aboutsummaryrefslogtreecommitdiff
path: root/src/core/gnunet-service-core_kx.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/core/gnunet-service-core_kx.c')
-rw-r--r--src/core/gnunet-service-core_kx.c2027
1 files changed, 1023 insertions, 1004 deletions
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c
index d226b65e2..e73dc2430 100644
--- a/src/core/gnunet-service-core_kx.c
+++ b/src/core/gnunet-service-core_kx.c
@@ -16,7 +16,7 @@
16 along with this program. If not, see <http://www.gnu.org/licenses/>. 16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17 17
18 SPDX-License-Identifier: AGPL3.0-or-later 18 SPDX-License-Identifier: AGPL3.0-or-later
19*/ 19 */
20 20
21/** 21/**
22 * @file core/gnunet-service-core_kx.c 22 * @file core/gnunet-service-core_kx.c
@@ -44,25 +44,25 @@
44 * How long do we wait for SET_KEY confirmation initially? 44 * How long do we wait for SET_KEY confirmation initially?
45 */ 45 */
46#define INITIAL_SET_KEY_RETRY_FREQUENCY \ 46#define INITIAL_SET_KEY_RETRY_FREQUENCY \
47 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10) 47 GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 10)
48 48
49/** 49/**
50 * What is the minimum frequency for a PING message? 50 * What is the minimum frequency for a PING message?
51 */ 51 */
52#define MIN_PING_FREQUENCY \ 52#define MIN_PING_FREQUENCY \
53 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5) 53 GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 5)
54 54
55/** 55/**
56 * How often do we rekey? 56 * How often do we rekey?
57 */ 57 */
58#define REKEY_FREQUENCY \ 58#define REKEY_FREQUENCY \
59 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12) 59 GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_HOURS, 12)
60 60
61/** 61/**
62 * What time difference do we tolerate? 62 * What time difference do we tolerate?
63 */ 63 */
64#define REKEY_TOLERANCE \ 64#define REKEY_TOLERANCE \
65 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) 65 GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MINUTES, 5)
66 66
67/** 67/**
68 * What is the maximum age of a message for us to consider processing 68 * What is the maximum age of a message for us to consider processing
@@ -80,9 +80,7 @@ GNUNET_NETWORK_STRUCT_BEGIN
80 * Message transmitted with the signed ephemeral key of a peer. The 80 * Message transmitted with the signed ephemeral key of a peer. The
81 * session key is then derived from the two ephemeral keys (ECDHE). 81 * session key is then derived from the two ephemeral keys (ECDHE).
82 */ 82 */
83struct EphemeralKeyMessage 83struct EphemeralKeyMessage {
84{
85
86 /** 84 /**
87 * Message type is #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY. 85 * Message type is #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY.
88 */ 86 */
@@ -132,8 +130,7 @@ struct EphemeralKeyMessage
132 * can decrypt. The other peer should respond with a PONG with the 130 * can decrypt. The other peer should respond with a PONG with the
133 * same content, except this time encrypted with the receiver's key. 131 * same content, except this time encrypted with the receiver's key.
134 */ 132 */
135struct PingMessage 133struct PingMessage {
136{
137 /** 134 /**
138 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PING. 135 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PING.
139 */ 136 */
@@ -160,8 +157,7 @@ struct PingMessage
160/** 157/**
161 * Response to a PING. Includes data from the original PING. 158 * Response to a PING. Includes data from the original PING.
162 */ 159 */
163struct PongMessage 160struct PongMessage {
164{
165 /** 161 /**
166 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PONG. 162 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PONG.
167 */ 163 */
@@ -194,8 +190,7 @@ struct PongMessage
194 * Encapsulation for encrypted messages exchanged between 190 * Encapsulation for encrypted messages exchanged between
195 * peers. Followed by the actual encrypted data. 191 * peers. Followed by the actual encrypted data.
196 */ 192 */
197struct EncryptedMessage 193struct EncryptedMessage {
198{
199 /** 194 /**
200 * Message type is #GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE. 195 * Message type is #GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE.
201 */ 196 */
@@ -240,15 +235,13 @@ GNUNET_NETWORK_STRUCT_END
240 * that are NOT encrypted. 235 * that are NOT encrypted.
241 */ 236 */
242#define ENCRYPTED_HEADER_SIZE \ 237#define ENCRYPTED_HEADER_SIZE \
243 (offsetof (struct EncryptedMessage, sequence_number)) 238 (offsetof(struct EncryptedMessage, sequence_number))
244 239
245 240
246/** 241/**
247 * Information about the status of a key exchange with another peer. 242 * Information about the status of a key exchange with another peer.
248 */ 243 */
249struct GSC_KeyExchangeInfo 244struct GSC_KeyExchangeInfo {
250{
251
252 /** 245 /**
253 * DLL. 246 * DLL.
254 */ 247 */
@@ -408,13 +401,13 @@ static struct GNUNET_NotificationContext *nc;
408 * @param kx key exchange context 401 * @param kx key exchange context
409 */ 402 */
410static uint32_t 403static uint32_t
411calculate_seed (struct GSC_KeyExchangeInfo *kx) 404calculate_seed(struct GSC_KeyExchangeInfo *kx)
412{ 405{
413 /* Note: may want to make this non-random and instead 406 /* Note: may want to make this non-random and instead
414 derive from key material to avoid having an undetectable 407 derive from key material to avoid having an undetectable
415 side-channel */ 408 side-channel */
416 return htonl ( 409 return htonl(
417 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX)); 410 GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX));
418} 411}
419 412
420 413
@@ -424,16 +417,16 @@ calculate_seed (struct GSC_KeyExchangeInfo *kx)
424 * @param kx key exchange state to inform about 417 * @param kx key exchange state to inform about
425 */ 418 */
426static void 419static void
427monitor_notify_all (struct GSC_KeyExchangeInfo *kx) 420monitor_notify_all(struct GSC_KeyExchangeInfo *kx)
428{ 421{
429 struct MonitorNotifyMessage msg; 422 struct MonitorNotifyMessage msg;
430 423
431 msg.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY); 424 msg.header.type = htons(GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
432 msg.header.size = htons (sizeof (msg)); 425 msg.header.size = htons(sizeof(msg));
433 msg.state = htonl ((uint32_t) kx->status); 426 msg.state = htonl((uint32_t)kx->status);
434 msg.peer = *kx->peer; 427 msg.peer = *kx->peer;
435 msg.timeout = GNUNET_TIME_absolute_hton (kx->timeout); 428 msg.timeout = GNUNET_TIME_absolute_hton(kx->timeout);
436 GNUNET_notification_context_broadcast (nc, &msg.header, GNUNET_NO); 429 GNUNET_notification_context_broadcast(nc, &msg.header, GNUNET_NO);
437 kx->last_notify_timeout = kx->timeout; 430 kx->last_notify_timeout = kx->timeout;
438} 431}
439 432
@@ -446,30 +439,31 @@ monitor_notify_all (struct GSC_KeyExchangeInfo *kx)
446 * @param seed seed to use 439 * @param seed seed to use
447 */ 440 */
448static void 441static void
449derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey, 442derive_auth_key(struct GNUNET_CRYPTO_AuthKey *akey,
450 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, 443 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
451 uint32_t seed) 444 uint32_t seed)
452{ 445{
453 static const char ctx[] = "authentication key"; 446 static const char ctx[] = "authentication key";
447
454#if DEBUG_KX 448#if DEBUG_KX
455 struct GNUNET_HashCode sh; 449 struct GNUNET_HashCode sh;
456 450
457 GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); 451 GNUNET_CRYPTO_hash(skey, sizeof(*skey), &sh);
458 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 452 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
459 "Deriving Auth key from SKEY %s and seed %u\n", 453 "Deriving Auth key from SKEY %s and seed %u\n",
460 GNUNET_h2s (&sh), 454 GNUNET_h2s(&sh),
461 (unsigned int) seed); 455 (unsigned int)seed);
462#endif 456#endif
463 GNUNET_CRYPTO_hmac_derive_key (akey, 457 GNUNET_CRYPTO_hmac_derive_key(akey,
464 skey, 458 skey,
465 &seed, 459 &seed,
466 sizeof (seed), 460 sizeof(seed),
467 skey, 461 skey,
468 sizeof ( 462 sizeof(
469 struct GNUNET_CRYPTO_SymmetricSessionKey), 463 struct GNUNET_CRYPTO_SymmetricSessionKey),
470 ctx, 464 ctx,
471 sizeof (ctx), 465 sizeof(ctx),
472 NULL); 466 NULL);
473} 467}
474 468
475 469
@@ -482,31 +476,32 @@ derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey,
482 * @param identity identity of the other peer to use 476 * @param identity identity of the other peer to use
483 */ 477 */
484static void 478static void
485derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 479derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
486 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, 480 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
487 uint32_t seed, 481 uint32_t seed,
488 const struct GNUNET_PeerIdentity *identity) 482 const struct GNUNET_PeerIdentity *identity)
489{ 483{
490 static const char ctx[] = "initialization vector"; 484 static const char ctx[] = "initialization vector";
485
491#if DEBUG_KX 486#if DEBUG_KX
492 struct GNUNET_HashCode sh; 487 struct GNUNET_HashCode sh;
493 488
494 GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); 489 GNUNET_CRYPTO_hash(skey, sizeof(*skey), &sh);
495 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 490 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
496 "Deriving IV from SKEY %s and seed %u for peer %s\n", 491 "Deriving IV from SKEY %s and seed %u for peer %s\n",
497 GNUNET_h2s (&sh), 492 GNUNET_h2s(&sh),
498 (unsigned int) seed, 493 (unsigned int)seed,
499 GNUNET_i2s (identity)); 494 GNUNET_i2s(identity));
500#endif 495#endif
501 GNUNET_CRYPTO_symmetric_derive_iv (iv, 496 GNUNET_CRYPTO_symmetric_derive_iv(iv,
502 skey, 497 skey,
503 &seed, 498 &seed,
504 sizeof (seed), 499 sizeof(seed),
505 identity, 500 identity,
506 sizeof (struct GNUNET_PeerIdentity), 501 sizeof(struct GNUNET_PeerIdentity),
507 ctx, 502 ctx,
508 sizeof (ctx), 503 sizeof(ctx),
509 NULL); 504 NULL);
510} 505}
511 506
512 507
@@ -520,35 +515,36 @@ derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
520 * @param identity identity of the other peer to use 515 * @param identity identity of the other peer to use
521 */ 516 */
522static void 517static void
523derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 518derive_pong_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
524 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, 519 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
525 uint32_t seed, 520 uint32_t seed,
526 uint32_t challenge, 521 uint32_t challenge,
527 const struct GNUNET_PeerIdentity *identity) 522 const struct GNUNET_PeerIdentity *identity)
528{ 523{
529 static const char ctx[] = "pong initialization vector"; 524 static const char ctx[] = "pong initialization vector";
525
530#if DEBUG_KX 526#if DEBUG_KX
531 struct GNUNET_HashCode sh; 527 struct GNUNET_HashCode sh;
532 528
533 GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); 529 GNUNET_CRYPTO_hash(skey, sizeof(*skey), &sh);
534 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 530 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
535 "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n", 531 "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n",
536 GNUNET_h2s (&sh), 532 GNUNET_h2s(&sh),
537 (unsigned int) seed, 533 (unsigned int)seed,
538 (unsigned int) challenge, 534 (unsigned int)challenge,
539 GNUNET_i2s (identity)); 535 GNUNET_i2s(identity));
540#endif 536#endif
541 GNUNET_CRYPTO_symmetric_derive_iv (iv, 537 GNUNET_CRYPTO_symmetric_derive_iv(iv,
542 skey, 538 skey,
543 &seed, 539 &seed,
544 sizeof (seed), 540 sizeof(seed),
545 identity, 541 identity,
546 sizeof (struct GNUNET_PeerIdentity), 542 sizeof(struct GNUNET_PeerIdentity),
547 &challenge, 543 &challenge,
548 sizeof (challenge), 544 sizeof(challenge),
549 ctx, 545 ctx,
550 sizeof (ctx), 546 sizeof(ctx),
551 NULL); 547 NULL);
552} 548}
553 549
554 550
@@ -561,33 +557,34 @@ derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
561 * @param skey set to derived session key 557 * @param skey set to derived session key
562 */ 558 */
563static void 559static void
564derive_aes_key (const struct GNUNET_PeerIdentity *sender, 560derive_aes_key(const struct GNUNET_PeerIdentity *sender,
565 const struct GNUNET_PeerIdentity *receiver, 561 const struct GNUNET_PeerIdentity *receiver,
566 const struct GNUNET_HashCode *key_material, 562 const struct GNUNET_HashCode *key_material,
567 struct GNUNET_CRYPTO_SymmetricSessionKey *skey) 563 struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
568{ 564{
569 static const char ctx[] = "aes key generation vector"; 565 static const char ctx[] = "aes key generation vector";
566
570#if DEBUG_KX 567#if DEBUG_KX
571 struct GNUNET_HashCode sh; 568 struct GNUNET_HashCode sh;
572 569
573 GNUNET_CRYPTO_hash (skey, sizeof (*skey), &sh); 570 GNUNET_CRYPTO_hash(skey, sizeof(*skey), &sh);
574 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 571 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
575 "Deriving AES Keys for %s to %s from %s\n", 572 "Deriving AES Keys for %s to %s from %s\n",
576 GNUNET_i2s (sender), 573 GNUNET_i2s(sender),
577 GNUNET_i2s2 (receiver), 574 GNUNET_i2s2(receiver),
578 GNUNET_h2s (key_material)); 575 GNUNET_h2s(key_material));
579#endif 576#endif
580 GNUNET_CRYPTO_kdf (skey, 577 GNUNET_CRYPTO_kdf(skey,
581 sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey), 578 sizeof(struct GNUNET_CRYPTO_SymmetricSessionKey),
582 ctx, 579 ctx,
583 sizeof (ctx), 580 sizeof(ctx),
584 key_material, 581 key_material,
585 sizeof (struct GNUNET_HashCode), 582 sizeof(struct GNUNET_HashCode),
586 sender, 583 sender,
587 sizeof (struct GNUNET_PeerIdentity), 584 sizeof(struct GNUNET_PeerIdentity),
588 receiver, 585 receiver,
589 sizeof (struct GNUNET_PeerIdentity), 586 sizeof(struct GNUNET_PeerIdentity),
590 NULL); 587 NULL);
591} 588}
592 589
593 590
@@ -603,35 +600,35 @@ derive_aes_key (const struct GNUNET_PeerIdentity *sender,
603 * @return #GNUNET_OK on success 600 * @return #GNUNET_OK on success
604 */ 601 */
605static int 602static int
606do_encrypt (struct GSC_KeyExchangeInfo *kx, 603do_encrypt(struct GSC_KeyExchangeInfo *kx,
607 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 604 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
608 const void *in, 605 const void *in,
609 void *out, 606 void *out,
610 size_t size) 607 size_t size)
611{ 608{
612 if (size != (uint16_t) size) 609 if (size != (uint16_t)size)
613 { 610 {
614 GNUNET_break (0); 611 GNUNET_break(0);
615 return GNUNET_NO; 612 return GNUNET_NO;
616 } 613 }
617 GNUNET_assert (size == GNUNET_CRYPTO_symmetric_encrypt (in, 614 GNUNET_assert(size == GNUNET_CRYPTO_symmetric_encrypt(in,
618 (uint16_t) size, 615 (uint16_t)size,
619 &kx->encrypt_key, 616 &kx->encrypt_key,
620 iv, 617 iv,
621 out)); 618 out));
622 GNUNET_STATISTICS_update (GSC_stats, 619 GNUNET_STATISTICS_update(GSC_stats,
623 gettext_noop ("# bytes encrypted"), 620 gettext_noop("# bytes encrypted"),
624 size, 621 size,
625 GNUNET_NO); 622 GNUNET_NO);
626 /* the following is too sensitive to write to log files by accident, 623 /* the following is too sensitive to write to log files by accident,
627 so we require manual intervention to get this one... */ 624 so we require manual intervention to get this one... */
628#if DEBUG_KX 625#if DEBUG_KX
629 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 626 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
630 "Encrypted %u bytes for `%s' using key %u, IV %u\n", 627 "Encrypted %u bytes for `%s' using key %u, IV %u\n",
631 (unsigned int) size, 628 (unsigned int)size,
632 GNUNET_i2s (kx->peer), 629 GNUNET_i2s(kx->peer),
633 (unsigned int) kx->encrypt_key.crc32, 630 (unsigned int)kx->encrypt_key.crc32,
634 GNUNET_CRYPTO_crc32_n (iv, sizeof (iv))); 631 GNUNET_CRYPTO_crc32_n(iv, sizeof(iv)));
635#endif 632#endif
636 return GNUNET_OK; 633 return GNUNET_OK;
637} 634}
@@ -650,46 +647,46 @@ do_encrypt (struct GSC_KeyExchangeInfo *kx,
650 * @return #GNUNET_OK on success 647 * @return #GNUNET_OK on success
651 */ 648 */
652static int 649static int
653do_decrypt (struct GSC_KeyExchangeInfo *kx, 650do_decrypt(struct GSC_KeyExchangeInfo *kx,
654 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, 651 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
655 const void *in, 652 const void *in,
656 void *out, 653 void *out,
657 size_t size) 654 size_t size)
658{ 655{
659 if (size != (uint16_t) size) 656 if (size != (uint16_t)size)
660 { 657 {
661 GNUNET_break (0); 658 GNUNET_break(0);
662 return GNUNET_NO; 659 return GNUNET_NO;
663 } 660 }
664 if ((kx->status != GNUNET_CORE_KX_STATE_KEY_RECEIVED) && 661 if ((kx->status != GNUNET_CORE_KX_STATE_KEY_RECEIVED) &&
665 (kx->status != GNUNET_CORE_KX_STATE_UP) && 662 (kx->status != GNUNET_CORE_KX_STATE_UP) &&
666 (kx->status != GNUNET_CORE_KX_STATE_REKEY_SENT)) 663 (kx->status != GNUNET_CORE_KX_STATE_REKEY_SENT))
667 { 664 {
668 GNUNET_break_op (0); 665 GNUNET_break_op(0);
669 return GNUNET_SYSERR; 666 return GNUNET_SYSERR;
670 } 667 }
671 if (size != GNUNET_CRYPTO_symmetric_decrypt (in, 668 if (size != GNUNET_CRYPTO_symmetric_decrypt(in,
672 (uint16_t) size, 669 (uint16_t)size,
673 &kx->decrypt_key, 670 &kx->decrypt_key,
674 iv, 671 iv,
675 out)) 672 out))
676 { 673 {
677 GNUNET_break (0); 674 GNUNET_break(0);
678 return GNUNET_SYSERR; 675 return GNUNET_SYSERR;
679 } 676 }
680 GNUNET_STATISTICS_update (GSC_stats, 677 GNUNET_STATISTICS_update(GSC_stats,
681 gettext_noop ("# bytes decrypted"), 678 gettext_noop("# bytes decrypted"),
682 size, 679 size,
683 GNUNET_NO); 680 GNUNET_NO);
684 /* the following is too sensitive to write to log files by accident, 681 /* the following is too sensitive to write to log files by accident,
685 so we require manual intervention to get this one... */ 682 so we require manual intervention to get this one... */
686#if DEBUG_KX 683#if DEBUG_KX
687 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 684 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
688 "Decrypted %u bytes from `%s' using key %u, IV %u\n", 685 "Decrypted %u bytes from `%s' using key %u, IV %u\n",
689 (unsigned int) size, 686 (unsigned int)size,
690 GNUNET_i2s (kx->peer), 687 GNUNET_i2s(kx->peer),
691 (unsigned int) kx->decrypt_key.crc32, 688 (unsigned int)kx->decrypt_key.crc32,
692 GNUNET_CRYPTO_crc32_n (iv, sizeof (*iv))); 689 GNUNET_CRYPTO_crc32_n(iv, sizeof(*iv)));
693#endif 690#endif
694 return GNUNET_OK; 691 return GNUNET_OK;
695} 692}
@@ -701,7 +698,7 @@ do_decrypt (struct GSC_KeyExchangeInfo *kx,
701 * @param kx key exchange context 698 * @param kx key exchange context
702 */ 699 */
703static void 700static void
704send_key (struct GSC_KeyExchangeInfo *kx); 701send_key(struct GSC_KeyExchangeInfo *kx);
705 702
706 703
707/** 704/**
@@ -710,15 +707,15 @@ send_key (struct GSC_KeyExchangeInfo *kx);
710 * @param cls our `struct GSC_KeyExchangeInfo` 707 * @param cls our `struct GSC_KeyExchangeInfo`
711 */ 708 */
712static void 709static void
713set_key_retry_task (void *cls) 710set_key_retry_task(void *cls)
714{ 711{
715 struct GSC_KeyExchangeInfo *kx = cls; 712 struct GSC_KeyExchangeInfo *kx = cls;
716 713
717 kx->retry_set_key_task = NULL; 714 kx->retry_set_key_task = NULL;
718 kx->set_key_retry_frequency = 715 kx->set_key_retry_frequency =
719 GNUNET_TIME_STD_BACKOFF (kx->set_key_retry_frequency); 716 GNUNET_TIME_STD_BACKOFF(kx->set_key_retry_frequency);
720 GNUNET_assert (GNUNET_CORE_KX_STATE_DOWN != kx->status); 717 GNUNET_assert(GNUNET_CORE_KX_STATE_DOWN != kx->status);
721 send_key (kx); 718 send_key(kx);
722} 719}
723 720
724 721
@@ -728,7 +725,7 @@ set_key_retry_task (void *cls)
728 * @param kx key exchange context to create PING for 725 * @param kx key exchange context to create PING for
729 */ 726 */
730static void 727static void
731setup_fresh_ping (struct GSC_KeyExchangeInfo *kx) 728setup_fresh_ping(struct GSC_KeyExchangeInfo *kx)
732{ 729{
733 struct PingMessage pp; 730 struct PingMessage pp;
734 struct PingMessage *pm; 731 struct PingMessage *pm;
@@ -736,19 +733,19 @@ setup_fresh_ping (struct GSC_KeyExchangeInfo *kx)
736 733
737 pm = &kx->ping; 734 pm = &kx->ping;
738 kx->ping_challenge = 735 kx->ping_challenge =
739 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX); 736 GNUNET_CRYPTO_random_u32(GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX);
740 pm->header.size = htons (sizeof (struct PingMessage)); 737 pm->header.size = htons(sizeof(struct PingMessage));
741 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING); 738 pm->header.type = htons(GNUNET_MESSAGE_TYPE_CORE_PING);
742 pm->iv_seed = calculate_seed (kx); 739 pm->iv_seed = calculate_seed(kx);
743 derive_iv (&iv, &kx->encrypt_key, pm->iv_seed, kx->peer); 740 derive_iv(&iv, &kx->encrypt_key, pm->iv_seed, kx->peer);
744 pp.challenge = kx->ping_challenge; 741 pp.challenge = kx->ping_challenge;
745 pp.target = *kx->peer; 742 pp.target = *kx->peer;
746 do_encrypt (kx, 743 do_encrypt(kx,
747 &iv, 744 &iv,
748 &pp.target, 745 &pp.target,
749 &pm->target, 746 &pm->target,
750 sizeof (struct PingMessage) - 747 sizeof(struct PingMessage) -
751 ((void *) &pm->target - (void *) pm)); 748 ((void *)&pm->target - (void *)pm));
752} 749}
753 750
754 751
@@ -764,41 +761,43 @@ setup_fresh_ping (struct GSC_KeyExchangeInfo *kx)
764 * #GNUNET_SYSERR to stop further processing with error 761 * #GNUNET_SYSERR to stop further processing with error
765 */ 762 */
766static int 763static int
767deliver_message (void *cls, const struct GNUNET_MessageHeader *m) 764deliver_message(void *cls, const struct GNUNET_MessageHeader *m)
768{ 765{
769 struct GSC_KeyExchangeInfo *kx = cls; 766 struct GSC_KeyExchangeInfo *kx = cls;
770 767
771 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 768 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
772 "Decrypted message of type %d from %s\n", 769 "Decrypted message of type %d from %s\n",
773 ntohs (m->type), 770 ntohs(m->type),
774 GNUNET_i2s (kx->peer)); 771 GNUNET_i2s(kx->peer));
775 if (GNUNET_CORE_KX_STATE_UP != kx->status) 772 if (GNUNET_CORE_KX_STATE_UP != kx->status)
776 { 773 {
777 GNUNET_STATISTICS_update (GSC_stats, 774 GNUNET_STATISTICS_update(GSC_stats,
778 gettext_noop ("# PAYLOAD dropped (out of order)"), 775 gettext_noop("# PAYLOAD dropped (out of order)"),
779 1, 776 1,
780 GNUNET_NO); 777 GNUNET_NO);
781 return GNUNET_OK; 778 return GNUNET_OK;
782 } 779 }
783 switch (ntohs (m->type)) 780 switch (ntohs(m->type))
784 { 781 {
785 case GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP: 782 case GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP:
786 case GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP: 783 case GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP:
787 GSC_SESSIONS_set_typemap (kx->peer, m); 784 GSC_SESSIONS_set_typemap(kx->peer, m);
788 return GNUNET_OK; 785 return GNUNET_OK;
789 case GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP: 786
790 GSC_SESSIONS_confirm_typemap (kx->peer, m); 787 case GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP:
791 return GNUNET_OK; 788 GSC_SESSIONS_confirm_typemap(kx->peer, m);
792 default: 789 return GNUNET_OK;
793 GSC_CLIENTS_deliver_message (kx->peer, 790
794 m, 791 default:
795 ntohs (m->size), 792 GSC_CLIENTS_deliver_message(kx->peer,
796 GNUNET_CORE_OPTION_SEND_FULL_INBOUND); 793 m,
797 GSC_CLIENTS_deliver_message (kx->peer, 794 ntohs(m->size),
798 m, 795 GNUNET_CORE_OPTION_SEND_FULL_INBOUND);
799 sizeof (struct GNUNET_MessageHeader), 796 GSC_CLIENTS_deliver_message(kx->peer,
800 GNUNET_CORE_OPTION_SEND_HDR_INBOUND); 797 m,
801 } 798 sizeof(struct GNUNET_MessageHeader),
799 GNUNET_CORE_OPTION_SEND_HDR_INBOUND);
800 }
802 return GNUNET_OK; 801 return GNUNET_OK;
803} 802}
804 803
@@ -813,49 +812,49 @@ deliver_message (void *cls, const struct GNUNET_MessageHeader *m)
813 * @return key exchange information context 812 * @return key exchange information context
814 */ 813 */
815static void * 814static void *
816handle_transport_notify_connect (void *cls, 815handle_transport_notify_connect(void *cls,
817 const struct GNUNET_PeerIdentity *pid, 816 const struct GNUNET_PeerIdentity *pid,
818 struct GNUNET_MQ_Handle *mq) 817 struct GNUNET_MQ_Handle *mq)
819{ 818{
820 struct GSC_KeyExchangeInfo *kx; 819 struct GSC_KeyExchangeInfo *kx;
821 struct GNUNET_HashCode h1; 820 struct GNUNET_HashCode h1;
822 struct GNUNET_HashCode h2; 821 struct GNUNET_HashCode h2;
823 822
824 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 823 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
825 "Initiating key exchange with `%s'\n", 824 "Initiating key exchange with `%s'\n",
826 GNUNET_i2s (pid)); 825 GNUNET_i2s(pid));
827 GNUNET_STATISTICS_update (GSC_stats, 826 GNUNET_STATISTICS_update(GSC_stats,
828 gettext_noop ("# key exchanges initiated"), 827 gettext_noop("# key exchanges initiated"),
829 1, 828 1,
830 GNUNET_NO); 829 GNUNET_NO);
831 kx = GNUNET_new (struct GSC_KeyExchangeInfo); 830 kx = GNUNET_new(struct GSC_KeyExchangeInfo);
832 kx->mst = GNUNET_MST_create (&deliver_message, kx); 831 kx->mst = GNUNET_MST_create(&deliver_message, kx);
833 kx->mq = mq; 832 kx->mq = mq;
834 kx->peer = pid; 833 kx->peer = pid;
835 kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY; 834 kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
836 GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx); 835 GNUNET_CONTAINER_DLL_insert(kx_head, kx_tail, kx);
837 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT; 836 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
838 monitor_notify_all (kx); 837 monitor_notify_all(kx);
839 GNUNET_CRYPTO_hash (pid, sizeof (struct GNUNET_PeerIdentity), &h1); 838 GNUNET_CRYPTO_hash(pid, sizeof(struct GNUNET_PeerIdentity), &h1);
840 GNUNET_CRYPTO_hash (&GSC_my_identity, 839 GNUNET_CRYPTO_hash(&GSC_my_identity,
841 sizeof (struct GNUNET_PeerIdentity), 840 sizeof(struct GNUNET_PeerIdentity),
842 &h2); 841 &h2);
843 if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2)) 842 if (0 < GNUNET_CRYPTO_hash_cmp(&h1, &h2))
844 { 843 {
845 /* peer with "lower" identity starts KX, otherwise we typically end up 844 /* peer with "lower" identity starts KX, otherwise we typically end up
846 with both peers starting the exchange and transmit the 'set key' 845 with both peers starting the exchange and transmit the 'set key'
847 message twice */ 846 message twice */
848 send_key (kx); 847 send_key(kx);
849 } 848 }
850 else 849 else
851 { 850 {
852 /* peer with "higher" identity starts a delayed KX, if the "lower" peer 851 /* peer with "higher" identity starts a delayed KX, if the "lower" peer
853 * does not start a KX since it sees no reasons to do so */ 852 * does not start a KX since it sees no reasons to do so */
854 kx->retry_set_key_task = 853 kx->retry_set_key_task =
855 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS, 854 GNUNET_SCHEDULER_add_delayed(GNUNET_TIME_UNIT_SECONDS,
856 &set_key_retry_task, 855 &set_key_retry_task,
857 kx); 856 kx);
858 } 857 }
859 return kx; 858 return kx;
860} 859}
861 860
@@ -870,35 +869,35 @@ handle_transport_notify_connect (void *cls,
870 * @param handler_cls the `struct GSC_KeyExchangeInfo` of the peer 869 * @param handler_cls the `struct GSC_KeyExchangeInfo` of the peer
871 */ 870 */
872static void 871static void
873handle_transport_notify_disconnect (void *cls, 872handle_transport_notify_disconnect(void *cls,
874 const struct GNUNET_PeerIdentity *peer, 873 const struct GNUNET_PeerIdentity *peer,
875 void *handler_cls) 874 void *handler_cls)
876{ 875{
877 struct GSC_KeyExchangeInfo *kx = handler_cls; 876 struct GSC_KeyExchangeInfo *kx = handler_cls;
878 877
879 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 878 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
880 "Peer `%s' disconnected from us.\n", 879 "Peer `%s' disconnected from us.\n",
881 GNUNET_i2s (peer)); 880 GNUNET_i2s(peer));
882 GSC_SESSIONS_end (kx->peer); 881 GSC_SESSIONS_end(kx->peer);
883 GNUNET_STATISTICS_update (GSC_stats, 882 GNUNET_STATISTICS_update(GSC_stats,
884 gettext_noop ("# key exchanges stopped"), 883 gettext_noop("# key exchanges stopped"),
885 1, 884 1,
886 GNUNET_NO); 885 GNUNET_NO);
887 if (NULL != kx->retry_set_key_task) 886 if (NULL != kx->retry_set_key_task)
888 { 887 {
889 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task); 888 GNUNET_SCHEDULER_cancel(kx->retry_set_key_task);
890 kx->retry_set_key_task = NULL; 889 kx->retry_set_key_task = NULL;
891 } 890 }
892 if (NULL != kx->keep_alive_task) 891 if (NULL != kx->keep_alive_task)
893 { 892 {
894 GNUNET_SCHEDULER_cancel (kx->keep_alive_task); 893 GNUNET_SCHEDULER_cancel(kx->keep_alive_task);
895 kx->keep_alive_task = NULL; 894 kx->keep_alive_task = NULL;
896 } 895 }
897 kx->status = GNUNET_CORE_KX_PEER_DISCONNECT; 896 kx->status = GNUNET_CORE_KX_PEER_DISCONNECT;
898 monitor_notify_all (kx); 897 monitor_notify_all(kx);
899 GNUNET_CONTAINER_DLL_remove (kx_head, kx_tail, kx); 898 GNUNET_CONTAINER_DLL_remove(kx_head, kx_tail, kx);
900 GNUNET_MST_destroy (kx->mst); 899 GNUNET_MST_destroy(kx->mst);
901 GNUNET_free (kx); 900 GNUNET_free(kx);
902} 901}
903 902
904 903
@@ -908,16 +907,16 @@ handle_transport_notify_disconnect (void *cls,
908 * @param kx key exchange context 907 * @param kx key exchange context
909 */ 908 */
910static void 909static void
911send_ping (struct GSC_KeyExchangeInfo *kx) 910send_ping(struct GSC_KeyExchangeInfo *kx)
912{ 911{
913 struct GNUNET_MQ_Envelope *env; 912 struct GNUNET_MQ_Envelope *env;
914 913
915 GNUNET_STATISTICS_update (GSC_stats, 914 GNUNET_STATISTICS_update(GSC_stats,
916 gettext_noop ("# PING messages transmitted"), 915 gettext_noop("# PING messages transmitted"),
917 1, 916 1,
918 GNUNET_NO); 917 GNUNET_NO);
919 env = GNUNET_MQ_msg_copy (&kx->ping.header); 918 env = GNUNET_MQ_msg_copy(&kx->ping.header);
920 GNUNET_MQ_send (kx->mq, env); 919 GNUNET_MQ_send(kx->mq, env);
921} 920}
922 921
923 922
@@ -927,24 +926,24 @@ send_ping (struct GSC_KeyExchangeInfo *kx)
927 * @param kx session to derive keys for 926 * @param kx session to derive keys for
928 */ 927 */
929static void 928static void
930derive_session_keys (struct GSC_KeyExchangeInfo *kx) 929derive_session_keys(struct GSC_KeyExchangeInfo *kx)
931{ 930{
932 struct GNUNET_HashCode key_material; 931 struct GNUNET_HashCode key_material;
933 932
934 if (GNUNET_OK != GNUNET_CRYPTO_ecc_ecdh (my_ephemeral_key, 933 if (GNUNET_OK != GNUNET_CRYPTO_ecc_ecdh(my_ephemeral_key,
935 &kx->other_ephemeral_key, 934 &kx->other_ephemeral_key,
936 &key_material)) 935 &key_material))
937 { 936 {
938 GNUNET_break (0); 937 GNUNET_break(0);
939 return; 938 return;
940 } 939 }
941 derive_aes_key (&GSC_my_identity, kx->peer, &key_material, &kx->encrypt_key); 940 derive_aes_key(&GSC_my_identity, kx->peer, &key_material, &kx->encrypt_key);
942 derive_aes_key (kx->peer, &GSC_my_identity, &key_material, &kx->decrypt_key); 941 derive_aes_key(kx->peer, &GSC_my_identity, &key_material, &kx->decrypt_key);
943 memset (&key_material, 0, sizeof (key_material)); 942 memset(&key_material, 0, sizeof(key_material));
944 /* fresh key, reset sequence numbers */ 943 /* fresh key, reset sequence numbers */
945 kx->last_sequence_number_received = 0; 944 kx->last_sequence_number_received = 0;
946 kx->last_packets_bitmap = 0; 945 kx->last_packets_bitmap = 0;
947 setup_fresh_ping (kx); 946 setup_fresh_ping(kx);
948} 947}
949 948
950 949
@@ -956,7 +955,7 @@ derive_session_keys (struct GSC_KeyExchangeInfo *kx)
956 * @param m the set key message we received 955 * @param m the set key message we received
957 */ 956 */
958static void 957static void
959handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m) 958handle_ephemeral_key(void *cls, const struct EphemeralKeyMessage *m)
960{ 959{
961 struct GSC_KeyExchangeInfo *kx = cls; 960 struct GSC_KeyExchangeInfo *kx = cls;
962 struct GNUNET_TIME_Absolute start_t; 961 struct GNUNET_TIME_Absolute start_t;
@@ -964,183 +963,193 @@ handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m)
964 struct GNUNET_TIME_Absolute now; 963 struct GNUNET_TIME_Absolute now;
965 enum GNUNET_CORE_KxState sender_status; 964 enum GNUNET_CORE_KxState sender_status;
966 965
967 end_t = GNUNET_TIME_absolute_ntoh (m->expiration_time); 966 end_t = GNUNET_TIME_absolute_ntoh(m->expiration_time);
968 if (((GNUNET_CORE_KX_STATE_KEY_RECEIVED == kx->status) || 967 if (((GNUNET_CORE_KX_STATE_KEY_RECEIVED == kx->status) ||
969 (GNUNET_CORE_KX_STATE_UP == kx->status) || 968 (GNUNET_CORE_KX_STATE_UP == kx->status) ||
970 (GNUNET_CORE_KX_STATE_REKEY_SENT == kx->status)) && 969 (GNUNET_CORE_KX_STATE_REKEY_SENT == kx->status)) &&
971 (end_t.abs_value_us < kx->foreign_key_expires.abs_value_us)) 970 (end_t.abs_value_us < kx->foreign_key_expires.abs_value_us))
972 { 971 {
973 GNUNET_STATISTICS_update (GSC_stats, 972 GNUNET_STATISTICS_update(GSC_stats,
974 gettext_noop ("# old ephemeral keys ignored"), 973 gettext_noop("# old ephemeral keys ignored"),
975 1, 974 1,
976 GNUNET_NO); 975 GNUNET_NO);
977 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 976 GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
978 "Received expired EPHEMERAL_KEY from %s\n", 977 "Received expired EPHEMERAL_KEY from %s\n",
979 GNUNET_i2s (&m->origin_identity)); 978 GNUNET_i2s(&m->origin_identity));
980 return; 979 return;
981 } 980 }
982 if (0 == memcmp (&m->ephemeral_key, 981 if (0 == memcmp(&m->ephemeral_key,
983 &kx->other_ephemeral_key, 982 &kx->other_ephemeral_key,
984 sizeof (m->ephemeral_key))) 983 sizeof(m->ephemeral_key)))
985 { 984 {
986 GNUNET_STATISTICS_update (GSC_stats, 985 GNUNET_STATISTICS_update(GSC_stats,
987 gettext_noop ( 986 gettext_noop(
988 "# duplicate ephemeral keys ignored"), 987 "# duplicate ephemeral keys ignored"),
989 1, 988 1,
990 GNUNET_NO); 989 GNUNET_NO);
991 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 990 GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
992 "Ignoring duplicate EPHEMERAL_KEY from %s\n", 991 "Ignoring duplicate EPHEMERAL_KEY from %s\n",
993 GNUNET_i2s (&m->origin_identity)); 992 GNUNET_i2s(&m->origin_identity));
994 return; 993 return;
995 } 994 }
996 if (0 != memcmp (&m->origin_identity, 995 if (0 != memcmp(&m->origin_identity,
997 kx->peer, 996 kx->peer,
998 sizeof (struct GNUNET_PeerIdentity))) 997 sizeof(struct GNUNET_PeerIdentity)))
999 { 998 {
1000 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 999 GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
1001 "Received EPHEMERAL_KEY from %s, but expected %s\n", 1000 "Received EPHEMERAL_KEY from %s, but expected %s\n",
1002 GNUNET_i2s (&m->origin_identity), 1001 GNUNET_i2s(&m->origin_identity),
1003 GNUNET_i2s_full (kx->peer)); 1002 GNUNET_i2s_full(kx->peer));
1004 GNUNET_break_op (0); 1003 GNUNET_break_op(0);
1005 return; 1004 return;
1006 } 1005 }
1007 if ((ntohl (m->purpose.size) != 1006 if ((ntohl(m->purpose.size) !=
1008 sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + 1007 sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) +
1009 sizeof (struct GNUNET_TIME_AbsoluteNBO) + 1008 sizeof(struct GNUNET_TIME_AbsoluteNBO) +
1010 sizeof (struct GNUNET_TIME_AbsoluteNBO) + 1009 sizeof(struct GNUNET_TIME_AbsoluteNBO) +
1011 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey) + 1010 sizeof(struct GNUNET_CRYPTO_EddsaPublicKey) +
1012 sizeof (struct GNUNET_CRYPTO_EddsaPublicKey)) || 1011 sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)) ||
1013 (GNUNET_OK != 1012 (GNUNET_OK !=
1014 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY, 1013 GNUNET_CRYPTO_eddsa_verify(GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY,
1015 &m->purpose, 1014 &m->purpose,
1016 &m->signature, 1015 &m->signature,
1017 &m->origin_identity.public_key))) 1016 &m->origin_identity.public_key)))
1018 { 1017 {
1019 /* invalid signature */ 1018 /* invalid signature */
1020 GNUNET_break_op (0); 1019 GNUNET_break_op(0);
1021 GNUNET_STATISTICS_update (GSC_stats, 1020 GNUNET_STATISTICS_update(GSC_stats,
1022 gettext_noop ( 1021 gettext_noop(
1023 "# EPHEMERAL_KEYs rejected (bad signature)"), 1022 "# EPHEMERAL_KEYs rejected (bad signature)"),
1024 1, 1023 1,
1025 GNUNET_NO); 1024 GNUNET_NO);
1026 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1025 GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
1027 "Received EPHEMERAL_KEY from %s with bad signature\n", 1026 "Received EPHEMERAL_KEY from %s with bad signature\n",
1028 GNUNET_i2s (&m->origin_identity)); 1027 GNUNET_i2s(&m->origin_identity));
1029 return; 1028 return;
1030 } 1029 }
1031 now = GNUNET_TIME_absolute_get (); 1030 now = GNUNET_TIME_absolute_get();
1032 start_t = GNUNET_TIME_absolute_ntoh (m->creation_time); 1031 start_t = GNUNET_TIME_absolute_ntoh(m->creation_time);
1033 if ((end_t.abs_value_us < 1032 if ((end_t.abs_value_us <
1034 GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value_us) || 1033 GNUNET_TIME_absolute_subtract(now, REKEY_TOLERANCE).abs_value_us) ||
1035 (start_t.abs_value_us > 1034 (start_t.abs_value_us >
1036 GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us)) 1035 GNUNET_TIME_absolute_add(now, REKEY_TOLERANCE).abs_value_us))
1037 { 1036 {
1038 GNUNET_log ( 1037 GNUNET_log(
1039 GNUNET_ERROR_TYPE_WARNING, 1038 GNUNET_ERROR_TYPE_WARNING,
1040 _ ( 1039 _(
1041 "EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"), 1040 "EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
1042 GNUNET_i2s (kx->peer), 1041 GNUNET_i2s(kx->peer),
1043 (unsigned long long) now.abs_value_us, 1042 (unsigned long long)now.abs_value_us,
1044 (unsigned long long) start_t.abs_value_us, 1043 (unsigned long long)start_t.abs_value_us,
1045 (unsigned long long) end_t.abs_value_us); 1044 (unsigned long long)end_t.abs_value_us);
1046 GNUNET_STATISTICS_update (GSC_stats, 1045 GNUNET_STATISTICS_update(GSC_stats,
1047 gettext_noop ( 1046 gettext_noop(
1048 "# EPHEMERAL_KEY messages rejected due to time"), 1047 "# EPHEMERAL_KEY messages rejected due to time"),
1049 1, 1048 1,
1050 GNUNET_NO); 1049 GNUNET_NO);
1051 return; 1050 return;
1052 } 1051 }
1053#if DEBUG_KX 1052#if DEBUG_KX
1054 { 1053 {
1055 struct GNUNET_HashCode eh; 1054 struct GNUNET_HashCode eh;
1056 1055
1057 GNUNET_CRYPTO_hash (&m->ephemeral_key, sizeof (m->ephemeral_key), &eh); 1056 GNUNET_CRYPTO_hash(&m->ephemeral_key, sizeof(m->ephemeral_key), &eh);
1058 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1057 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1059 "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n", 1058 "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n",
1060 GNUNET_h2s (&eh), 1059 GNUNET_h2s(&eh),
1061 GNUNET_i2s (kx->peer), 1060 GNUNET_i2s(kx->peer),
1062 kx->status); 1061 kx->status);
1063 } 1062 }
1064#endif 1063#endif
1065 GNUNET_STATISTICS_update (GSC_stats, 1064 GNUNET_STATISTICS_update(GSC_stats,
1066 gettext_noop ("# valid ephemeral keys received"), 1065 gettext_noop("# valid ephemeral keys received"),
1067 1, 1066 1,
1068 GNUNET_NO); 1067 GNUNET_NO);
1069 kx->other_ephemeral_key = m->ephemeral_key; 1068 kx->other_ephemeral_key = m->ephemeral_key;
1070 kx->foreign_key_expires = end_t; 1069 kx->foreign_key_expires = end_t;
1071 derive_session_keys (kx); 1070 derive_session_keys(kx);
1072 1071
1073 /* check if we still need to send the sender our key */ 1072 /* check if we still need to send the sender our key */
1074 sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status); 1073 sender_status = (enum GNUNET_CORE_KxState)ntohl(m->sender_status);
1075 switch (sender_status) 1074 switch (sender_status)
1076 { 1075 {
1077 case GNUNET_CORE_KX_STATE_DOWN: 1076 case GNUNET_CORE_KX_STATE_DOWN:
1078 GNUNET_break_op (0); 1077 GNUNET_break_op(0);
1079 break; 1078 break;
1080 case GNUNET_CORE_KX_STATE_KEY_SENT: 1079
1081 /* fine, need to send our key after updating our status, see below */ 1080 case GNUNET_CORE_KX_STATE_KEY_SENT:
1082 GSC_SESSIONS_reinit (kx->peer); 1081 /* fine, need to send our key after updating our status, see below */
1083 break; 1082 GSC_SESSIONS_reinit(kx->peer);
1084 case GNUNET_CORE_KX_STATE_KEY_RECEIVED: 1083 break;
1085 /* other peer already got our key, but typemap did go down */ 1084
1086 GSC_SESSIONS_reinit (kx->peer); 1085 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1087 break; 1086 /* other peer already got our key, but typemap did go down */
1088 case GNUNET_CORE_KX_STATE_UP: 1087 GSC_SESSIONS_reinit(kx->peer);
1089 /* other peer already got our key, typemap NOT down */ 1088 break;
1090 break; 1089
1091 case GNUNET_CORE_KX_STATE_REKEY_SENT: 1090 case GNUNET_CORE_KX_STATE_UP:
1092 /* other peer already got our key, typemap NOT down */ 1091 /* other peer already got our key, typemap NOT down */
1093 break; 1092 break;
1094 default: 1093
1095 GNUNET_break (0); 1094 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1096 break; 1095 /* other peer already got our key, typemap NOT down */
1097 } 1096 break;
1097
1098 default:
1099 GNUNET_break(0);
1100 break;
1101 }
1098 /* check if we need to confirm everything is fine via PING + PONG */ 1102 /* check if we need to confirm everything is fine via PING + PONG */
1099 switch (kx->status) 1103 switch (kx->status)
1100 { 1104 {
1101 case GNUNET_CORE_KX_STATE_DOWN: 1105 case GNUNET_CORE_KX_STATE_DOWN:
1102 GNUNET_assert (NULL == kx->keep_alive_task); 1106 GNUNET_assert(NULL == kx->keep_alive_task);
1103 kx->status = GNUNET_CORE_KX_STATE_KEY_RECEIVED; 1107 kx->status = GNUNET_CORE_KX_STATE_KEY_RECEIVED;
1104 monitor_notify_all (kx); 1108 monitor_notify_all(kx);
1105 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status) 1109 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1106 send_key (kx); 1110 send_key(kx);
1107 else 1111 else
1108 send_ping (kx); 1112 send_ping(kx);
1109 break; 1113 break;
1110 case GNUNET_CORE_KX_STATE_KEY_SENT: 1114
1111 GNUNET_assert (NULL == kx->keep_alive_task); 1115 case GNUNET_CORE_KX_STATE_KEY_SENT:
1112 kx->status = GNUNET_CORE_KX_STATE_KEY_RECEIVED; 1116 GNUNET_assert(NULL == kx->keep_alive_task);
1113 monitor_notify_all (kx); 1117 kx->status = GNUNET_CORE_KX_STATE_KEY_RECEIVED;
1114 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status) 1118 monitor_notify_all(kx);
1115 send_key (kx); 1119 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1116 else 1120 send_key(kx);
1117 send_ping (kx); 1121 else
1118 break; 1122 send_ping(kx);
1119 case GNUNET_CORE_KX_STATE_KEY_RECEIVED: 1123 break;
1120 GNUNET_assert (NULL == kx->keep_alive_task); 1124
1121 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status) 1125 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1122 send_key (kx); 1126 GNUNET_assert(NULL == kx->keep_alive_task);
1123 else 1127 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1124 send_ping (kx); 1128 send_key(kx);
1125 break; 1129 else
1126 case GNUNET_CORE_KX_STATE_UP: 1130 send_ping(kx);
1127 kx->status = GNUNET_CORE_KX_STATE_REKEY_SENT; 1131 break;
1128 monitor_notify_all (kx); 1132
1129 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status) 1133 case GNUNET_CORE_KX_STATE_UP:
1130 send_key (kx); 1134 kx->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
1131 else 1135 monitor_notify_all(kx);
1132 send_ping (kx); 1136 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1133 break; 1137 send_key(kx);
1134 case GNUNET_CORE_KX_STATE_REKEY_SENT: 1138 else
1135 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status) 1139 send_ping(kx);
1136 send_key (kx); 1140 break;
1137 else 1141
1138 send_ping (kx); 1142 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1139 break; 1143 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1140 default: 1144 send_key(kx);
1141 GNUNET_break (0); 1145 else
1142 break; 1146 send_ping(kx);
1143 } 1147 break;
1148
1149 default:
1150 GNUNET_break(0);
1151 break;
1152 }
1144} 1153}
1145 1154
1146 1155
@@ -1152,7 +1161,7 @@ handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m)
1152 * @param m the encrypted PING message itself 1161 * @param m the encrypted PING message itself
1153 */ 1162 */
1154static void 1163static void
1155handle_ping (void *cls, const struct PingMessage *m) 1164handle_ping(void *cls, const struct PingMessage *m)
1156{ 1165{
1157 struct GSC_KeyExchangeInfo *kx = cls; 1166 struct GSC_KeyExchangeInfo *kx = cls;
1158 struct PingMessage t; 1167 struct PingMessage t;
@@ -1161,70 +1170,70 @@ handle_ping (void *cls, const struct PingMessage *m)
1161 struct GNUNET_MQ_Envelope *env; 1170 struct GNUNET_MQ_Envelope *env;
1162 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 1171 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1163 1172
1164 GNUNET_STATISTICS_update (GSC_stats, 1173 GNUNET_STATISTICS_update(GSC_stats,
1165 gettext_noop ("# PING messages received"), 1174 gettext_noop("# PING messages received"),
1166 1, 1175 1,
1167 GNUNET_NO); 1176 GNUNET_NO);
1168 if ((kx->status != GNUNET_CORE_KX_STATE_KEY_RECEIVED) && 1177 if ((kx->status != GNUNET_CORE_KX_STATE_KEY_RECEIVED) &&
1169 (kx->status != GNUNET_CORE_KX_STATE_UP) && 1178 (kx->status != GNUNET_CORE_KX_STATE_UP) &&
1170 (kx->status != GNUNET_CORE_KX_STATE_REKEY_SENT)) 1179 (kx->status != GNUNET_CORE_KX_STATE_REKEY_SENT))
1171 { 1180 {
1172 /* ignore */ 1181 /* ignore */
1173 GNUNET_STATISTICS_update (GSC_stats, 1182 GNUNET_STATISTICS_update(GSC_stats,
1174 gettext_noop ( 1183 gettext_noop(
1175 "# PING messages dropped (out of order)"), 1184 "# PING messages dropped (out of order)"),
1176 1, 1185 1,
1177 GNUNET_NO); 1186 GNUNET_NO);
1178 return; 1187 return;
1179 } 1188 }
1180 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1189 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1181 "Core service receives PING request from `%s'.\n", 1190 "Core service receives PING request from `%s'.\n",
1182 GNUNET_i2s (kx->peer)); 1191 GNUNET_i2s(kx->peer));
1183 derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity); 1192 derive_iv(&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1184 if (GNUNET_OK != do_decrypt (kx, 1193 if (GNUNET_OK != do_decrypt(kx,
1185 &iv, 1194 &iv,
1186 &m->target, 1195 &m->target,
1187 &t.target, 1196 &t.target,
1188 sizeof (struct PingMessage) - 1197 sizeof(struct PingMessage) -
1189 ((void *) &m->target - (void *) m))) 1198 ((void *)&m->target - (void *)m)))
1190 { 1199 {
1191 GNUNET_break_op (0); 1200 GNUNET_break_op(0);
1192 return; 1201 return;
1193 } 1202 }
1194 if (0 != 1203 if (0 !=
1195 memcmp (&t.target, &GSC_my_identity, sizeof (struct GNUNET_PeerIdentity))) 1204 memcmp(&t.target, &GSC_my_identity, sizeof(struct GNUNET_PeerIdentity)))
1196 { 1205 {
1197 if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status) 1206 if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status)
1198 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1207 GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
1199 "Decryption of PING from peer `%s' failed, PING for `%s'?\n", 1208 "Decryption of PING from peer `%s' failed, PING for `%s'?\n",
1200 GNUNET_i2s (kx->peer), 1209 GNUNET_i2s(kx->peer),
1201 GNUNET_i2s2 (&t.target)); 1210 GNUNET_i2s2(&t.target));
1202 else 1211 else
1203 GNUNET_log ( 1212 GNUNET_log(
1204 GNUNET_ERROR_TYPE_DEBUG, 1213 GNUNET_ERROR_TYPE_DEBUG,
1205 "Decryption of PING from peer `%s' failed after rekey (harmless)\n", 1214 "Decryption of PING from peer `%s' failed after rekey (harmless)\n",
1206 GNUNET_i2s (kx->peer)); 1215 GNUNET_i2s(kx->peer));
1207 GNUNET_break_op (0); 1216 GNUNET_break_op(0);
1208 return; 1217 return;
1209 } 1218 }
1210 /* construct PONG */ 1219 /* construct PONG */
1211 tx.reserved = 0; 1220 tx.reserved = 0;
1212 tx.challenge = t.challenge; 1221 tx.challenge = t.challenge;
1213 tx.target = t.target; 1222 tx.target = t.target;
1214 env = GNUNET_MQ_msg (tp, GNUNET_MESSAGE_TYPE_CORE_PONG); 1223 env = GNUNET_MQ_msg(tp, GNUNET_MESSAGE_TYPE_CORE_PONG);
1215 tp->iv_seed = calculate_seed (kx); 1224 tp->iv_seed = calculate_seed(kx);
1216 derive_pong_iv (&iv, &kx->encrypt_key, tp->iv_seed, t.challenge, kx->peer); 1225 derive_pong_iv(&iv, &kx->encrypt_key, tp->iv_seed, t.challenge, kx->peer);
1217 do_encrypt (kx, 1226 do_encrypt(kx,
1218 &iv, 1227 &iv,
1219 &tx.challenge, 1228 &tx.challenge,
1220 &tp->challenge, 1229 &tp->challenge,
1221 sizeof (struct PongMessage) - 1230 sizeof(struct PongMessage) -
1222 ((void *) &tp->challenge - (void *) tp)); 1231 ((void *)&tp->challenge - (void *)tp));
1223 GNUNET_STATISTICS_update (GSC_stats, 1232 GNUNET_STATISTICS_update(GSC_stats,
1224 gettext_noop ("# PONG messages created"), 1233 gettext_noop("# PONG messages created"),
1225 1, 1234 1,
1226 GNUNET_NO); 1235 GNUNET_NO);
1227 GNUNET_MQ_send (kx->mq, env); 1236 GNUNET_MQ_send(kx->mq, env);
1228} 1237}
1229 1238
1230 1239
@@ -1235,39 +1244,39 @@ handle_ping (void *cls, const struct PingMessage *m)
1235 * @param cls the `struct GSC_KeyExchangeInfo` 1244 * @param cls the `struct GSC_KeyExchangeInfo`
1236 */ 1245 */
1237static void 1246static void
1238send_keep_alive (void *cls) 1247send_keep_alive(void *cls)
1239{ 1248{
1240 struct GSC_KeyExchangeInfo *kx = cls; 1249 struct GSC_KeyExchangeInfo *kx = cls;
1241 struct GNUNET_TIME_Relative retry; 1250 struct GNUNET_TIME_Relative retry;
1242 struct GNUNET_TIME_Relative left; 1251 struct GNUNET_TIME_Relative left;
1243 1252
1244 kx->keep_alive_task = NULL; 1253 kx->keep_alive_task = NULL;
1245 left = GNUNET_TIME_absolute_get_remaining (kx->timeout); 1254 left = GNUNET_TIME_absolute_get_remaining(kx->timeout);
1246 if (0 == left.rel_value_us) 1255 if (0 == left.rel_value_us)
1247 { 1256 {
1248 GNUNET_STATISTICS_update (GSC_stats, 1257 GNUNET_STATISTICS_update(GSC_stats,
1249 gettext_noop ("# sessions terminated by timeout"), 1258 gettext_noop("# sessions terminated by timeout"),
1250 1, 1259 1,
1251 GNUNET_NO); 1260 GNUNET_NO);
1252 GSC_SESSIONS_end (kx->peer); 1261 GSC_SESSIONS_end(kx->peer);
1253 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT; 1262 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1254 monitor_notify_all (kx); 1263 monitor_notify_all(kx);
1255 send_key (kx); 1264 send_key(kx);
1256 return; 1265 return;
1257 } 1266 }
1258 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1267 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1259 "Sending KEEPALIVE to `%s'\n", 1268 "Sending KEEPALIVE to `%s'\n",
1260 GNUNET_i2s (kx->peer)); 1269 GNUNET_i2s(kx->peer));
1261 GNUNET_STATISTICS_update (GSC_stats, 1270 GNUNET_STATISTICS_update(GSC_stats,
1262 gettext_noop ("# keepalive messages sent"), 1271 gettext_noop("# keepalive messages sent"),
1263 1, 1272 1,
1264 GNUNET_NO); 1273 GNUNET_NO);
1265 setup_fresh_ping (kx); 1274 setup_fresh_ping(kx);
1266 send_ping (kx); 1275 send_ping(kx);
1267 retry = GNUNET_TIME_relative_max (GNUNET_TIME_relative_divide (left, 2), 1276 retry = GNUNET_TIME_relative_max(GNUNET_TIME_relative_divide(left, 2),
1268 MIN_PING_FREQUENCY); 1277 MIN_PING_FREQUENCY);
1269 kx->keep_alive_task = 1278 kx->keep_alive_task =
1270 GNUNET_SCHEDULER_add_delayed (retry, &send_keep_alive, kx); 1279 GNUNET_SCHEDULER_add_delayed(retry, &send_keep_alive, kx);
1271} 1280}
1272 1281
1273 1282
@@ -1279,24 +1288,24 @@ send_keep_alive (void *cls)
1279 * @param kx key exchange where we saw activity 1288 * @param kx key exchange where we saw activity
1280 */ 1289 */
1281static void 1290static void
1282update_timeout (struct GSC_KeyExchangeInfo *kx) 1291update_timeout(struct GSC_KeyExchangeInfo *kx)
1283{ 1292{
1284 struct GNUNET_TIME_Relative delta; 1293 struct GNUNET_TIME_Relative delta;
1285 1294
1286 kx->timeout = 1295 kx->timeout =
1287 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); 1296 GNUNET_TIME_relative_to_absolute(GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1288 delta = 1297 delta =
1289 GNUNET_TIME_absolute_get_difference (kx->last_notify_timeout, kx->timeout); 1298 GNUNET_TIME_absolute_get_difference(kx->last_notify_timeout, kx->timeout);
1290 if (delta.rel_value_us > 5LL * 1000LL * 1000LL) 1299 if (delta.rel_value_us > 5LL * 1000LL * 1000LL)
1291 { 1300 {
1292 /* we only notify monitors about timeout changes if those 1301 /* we only notify monitors about timeout changes if those
1293 are bigger than the threshold (5s) */ 1302 are bigger than the threshold (5s) */
1294 monitor_notify_all (kx); 1303 monitor_notify_all(kx);
1295 } 1304 }
1296 if (NULL != kx->keep_alive_task) 1305 if (NULL != kx->keep_alive_task)
1297 GNUNET_SCHEDULER_cancel (kx->keep_alive_task); 1306 GNUNET_SCHEDULER_cancel(kx->keep_alive_task);
1298 kx->keep_alive_task = GNUNET_SCHEDULER_add_delayed ( 1307 kx->keep_alive_task = GNUNET_SCHEDULER_add_delayed(
1299 GNUNET_TIME_relative_divide (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, 2), 1308 GNUNET_TIME_relative_divide(GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, 2),
1300 &send_keep_alive, 1309 &send_keep_alive,
1301 kx); 1310 kx);
1302} 1311}
@@ -1309,131 +1318,141 @@ update_timeout (struct GSC_KeyExchangeInfo *kx)
1309 * @param m the encrypted PONG message itself 1318 * @param m the encrypted PONG message itself
1310 */ 1319 */
1311static void 1320static void
1312handle_pong (void *cls, const struct PongMessage *m) 1321handle_pong(void *cls, const struct PongMessage *m)
1313{ 1322{
1314 struct GSC_KeyExchangeInfo *kx = cls; 1323 struct GSC_KeyExchangeInfo *kx = cls;
1315 struct PongMessage t; 1324 struct PongMessage t;
1316 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 1325 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1317 1326
1318 GNUNET_STATISTICS_update (GSC_stats, 1327 GNUNET_STATISTICS_update(GSC_stats,
1319 gettext_noop ("# PONG messages received"), 1328 gettext_noop("# PONG messages received"),
1320 1, 1329 1,
1321 GNUNET_NO); 1330 GNUNET_NO);
1322 switch (kx->status) 1331 switch (kx->status)
1323 { 1332 {
1324 case GNUNET_CORE_KX_STATE_DOWN: 1333 case GNUNET_CORE_KX_STATE_DOWN:
1325 GNUNET_STATISTICS_update (GSC_stats, 1334 GNUNET_STATISTICS_update(GSC_stats,
1326 gettext_noop ( 1335 gettext_noop(
1327 "# PONG messages dropped (connection down)"), 1336 "# PONG messages dropped (connection down)"),
1328 1, 1337 1,
1329 GNUNET_NO); 1338 GNUNET_NO);
1330 return; 1339 return;
1331 case GNUNET_CORE_KX_STATE_KEY_SENT: 1340
1332 GNUNET_STATISTICS_update (GSC_stats, 1341 case GNUNET_CORE_KX_STATE_KEY_SENT:
1333 gettext_noop ( 1342 GNUNET_STATISTICS_update(GSC_stats,
1334 "# PONG messages dropped (out of order)"), 1343 gettext_noop(
1335 1, 1344 "# PONG messages dropped (out of order)"),
1336 GNUNET_NO); 1345 1,
1337 return; 1346 GNUNET_NO);
1338 case GNUNET_CORE_KX_STATE_KEY_RECEIVED: 1347 return;
1339 break; 1348
1340 case GNUNET_CORE_KX_STATE_UP: 1349 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1341 break; 1350 break;
1342 case GNUNET_CORE_KX_STATE_REKEY_SENT: 1351
1343 break; 1352 case GNUNET_CORE_KX_STATE_UP:
1344 default: 1353 break;
1345 GNUNET_break (0); 1354
1346 return; 1355 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1347 } 1356 break;
1348 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1357
1349 "Core service receives PONG response from `%s'.\n", 1358 default:
1350 GNUNET_i2s (kx->peer)); 1359 GNUNET_break(0);
1360 return;
1361 }
1362 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1363 "Core service receives PONG response from `%s'.\n",
1364 GNUNET_i2s(kx->peer));
1351 /* mark as garbage, just to be sure */ 1365 /* mark as garbage, just to be sure */
1352 memset (&t, 255, sizeof (t)); 1366 memset(&t, 255, sizeof(t));
1353 derive_pong_iv (&iv, 1367 derive_pong_iv(&iv,
1354 &kx->decrypt_key, 1368 &kx->decrypt_key,
1355 m->iv_seed, 1369 m->iv_seed,
1356 kx->ping_challenge, 1370 kx->ping_challenge,
1357 &GSC_my_identity); 1371 &GSC_my_identity);
1358 if (GNUNET_OK != do_decrypt (kx, 1372 if (GNUNET_OK != do_decrypt(kx,
1359 &iv, 1373 &iv,
1360 &m->challenge, 1374 &m->challenge,
1361 &t.challenge, 1375 &t.challenge,
1362 sizeof (struct PongMessage) - 1376 sizeof(struct PongMessage) -
1363 ((void *) &m->challenge - (void *) m))) 1377 ((void *)&m->challenge - (void *)m)))
1364 { 1378 {
1365 GNUNET_break_op (0); 1379 GNUNET_break_op(0);
1366 return; 1380 return;
1367 } 1381 }
1368 GNUNET_STATISTICS_update (GSC_stats, 1382 GNUNET_STATISTICS_update(GSC_stats,
1369 gettext_noop ("# PONG messages decrypted"), 1383 gettext_noop("# PONG messages decrypted"),
1370 1, 1384 1,
1371 GNUNET_NO); 1385 GNUNET_NO);
1372 if ((0 != 1386 if ((0 !=
1373 memcmp (&t.target, kx->peer, sizeof (struct GNUNET_PeerIdentity))) || 1387 memcmp(&t.target, kx->peer, sizeof(struct GNUNET_PeerIdentity))) ||
1374 (kx->ping_challenge != t.challenge)) 1388 (kx->ping_challenge != t.challenge))
1375 { 1389 {
1376 /* PONG malformed */ 1390 /* PONG malformed */
1377 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1391 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1378 "Received malformed PONG wanted sender `%s' with challenge %u\n", 1392 "Received malformed PONG wanted sender `%s' with challenge %u\n",
1379 GNUNET_i2s (kx->peer), 1393 GNUNET_i2s(kx->peer),
1380 (unsigned int) kx->ping_challenge); 1394 (unsigned int)kx->ping_challenge);
1381 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1395 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1382 "Received malformed PONG received from `%s' with challenge %u\n", 1396 "Received malformed PONG received from `%s' with challenge %u\n",
1383 GNUNET_i2s (&t.target), 1397 GNUNET_i2s(&t.target),
1384 (unsigned int) t.challenge); 1398 (unsigned int)t.challenge);
1385 return; 1399 return;
1386 } 1400 }
1387 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1401 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1388 "Received valid PONG from `%s'\n", 1402 "Received valid PONG from `%s'\n",
1389 GNUNET_i2s (kx->peer)); 1403 GNUNET_i2s(kx->peer));
1390 /* no need to resend key any longer */ 1404 /* no need to resend key any longer */
1391 if (NULL != kx->retry_set_key_task) 1405 if (NULL != kx->retry_set_key_task)
1392 { 1406 {
1393 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task); 1407 GNUNET_SCHEDULER_cancel(kx->retry_set_key_task);
1394 kx->retry_set_key_task = NULL; 1408 kx->retry_set_key_task = NULL;
1395 } 1409 }
1396 switch (kx->status) 1410 switch (kx->status)
1397 { 1411 {
1398 case GNUNET_CORE_KX_STATE_DOWN: 1412 case GNUNET_CORE_KX_STATE_DOWN:
1399 GNUNET_assert (0); /* should be impossible */ 1413 GNUNET_assert(0); /* should be impossible */
1400 return; 1414 return;
1401 case GNUNET_CORE_KX_STATE_KEY_SENT: 1415
1402 GNUNET_assert (0); /* should be impossible */ 1416 case GNUNET_CORE_KX_STATE_KEY_SENT:
1403 return; 1417 GNUNET_assert(0); /* should be impossible */
1404 case GNUNET_CORE_KX_STATE_KEY_RECEIVED: 1418 return;
1405 GNUNET_STATISTICS_update (GSC_stats, 1419
1406 gettext_noop ( 1420 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1407 "# session keys confirmed via PONG"), 1421 GNUNET_STATISTICS_update(GSC_stats,
1408 1, 1422 gettext_noop(
1409 GNUNET_NO); 1423 "# session keys confirmed via PONG"),
1410 kx->status = GNUNET_CORE_KX_STATE_UP; 1424 1,
1411 monitor_notify_all (kx); 1425 GNUNET_NO);
1412 GSC_SESSIONS_create (kx->peer, kx); 1426 kx->status = GNUNET_CORE_KX_STATE_UP;
1413 GNUNET_assert (NULL == kx->keep_alive_task); 1427 monitor_notify_all(kx);
1414 update_timeout (kx); 1428 GSC_SESSIONS_create(kx->peer, kx);
1415 break; 1429 GNUNET_assert(NULL == kx->keep_alive_task);
1416 case GNUNET_CORE_KX_STATE_UP: 1430 update_timeout(kx);
1417 GNUNET_STATISTICS_update (GSC_stats, 1431 break;
1418 gettext_noop ("# timeouts prevented via PONG"), 1432
1419 1, 1433 case GNUNET_CORE_KX_STATE_UP:
1420 GNUNET_NO); 1434 GNUNET_STATISTICS_update(GSC_stats,
1421 update_timeout (kx); 1435 gettext_noop("# timeouts prevented via PONG"),
1422 break; 1436 1,
1423 case GNUNET_CORE_KX_STATE_REKEY_SENT: 1437 GNUNET_NO);
1424 GNUNET_STATISTICS_update (GSC_stats, 1438 update_timeout(kx);
1425 gettext_noop ( 1439 break;
1426 "# rekey operations confirmed via PONG"), 1440
1427 1, 1441 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1428 GNUNET_NO); 1442 GNUNET_STATISTICS_update(GSC_stats,
1429 kx->status = GNUNET_CORE_KX_STATE_UP; 1443 gettext_noop(
1430 monitor_notify_all (kx); 1444 "# rekey operations confirmed via PONG"),
1431 update_timeout (kx); 1445 1,
1432 break; 1446 GNUNET_NO);
1433 default: 1447 kx->status = GNUNET_CORE_KX_STATE_UP;
1434 GNUNET_break (0); 1448 monitor_notify_all(kx);
1435 break; 1449 update_timeout(kx);
1436 } 1450 break;
1451
1452 default:
1453 GNUNET_break(0);
1454 break;
1455 }
1437} 1456}
1438 1457
1439 1458
@@ -1443,40 +1462,40 @@ handle_pong (void *cls, const struct PongMessage *m)
1443 * @param kx key exchange context 1462 * @param kx key exchange context
1444 */ 1463 */
1445static void 1464static void
1446send_key (struct GSC_KeyExchangeInfo *kx) 1465send_key(struct GSC_KeyExchangeInfo *kx)
1447{ 1466{
1448 struct GNUNET_MQ_Envelope *env; 1467 struct GNUNET_MQ_Envelope *env;
1449 1468
1450 GNUNET_assert (GNUNET_CORE_KX_STATE_DOWN != kx->status); 1469 GNUNET_assert(GNUNET_CORE_KX_STATE_DOWN != kx->status);
1451 if (NULL != kx->retry_set_key_task) 1470 if (NULL != kx->retry_set_key_task)
1452 { 1471 {
1453 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task); 1472 GNUNET_SCHEDULER_cancel(kx->retry_set_key_task);
1454 kx->retry_set_key_task = NULL; 1473 kx->retry_set_key_task = NULL;
1455 } 1474 }
1456 /* always update sender status in SET KEY message */ 1475 /* always update sender status in SET KEY message */
1457#if DEBUG_KX 1476#if DEBUG_KX
1458 { 1477 {
1459 struct GNUNET_HashCode hc; 1478 struct GNUNET_HashCode hc;
1460 1479
1461 GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key, 1480 GNUNET_CRYPTO_hash(&current_ekm.ephemeral_key,
1462 sizeof (current_ekm.ephemeral_key), 1481 sizeof(current_ekm.ephemeral_key),
1463 &hc); 1482 &hc);
1464 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1483 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1465 "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n", 1484 "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n",
1466 GNUNET_h2s (&hc), 1485 GNUNET_h2s(&hc),
1467 GNUNET_i2s (kx->peer), 1486 GNUNET_i2s(kx->peer),
1468 kx->status); 1487 kx->status);
1469 } 1488 }
1470#endif 1489#endif
1471 current_ekm.sender_status = htonl ((int32_t) (kx->status)); 1490 current_ekm.sender_status = htonl((int32_t)(kx->status));
1472 env = GNUNET_MQ_msg_copy (&current_ekm.header); 1491 env = GNUNET_MQ_msg_copy(&current_ekm.header);
1473 GNUNET_MQ_send (kx->mq, env); 1492 GNUNET_MQ_send(kx->mq, env);
1474 if (GNUNET_CORE_KX_STATE_KEY_SENT != kx->status) 1493 if (GNUNET_CORE_KX_STATE_KEY_SENT != kx->status)
1475 send_ping (kx); 1494 send_ping(kx);
1476 kx->retry_set_key_task = 1495 kx->retry_set_key_task =
1477 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency, 1496 GNUNET_SCHEDULER_add_delayed(kx->set_key_retry_frequency,
1478 &set_key_retry_task, 1497 &set_key_retry_task,
1479 kx); 1498 kx);
1480} 1499}
1481 1500
1482 1501
@@ -1488,11 +1507,11 @@ send_key (struct GSC_KeyExchangeInfo *kx)
1488 * @param payload_size number of bytes in @a payload 1507 * @param payload_size number of bytes in @a payload
1489 */ 1508 */
1490void 1509void
1491GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, 1510GSC_KX_encrypt_and_transmit(struct GSC_KeyExchangeInfo *kx,
1492 const void *payload, 1511 const void *payload,
1493 size_t payload_size) 1512 size_t payload_size)
1494{ 1513{
1495 size_t used = payload_size + sizeof (struct EncryptedMessage); 1514 size_t used = payload_size + sizeof(struct EncryptedMessage);
1496 char pbuf[used]; /* plaintext */ 1515 char pbuf[used]; /* plaintext */
1497 struct EncryptedMessage *em; /* encrypted message */ 1516 struct EncryptedMessage *em; /* encrypted message */
1498 struct EncryptedMessage *ph; /* plaintext header */ 1517 struct EncryptedMessage *ph; /* plaintext header */
@@ -1500,55 +1519,55 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx,
1500 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 1519 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1501 struct GNUNET_CRYPTO_AuthKey auth_key; 1520 struct GNUNET_CRYPTO_AuthKey auth_key;
1502 1521
1503 ph = (struct EncryptedMessage *) pbuf; 1522 ph = (struct EncryptedMessage *)pbuf;
1504 ph->sequence_number = htonl (++kx->last_sequence_number_sent); 1523 ph->sequence_number = htonl(++kx->last_sequence_number_sent);
1505 ph->iv_seed = calculate_seed (kx); 1524 ph->iv_seed = calculate_seed(kx);
1506 ph->reserved = 0; 1525 ph->reserved = 0;
1507 ph->timestamp = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); 1526 ph->timestamp = GNUNET_TIME_absolute_hton(GNUNET_TIME_absolute_get());
1508 GNUNET_memcpy (&ph[1], payload, payload_size); 1527 GNUNET_memcpy(&ph[1], payload, payload_size);
1509 env = GNUNET_MQ_msg_extra (em, 1528 env = GNUNET_MQ_msg_extra(em,
1510 payload_size, 1529 payload_size,
1511 GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE); 1530 GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE);
1512 em->iv_seed = ph->iv_seed; 1531 em->iv_seed = ph->iv_seed;
1513 derive_iv (&iv, &kx->encrypt_key, ph->iv_seed, kx->peer); 1532 derive_iv(&iv, &kx->encrypt_key, ph->iv_seed, kx->peer);
1514 GNUNET_assert (GNUNET_OK == do_encrypt (kx, 1533 GNUNET_assert(GNUNET_OK == do_encrypt(kx,
1515 &iv, 1534 &iv,
1516 &ph->sequence_number, 1535 &ph->sequence_number,
1517 &em->sequence_number, 1536 &em->sequence_number,
1518 used - ENCRYPTED_HEADER_SIZE)); 1537 used - ENCRYPTED_HEADER_SIZE));
1519#if DEBUG_KX 1538#if DEBUG_KX
1520 { 1539 {
1521 struct GNUNET_HashCode hc; 1540 struct GNUNET_HashCode hc;
1522 1541
1523 GNUNET_CRYPTO_hash (&ph->sequence_number, 1542 GNUNET_CRYPTO_hash(&ph->sequence_number,
1524 used - ENCRYPTED_HEADER_SIZE, 1543 used - ENCRYPTED_HEADER_SIZE,
1525 &hc); 1544 &hc);
1526 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1545 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1527 "Encrypted payload `%s' of %u bytes for %s\n", 1546 "Encrypted payload `%s' of %u bytes for %s\n",
1528 GNUNET_h2s (&hc), 1547 GNUNET_h2s(&hc),
1529 (unsigned int) (used - ENCRYPTED_HEADER_SIZE), 1548 (unsigned int)(used - ENCRYPTED_HEADER_SIZE),
1530 GNUNET_i2s (kx->peer)); 1549 GNUNET_i2s(kx->peer));
1531 } 1550 }
1532#endif 1551#endif
1533 derive_auth_key (&auth_key, &kx->encrypt_key, ph->iv_seed); 1552 derive_auth_key(&auth_key, &kx->encrypt_key, ph->iv_seed);
1534 GNUNET_CRYPTO_hmac (&auth_key, 1553 GNUNET_CRYPTO_hmac(&auth_key,
1535 &em->sequence_number, 1554 &em->sequence_number,
1536 used - ENCRYPTED_HEADER_SIZE, 1555 used - ENCRYPTED_HEADER_SIZE,
1537 &em->hmac); 1556 &em->hmac);
1538#if DEBUG_KX 1557#if DEBUG_KX
1539 { 1558 {
1540 struct GNUNET_HashCode hc; 1559 struct GNUNET_HashCode hc;
1541 1560
1542 GNUNET_CRYPTO_hash (&auth_key, sizeof (auth_key), &hc); 1561 GNUNET_CRYPTO_hash(&auth_key, sizeof(auth_key), &hc);
1543 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1562 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1544 "For peer %s, used AC %s to create hmac %s\n", 1563 "For peer %s, used AC %s to create hmac %s\n",
1545 GNUNET_i2s (kx->peer), 1564 GNUNET_i2s(kx->peer),
1546 GNUNET_h2s (&hc), 1565 GNUNET_h2s(&hc),
1547 GNUNET_h2s2 (&em->hmac)); 1566 GNUNET_h2s2(&em->hmac));
1548 } 1567 }
1549#endif 1568#endif
1550 kx->has_excess_bandwidth = GNUNET_NO; 1569 kx->has_excess_bandwidth = GNUNET_NO;
1551 GNUNET_MQ_send (kx->mq, env); 1570 GNUNET_MQ_send(kx->mq, env);
1552} 1571}
1553 1572
1554 1573
@@ -1561,15 +1580,15 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx,
1561 * @return #GNUNET_OK if @a msg is well-formed (size-wise) 1580 * @return #GNUNET_OK if @a msg is well-formed (size-wise)
1562 */ 1581 */
1563static int 1582static int
1564check_encrypted (void *cls, const struct EncryptedMessage *m) 1583check_encrypted(void *cls, const struct EncryptedMessage *m)
1565{ 1584{
1566 uint16_t size = ntohs (m->header.size) - sizeof (*m); 1585 uint16_t size = ntohs(m->header.size) - sizeof(*m);
1567 1586
1568 if (size < sizeof (struct GNUNET_MessageHeader)) 1587 if (size < sizeof(struct GNUNET_MessageHeader))
1569 { 1588 {
1570 GNUNET_break_op (0); 1589 GNUNET_break_op(0);
1571 return GNUNET_SYSERR; 1590 return GNUNET_SYSERR;
1572 } 1591 }
1573 return GNUNET_OK; 1592 return GNUNET_OK;
1574} 1593}
1575 1594
@@ -1582,7 +1601,7 @@ check_encrypted (void *cls, const struct EncryptedMessage *m)
1582 * @param m encrypted message 1601 * @param m encrypted message
1583 */ 1602 */
1584static void 1603static void
1585handle_encrypted (void *cls, const struct EncryptedMessage *m) 1604handle_encrypted(void *cls, const struct EncryptedMessage *m)
1586{ 1605{
1587 struct GSC_KeyExchangeInfo *kx = cls; 1606 struct GSC_KeyExchangeInfo *kx = cls;
1588 struct EncryptedMessage *pt; /* plaintext */ 1607 struct EncryptedMessage *pt; /* plaintext */
@@ -1591,183 +1610,183 @@ handle_encrypted (void *cls, const struct EncryptedMessage *m)
1591 struct GNUNET_TIME_Absolute t; 1610 struct GNUNET_TIME_Absolute t;
1592 struct GNUNET_CRYPTO_SymmetricInitializationVector iv; 1611 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1593 struct GNUNET_CRYPTO_AuthKey auth_key; 1612 struct GNUNET_CRYPTO_AuthKey auth_key;
1594 uint16_t size = ntohs (m->header.size); 1613 uint16_t size = ntohs(m->header.size);
1595 char buf[size] GNUNET_ALIGN; 1614 char buf[size] GNUNET_ALIGN;
1596 1615
1597 if (GNUNET_CORE_KX_STATE_UP != kx->status) 1616 if (GNUNET_CORE_KX_STATE_UP != kx->status)
1598 { 1617 {
1599 GNUNET_STATISTICS_update (GSC_stats, 1618 GNUNET_STATISTICS_update(GSC_stats,
1600 gettext_noop ( 1619 gettext_noop(
1601 "# DATA message dropped (out of order)"), 1620 "# DATA message dropped (out of order)"),
1602 1, 1621 1,
1603 GNUNET_NO); 1622 GNUNET_NO);
1604 return; 1623 return;
1605 } 1624 }
1606 if (0 == 1625 if (0 ==
1607 GNUNET_TIME_absolute_get_remaining (kx->foreign_key_expires).rel_value_us) 1626 GNUNET_TIME_absolute_get_remaining(kx->foreign_key_expires).rel_value_us)
1608 {
1609 GNUNET_log (
1610 GNUNET_ERROR_TYPE_WARNING,
1611 _ (
1612 "Session to peer `%s' went down due to key expiration (should not happen)\n"),
1613 GNUNET_i2s (kx->peer));
1614 GNUNET_STATISTICS_update (GSC_stats,
1615 gettext_noop (
1616 "# sessions terminated by key expiration"),
1617 1,
1618 GNUNET_NO);
1619 GSC_SESSIONS_end (kx->peer);
1620 if (NULL != kx->keep_alive_task)
1621 { 1627 {
1622 GNUNET_SCHEDULER_cancel (kx->keep_alive_task); 1628 GNUNET_log(
1623 kx->keep_alive_task = NULL; 1629 GNUNET_ERROR_TYPE_WARNING,
1630 _(
1631 "Session to peer `%s' went down due to key expiration (should not happen)\n"),
1632 GNUNET_i2s(kx->peer));
1633 GNUNET_STATISTICS_update(GSC_stats,
1634 gettext_noop(
1635 "# sessions terminated by key expiration"),
1636 1,
1637 GNUNET_NO);
1638 GSC_SESSIONS_end(kx->peer);
1639 if (NULL != kx->keep_alive_task)
1640 {
1641 GNUNET_SCHEDULER_cancel(kx->keep_alive_task);
1642 kx->keep_alive_task = NULL;
1643 }
1644 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1645 monitor_notify_all(kx);
1646 send_key(kx);
1647 return;
1624 } 1648 }
1625 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1626 monitor_notify_all (kx);
1627 send_key (kx);
1628 return;
1629 }
1630 1649
1631 /* validate hash */ 1650 /* validate hash */
1632#if DEBUG_KX 1651#if DEBUG_KX
1633 { 1652 {
1634 struct GNUNET_HashCode hc; 1653 struct GNUNET_HashCode hc;
1635 1654
1636 GNUNET_CRYPTO_hash (&m->sequence_number, size - ENCRYPTED_HEADER_SIZE, &hc); 1655 GNUNET_CRYPTO_hash(&m->sequence_number, size - ENCRYPTED_HEADER_SIZE, &hc);
1637 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1656 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1638 "Received encrypted payload `%s' of %u bytes from %s\n", 1657 "Received encrypted payload `%s' of %u bytes from %s\n",
1639 GNUNET_h2s (&hc), 1658 GNUNET_h2s(&hc),
1640 (unsigned int) (size - ENCRYPTED_HEADER_SIZE), 1659 (unsigned int)(size - ENCRYPTED_HEADER_SIZE),
1641 GNUNET_i2s (kx->peer)); 1660 GNUNET_i2s(kx->peer));
1642 } 1661 }
1643#endif 1662#endif
1644 derive_auth_key (&auth_key, &kx->decrypt_key, m->iv_seed); 1663 derive_auth_key(&auth_key, &kx->decrypt_key, m->iv_seed);
1645 GNUNET_CRYPTO_hmac (&auth_key, 1664 GNUNET_CRYPTO_hmac(&auth_key,
1646 &m->sequence_number, 1665 &m->sequence_number,
1647 size - ENCRYPTED_HEADER_SIZE, 1666 size - ENCRYPTED_HEADER_SIZE,
1648 &ph); 1667 &ph);
1649#if DEBUG_KX 1668#if DEBUG_KX
1650 { 1669 {
1651 struct GNUNET_HashCode hc; 1670 struct GNUNET_HashCode hc;
1652 1671
1653 GNUNET_CRYPTO_hash (&auth_key, sizeof (auth_key), &hc); 1672 GNUNET_CRYPTO_hash(&auth_key, sizeof(auth_key), &hc);
1654 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1673 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1655 "For peer %s, used AC %s to verify hmac %s\n", 1674 "For peer %s, used AC %s to verify hmac %s\n",
1656 GNUNET_i2s (kx->peer), 1675 GNUNET_i2s(kx->peer),
1657 GNUNET_h2s (&hc), 1676 GNUNET_h2s(&hc),
1658 GNUNET_h2s2 (&m->hmac)); 1677 GNUNET_h2s2(&m->hmac));
1659 } 1678 }
1660#endif 1679#endif
1661 if (0 != memcmp (&ph, &m->hmac, sizeof (struct GNUNET_HashCode))) 1680 if (0 != memcmp(&ph, &m->hmac, sizeof(struct GNUNET_HashCode)))
1662 { 1681 {
1663 /* checksum failed */ 1682 /* checksum failed */
1664 GNUNET_log (GNUNET_ERROR_TYPE_WARNING, 1683 GNUNET_log(GNUNET_ERROR_TYPE_WARNING,
1665 "Failed checksum validation for a message from `%s'\n", 1684 "Failed checksum validation for a message from `%s'\n",
1666 GNUNET_i2s (kx->peer)); 1685 GNUNET_i2s(kx->peer));
1667 return; 1686 return;
1668 } 1687 }
1669 derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity); 1688 derive_iv(&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1670 /* decrypt */ 1689 /* decrypt */
1671 if (GNUNET_OK != do_decrypt (kx, 1690 if (GNUNET_OK != do_decrypt(kx,
1672 &iv, 1691 &iv,
1673 &m->sequence_number, 1692 &m->sequence_number,
1674 &buf[ENCRYPTED_HEADER_SIZE], 1693 &buf[ENCRYPTED_HEADER_SIZE],
1675 size - ENCRYPTED_HEADER_SIZE)) 1694 size - ENCRYPTED_HEADER_SIZE))
1676 { 1695 {
1677 GNUNET_break_op (0); 1696 GNUNET_break_op(0);
1678 return; 1697 return;
1679 } 1698 }
1680 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1699 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1681 "Decrypted %u bytes from %s\n", 1700 "Decrypted %u bytes from %s\n",
1682 (unsigned int) (size - ENCRYPTED_HEADER_SIZE), 1701 (unsigned int)(size - ENCRYPTED_HEADER_SIZE),
1683 GNUNET_i2s (kx->peer)); 1702 GNUNET_i2s(kx->peer));
1684 pt = (struct EncryptedMessage *) buf; 1703 pt = (struct EncryptedMessage *)buf;
1685 1704
1686 /* validate sequence number */ 1705 /* validate sequence number */
1687 snum = ntohl (pt->sequence_number); 1706 snum = ntohl(pt->sequence_number);
1688 if (kx->last_sequence_number_received == snum) 1707 if (kx->last_sequence_number_received == snum)
1689 { 1708 {
1690 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1709 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1691 "Received duplicate message, ignoring.\n"); 1710 "Received duplicate message, ignoring.\n");
1692 /* duplicate, ignore */ 1711 /* duplicate, ignore */
1693 GNUNET_STATISTICS_update (GSC_stats, 1712 GNUNET_STATISTICS_update(GSC_stats,
1694 gettext_noop ("# bytes dropped (duplicates)"), 1713 gettext_noop("# bytes dropped (duplicates)"),
1695 size, 1714 size,
1696 GNUNET_NO); 1715 GNUNET_NO);
1697 return; 1716 return;
1698 } 1717 }
1699 if ((kx->last_sequence_number_received > snum) && 1718 if ((kx->last_sequence_number_received > snum) &&
1700 (kx->last_sequence_number_received - snum > 32)) 1719 (kx->last_sequence_number_received - snum > 32))
1701 {
1702 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1703 "Received ancient out of sequence message, ignoring.\n");
1704 /* ancient out of sequence, ignore */
1705 GNUNET_STATISTICS_update (GSC_stats,
1706 gettext_noop (
1707 "# bytes dropped (out of sequence)"),
1708 size,
1709 GNUNET_NO);
1710 return;
1711 }
1712 if (kx->last_sequence_number_received > snum)
1713 {
1714 uint32_t rotbit = 1U << (kx->last_sequence_number_received - snum - 1);
1715
1716 if ((kx->last_packets_bitmap & rotbit) != 0)
1717 { 1720 {
1718 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1721 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1719 "Received duplicate message, ignoring.\n"); 1722 "Received ancient out of sequence message, ignoring.\n");
1720 GNUNET_STATISTICS_update (GSC_stats, 1723 /* ancient out of sequence, ignore */
1721 gettext_noop ("# bytes dropped (duplicates)"), 1724 GNUNET_STATISTICS_update(GSC_stats,
1722 size, 1725 gettext_noop(
1723 GNUNET_NO); 1726 "# bytes dropped (out of sequence)"),
1724 /* duplicate, ignore */ 1727 size,
1728 GNUNET_NO);
1725 return; 1729 return;
1726 } 1730 }
1727 kx->last_packets_bitmap |= rotbit; 1731 if (kx->last_sequence_number_received > snum)
1728 } 1732 {
1733 uint32_t rotbit = 1U << (kx->last_sequence_number_received - snum - 1);
1734
1735 if ((kx->last_packets_bitmap & rotbit) != 0)
1736 {
1737 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1738 "Received duplicate message, ignoring.\n");
1739 GNUNET_STATISTICS_update(GSC_stats,
1740 gettext_noop("# bytes dropped (duplicates)"),
1741 size,
1742 GNUNET_NO);
1743 /* duplicate, ignore */
1744 return;
1745 }
1746 kx->last_packets_bitmap |= rotbit;
1747 }
1729 if (kx->last_sequence_number_received < snum) 1748 if (kx->last_sequence_number_received < snum)
1730 { 1749 {
1731 unsigned int shift = (snum - kx->last_sequence_number_received); 1750 unsigned int shift = (snum - kx->last_sequence_number_received);
1732 1751
1733 if (shift >= 8 * sizeof (kx->last_packets_bitmap)) 1752 if (shift >= 8 * sizeof(kx->last_packets_bitmap))
1734 kx->last_packets_bitmap = 0; 1753 kx->last_packets_bitmap = 0;
1735 else 1754 else
1736 kx->last_packets_bitmap <<= shift; 1755 kx->last_packets_bitmap <<= shift;
1737 kx->last_sequence_number_received = snum; 1756 kx->last_sequence_number_received = snum;
1738 } 1757 }
1739 1758
1740 /* check timestamp */ 1759 /* check timestamp */
1741 t = GNUNET_TIME_absolute_ntoh (pt->timestamp); 1760 t = GNUNET_TIME_absolute_ntoh(pt->timestamp);
1742 if (GNUNET_TIME_absolute_get_duration (t).rel_value_us > 1761 if (GNUNET_TIME_absolute_get_duration(t).rel_value_us >
1743 MAX_MESSAGE_AGE.rel_value_us) 1762 MAX_MESSAGE_AGE.rel_value_us)
1744 { 1763 {
1745 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1764 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1746 "Message received far too old (%s). Content ignored.\n", 1765 "Message received far too old (%s). Content ignored.\n",
1747 GNUNET_STRINGS_relative_time_to_string ( 1766 GNUNET_STRINGS_relative_time_to_string(
1748 GNUNET_TIME_absolute_get_duration (t), 1767 GNUNET_TIME_absolute_get_duration(t),
1749 GNUNET_YES)); 1768 GNUNET_YES));
1750 GNUNET_STATISTICS_update (GSC_stats, 1769 GNUNET_STATISTICS_update(GSC_stats,
1751 gettext_noop ( 1770 gettext_noop(
1752 "# bytes dropped (ancient message)"), 1771 "# bytes dropped (ancient message)"),
1753 size, 1772 size,
1754 GNUNET_NO); 1773 GNUNET_NO);
1755 return; 1774 return;
1756 } 1775 }
1757 1776
1758 /* process decrypted message(s) */ 1777 /* process decrypted message(s) */
1759 update_timeout (kx); 1778 update_timeout(kx);
1760 GNUNET_STATISTICS_update (GSC_stats, 1779 GNUNET_STATISTICS_update(GSC_stats,
1761 gettext_noop ("# bytes of payload decrypted"), 1780 gettext_noop("# bytes of payload decrypted"),
1762 size - sizeof (struct EncryptedMessage), 1781 size - sizeof(struct EncryptedMessage),
1763 GNUNET_NO); 1782 GNUNET_NO);
1764 if (GNUNET_OK != 1783 if (GNUNET_OK !=
1765 GNUNET_MST_from_buffer (kx->mst, 1784 GNUNET_MST_from_buffer(kx->mst,
1766 &buf[sizeof (struct EncryptedMessage)], 1785 &buf[sizeof(struct EncryptedMessage)],
1767 size - sizeof (struct EncryptedMessage), 1786 size - sizeof(struct EncryptedMessage),
1768 GNUNET_YES, 1787 GNUNET_YES,
1769 GNUNET_NO)) 1788 GNUNET_NO))
1770 GNUNET_break_op (0); 1789 GNUNET_break_op(0);
1771} 1790}
1772 1791
1773 1792
@@ -1779,17 +1798,17 @@ handle_encrypted (void *cls, const struct EncryptedMessage *m)
1779 * @param connect_cls the `struct Neighbour` 1798 * @param connect_cls the `struct Neighbour`
1780 */ 1799 */
1781static void 1800static void
1782handle_transport_notify_excess_bw (void *cls, 1801handle_transport_notify_excess_bw(void *cls,
1783 const struct GNUNET_PeerIdentity *pid, 1802 const struct GNUNET_PeerIdentity *pid,
1784 void *connect_cls) 1803 void *connect_cls)
1785{ 1804{
1786 struct GSC_KeyExchangeInfo *kx = connect_cls; 1805 struct GSC_KeyExchangeInfo *kx = connect_cls;
1787 1806
1788 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 1807 GNUNET_log(GNUNET_ERROR_TYPE_DEBUG,
1789 "Peer %s has excess bandwidth available\n", 1808 "Peer %s has excess bandwidth available\n",
1790 GNUNET_i2s (pid)); 1809 GNUNET_i2s(pid));
1791 kx->has_excess_bandwidth = GNUNET_YES; 1810 kx->has_excess_bandwidth = GNUNET_YES;
1792 GSC_SESSIONS_solicit (pid); 1811 GSC_SESSIONS_solicit(pid);
1793} 1812}
1794 1813
1795 1814
@@ -1798,40 +1817,40 @@ handle_transport_notify_excess_bw (void *cls,
1798 * public key and generate the appropriate signature. 1817 * public key and generate the appropriate signature.
1799 */ 1818 */
1800static void 1819static void
1801sign_ephemeral_key () 1820sign_ephemeral_key()
1802{ 1821{
1803 current_ekm.header.size = htons (sizeof (struct EphemeralKeyMessage)); 1822 current_ekm.header.size = htons(sizeof(struct EphemeralKeyMessage));
1804 current_ekm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY); 1823 current_ekm.header.type = htons(GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY);
1805 current_ekm.sender_status = 0; /* to be set later */ 1824 current_ekm.sender_status = 0; /* to be set later */
1806 current_ekm.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY); 1825 current_ekm.purpose.purpose = htonl(GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY);
1807 current_ekm.purpose.size = 1826 current_ekm.purpose.size =
1808 htonl (sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + 1827 htonl(sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose) +
1809 sizeof (struct GNUNET_TIME_AbsoluteNBO) + 1828 sizeof(struct GNUNET_TIME_AbsoluteNBO) +
1810 sizeof (struct GNUNET_TIME_AbsoluteNBO) + 1829 sizeof(struct GNUNET_TIME_AbsoluteNBO) +
1811 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) + 1830 sizeof(struct GNUNET_CRYPTO_EcdhePublicKey) +
1812 sizeof (struct GNUNET_PeerIdentity)); 1831 sizeof(struct GNUNET_PeerIdentity));
1813 current_ekm.creation_time = 1832 current_ekm.creation_time =
1814 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ()); 1833 GNUNET_TIME_absolute_hton(GNUNET_TIME_absolute_get());
1815 if (GNUNET_YES == GNUNET_CONFIGURATION_get_value_yesno (GSC_cfg, 1834 if (GNUNET_YES == GNUNET_CONFIGURATION_get_value_yesno(GSC_cfg,
1816 "core", 1835 "core",
1817 "USE_EPHEMERAL_KEYS")) 1836 "USE_EPHEMERAL_KEYS"))
1818 { 1837 {
1819 current_ekm.expiration_time = 1838 current_ekm.expiration_time =
1820 GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute ( 1839 GNUNET_TIME_absolute_hton(GNUNET_TIME_relative_to_absolute(
1821 GNUNET_TIME_relative_add (REKEY_FREQUENCY, REKEY_TOLERANCE))); 1840 GNUNET_TIME_relative_add(REKEY_FREQUENCY, REKEY_TOLERANCE)));
1822 } 1841 }
1823 else 1842 else
1824 { 1843 {
1825 current_ekm.expiration_time = 1844 current_ekm.expiration_time =
1826 GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS); 1845 GNUNET_TIME_absolute_hton(GNUNET_TIME_UNIT_FOREVER_ABS);
1827 } 1846 }
1828 GNUNET_CRYPTO_ecdhe_key_get_public (my_ephemeral_key, 1847 GNUNET_CRYPTO_ecdhe_key_get_public(my_ephemeral_key,
1829 &current_ekm.ephemeral_key); 1848 &current_ekm.ephemeral_key);
1830 current_ekm.origin_identity = GSC_my_identity; 1849 current_ekm.origin_identity = GSC_my_identity;
1831 GNUNET_assert (GNUNET_OK == 1850 GNUNET_assert(GNUNET_OK ==
1832 GNUNET_CRYPTO_eddsa_sign (my_private_key, 1851 GNUNET_CRYPTO_eddsa_sign(my_private_key,
1833 &current_ekm.purpose, 1852 &current_ekm.purpose,
1834 &current_ekm.signature)); 1853 &current_ekm.signature));
1835} 1854}
1836 1855
1837 1856
@@ -1841,40 +1860,40 @@ sign_ephemeral_key ()
1841 * @param cls closure, NULL 1860 * @param cls closure, NULL
1842 */ 1861 */
1843static void 1862static void
1844do_rekey (void *cls) 1863do_rekey(void *cls)
1845{ 1864{
1846 struct GSC_KeyExchangeInfo *pos; 1865 struct GSC_KeyExchangeInfo *pos;
1847 1866
1848 rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL); 1867 rekey_task = GNUNET_SCHEDULER_add_delayed(REKEY_FREQUENCY, &do_rekey, NULL);
1849 if (NULL != my_ephemeral_key) 1868 if (NULL != my_ephemeral_key)
1850 GNUNET_free (my_ephemeral_key); 1869 GNUNET_free(my_ephemeral_key);
1851 my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create (); 1870 my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create();
1852 GNUNET_assert (NULL != my_ephemeral_key); 1871 GNUNET_assert(NULL != my_ephemeral_key);
1853 sign_ephemeral_key (); 1872 sign_ephemeral_key();
1854 { 1873 {
1855 struct GNUNET_HashCode eh; 1874 struct GNUNET_HashCode eh;
1856 1875
1857 GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key, 1876 GNUNET_CRYPTO_hash(&current_ekm.ephemeral_key,
1858 sizeof (current_ekm.ephemeral_key), 1877 sizeof(current_ekm.ephemeral_key),
1859 &eh); 1878 &eh);
1860 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Rekeying to %s\n", GNUNET_h2s (&eh)); 1879 GNUNET_log(GNUNET_ERROR_TYPE_INFO, "Rekeying to %s\n", GNUNET_h2s(&eh));
1861 } 1880 }
1862 for (pos = kx_head; NULL != pos; pos = pos->next) 1881 for (pos = kx_head; NULL != pos; pos = pos->next)
1863 {
1864 if (GNUNET_CORE_KX_STATE_UP == pos->status)
1865 {
1866 pos->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
1867 monitor_notify_all (pos);
1868 derive_session_keys (pos);
1869 }
1870 if (GNUNET_CORE_KX_STATE_DOWN == pos->status)
1871 { 1882 {
1872 pos->status = GNUNET_CORE_KX_STATE_KEY_SENT; 1883 if (GNUNET_CORE_KX_STATE_UP == pos->status)
1873 monitor_notify_all (pos); 1884 {
1885 pos->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
1886 monitor_notify_all(pos);
1887 derive_session_keys(pos);
1888 }
1889 if (GNUNET_CORE_KX_STATE_DOWN == pos->status)
1890 {
1891 pos->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1892 monitor_notify_all(pos);
1893 }
1894 monitor_notify_all(pos);
1895 send_key(pos);
1874 } 1896 }
1875 monitor_notify_all (pos);
1876 send_key (pos);
1877 }
1878} 1897}
1879 1898
1880 1899
@@ -1885,65 +1904,65 @@ do_rekey (void *cls)
1885 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure 1904 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
1886 */ 1905 */
1887int 1906int
1888GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk) 1907GSC_KX_init(struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
1889{ 1908{
1890 struct GNUNET_MQ_MessageHandler handlers[] = 1909 struct GNUNET_MQ_MessageHandler handlers[] =
1891 {GNUNET_MQ_hd_fixed_size (ephemeral_key, 1910 { GNUNET_MQ_hd_fixed_size(ephemeral_key,
1892 GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY, 1911 GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY,
1893 struct EphemeralKeyMessage, 1912 struct EphemeralKeyMessage,
1894 NULL),
1895 GNUNET_MQ_hd_fixed_size (ping,
1896 GNUNET_MESSAGE_TYPE_CORE_PING,
1897 struct PingMessage,
1898 NULL),
1899 GNUNET_MQ_hd_fixed_size (pong,
1900 GNUNET_MESSAGE_TYPE_CORE_PONG,
1901 struct PongMessage,
1902 NULL),
1903 GNUNET_MQ_hd_var_size (encrypted,
1904 GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE,
1905 struct EncryptedMessage,
1906 NULL), 1913 NULL),
1907 GNUNET_MQ_handler_end ()}; 1914 GNUNET_MQ_hd_fixed_size(ping,
1915 GNUNET_MESSAGE_TYPE_CORE_PING,
1916 struct PingMessage,
1917 NULL),
1918 GNUNET_MQ_hd_fixed_size(pong,
1919 GNUNET_MESSAGE_TYPE_CORE_PONG,
1920 struct PongMessage,
1921 NULL),
1922 GNUNET_MQ_hd_var_size(encrypted,
1923 GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE,
1924 struct EncryptedMessage,
1925 NULL),
1926 GNUNET_MQ_handler_end() };
1908 1927
1909 my_private_key = pk; 1928 my_private_key = pk;
1910 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, 1929 GNUNET_CRYPTO_eddsa_key_get_public(my_private_key,
1911 &GSC_my_identity.public_key); 1930 &GSC_my_identity.public_key);
1912 my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create (); 1931 my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create();
1913 if (NULL == my_ephemeral_key) 1932 if (NULL == my_ephemeral_key)
1914 { 1933 {
1915 GNUNET_break (0); 1934 GNUNET_break(0);
1916 GNUNET_free (my_private_key); 1935 GNUNET_free(my_private_key);
1917 my_private_key = NULL; 1936 my_private_key = NULL;
1918 return GNUNET_SYSERR; 1937 return GNUNET_SYSERR;
1919 } 1938 }
1920 sign_ephemeral_key (); 1939 sign_ephemeral_key();
1921 { 1940 {
1922 struct GNUNET_HashCode eh; 1941 struct GNUNET_HashCode eh;
1923 1942
1924 GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key, 1943 GNUNET_CRYPTO_hash(&current_ekm.ephemeral_key,
1925 sizeof (current_ekm.ephemeral_key), 1944 sizeof(current_ekm.ephemeral_key),
1926 &eh); 1945 &eh);
1927 GNUNET_log (GNUNET_ERROR_TYPE_INFO, 1946 GNUNET_log(GNUNET_ERROR_TYPE_INFO,
1928 "Starting with ephemeral key %s\n", 1947 "Starting with ephemeral key %s\n",
1929 GNUNET_h2s (&eh)); 1948 GNUNET_h2s(&eh));
1930 } 1949 }
1931 1950
1932 nc = GNUNET_notification_context_create (1); 1951 nc = GNUNET_notification_context_create(1);
1933 rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL); 1952 rekey_task = GNUNET_SCHEDULER_add_delayed(REKEY_FREQUENCY, &do_rekey, NULL);
1934 transport = 1953 transport =
1935 GNUNET_TRANSPORT_core_connect (GSC_cfg, 1954 GNUNET_TRANSPORT_core_connect(GSC_cfg,
1936 &GSC_my_identity, 1955 &GSC_my_identity,
1937 handlers, 1956 handlers,
1938 NULL, 1957 NULL,
1939 &handle_transport_notify_connect, 1958 &handle_transport_notify_connect,
1940 &handle_transport_notify_disconnect, 1959 &handle_transport_notify_disconnect,
1941 &handle_transport_notify_excess_bw); 1960 &handle_transport_notify_excess_bw);
1942 if (NULL == transport) 1961 if (NULL == transport)
1943 { 1962 {
1944 GSC_KX_done (); 1963 GSC_KX_done();
1945 return GNUNET_SYSERR; 1964 return GNUNET_SYSERR;
1946 } 1965 }
1947 return GNUNET_OK; 1966 return GNUNET_OK;
1948} 1967}
1949 1968
@@ -1952,33 +1971,33 @@ GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
1952 * Shutdown KX subsystem. 1971 * Shutdown KX subsystem.
1953 */ 1972 */
1954void 1973void
1955GSC_KX_done () 1974GSC_KX_done()
1956{ 1975{
1957 if (NULL != transport) 1976 if (NULL != transport)
1958 { 1977 {
1959 GNUNET_TRANSPORT_core_disconnect (transport); 1978 GNUNET_TRANSPORT_core_disconnect(transport);
1960 transport = NULL; 1979 transport = NULL;
1961 } 1980 }
1962 if (NULL != rekey_task) 1981 if (NULL != rekey_task)
1963 { 1982 {
1964 GNUNET_SCHEDULER_cancel (rekey_task); 1983 GNUNET_SCHEDULER_cancel(rekey_task);
1965 rekey_task = NULL; 1984 rekey_task = NULL;
1966 } 1985 }
1967 if (NULL != my_ephemeral_key) 1986 if (NULL != my_ephemeral_key)
1968 { 1987 {
1969 GNUNET_free (my_ephemeral_key); 1988 GNUNET_free(my_ephemeral_key);
1970 my_ephemeral_key = NULL; 1989 my_ephemeral_key = NULL;
1971 } 1990 }
1972 if (NULL != my_private_key) 1991 if (NULL != my_private_key)
1973 { 1992 {
1974 GNUNET_free (my_private_key); 1993 GNUNET_free(my_private_key);
1975 my_private_key = NULL; 1994 my_private_key = NULL;
1976 } 1995 }
1977 if (NULL != nc) 1996 if (NULL != nc)
1978 { 1997 {
1979 GNUNET_notification_context_destroy (nc); 1998 GNUNET_notification_context_destroy(nc);
1980 nc = NULL; 1999 nc = NULL;
1981 } 2000 }
1982} 2001}
1983 2002
1984 2003
@@ -1989,9 +2008,9 @@ GSC_KX_done ()
1989 * @return number of items in the message queue 2008 * @return number of items in the message queue
1990 */ 2009 */
1991unsigned int 2010unsigned int
1992GSC_NEIGHBOURS_get_queue_length (const struct GSC_KeyExchangeInfo *kxinfo) 2011GSC_NEIGHBOURS_get_queue_length(const struct GSC_KeyExchangeInfo *kxinfo)
1993{ 2012{
1994 return GNUNET_MQ_get_length (kxinfo->mq); 2013 return GNUNET_MQ_get_length(kxinfo->mq);
1995} 2014}
1996 2015
1997 2016
@@ -2002,7 +2021,7 @@ GSC_NEIGHBOURS_get_queue_length (const struct GSC_KeyExchangeInfo *kxinfo)
2002 * @return #GNUNET_YES if excess bandwidth is available, #GNUNET_NO if not 2021 * @return #GNUNET_YES if excess bandwidth is available, #GNUNET_NO if not
2003 */ 2022 */
2004int 2023int
2005GSC_NEIGHBOURS_check_excess_bandwidth (const struct GSC_KeyExchangeInfo *kxinfo) 2024GSC_NEIGHBOURS_check_excess_bandwidth(const struct GSC_KeyExchangeInfo *kxinfo)
2006{ 2025{
2007 return kxinfo->has_excess_bandwidth; 2026 return kxinfo->has_excess_bandwidth;
2008} 2027}
@@ -2017,28 +2036,28 @@ GSC_NEIGHBOURS_check_excess_bandwidth (const struct GSC_KeyExchangeInfo *kxinfo)
2017 * @param mq message queue to add for monitoring 2036 * @param mq message queue to add for monitoring
2018 */ 2037 */
2019void 2038void
2020GSC_KX_handle_client_monitor_peers (struct GNUNET_MQ_Handle *mq) 2039GSC_KX_handle_client_monitor_peers(struct GNUNET_MQ_Handle *mq)
2021{ 2040{
2022 struct GNUNET_MQ_Envelope *env; 2041 struct GNUNET_MQ_Envelope *env;
2023 struct MonitorNotifyMessage *done_msg; 2042 struct MonitorNotifyMessage *done_msg;
2024 struct GSC_KeyExchangeInfo *kx; 2043 struct GSC_KeyExchangeInfo *kx;
2025 2044
2026 GNUNET_notification_context_add (nc, mq); 2045 GNUNET_notification_context_add(nc, mq);
2027 for (kx = kx_head; NULL != kx; kx = kx->next) 2046 for (kx = kx_head; NULL != kx; kx = kx->next)
2028 { 2047 {
2029 struct GNUNET_MQ_Envelope *env; 2048 struct GNUNET_MQ_Envelope *env;
2030 struct MonitorNotifyMessage *msg; 2049 struct MonitorNotifyMessage *msg;
2031 2050
2032 env = GNUNET_MQ_msg (msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY); 2051 env = GNUNET_MQ_msg(msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
2033 msg->state = htonl ((uint32_t) kx->status); 2052 msg->state = htonl((uint32_t)kx->status);
2034 msg->peer = *kx->peer; 2053 msg->peer = *kx->peer;
2035 msg->timeout = GNUNET_TIME_absolute_hton (kx->timeout); 2054 msg->timeout = GNUNET_TIME_absolute_hton(kx->timeout);
2036 GNUNET_MQ_send (mq, env); 2055 GNUNET_MQ_send(mq, env);
2037 } 2056 }
2038 env = GNUNET_MQ_msg (done_msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY); 2057 env = GNUNET_MQ_msg(done_msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
2039 done_msg->state = htonl ((uint32_t) GNUNET_CORE_KX_ITERATION_FINISHED); 2058 done_msg->state = htonl((uint32_t)GNUNET_CORE_KX_ITERATION_FINISHED);
2040 done_msg->timeout = GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS); 2059 done_msg->timeout = GNUNET_TIME_absolute_hton(GNUNET_TIME_UNIT_FOREVER_ABS);
2041 GNUNET_MQ_send (mq, env); 2060 GNUNET_MQ_send(mq, env);
2042} 2061}
2043 2062
2044 2063