNET_break_op (0); |
3136 | } | 3153 | } |
3137 | 3154 | ||
3138 | 3155 | ||
@@ -3144,55 +3161,55 @@ decrypted_error_cb(void *cls, | |||
3144 | * @return new tunnel to @a destination | 3161 | * @return new tunnel to @a destination |
3145 | */ | 3162 | */ |
3146 | struct CadetTunnel * | 3163 | struct CadetTunnel * |
3147 | GCT_create_tunnel(struct CadetPeer *destination) | 3164 | GCT_create_tunnel (struct CadetPeer *destination) |
3148 | { | 3165 | { |
3149 | struct CadetTunnel *t = GNUNET_new(struct CadetTunnel); | 3166 | struct CadetTunnel *t = GNUNET_new (struct CadetTunnel); |
3150 | struct GNUNET_MQ_MessageHandler handlers[] = { | 3167 | struct GNUNET_MQ_MessageHandler handlers[] = { |
3151 | GNUNET_MQ_hd_fixed_size(plaintext_keepalive, | 3168 | GNUNET_MQ_hd_fixed_size (plaintext_keepalive, |
3152 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE, | 3169 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE, |
3153 | struct GNUNET_MessageHeader, | 3170 | struct GNUNET_MessageHeader, |
3154 | t), | 3171 | t), |
3155 | GNUNET_MQ_hd_var_size(plaintext_data, | 3172 | GNUNET_MQ_hd_var_size (plaintext_data, |
3156 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA, | 3173 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA, |
3157 | struct GNUNET_CADET_ChannelAppDataMessage, | 3174 | struct GNUNET_CADET_ChannelAppDataMessage, |
3158 | t), | 3175 | t), |
3159 | GNUNET_MQ_hd_fixed_size(plaintext_data_ack, | 3176 | GNUNET_MQ_hd_fixed_size (plaintext_data_ack, |
3160 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK, | 3177 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK, |
3161 | struct GNUNET_CADET_ChannelDataAckMessage, | 3178 | struct GNUNET_CADET_ChannelDataAckMessage, |
3162 | t), | 3179 | t), |
3163 | GNUNET_MQ_hd_fixed_size(plaintext_channel_open, | 3180 | GNUNET_MQ_hd_fixed_size (plaintext_channel_open, |
3164 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN, | 3181 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN, |
3165 | struct GNUNET_CADET_ChannelOpenMessage, | 3182 | struct GNUNET_CADET_ChannelOpenMessage, |
3166 | t), | 3183 | t), |
3167 | GNUNET_MQ_hd_fixed_size(plaintext_channel_open_ack, | 3184 | GNUNET_MQ_hd_fixed_size (plaintext_channel_open_ack, |
3168 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK, | 3185 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK, |
3169 | struct GNUNET_CADET_ChannelOpenAckMessage, | 3186 | struct GNUNET_CADET_ChannelOpenAckMessage, |
3170 | t), | 3187 | t), |
3171 | GNUNET_MQ_hd_fixed_size(plaintext_channel_destroy, | 3188 | GNUNET_MQ_hd_fixed_size (plaintext_channel_destroy, |
3172 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY, | 3189 | GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY, |
3173 | struct GNUNET_CADET_ChannelDestroyMessage, | 3190 | struct GNUNET_CADET_ChannelDestroyMessage, |
3174 | t), | 3191 | t), |
3175 | GNUNET_MQ_handler_end() | 3192 | GNUNET_MQ_handler_end () |
3176 | }; | 3193 | }; |
3177 | 3194 | ||
3178 | t->kx_retry_delay = INITIAL_KX_RETRY_DELAY; | 3195 | t->kx_retry_delay = INITIAL_KX_RETRY_DELAY; |
3179 | new_ephemeral(&t->ax); | 3196 | new_ephemeral (&t->ax); |
3180 | GNUNET_assert(GNUNET_OK == | 3197 | GNUNET_assert (GNUNET_OK == |
3181 | GNUNET_CRYPTO_ecdhe_key_create2(&t->ax.kx_0)); | 3198 | GNUNET_CRYPTO_ecdhe_key_create2 (&t->ax.kx_0)); |
3182 | t->destination = destination; | 3199 | t->destination = destination; |
3183 | t->channels = GNUNET_CONTAINER_multihashmap32_create(8); | 3200 | t->channels = GNUNET_CONTAINER_multihashmap32_create (8); |
3184 | t->maintain_connections_task | 3201 | t->maintain_connections_task |
3185 | = GNUNET_SCHEDULER_add_now(&maintain_connections_cb, | 3202 | = GNUNET_SCHEDULER_add_now (&maintain_connections_cb, |
3186 | t); | 3203 | t); |
3187 | t->mq = GNUNET_MQ_queue_for_callbacks(NULL, | 3204 | t->mq = GNUNET_MQ_queue_for_callbacks (NULL, |
3188 | NULL, | 3205 | NULL, |
3189 | NULL, | 3206 | NULL, |
3190 | NULL, | 3207 | NULL, |
3191 | handlers, | 3208 | handlers, |
3192 | &decrypted_error_cb, | 3209 | &decrypted_error_cb, |
3193 | t); | 3210 | t); |
3194 | t->mst = GNUNET_MST_create(&handle_decrypted, | 3211 | t->mst = GNUNET_MST_create (&handle_decrypted, |
3195 | t); | 3212 | t); |
3196 | return t; | 3213 | return t; |
3197 | } | 3214 | } |
3198 | 3215 | ||
@@ -3208,42 +3225,43 @@ GCT_create_tunnel(struct CadetPeer *destination) | |||
3208 | * #GNUNET_SYSERR on failure (duplicate connection) | 3225 | * #GNUNET_SYSERR on failure (duplicate connection) |
3209 | */ | 3226 | */ |
3210 | int | 3227 | int |
3211 | GCT_add_inbound_connection(struct CadetTunnel *t, | 3228 | GCT_add_inbound_connection (struct CadetTunnel *t, |
3212 | const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, | 3229 | const struct |
3213 | struct CadetPeerPath *path) | 3230 | GNUNET_CADET_ConnectionTunnelIdentifier *cid, |
3231 | struct CadetPeerPath *path) | ||
3214 | { | 3232 | { |
3215 | struct CadetTConnection *ct; | 3233 | struct CadetTConnection *ct; |
3216 | 3234 | ||
3217 | ct = GNUNET_new(struct CadetTConnection); | 3235 | ct = GNUNET_new (struct CadetTConnection); |
3218 | ct->created = GNUNET_TIME_absolute_get(); | 3236 | ct->created = GNUNET_TIME_absolute_get (); |
3219 | ct->t = t; | 3237 | ct->t = t; |
3220 | ct->cc = GCC_create_inbound(t->destination, | 3238 | ct->cc = GCC_create_inbound (t->destination, |
3221 | path, | 3239 | path, |
3222 | ct, | 3240 | ct, |
3223 | cid, | 3241 | cid, |
3224 | &connection_ready_cb, | 3242 | &connection_ready_cb, |
3225 | ct); | 3243 | ct); |
3226 | if (NULL == ct->cc) | 3244 | if (NULL == ct->cc) |
3227 | { | 3245 | { |
3228 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3246 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3229 | "%s refused inbound %s (duplicate)\n", | 3247 | "%s refused inbound %s (duplicate)\n", |
3230 | GCT_2s(t), | 3248 | GCT_2s (t), |
3231 | GCC_2s(ct->cc)); | 3249 | GCC_2s (ct->cc)); |
3232 | GNUNET_free(ct); | 3250 | GNUNET_free (ct); |
3233 | return GNUNET_SYSERR; | 3251 | return GNUNET_SYSERR; |
3234 | } | 3252 | } |
3235 | /* FIXME: schedule job to kill connection (and path?) if it takes | 3253 | /* FIXME: schedule job to kill connection (and path?) if it takes |
3236 | too long to get ready! (And track performance data on how long | 3254 | too long to get ready! (And track performance data on how long |
3237 | other connections took with the tunnel!) | 3255 | other connections took with the tunnel!) |
3238 | => Note: to be done within 'connection'-logic! */ | 3256 | => Note: to be done within 'connection'-logic! */ |
3239 | GNUNET_CONTAINER_DLL_insert(t->connection_busy_head, | 3257 | GNUNET_CONTAINER_DLL_insert (t->connection_busy_head, |
3240 | t->connection_busy_tail, | 3258 | t->connection_busy_tail, |
3241 | ct); | 3259 | ct); |
3242 | t->num_busy_connections++; | 3260 | t->num_busy_connections++; |
3243 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3261 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3244 | "%s has new %s\n", | 3262 | "%s has new %s\n", |
3245 | GCT_2s(t), | 3263 | GCT_2s (t), |
3246 | GCC_2s(ct->cc)); | 3264 | GCC_2s (ct->cc)); |
3247 | return GNUNET_OK; | 3265 | return GNUNET_OK; |
3248 | } | 3266 | } |
3249 | 3267 | ||
@@ -3255,177 +3273,177 @@ GCT_add_inbound_connection(struct CadetTunnel *t, | |||
3255 | * @param msg the encrypted message to decrypt | 3273 | * @param msg the encrypted message to decrypt |
3256 | */ | 3274 | */ |
3257 | void | 3275 | void |
3258 | GCT_handle_encrypted(struct CadetTConnection *ct, | 3276 | GCT_handle_encrypted (struct CadetTConnection *ct, |
3259 | const struct GNUNET_CADET_TunnelEncryptedMessage *msg) | 3277 | const struct GNUNET_CADET_TunnelEncryptedMessage *msg) |
3260 | { | 3278 | { |
3261 | struct CadetTunnel *t = ct->t; | 3279 | struct CadetTunnel *t = ct->t; |
3262 | uint16_t size = ntohs(msg->header.size); | 3280 | uint16_t size = ntohs (msg->header.size); |
3263 | char cbuf [size] GNUNET_ALIGN; | 3281 | char cbuf [size] GNUNET_ALIGN; |
3264 | ssize_t decrypted_size; | 3282 | ssize_t decrypted_size; |
3265 | 3283 | ||
3266 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3284 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3267 | "%s received %u bytes of encrypted data in state %d\n", | 3285 | "%s received %u bytes of encrypted data in state %d\n", |
3268 | GCT_2s(t), | 3286 | GCT_2s (t), |
3269 | (unsigned int)size, | 3287 | (unsigned int) size, |
3270 | t->estate); | 3288 | t->estate); |
3271 | 3289 | ||
3272 | switch (t->estate) | 3290 | switch (t->estate) |
3273 | { | 3291 | { |
3274 | case CADET_TUNNEL_KEY_UNINITIALIZED: | 3292 | case CADET_TUNNEL_KEY_UNINITIALIZED: |
3275 | case CADET_TUNNEL_KEY_AX_RECV: | 3293 | case CADET_TUNNEL_KEY_AX_RECV: |
3276 | /* We did not even SEND our KX, how can the other peer | 3294 | /* We did not even SEND our KX, how can the other peer |
3277 | send us encrypted data? Must have been that we went | 3295 | send us encrypted data? Must have been that we went |
3278 | down and the other peer still things we are up. | 3296 | down and the other peer still things we are up. |
3279 | Let's send it KX back. */ | 3297 | Let's send it KX back. */ |
3280 | GNUNET_STATISTICS_update(stats, | 3298 | GNUNET_STATISTICS_update (stats, |
3281 | "# received encrypted without any KX", | 3299 | "# received encrypted without any KX", |
3282 | 1, | 3300 | 1, |
3283 | GNUNET_NO); | 3301 | GNUNET_NO); |
3284 | if (NULL != t->kx_task) | 3302 | if (NULL != t->kx_task) |
3285 | { | 3303 | { |
3286 | GNUNET_SCHEDULER_cancel(t->kx_task); | 3304 | GNUNET_SCHEDULER_cancel (t->kx_task); |
3287 | t->kx_task = NULL; | 3305 | t->kx_task = NULL; |
3288 | } | 3306 | } |
3289 | send_kx(t, | 3307 | send_kx (t, |
3290 | ct, | 3308 | ct, |
3291 | &t->ax); | 3309 | &t->ax); |
3292 | return; | 3310 | return; |
3293 | |||
3294 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: | ||
3295 | /* We send KX, and other peer send KX to us at the same time. | ||
3296 | Neither KX is AUTH'ed, so let's try KX_AUTH this time. */ | ||
3297 | GNUNET_STATISTICS_update(stats, | ||
3298 | "# received encrypted without KX_AUTH", | ||
3299 | 1, | ||
3300 | GNUNET_NO); | ||
3301 | if (NULL != t->kx_task) | ||
3302 | { | ||
3303 | GNUNET_SCHEDULER_cancel(t->kx_task); | ||
3304 | t->kx_task = NULL; | ||
3305 | } | ||
3306 | send_kx_auth(t, | ||
3307 | ct, | ||
3308 | &t->ax, | ||
3309 | GNUNET_YES); | ||
3310 | return; | ||
3311 | 3311 | ||
3312 | case CADET_TUNNEL_KEY_AX_SENT: | 3312 | case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: |
3313 | /* We did not get the KX of the other peer, but that | 3313 | /* We send KX, and other peer send KX to us at the same time. |
3314 | might have been lost. Send our KX again immediately. */ | 3314 | Neither KX is AUTH'ed, so let's try KX_AUTH this time. */ |
3315 | GNUNET_STATISTICS_update(stats, | 3315 | GNUNET_STATISTICS_update (stats, |
3316 | "# received encrypted without KX", | 3316 | "# received encrypted without KX_AUTH", |
3317 | 1, | 3317 | 1, |
3318 | GNUNET_NO); | 3318 | GNUNET_NO); |
3319 | if (NULL != t->kx_task) | 3319 | if (NULL != t->kx_task) |
3320 | { | 3320 | { |
3321 | GNUNET_SCHEDULER_cancel(t->kx_task); | 3321 | GNUNET_SCHEDULER_cancel (t->kx_task); |
3322 | t->kx_task = NULL; | 3322 | t->kx_task = NULL; |
3323 | } | 3323 | } |
3324 | send_kx(t, | 3324 | send_kx_auth (t, |
3325 | ct, | 3325 | ct, |
3326 | &t->ax); | 3326 | &t->ax, |
3327 | return; | 3327 | GNUNET_YES); |
3328 | return; | ||
3328 | 3329 | ||
3329 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: | 3330 | case CADET_TUNNEL_KEY_AX_SENT: |
3330 | /* Great, first payload, we might graduate to OK! */ | 3331 | /* We did not get the KX of the other peer, but that |
3331 | case CADET_TUNNEL_KEY_OK: | 3332 | might have been lost. Send our KX again immediately. */ |
3332 | /* We are up and running, all good. */ | 3333 | GNUNET_STATISTICS_update (stats, |
3333 | break; | 3334 | "# received encrypted without KX", |
3335 | 1, | ||
3336 | GNUNET_NO); | ||
3337 | if (NULL != t->kx_task) | ||
3338 | { | ||
3339 | GNUNET_SCHEDULER_cancel (t->kx_task); | ||
3340 | t->kx_task = NULL; | ||
3334 | } | 3341 | } |
3342 | send_kx (t, | ||
3343 | ct, | ||
3344 | &t->ax); | ||
3345 | return; | ||
3346 | |||
3347 | case CADET_TUNNEL_KEY_AX_AUTH_SENT: | ||
3348 | /* Great, first payload, we might graduate to OK! */ | ||
3349 | case CADET_TUNNEL_KEY_OK: | ||
3350 | /* We are up and running, all good. */ | ||
3351 | break; | ||
3352 | } | ||
3335 | 3353 | ||
3336 | decrypted_size = -1; | 3354 | decrypted_size = -1; |
3337 | if (CADET_TUNNEL_KEY_OK == t->estate) | 3355 | if (CADET_TUNNEL_KEY_OK == t->estate) |
3338 | { | 3356 | { |
3339 | /* We have well-established key material available, | 3357 | /* We have well-established key material available, |
3340 | try that. (This is the common case.) */ | 3358 | try that. (This is the common case.) */ |
3341 | decrypted_size = t_ax_decrypt_and_validate(&t->ax, | 3359 | decrypted_size = t_ax_decrypt_and_validate (&t->ax, |
3342 | cbuf, | 3360 | cbuf, |
3343 | msg, | 3361 | msg, |
3344 | size); | 3362 | size); |
3345 | } | 3363 | } |
3346 | 3364 | ||
3347 | if ((-1 == decrypted_size) && | 3365 | if ((-1 == decrypted_size) && |
3348 | (NULL != t->unverified_ax)) | 3366 | (NULL != t->unverified_ax)) |
3367 | { | ||
3368 | /* We have un-authenticated KX material available. We should try | ||
3369 | this as a back-up option, in case the sender crashed and | ||
3370 | switched keys. */ | ||
3371 | decrypted_size = t_ax_decrypt_and_validate (t->unverified_ax, | ||
3372 | cbuf, | ||
3373 | msg, | ||
3374 | size); | ||
3375 | if (-1 != decrypted_size) | ||
3376 | { | ||
3377 | /* It worked! Treat this as authentication of the AX data! */ | ||
3378 | cleanup_ax (&t->ax); | ||
3379 | t->ax = *t->unverified_ax; | ||
3380 | GNUNET_free (t->unverified_ax); | ||
3381 | t->unverified_ax = NULL; | ||
3382 | } | ||
3383 | if (CADET_TUNNEL_KEY_AX_AUTH_SENT == t->estate) | ||
3349 | { | 3384 | { |
3350 | /* We have un-authenticated KX material available. We should try | 3385 | /* First time it worked, move tunnel into production! */ |
3351 | this as a back-up option, in case the sender crashed and | 3386 | GCT_change_estate (t, |
3352 | switched keys. */ | 3387 | CADET_TUNNEL_KEY_OK); |
3353 | decrypted_size = t_ax_decrypt_and_validate(t->unverified_ax, | 3388 | if (NULL != t->send_task) |
3354 | cbuf, | 3389 | GNUNET_SCHEDULER_cancel (t->send_task); |
3355 | msg, | 3390 | t->send_task = GNUNET_SCHEDULER_add_now (&trigger_transmissions, |
3356 | size); | 3391 | t); |
3357 | if (-1 != decrypted_size) | ||
3358 | { | ||
3359 | /* It worked! Treat this as authentication of the AX data! */ | ||
3360 | cleanup_ax(&t->ax); | ||
3361 | t->ax = *t->unverified_ax; | ||
3362 | GNUNET_free(t->unverified_ax); | ||
3363 | t->unverified_ax = NULL; | ||
3364 | } | ||
3365 | if (CADET_TUNNEL_KEY_AX_AUTH_SENT == t->estate) | ||
3366 | { | ||
3367 | /* First time it worked, move tunnel into production! */ | ||
3368 | GCT_change_estate(t, | ||
3369 | CADET_TUNNEL_KEY_OK); | ||
3370 | if (NULL != t->send_task) | ||
3371 | GNUNET_SCHEDULER_cancel(t->send_task); | ||
3372 | t->send_task = GNUNET_SCHEDULER_add_now(&trigger_transmissions, | ||
3373 | t); | ||
3374 | } | ||
3375 | } | 3392 | } |
3393 | } | ||
3376 | if (NULL != t->unverified_ax) | 3394 | if (NULL != t->unverified_ax) |
3377 | { | 3395 | { |
3378 | /* We had unverified KX material that was useless; so increment | 3396 | /* We had unverified KX material that was useless; so increment |
3379 | counter and eventually move to ignore it. Note that we even do | 3397 | counter and eventually move to ignore it. Note that we even do |
3380 | this increment if we successfully decrypted with the old KX | 3398 | this increment if we successfully decrypted with the old KX |
3381 | material and thus didn't even both with the new one. This is | 3399 | material and thus didn't even both with the new one. This is |
3382 | the ideal case, as a malicious injection of bogus KX data | 3400 | the ideal case, as a malicious injection of bogus KX data |
3383 | basically only causes us to increment a counter a few times. */ | 3401 | basically only causes us to increment a counter a few times. */ |
3384 | t->unverified_attempts++; | 3402 | t->unverified_attempts++; |
3385 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3403 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3386 | "Failed to decrypt message with unverified KX data %u times\n", | 3404 | "Failed to decrypt message with unverified KX data %u times\n", |
3387 | t->unverified_attempts); | 3405 | t->unverified_attempts); |
3388 | if (t->unverified_attempts > MAX_UNVERIFIED_ATTEMPTS) | 3406 | if (t->unverified_attempts > MAX_UNVERIFIED_ATTEMPTS) |
3389 | { | 3407 | { |
3390 | cleanup_ax(t->unverified_ax); | 3408 | cleanup_ax (t->unverified_ax); |
3391 | GNUNET_free(t->unverified_ax); | 3409 | GNUNET_free (t->unverified_ax); |
3392 | t->unverified_ax = NULL; | 3410 | t->unverified_ax = NULL; |
3393 | } | ||
3394 | } | 3411 | } |
3412 | } | ||
3395 | 3413 | ||
3396 | if (-1 == decrypted_size) | 3414 | if (-1 == decrypted_size) |
3397 | { | 3415 | { |
3398 | /* Decryption failed for good, complain. */ | 3416 | /* Decryption failed for good, complain. */ |
3399 | LOG(GNUNET_ERROR_TYPE_WARNING, | 3417 | LOG (GNUNET_ERROR_TYPE_WARNING, |
3400 | "%s failed to decrypt and validate encrypted data, retrying KX\n", | 3418 | "%s failed to decrypt and validate encrypted data, retrying KX\n", |
3401 | GCT_2s(t)); | 3419 | GCT_2s (t)); |
3402 | GNUNET_STATISTICS_update(stats, | 3420 | GNUNET_STATISTICS_update (stats, |
3403 | "# unable to decrypt", | 3421 | "# unable to decrypt", |
3404 | 1, | 3422 | 1, |
3405 | GNUNET_NO); | 3423 | GNUNET_NO); |
3406 | if (NULL != t->kx_task) | 3424 | if (NULL != t->kx_task) |
3407 | { | 3425 | { |
3408 | GNUNET_SCHEDULER_cancel(t->kx_task); | 3426 | GNUNET_SCHEDULER_cancel (t->kx_task); |
3409 | t->kx_task = NULL; | 3427 | t->kx_task = NULL; |
3410 | } | ||
3411 | send_kx(t, | ||
3412 | ct, | ||
3413 | &t->ax); | ||
3414 | return; | ||
3415 | } | 3428 | } |
3416 | GNUNET_STATISTICS_update(stats, | 3429 | send_kx (t, |
3417 | "# decrypted bytes", | 3430 | ct, |
3418 | decrypted_size, | 3431 | &t->ax); |
3419 | GNUNET_NO); | 3432 | return; |
3433 | } | ||
3434 | GNUNET_STATISTICS_update (stats, | ||
3435 | "# decrypted bytes", | ||
3436 | decrypted_size, | ||
3437 | GNUNET_NO); | ||
3420 | 3438 | ||
3421 | /* The MST will ultimately call #handle_decrypted() on each message. */ | 3439 | /* The MST will ultimately call #handle_decrypted() on each message. */ |
3422 | t->current_ct = ct; | 3440 | t->current_ct = ct; |
3423 | GNUNET_break_op(GNUNET_OK == | 3441 | GNUNET_break_op (GNUNET_OK == |
3424 | GNUNET_MST_from_buffer(t->mst, | 3442 | GNUNET_MST_from_buffer (t->mst, |
3425 | cbuf, | 3443 | cbuf, |
3426 | decrypted_size, | 3444 | decrypted_size, |
3427 | GNUNET_YES, | 3445 | GNUNET_YES, |
3428 | GNUNET_NO)); | 3446 | GNUNET_NO)); |
3429 | t->current_ct = NULL; | 3447 | t->current_ct = NULL; |
3430 | } | 3448 | } |
3431 | 3449 | ||
@@ -3441,10 +3459,10 @@ GCT_handle_encrypted(struct CadetTConnection *ct, | |||
3441 | * @return Handle to cancel message | 3459 | * @return Handle to cancel message |
3442 | */ | 3460 | */ |
3443 | struct CadetTunnelQueueEntry * | 3461 | struct CadetTunnelQueueEntry * |
3444 | GCT_send(struct CadetTunnel *t, | 3462 | GCT_send (struct CadetTunnel *t, |
3445 | const struct GNUNET_MessageHeader *message, | 3463 | const struct GNUNET_MessageHeader *message, |
3446 | GCT_SendContinuation cont, | 3464 | GCT_SendContinuation cont, |
3447 | void *cont_cls) | 3465 | void *cont_cls) |
3448 | { | 3466 | { |
3449 | struct CadetTunnelQueueEntry *tq; | 3467 | struct CadetTunnelQueueEntry *tq; |
3450 | uint16_t payload_size; | 3468 | uint16_t payload_size; |
@@ -3452,55 +3470,55 @@ GCT_send(struct CadetTunnel *t, | |||
3452 | struct GNUNET_CADET_TunnelEncryptedMessage *ax_msg; | 3470 | struct GNUNET_CADET_TunnelEncryptedMessage *ax_msg; |
3453 | 3471 | ||
3454 | if (CADET_TUNNEL_KEY_OK != t->estate) | 3472 | if (CADET_TUNNEL_KEY_OK != t->estate) |
3455 | { | 3473 | { |
3456 | GNUNET_break(0); | 3474 | GNUNET_break (0); |
3457 | return NULL; | 3475 | return NULL; |
3458 | } | 3476 | } |
3459 | payload_size = ntohs(message->size); | 3477 | payload_size = ntohs (message->size); |
3460 | LOG(GNUNET_ERROR_TYPE_DEBUG, | 3478 | LOG (GNUNET_ERROR_TYPE_DEBUG, |
3461 | "Encrypting %u bytes for %s\n", | 3479 | "Encrypting %u bytes for %s\n", |
3462 | (unsigned int)payload_size, | 3480 | (unsigned int) payload_size, |
3463 | GCT_2s(t)); | 3481 | GCT_2s (t)); |
3464 | env = GNUNET_MQ_msg_extra(ax_msg, | 3482 | env = GNUNET_MQ_msg_extra (ax_msg, |
3483 | payload_size, | ||
3484 | GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED); | ||
3485 | t_ax_encrypt (&t->ax, | ||
3486 | &ax_msg[1], | ||
3487 | message, | ||
3488 | payload_size); | ||
3489 | GNUNET_STATISTICS_update (stats, | ||
3490 | "# encrypted bytes", | ||
3465 | payload_size, | 3491 | payload_size, |
3466 | GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED); | 3492 | GNUNET_NO); |
3467 | t_ax_encrypt(&t->ax, | 3493 | ax_msg->ax_header.Ns = htonl (t->ax.Ns++); |
3468 | &ax_msg[1], | 3494 | ax_msg->ax_header.PNs = htonl (t->ax.PNs); |
3469 | message, | ||
3470 | payload_size); | ||
3471 | GNUNET_STATISTICS_update(stats, | ||
3472 | "# encrypted bytes", | ||
3473 | payload_size, | ||
3474 | GNUNET_NO); | ||
3475 | ax_msg->ax_header.Ns = htonl(t->ax.Ns++); | ||
3476 | ax_msg->ax_header.PNs = htonl(t->ax.PNs); | ||
3477 | /* FIXME: we should do this once, not once per message; | 3495 | /* FIXME: we should do this once, not once per message; |
3478 | this is a point multiplication, and DHRs does not | 3496 | this is a point multiplication, and DHRs does not |
3479 | change all the time. */ | 3497 | change all the time. */ |
3480 | GNUNET_CRYPTO_ecdhe_key_get_public(&t->ax.DHRs, | 3498 | GNUNET_CRYPTO_ecdhe_key_get_public (&t->ax.DHRs, |
3481 | &ax_msg->ax_header.DHRs); | 3499 | &ax_msg->ax_header.DHRs); |
3482 | t_h_encrypt(&t->ax, | 3500 | t_h_encrypt (&t->ax, |
3483 | ax_msg); | 3501 | ax_msg); |
3484 | t_hmac(&ax_msg->ax_header, | 3502 | t_hmac (&ax_msg->ax_header, |
3485 | sizeof(struct GNUNET_CADET_AxHeader) + payload_size, | 3503 | sizeof(struct GNUNET_CADET_AxHeader) + payload_size, |
3486 | 0, | 3504 | 0, |
3487 | &t->ax.HKs, | 3505 | &t->ax.HKs, |
3488 | &ax_msg->hmac); | 3506 | &ax_msg->hmac); |
3489 | 3507 | ||
3490 | tq = GNUNET_malloc(sizeof(*tq)); | 3508 | tq = GNUNET_malloc (sizeof(*tq)); |
3491 | tq->t = t; | 3509 | tq->t = t; |
3492 | tq->env = env; | 3510 | tq->env = env; |
3493 | tq->cid = &ax_msg->cid; /* will initialize 'ax_msg->cid' once we know the connection */ | 3511 | tq->cid = &ax_msg->cid; /* will initialize 'ax_msg->cid' once we know the connection */ |
3494 | tq->cont = cont; | 3512 | tq->cont = cont; |
3495 | tq->cont_cls = cont_cls; | 3513 | tq->cont_cls = cont_cls; |
3496 | GNUNET_CONTAINER_DLL_insert_tail(t->tq_head, | 3514 | GNUNET_CONTAINER_DLL_insert_tail (t->tq_head, |
3497 | t->tq_tail, | 3515 | t->tq_tail, |
3498 | tq); | 3516 | tq); |
3499 | if (NULL != t->send_task) | 3517 | if (NULL != t->send_task) |
3500 | GNUNET_SCHEDULER_cancel(t->send_task); | 3518 | GNUNET_SCHEDULER_cancel (t->send_task); |
3501 | t->send_task | 3519 | t->send_task |
3502 | = GNUNET_SCHEDULER_add_now(&trigger_transmissions, | 3520 | = GNUNET_SCHEDULER_add_now (&trigger_transmissions, |
3503 | t); | 3521 | t); |
3504 | return tq; | 3522 | return tq; |
3505 | } | 3523 | } |
3506 | 3524 | ||
@@ -3515,15 +3533,15 @@ GCT_send(struct CadetTunnel *t, | |||
3515 | * @param tq Handle to the queue entry to cancel. | 3533 | * @param tq Handle to the queue entry to cancel. |
3516 | */ | 3534 | */ |
3517 | void | 3535 | void |
3518 | GCT_send_cancel(struct CadetTunnelQueueEntry *tq) | 3536 | GCT_send_cancel (struct CadetTunnelQueueEntry *tq) |
3519 | { | 3537 | { |
3520 | struct CadetTunnel *t = tq->t; | 3538 | struct CadetTunnel *t = tq->t; |
3521 | 3539 | ||
3522 | GNUNET_CONTAINER_DLL_remove(t->tq_head, | 3540 | GNUNET_CONTAINER_DLL_remove (t->tq_head, |
3523 | t->tq_tail, | 3541 | t->tq_tail, |
3524 | tq); | 3542 | tq); |
3525 | GNUNET_MQ_discard(tq->env); | 3543 | GNUNET_MQ_discard (tq->env); |
3526 | GNUNET_free(tq); | 3544 | GNUNET_free (tq); |
3527 | } | 3545 | } |
3528 | 3546 | ||
3529 | 3547 | ||
@@ -3535,35 +3553,36 @@ GCT_send_cancel(struct CadetTunnelQueueEntry *tq) | |||
3535 | * @param iter_cls Closure for @c iter. | 3553 | * @param iter_cls Closure for @c iter. |
3536 | */ | 3554 | */ |
3537 | void | 3555 | void |
3538 | GCT_iterate_connections(struct CadetTunnel *t, | 3556 | GCT_iterate_connections (struct CadetTunnel *t, |
3539 | GCT_ConnectionIterator iter, | 3557 | GCT_ConnectionIterator iter, |
3540 | void *iter_cls) | 3558 | void *iter_cls) |
3541 | { | 3559 | { |
3542 | struct CadetTConnection *n; | 3560 | struct CadetTConnection *n; |
3543 | 3561 | ||
3544 | for (struct CadetTConnection *ct = t->connection_ready_head; | 3562 | for (struct CadetTConnection *ct = t->connection_ready_head; |
3545 | NULL != ct; | 3563 | NULL != ct; |
3546 | ct = n) | 3564 | ct = n) |
3547 | { | 3565 | { |
3548 | n = ct->next; | 3566 | n = ct->next; |
3549 | iter(iter_cls, | 3567 | iter (iter_cls, |
3550 | ct); | 3568 | ct); |
3551 | } | 3569 | } |
3552 | for (struct CadetTConnection *ct = t->connection_busy_head; | 3570 | for (struct CadetTConnection *ct = t->connection_busy_head; |
3553 | NULL != ct; | 3571 | NULL != ct; |
3554 | ct = n) | 3572 | ct = n) |
3555 | { | 3573 | { |
3556 | n = ct->next; | 3574 | n = ct->next; |
3557 | iter(iter_cls, | 3575 | iter (iter_cls, |
3558 | ct); | 3576 | ct); |
3559 | } | 3577 | } |
3560 | } | 3578 | } |
3561 | 3579 | ||
3562 | 3580 | ||
3563 | /** | 3581 | /** |
3564 | * Closure for #iterate_channels_cb. | 3582 | * Closure for #iterate_channels_cb. |
3565 | */ | 3583 | */ |
3566 | struct ChanIterCls { | 3584 | struct ChanIterCls |
3585 | { | ||
3567 | /** | 3586 | /** |
3568 | * Function to call. | 3587 | * Function to call. |
3569 | */ | 3588 | */ |
@@ -3585,15 +3604,15 @@ struct ChanIterCls { | |||
3585 | * @return #GNUNET_OK | 3604 | * @return #GNUNET_OK |
3586 | */ | 3605 | */ |
3587 | static int | 3606 | static int |
3588 | iterate_channels_cb(void *cls, | 3607 | iterate_channels_cb (void *cls, |
3589 | uint32_t key, | 3608 | uint32_t key, |
3590 | void *value) | 3609 | void *value) |
3591 | { | 3610 | { |
3592 | struct ChanIterCls *ctx = cls; | 3611 | struct ChanIterCls *ctx = cls; |
3593 | struct CadetChannel *ch = value; | 3612 | struct CadetChannel *ch = value; |
3594 | 3613 | ||
3595 | ctx->iter(ctx->iter_cls, | 3614 | ctx->iter (ctx->iter_cls, |
3596 | ch); | 3615 | ch); |
3597 | return GNUNET_OK; | 3616 | return GNUNET_OK; |
3598 | } | 3617 | } |
3599 | 3618 | ||
@@ -3606,17 +3625,17 @@ iterate_channels_cb(void *cls, | |||
3606 | * @param iter_cls Closure for @c iter. | 3625 | * @param iter_cls Closure for @c iter. |
3607 | */ | 3626 | */ |
3608 | void | 3627 | void |
3609 | GCT_iterate_channels(struct CadetTunnel *t, | 3628 | GCT_iterate_channels (struct CadetTunnel *t, |
3610 | GCT_ChannelIterator iter, | 3629 | GCT_ChannelIterator iter, |
3611 | void *iter_cls) | 3630 | void *iter_cls) |
3612 | { | 3631 | { |
3613 | struct ChanIterCls ctx; | 3632 | struct ChanIterCls ctx; |
3614 | 3633 | ||
3615 | ctx.iter = iter; | 3634 | ctx.iter = iter; |
3616 | ctx.iter_cls = iter_cls; | 3635 | ctx.iter_cls = iter_cls; |
3617 | GNUNET_CONTAINER_multihashmap32_iterate(t->channels, | 3636 | GNUNET_CONTAINER_multihashmap32_iterate (t->channels, |
3618 | &iterate_channels_cb, | 3637 | &iterate_channels_cb, |
3619 | &ctx); | 3638 | &ctx); |
3620 | } | 3639 | } |
3621 | 3640 | ||
3622 | 3641 | ||
@@ -3629,19 +3648,20 @@ GCT_iterate_channels(struct CadetTunnel *t, | |||
3629 | * @return #GNUNET_OK (continue iteration) | 3648 | * @return #GNUNET_OK (continue iteration) |
3630 | */ | 3649 | */ |
3631 | static int | 3650 | static int |
3632 | debug_channel(void *cls, | 3651 | debug_channel (void *cls, |
3633 | uint32_t key, | 3652 | uint32_t key, |
3634 | void *value) | 3653 | void *value) |
3635 | { | 3654 | { |
3636 | const enum GNUNET_ErrorType *level = cls; | 3655 | const enum GNUNET_ErrorType *level = cls; |
3637 | struct CadetChannel *ch = value; | 3656 | struct CadetChannel *ch = value; |
3638 | 3657 | ||
3639 | GCCH_debug(ch, *level); | 3658 | GCCH_debug (ch, *level); |
3640 | return GNUNET_OK; | 3659 | return GNUNET_OK; |
3641 | } | 3660 | } |
3642 | 3661 | ||
3643 | 3662 | ||
3644 | #define LOG2(level, ...) GNUNET_log_from_nocheck(level, "cadet-tun", __VA_ARGS__) | 3663 | #define LOG2(level, ...) GNUNET_log_from_nocheck (level, "cadet-tun", \ |
3664 | __VA_ARGS__) | ||
3645 | 3665 | ||
3646 | 3666 | ||
3647 | /** | 3667 | /** |
@@ -3651,41 +3671,41 @@ debug_channel(void *cls, | |||
3651 | * @param level Debug level to use. | 3671 | * @param level Debug level to use. |
3652 | */ | 3672 | */ |
3653 | void | 3673 | void |
3654 | GCT_debug(const struct CadetTunnel *t, | 3674 | GCT_debug (const struct CadetTunnel *t, |
3655 | enum GNUNET_ErrorType level) | 3675 | enum GNUNET_ErrorType level) |
3656 | { | 3676 | { |
3657 | #if !defined(GNUNET_CULL_LOGGING) | 3677 | #if ! defined(GNUNET_CULL_LOGGING) |
3658 | struct CadetTConnection *iter_c; | 3678 | struct CadetTConnection *iter_c; |
3659 | int do_log; | 3679 | int do_log; |
3660 | 3680 | ||
3661 | do_log = GNUNET_get_log_call_status(level & (~GNUNET_ERROR_TYPE_BULK), | 3681 | do_log = GNUNET_get_log_call_status (level & (~GNUNET_ERROR_TYPE_BULK), |
3662 | "cadet-tun", | 3682 | "cadet-tun", |
3663 | __FILE__, __FUNCTION__, __LINE__); | 3683 | __FILE__, __FUNCTION__, __LINE__); |
3664 | if (0 == do_log) | 3684 | if (0 == do_log) |
3665 | return; | 3685 | return; |
3666 | 3686 | ||
3667 | LOG2(level, | 3687 | LOG2 (level, |
3668 | "TTT TUNNEL TOWARDS %s in estate %s tq_len: %u #cons: %u\n", | 3688 | "TTT TUNNEL TOWARDS %s in estate %s tq_len: %u #cons: %u\n", |
3669 | GCT_2s(t), | 3689 | GCT_2s (t), |
3670 | estate2s(t->estate), | 3690 | estate2s (t->estate), |
3671 | t->tq_len, | 3691 | t->tq_len, |
3672 | GCT_count_any_connections(t)); | 3692 | GCT_count_any_connections (t)); |
3673 | LOG2(level, | 3693 | LOG2 (level, |
3674 | "TTT channels:\n"); | 3694 | "TTT channels:\n"); |
3675 | GNUNET_CONTAINER_multihashmap32_iterate(t->channels, | 3695 | GNUNET_CONTAINER_multihashmap32_iterate (t->channels, |
3676 | &debug_channel, | 3696 | &debug_channel, |
3677 | &level); | 3697 | &level); |
3678 | LOG2(level, | 3698 | LOG2 (level, |
3679 | "TTT connections:\n"); | 3699 | "TTT connections:\n"); |
3680 | for (iter_c = t->connection_ready_head; NULL != iter_c; iter_c = iter_c->next) | 3700 | for (iter_c = t->connection_ready_head; NULL != iter_c; iter_c = iter_c->next) |
3681 | GCC_debug(iter_c->cc, | 3701 | GCC_debug (iter_c->cc, |
3682 | level); | 3702 | level); |
3683 | for (iter_c = t->connection_busy_head; NULL != iter_c; iter_c = iter_c->next) | 3703 | for (iter_c = t->connection_busy_head; NULL != iter_c; iter_c = iter_c->next) |
3684 | GCC_debug(iter_c->cc, | 3704 | GCC_debug (iter_c->cc, |
3685 | level); | 3705 | level); |
3686 | 3706 | ||
3687 | LOG2(level, | 3707 | LOG2 (level, |
3688 | "TTT TUNNEL END\n"); | 3708 | "TTT TUNNEL END\n"); |
3689 | #endif | 3709 | #endif |
3690 | } | 3710 | } |
3691 | 3711 | ||