aboutsummaryrefslogtreecommitdiff
path: root/src/service/core/gnunet-service-core_kx.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/service/core/gnunet-service-core_kx.c')
-rw-r--r--src/service/core/gnunet-service-core_kx.c1945
1 files changed, 1945 insertions, 0 deletions
diff --git a/src/service/core/gnunet-service-core_kx.c b/src/service/core/gnunet-service-core_kx.c
new file mode 100644
index 000000000..c5a1de769
--- /dev/null
+++ b/src/service/core/gnunet-service-core_kx.c
@@ -0,0 +1,1945 @@
1/*
2 This file is part of GNUnet.
3 Copyright (C) 2009-2013, 2016 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
21/**
22 * @file core/gnunet-service-core_kx.c
23 * @brief code for managing the key exchange (SET_KEY, PING, PONG) with other
24 * peers
25 * @author Christian Grothoff
26 */
27#include "platform.h"
28#include "gnunet-service-core_kx.h"
29#include "gnunet_transport_core_service.h"
30#include "gnunet-service-core_sessions.h"
31#include "gnunet-service-core.h"
32#include "gnunet_constants.h"
33#include "gnunet_signatures.h"
34#include "gnunet_protocols.h"
35
36/**
37 * Enable expensive (and possibly problematic for privacy!) logging of KX.
38 */
39#define DEBUG_KX 0
40
41/**
42 * How long do we wait for SET_KEY confirmation initially?
43 */
44#define INITIAL_SET_KEY_RETRY_FREQUENCY \
45 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 10)
46
47/**
48 * What is the minimum frequency for a PING message?
49 */
50#define MIN_PING_FREQUENCY \
51 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 5)
52
53/**
54 * How often do we rekey?
55 */
56#define REKEY_FREQUENCY \
57 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_HOURS, 12)
58
59/**
60 * What time difference do we tolerate?
61 */
62#define REKEY_TOLERANCE \
63 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
64
65/**
66 * What is the maximum age of a message for us to consider processing
67 * it? Note that this looks at the timestamp used by the other peer,
68 * so clock skew between machines does come into play here. So this
69 * should be picked high enough so that a little bit of clock skew
70 * does not prevent peers from connecting to us.
71 */
72#define MAX_MESSAGE_AGE GNUNET_TIME_UNIT_DAYS
73
74
75GNUNET_NETWORK_STRUCT_BEGIN
76
77/**
78 * Encapsulation for encrypted messages exchanged between
79 * peers. Followed by the actual encrypted data.
80 */
81struct EncryptedMessage
82{
83 /**
84 * Message type is #GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE.
85 */
86 struct GNUNET_MessageHeader header;
87
88 /**
89 * Random value used for IV generation.
90 */
91 uint32_t iv_seed GNUNET_PACKED;
92
93 /**
94 * MAC of the encrypted message (starting at @e sequence_number),
95 * used to verify message integrity. Everything after this value
96 * (excluding this value itself) will be encrypted and
97 * authenticated. #ENCRYPTED_HEADER_SIZE must be set to the offset
98 * of the *next* field.
99 */
100 struct GNUNET_HashCode hmac;
101
102 /**
103 * Sequence number, in network byte order. This field
104 * must be the first encrypted/decrypted field
105 */
106 uint32_t sequence_number GNUNET_PACKED;
107
108 /**
109 * Reserved, always zero.
110 */
111 uint32_t reserved GNUNET_PACKED;
112
113 /**
114 * Timestamp. Used to prevent replay of ancient messages
115 * (recent messages are caught with the sequence number).
116 */
117 struct GNUNET_TIME_AbsoluteNBO timestamp;
118};
119GNUNET_NETWORK_STRUCT_END
120
121
122/**
123 * Number of bytes (at the beginning) of `struct EncryptedMessage`
124 * that are NOT encrypted.
125 */
126#define ENCRYPTED_HEADER_SIZE \
127 (offsetof (struct EncryptedMessage, sequence_number))
128
129
130/**
131 * Information about the status of a key exchange with another peer.
132 */
133struct GSC_KeyExchangeInfo
134{
135 /**
136 * DLL.
137 */
138 struct GSC_KeyExchangeInfo *next;
139
140 /**
141 * DLL.
142 */
143 struct GSC_KeyExchangeInfo *prev;
144
145 /**
146 * Identity of the peer.
147 */
148 const struct GNUNET_PeerIdentity *peer;
149
150 /**
151 * Message queue for sending messages to @a peer.
152 */
153 struct GNUNET_MQ_Handle *mq;
154
155 /**
156 * Our message stream tokenizer (for encrypted payload).
157 */
158 struct GNUNET_MessageStreamTokenizer *mst;
159
160 /**
161 * PING message we transmit to the other peer.
162 */
163 struct PingMessage ping;
164
165 /**
166 * Ephemeral public ECC key of the other peer.
167 */
168 struct GNUNET_CRYPTO_EcdhePublicKey other_ephemeral_key;
169
170 /**
171 * Key we use to encrypt our messages for the other peer
172 * (initialized by us when we do the handshake).
173 */
174 struct GNUNET_CRYPTO_SymmetricSessionKey encrypt_key;
175
176 /**
177 * Key we use to decrypt messages from the other peer
178 * (given to us by the other peer during the handshake).
179 */
180 struct GNUNET_CRYPTO_SymmetricSessionKey decrypt_key;
181
182 /**
183 * At what time did the other peer generate the decryption key?
184 */
185 struct GNUNET_TIME_Absolute foreign_key_expires;
186
187 /**
188 * When should the session time out (if there are no PONGs)?
189 */
190 struct GNUNET_TIME_Absolute timeout;
191
192 /**
193 * What was the last timeout we informed our monitors about?
194 */
195 struct GNUNET_TIME_Absolute last_notify_timeout;
196
197 /**
198 * At what frequency are we currently re-trying SET_KEY messages?
199 */
200 struct GNUNET_TIME_Relative set_key_retry_frequency;
201
202 /**
203 * ID of task used for re-trying SET_KEY and PING message.
204 */
205 struct GNUNET_SCHEDULER_Task *retry_set_key_task;
206
207 /**
208 * ID of task used for sending keep-alive pings.
209 */
210 struct GNUNET_SCHEDULER_Task *keep_alive_task;
211
212 /**
213 * Bit map indicating which of the 32 sequence numbers before the
214 * last were received (good for accepting out-of-order packets and
215 * estimating reliability of the connection)
216 */
217 uint32_t last_packets_bitmap;
218
219 /**
220 * last sequence number received on this connection (highest)
221 */
222 uint32_t last_sequence_number_received;
223
224 /**
225 * last sequence number transmitted
226 */
227 uint32_t last_sequence_number_sent;
228
229 /**
230 * What was our PING challenge number (for this peer)?
231 */
232 uint32_t ping_challenge;
233
234 /**
235 * #GNUNET_YES if this peer currently has excess bandwidth.
236 */
237 int has_excess_bandwidth;
238
239 /**
240 * What is our connection status?
241 */
242 enum GNUNET_CORE_KxState status;
243};
244
245
246/**
247 * Transport service.
248 */
249static struct GNUNET_TRANSPORT_CoreHandle *transport;
250
251/**
252 * Our private key.
253 */
254static struct GNUNET_CRYPTO_EddsaPrivateKey my_private_key;
255
256/**
257 * Our ephemeral private key.
258 */
259static struct GNUNET_CRYPTO_EcdhePrivateKey my_ephemeral_key;
260
261/**
262 * Current message we send for a key exchange.
263 */
264static struct EphemeralKeyMessage current_ekm;
265
266/**
267 * DLL head.
268 */
269static struct GSC_KeyExchangeInfo *kx_head;
270
271/**
272 * DLL tail.
273 */
274static struct GSC_KeyExchangeInfo *kx_tail;
275
276/**
277 * Task scheduled for periodic re-generation (and thus rekeying) of our
278 * ephemeral key.
279 */
280static struct GNUNET_SCHEDULER_Task *rekey_task;
281
282/**
283 * Notification context for broadcasting to monitors.
284 */
285static struct GNUNET_NotificationContext *nc;
286
287
288/**
289 * Calculate seed value we should use for a message.
290 *
291 * @param kx key exchange context
292 */
293static uint32_t
294calculate_seed (struct GSC_KeyExchangeInfo *kx)
295{
296 /* Note: may want to make this non-random and instead
297 derive from key material to avoid having an undetectable
298 side-channel */
299 return htonl (
300 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX));
301}
302
303
304/**
305 * Inform all monitors about the KX state of the given peer.
306 *
307 * @param kx key exchange state to inform about
308 */
309static void
310monitor_notify_all (struct GSC_KeyExchangeInfo *kx)
311{
312 struct MonitorNotifyMessage msg;
313
314 msg.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
315 msg.header.size = htons (sizeof(msg));
316 msg.state = htonl ((uint32_t) kx->status);
317 msg.peer = *kx->peer;
318 msg.timeout = GNUNET_TIME_absolute_hton (kx->timeout);
319 GNUNET_notification_context_broadcast (nc, &msg.header, GNUNET_NO);
320 kx->last_notify_timeout = kx->timeout;
321}
322
323
324/**
325 * Derive an authentication key from "set key" information
326 *
327 * @param akey authentication key to derive
328 * @param skey session key to use
329 * @param seed seed to use
330 */
331static void
332derive_auth_key (struct GNUNET_CRYPTO_AuthKey *akey,
333 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
334 uint32_t seed)
335{
336 static const char ctx[] = "authentication key";
337
338#if DEBUG_KX
339 struct GNUNET_HashCode sh;
340
341 GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
342 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
343 "Deriving Auth key from SKEY %s and seed %u\n",
344 GNUNET_h2s (&sh),
345 (unsigned int) seed);
346#endif
347 GNUNET_CRYPTO_hmac_derive_key (akey,
348 skey,
349 &seed,
350 sizeof(seed),
351 skey,
352 sizeof(
353 struct GNUNET_CRYPTO_SymmetricSessionKey),
354 ctx,
355 sizeof(ctx),
356 NULL);
357}
358
359
360/**
361 * Derive an IV from packet information
362 *
363 * @param iv initialization vector to initialize
364 * @param skey session key to use
365 * @param seed seed to use
366 * @param identity identity of the other peer to use
367 */
368static void
369derive_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
370 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
371 uint32_t seed,
372 const struct GNUNET_PeerIdentity *identity)
373{
374 static const char ctx[] = "initialization vector";
375
376#if DEBUG_KX
377 struct GNUNET_HashCode sh;
378
379 GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
380 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
381 "Deriving IV from SKEY %s and seed %u for peer %s\n",
382 GNUNET_h2s (&sh),
383 (unsigned int) seed,
384 GNUNET_i2s (identity));
385#endif
386 GNUNET_CRYPTO_symmetric_derive_iv (iv,
387 skey,
388 &seed,
389 sizeof(seed),
390 identity,
391 sizeof(struct GNUNET_PeerIdentity),
392 ctx,
393 sizeof(ctx),
394 NULL);
395}
396
397
398/**
399 * Derive an IV from pong packet information
400 *
401 * @param iv initialization vector to initialize
402 * @param skey session key to use
403 * @param seed seed to use
404 * @param challenge nonce to use
405 * @param identity identity of the other peer to use
406 */
407static void
408derive_pong_iv (struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
409 const struct GNUNET_CRYPTO_SymmetricSessionKey *skey,
410 uint32_t seed,
411 uint32_t challenge,
412 const struct GNUNET_PeerIdentity *identity)
413{
414 static const char ctx[] = "pong initialization vector";
415
416#if DEBUG_KX
417 struct GNUNET_HashCode sh;
418
419 GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
420 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
421 "Deriving PONG IV from SKEY %s and seed %u/%u for %s\n",
422 GNUNET_h2s (&sh),
423 (unsigned int) seed,
424 (unsigned int) challenge,
425 GNUNET_i2s (identity));
426#endif
427 GNUNET_CRYPTO_symmetric_derive_iv (iv,
428 skey,
429 &seed,
430 sizeof(seed),
431 identity,
432 sizeof(struct GNUNET_PeerIdentity),
433 &challenge,
434 sizeof(challenge),
435 ctx,
436 sizeof(ctx),
437 NULL);
438}
439
440
441/**
442 * Derive an AES key from key material
443 *
444 * @param sender peer identity of the sender
445 * @param receiver peer identity of the sender
446 * @param key_material high entropy key material to use
447 * @param skey set to derived session key
448 */
449static void
450derive_aes_key (const struct GNUNET_PeerIdentity *sender,
451 const struct GNUNET_PeerIdentity *receiver,
452 const struct GNUNET_HashCode *key_material,
453 struct GNUNET_CRYPTO_SymmetricSessionKey *skey)
454{
455 static const char ctx[] = "aes key generation vector";
456
457#if DEBUG_KX
458 struct GNUNET_HashCode sh;
459
460 GNUNET_CRYPTO_hash (skey, sizeof(*skey), &sh);
461 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
462 "Deriving AES Keys for %s to %s from %s\n",
463 GNUNET_i2s (sender),
464 GNUNET_i2s2 (receiver),
465 GNUNET_h2s (key_material));
466#endif
467 GNUNET_CRYPTO_kdf (skey,
468 sizeof(struct GNUNET_CRYPTO_SymmetricSessionKey),
469 ctx,
470 sizeof(ctx),
471 key_material,
472 sizeof(struct GNUNET_HashCode),
473 sender,
474 sizeof(struct GNUNET_PeerIdentity),
475 receiver,
476 sizeof(struct GNUNET_PeerIdentity),
477 NULL);
478}
479
480
481/**
482 * Encrypt size bytes from @a in and write the result to @a out. Use the
483 * @a kx key for outbound traffic of the given neighbour.
484 *
485 * @param kx key information context
486 * @param iv initialization vector to use
487 * @param in ciphertext
488 * @param out plaintext
489 * @param size size of @a in / @a out
490 *
491 * @return #GNUNET_OK on success
492 */
493static int
494do_encrypt (struct GSC_KeyExchangeInfo *kx,
495 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
496 const void *in,
497 void *out,
498 size_t size)
499{
500 if (size != (uint16_t) size)
501 {
502 GNUNET_break (0);
503 return GNUNET_NO;
504 }
505 GNUNET_assert (size == GNUNET_CRYPTO_symmetric_encrypt (in,
506 (uint16_t) size,
507 &kx->encrypt_key,
508 iv,
509 out));
510 GNUNET_STATISTICS_update (GSC_stats,
511 gettext_noop ("# bytes encrypted"),
512 size,
513 GNUNET_NO);
514 /* the following is too sensitive to write to log files by accident,
515 so we require manual intervention to get this one... */
516#if DEBUG_KX
517 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
518 "Encrypted %u bytes for `%s' using key %s, IV %u\n",
519 (unsigned int) size,
520 GNUNET_i2s (kx->peer),
521 kx->encrypt_key.aes_key,
522 GNUNET_CRYPTO_crc32_n (iv, sizeof(iv)));
523#endif
524 return GNUNET_OK;
525}
526
527
528/**
529 * Decrypt size bytes from @a in and write the result to @a out. Use
530 * the @a kx key for inbound traffic of the given neighbour. This
531 * function does NOT do any integrity-checks on the result.
532 *
533 * @param kx key information context
534 * @param iv initialization vector to use
535 * @param in ciphertext
536 * @param out plaintext
537 * @param size size of @a in / @a out
538 * @return #GNUNET_OK on success
539 */
540static int
541do_decrypt (struct GSC_KeyExchangeInfo *kx,
542 const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv,
543 const void *in,
544 void *out,
545 size_t size)
546{
547 if (size != (uint16_t) size)
548 {
549 GNUNET_break (0);
550 return GNUNET_NO;
551 }
552 if ((kx->status != GNUNET_CORE_KX_STATE_KEY_RECEIVED) &&
553 (kx->status != GNUNET_CORE_KX_STATE_UP) &&
554 (kx->status != GNUNET_CORE_KX_STATE_REKEY_SENT))
555 {
556 GNUNET_break_op (0);
557 return GNUNET_SYSERR;
558 }
559 if (size != GNUNET_CRYPTO_symmetric_decrypt (in,
560 (uint16_t) size,
561 &kx->decrypt_key,
562 iv,
563 out))
564 {
565 GNUNET_break (0);
566 return GNUNET_SYSERR;
567 }
568 GNUNET_STATISTICS_update (GSC_stats,
569 gettext_noop ("# bytes decrypted"),
570 size,
571 GNUNET_NO);
572 /* the following is too sensitive to write to log files by accident,
573 so we require manual intervention to get this one... */
574#if DEBUG_KX
575 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
576 "Decrypted %u bytes from `%s' using key %s, IV %u\n",
577 (unsigned int) size,
578 GNUNET_i2s (kx->peer),
579 kx->decrypt_key.aes_key,
580 GNUNET_CRYPTO_crc32_n (iv, sizeof(*iv)));
581#endif
582 return GNUNET_OK;
583}
584
585
586/**
587 * Send our key (and encrypted PING) to the other peer.
588 *
589 * @param kx key exchange context
590 */
591static void
592send_key (struct GSC_KeyExchangeInfo *kx);
593
594
595/**
596 * Task that will retry #send_key() if our previous attempt failed.
597 *
598 * @param cls our `struct GSC_KeyExchangeInfo`
599 */
600static void
601set_key_retry_task (void *cls)
602{
603 struct GSC_KeyExchangeInfo *kx = cls;
604
605 kx->retry_set_key_task = NULL;
606 kx->set_key_retry_frequency =
607 GNUNET_TIME_STD_BACKOFF (kx->set_key_retry_frequency);
608 GNUNET_assert (GNUNET_CORE_KX_STATE_DOWN != kx->status);
609 send_key (kx);
610}
611
612
613/**
614 * Create a fresh PING message for transmission to the other peer.
615 *
616 * @param kx key exchange context to create PING for
617 */
618static void
619setup_fresh_ping (struct GSC_KeyExchangeInfo *kx)
620{
621 struct PingMessage pp;
622 struct PingMessage *pm;
623 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
624
625 pm = &kx->ping;
626 kx->ping_challenge =
627 GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, UINT32_MAX);
628 pm->header.size = htons (sizeof(struct PingMessage));
629 pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
630 pm->iv_seed = calculate_seed (kx);
631 derive_iv (&iv, &kx->encrypt_key, pm->iv_seed, kx->peer);
632 pp.challenge = kx->ping_challenge;
633 pp.target = *kx->peer;
634 do_encrypt (kx,
635 &iv,
636 &pp.target,
637 &pm->target,
638 sizeof(struct PingMessage)
639 - ((void *) &pm->target - (void *) pm));
640}
641
642
643/**
644 * Deliver P2P message to interested clients. Invokes send twice,
645 * once for clients that want the full message, and once for clients
646 * that only want the header
647 *
648 * @param cls the `struct GSC_KeyExchangeInfo`
649 * @param m the message
650 * @return #GNUNET_OK on success,
651 * #GNUNET_NO to stop further processing (no error)
652 * #GNUNET_SYSERR to stop further processing with error
653 */
654static int
655deliver_message (void *cls, const struct GNUNET_MessageHeader *m)
656{
657 struct GSC_KeyExchangeInfo *kx = cls;
658
659 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
660 "Decrypted message of type %d from %s\n",
661 ntohs (m->type),
662 GNUNET_i2s (kx->peer));
663 if (GNUNET_CORE_KX_STATE_UP != kx->status)
664 {
665 GNUNET_STATISTICS_update (GSC_stats,
666 gettext_noop ("# PAYLOAD dropped (out of order)"),
667 1,
668 GNUNET_NO);
669 return GNUNET_OK;
670 }
671 switch (ntohs (m->type))
672 {
673 case GNUNET_MESSAGE_TYPE_CORE_BINARY_TYPE_MAP:
674 case GNUNET_MESSAGE_TYPE_CORE_COMPRESSED_TYPE_MAP:
675 GSC_SESSIONS_set_typemap (kx->peer, m);
676 return GNUNET_OK;
677
678 case GNUNET_MESSAGE_TYPE_CORE_CONFIRM_TYPE_MAP:
679 GSC_SESSIONS_confirm_typemap (kx->peer, m);
680 return GNUNET_OK;
681
682 default:
683 GSC_CLIENTS_deliver_message (kx->peer,
684 m,
685 ntohs (m->size),
686 GNUNET_CORE_OPTION_SEND_FULL_INBOUND);
687 GSC_CLIENTS_deliver_message (kx->peer,
688 m,
689 sizeof(struct GNUNET_MessageHeader),
690 GNUNET_CORE_OPTION_SEND_HDR_INBOUND);
691 }
692 return GNUNET_OK;
693}
694
695
696/**
697 * Function called by transport to notify us that
698 * a peer connected to us (on the network level).
699 * Starts the key exchange with the given peer.
700 *
701 * @param cls closure (NULL)
702 * @param pid identity of the peer to do a key exchange with
703 * @return key exchange information context
704 */
705static void *
706handle_transport_notify_connect (void *cls,
707 const struct GNUNET_PeerIdentity *pid,
708 struct GNUNET_MQ_Handle *mq)
709{
710 struct GSC_KeyExchangeInfo *kx;
711 struct GNUNET_HashCode h1;
712 struct GNUNET_HashCode h2;
713
714 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
715 "Initiating key exchange with `%s'\n",
716 GNUNET_i2s (pid));
717 GNUNET_STATISTICS_update (GSC_stats,
718 gettext_noop ("# key exchanges initiated"),
719 1,
720 GNUNET_NO);
721
722 kx = GNUNET_new (struct GSC_KeyExchangeInfo);
723 kx->mst = GNUNET_MST_create (&deliver_message, kx);
724 kx->mq = mq;
725 kx->peer = pid;
726 kx->set_key_retry_frequency = INITIAL_SET_KEY_RETRY_FREQUENCY;
727 GNUNET_CONTAINER_DLL_insert (kx_head, kx_tail, kx);
728 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
729 monitor_notify_all (kx);
730 GNUNET_CRYPTO_hash (pid, sizeof(struct GNUNET_PeerIdentity), &h1);
731 GNUNET_CRYPTO_hash (&GSC_my_identity,
732 sizeof(struct GNUNET_PeerIdentity),
733 &h2);
734 if (0 < GNUNET_CRYPTO_hash_cmp (&h1, &h2))
735 {
736 /* peer with "lower" identity starts KX, otherwise we typically end up
737 with both peers starting the exchange and transmit the 'set key'
738 message twice */
739 send_key (kx);
740 }
741 else
742 {
743 /* peer with "higher" identity starts a delayed KX, if the "lower" peer
744 * does not start a KX since it sees no reasons to do so */
745 kx->retry_set_key_task =
746 GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
747 &set_key_retry_task,
748 kx);
749 }
750 return kx;
751}
752
753
754/**
755 * Function called by transport telling us that a peer
756 * disconnected.
757 * Stop key exchange with the given peer. Clean up key material.
758 *
759 * @param cls closure
760 * @param peer the peer that disconnected
761 * @param handler_cls the `struct GSC_KeyExchangeInfo` of the peer
762 */
763static void
764handle_transport_notify_disconnect (void *cls,
765 const struct GNUNET_PeerIdentity *peer,
766 void *handler_cls)
767{
768 struct GSC_KeyExchangeInfo *kx = handler_cls;
769
770 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
771 "Peer `%s' disconnected from us.\n",
772 GNUNET_i2s (peer));
773 GSC_SESSIONS_end (kx->peer);
774 GNUNET_STATISTICS_update (GSC_stats,
775 gettext_noop ("# key exchanges stopped"),
776 1,
777 GNUNET_NO);
778 if (NULL != kx->retry_set_key_task)
779 {
780 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
781 kx->retry_set_key_task = NULL;
782 }
783 if (NULL != kx->keep_alive_task)
784 {
785 GNUNET_SCHEDULER_cancel (kx->keep_alive_task);
786 kx->keep_alive_task = NULL;
787 }
788 kx->status = GNUNET_CORE_KX_PEER_DISCONNECT;
789 monitor_notify_all (kx);
790 GNUNET_CONTAINER_DLL_remove (kx_head, kx_tail, kx);
791 GNUNET_MST_destroy (kx->mst);
792 GNUNET_free (kx);
793}
794
795
796/**
797 * Send our PING to the other peer.
798 *
799 * @param kx key exchange context
800 */
801static void
802send_ping (struct GSC_KeyExchangeInfo *kx)
803{
804 struct GNUNET_MQ_Envelope *env;
805
806 GNUNET_STATISTICS_update (GSC_stats,
807 gettext_noop ("# PING messages transmitted"),
808 1,
809 GNUNET_NO);
810 env = GNUNET_MQ_msg_copy (&kx->ping.header);
811 GNUNET_MQ_send (kx->mq, env);
812}
813
814
815/**
816 * Derive fresh session keys from the current ephemeral keys.
817 *
818 * @param kx session to derive keys for
819 */
820static void
821derive_session_keys (struct GSC_KeyExchangeInfo *kx)
822{
823 struct GNUNET_HashCode key_material;
824
825 if (GNUNET_OK !=
826 GNUNET_CRYPTO_ecc_ecdh (&my_ephemeral_key,
827 &kx->other_ephemeral_key,
828 &key_material))
829 {
830 GNUNET_break (0);
831 return;
832 }
833 derive_aes_key (&GSC_my_identity, kx->peer, &key_material, &kx->encrypt_key);
834 derive_aes_key (kx->peer, &GSC_my_identity, &key_material, &kx->decrypt_key);
835 memset (&key_material, 0, sizeof(key_material));
836 /* fresh key, reset sequence numbers */
837 kx->last_sequence_number_received = 0;
838 kx->last_packets_bitmap = 0;
839 setup_fresh_ping (kx);
840}
841
842
843/**
844 * We received a #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY message.
845 * Validate and update our key material and status.
846 *
847 * @param cls key exchange status for the corresponding peer
848 * @param m the set key message we received
849 */
850static void
851handle_ephemeral_key (void *cls, const struct EphemeralKeyMessage *m)
852{
853 struct GSC_KeyExchangeInfo *kx = cls;
854 struct GNUNET_TIME_Absolute start_t;
855 struct GNUNET_TIME_Absolute end_t;
856 struct GNUNET_TIME_Absolute now;
857 enum GNUNET_CORE_KxState sender_status;
858 enum GNUNET_GenericReturnValue do_verify = GNUNET_YES;
859
860 end_t = GNUNET_TIME_absolute_ntoh (m->expiration_time);
861 if (((GNUNET_CORE_KX_STATE_KEY_RECEIVED == kx->status) ||
862 (GNUNET_CORE_KX_STATE_UP == kx->status) ||
863 (GNUNET_CORE_KX_STATE_REKEY_SENT == kx->status)) &&
864 (end_t.abs_value_us < kx->foreign_key_expires.abs_value_us))
865 {
866 GNUNET_STATISTICS_update (GSC_stats,
867 gettext_noop ("# old ephemeral keys ignored"),
868 1,
869 GNUNET_NO);
870 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
871 "Received expired EPHEMERAL_KEY from %s\n",
872 GNUNET_i2s (&m->origin_identity));
873 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
874 return;
875 }
876 if (0 == memcmp (&m->ephemeral_key,
877 &kx->other_ephemeral_key,
878 sizeof(m->ephemeral_key)))
879 {
880 GNUNET_STATISTICS_update (GSC_stats,
881 gettext_noop (
882 "# duplicate ephemeral keys. Not verifying."),
883 1,
884 GNUNET_NO);
885 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
886 "Duplicate EPHEMERAL_KEY from %s, do not verify\n",
887 GNUNET_i2s (&m->origin_identity));
888 do_verify = GNUNET_NO;
889 }
890 if (0 != memcmp (&m->origin_identity,
891 kx->peer,
892 sizeof(struct GNUNET_PeerIdentity)))
893 {
894 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
895 "Received EPHEMERAL_KEY from %s, but expected %s\n",
896 GNUNET_i2s (&m->origin_identity),
897 GNUNET_i2s_full (kx->peer));
898 GNUNET_break_op (0);
899 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
900 return;
901 }
902 if (do_verify && ((ntohl (m->purpose.size) !=
903 sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
904 + sizeof(struct GNUNET_TIME_AbsoluteNBO)
905 + sizeof(struct GNUNET_TIME_AbsoluteNBO)
906 + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)
907 + sizeof(struct GNUNET_CRYPTO_EddsaPublicKey)) ||
908 (GNUNET_OK !=
909 GNUNET_CRYPTO_eddsa_verify_ (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY,
910 &m->purpose,
911 &m->signature,
912 &m->origin_identity.public_key))))
913 {
914 /* invalid signature */
915 GNUNET_break_op (0);
916 GNUNET_STATISTICS_update (GSC_stats,
917 gettext_noop (
918 "# EPHEMERAL_KEYs rejected (bad signature)"),
919 1,
920 GNUNET_NO);
921 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
922 "Received EPHEMERAL_KEY from %s with bad signature\n",
923 GNUNET_i2s (&m->origin_identity));
924 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
925 return;
926 }
927 now = GNUNET_TIME_absolute_get ();
928 start_t = GNUNET_TIME_absolute_ntoh (m->creation_time);
929 if ((end_t.abs_value_us <
930 GNUNET_TIME_absolute_subtract (now, REKEY_TOLERANCE).abs_value_us) ||
931 (start_t.abs_value_us >
932 GNUNET_TIME_absolute_add (now, REKEY_TOLERANCE).abs_value_us))
933 {
934 GNUNET_log (
935 GNUNET_ERROR_TYPE_WARNING,
936 _ (
937 "EPHEMERAL_KEY from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
938 GNUNET_i2s (kx->peer),
939 (unsigned long long) now.abs_value_us,
940 (unsigned long long) start_t.abs_value_us,
941 (unsigned long long) end_t.abs_value_us);
942 GNUNET_STATISTICS_update (GSC_stats,
943 gettext_noop (
944 "# EPHEMERAL_KEY messages rejected due to time"),
945 1,
946 GNUNET_NO);
947 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
948 return;
949 }
950#if DEBUG_KX
951 {
952 struct GNUNET_HashCode eh;
953
954 GNUNET_CRYPTO_hash (&m->ephemeral_key, sizeof(m->ephemeral_key), &eh);
955 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
956 "Received valid EPHEMERAL_KEY `%s' from `%s' in state %d.\n",
957 GNUNET_h2s (&eh),
958 GNUNET_i2s (kx->peer),
959 kx->status);
960 }
961#endif
962 GNUNET_STATISTICS_update (GSC_stats,
963 gettext_noop ("# valid ephemeral keys received"),
964 1,
965 GNUNET_NO);
966 kx->other_ephemeral_key = m->ephemeral_key;
967 kx->foreign_key_expires = end_t;
968 derive_session_keys (kx);
969
970 /* check if we still need to send the sender our key */
971 sender_status = (enum GNUNET_CORE_KxState) ntohl (m->sender_status);
972 switch (sender_status)
973 {
974 case GNUNET_CORE_KX_STATE_DOWN:
975 GNUNET_break_op (0);
976 break;
977
978 case GNUNET_CORE_KX_STATE_KEY_SENT:
979 /* fine, need to send our key after updating our status, see below */
980 GSC_SESSIONS_reinit (kx->peer);
981 break;
982
983 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
984 /* other peer already got our key, but typemap did go down */
985 GSC_SESSIONS_reinit (kx->peer);
986 break;
987
988 case GNUNET_CORE_KX_STATE_UP:
989 /* other peer already got our key, typemap NOT down */
990 break;
991
992 case GNUNET_CORE_KX_STATE_REKEY_SENT:
993 /* other peer already got our key, typemap NOT down */
994 break;
995
996 default:
997 GNUNET_break (0);
998 break;
999 }
1000 /* check if we need to confirm everything is fine via PING + PONG */
1001 switch (kx->status)
1002 {
1003 case GNUNET_CORE_KX_STATE_DOWN:
1004 GNUNET_assert (NULL == kx->keep_alive_task);
1005 kx->status = GNUNET_CORE_KX_STATE_KEY_RECEIVED;
1006 monitor_notify_all (kx);
1007 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1008 send_key (kx);
1009 else
1010 send_ping (kx);
1011 break;
1012
1013 case GNUNET_CORE_KX_STATE_KEY_SENT:
1014 GNUNET_assert (NULL == kx->keep_alive_task);
1015 kx->status = GNUNET_CORE_KX_STATE_KEY_RECEIVED;
1016 monitor_notify_all (kx);
1017 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1018 send_key (kx);
1019 else
1020 send_ping (kx);
1021 break;
1022
1023 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1024 GNUNET_assert (NULL == kx->keep_alive_task);
1025 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1026 send_key (kx);
1027 else
1028 send_ping (kx);
1029 break;
1030
1031 case GNUNET_CORE_KX_STATE_UP:
1032 kx->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
1033 monitor_notify_all (kx);
1034 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1035 send_key (kx);
1036 else
1037 send_ping (kx);
1038 break;
1039
1040 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1041 if (GNUNET_CORE_KX_STATE_KEY_SENT == sender_status)
1042 send_key (kx);
1043 else
1044 send_ping (kx);
1045 break;
1046
1047 default:
1048 GNUNET_break (0);
1049 break;
1050 }
1051 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1052}
1053
1054
1055static void
1056send_keep_alive (void *cls);
1057
1058
1059/**
1060 * We received a PING message. Validate and transmit
1061 * a PONG message.
1062 *
1063 * @param cls key exchange status for the corresponding peer
1064 * @param m the encrypted PING message itself
1065 */
1066static void
1067handle_ping (void *cls, const struct PingMessage *m)
1068{
1069 struct GSC_KeyExchangeInfo *kx = cls;
1070 struct PingMessage t;
1071 struct PongMessage tx;
1072 struct PongMessage *tp;
1073 struct GNUNET_MQ_Envelope *env;
1074 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1075
1076 GNUNET_STATISTICS_update (GSC_stats,
1077 gettext_noop ("# PING messages received"),
1078 1,
1079 GNUNET_NO);
1080 if ((kx->status != GNUNET_CORE_KX_STATE_KEY_RECEIVED) &&
1081 (kx->status != GNUNET_CORE_KX_STATE_UP) &&
1082 (kx->status != GNUNET_CORE_KX_STATE_REKEY_SENT))
1083 {
1084 /* ignore */
1085 GNUNET_STATISTICS_update (GSC_stats,
1086 gettext_noop (
1087 "# PING messages dropped (out of order)"),
1088 1,
1089 GNUNET_NO);
1090 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1091 return;
1092 }
1093 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1094 "Core service receives PING request from `%s'.\n",
1095 GNUNET_i2s (kx->peer));
1096 derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1097 if (GNUNET_OK != do_decrypt (kx,
1098 &iv,
1099 &m->target,
1100 &t.target,
1101 sizeof(struct PingMessage)
1102 - ((void *) &m->target - (void *) m)))
1103 {
1104 GNUNET_break_op (0);
1105 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1106 return;
1107 }
1108 if (0 !=
1109 memcmp (&t.target, &GSC_my_identity, sizeof(struct GNUNET_PeerIdentity)))
1110 {
1111 if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status)
1112 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1113 "Decryption of PING from peer `%s' failed, PING for `%s'?\n",
1114 GNUNET_i2s (kx->peer),
1115 GNUNET_i2s2 (&t.target));
1116 else
1117 GNUNET_log (
1118 GNUNET_ERROR_TYPE_DEBUG,
1119 "Decryption of PING from peer `%s' failed after rekey (harmless)\n",
1120 GNUNET_i2s (kx->peer));
1121 GNUNET_break_op (0);
1122 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1123 return;
1124 }
1125 /* construct PONG */
1126 tx.reserved = 0;
1127 tx.challenge = t.challenge;
1128 tx.target = t.target;
1129 env = GNUNET_MQ_msg (tp, GNUNET_MESSAGE_TYPE_CORE_PONG);
1130 tp->iv_seed = calculate_seed (kx);
1131 derive_pong_iv (&iv, &kx->encrypt_key, tp->iv_seed, t.challenge, kx->peer);
1132 do_encrypt (kx,
1133 &iv,
1134 &tx.challenge,
1135 &tp->challenge,
1136 sizeof(struct PongMessage)
1137 - ((void *) &tp->challenge - (void *) tp));
1138 GNUNET_STATISTICS_update (GSC_stats,
1139 gettext_noop ("# PONG messages created"),
1140 1,
1141 GNUNET_NO);
1142 GNUNET_MQ_send (kx->mq, env);
1143 if (NULL != kx->keep_alive_task)
1144 {
1145 GNUNET_SCHEDULER_cancel (kx->keep_alive_task);
1146 kx->keep_alive_task = GNUNET_SCHEDULER_add_delayed (MIN_PING_FREQUENCY, &send_keep_alive, kx);
1147 }
1148 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1149}
1150
1151
1152/**
1153 * Task triggered when a neighbour entry is about to time out
1154 * (and we should prevent this by sending a PING).
1155 *
1156 * @param cls the `struct GSC_KeyExchangeInfo`
1157 */
1158static void
1159send_keep_alive (void *cls)
1160{
1161 struct GSC_KeyExchangeInfo *kx = cls;
1162 struct GNUNET_TIME_Relative retry;
1163 struct GNUNET_TIME_Relative left;
1164
1165 kx->keep_alive_task = NULL;
1166 left = GNUNET_TIME_absolute_get_remaining (kx->timeout);
1167 if (0 == left.rel_value_us)
1168 {
1169 GNUNET_STATISTICS_update (GSC_stats,
1170 gettext_noop ("# sessions terminated by timeout"),
1171 1,
1172 GNUNET_NO);
1173 GSC_SESSIONS_end (kx->peer);
1174 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1175 monitor_notify_all (kx);
1176 send_key (kx);
1177 return;
1178 }
1179 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1180 "Sending KEEPALIVE to `%s'\n",
1181 GNUNET_i2s (kx->peer));
1182 GNUNET_STATISTICS_update (GSC_stats,
1183 gettext_noop ("# keepalive messages sent"),
1184 1,
1185 GNUNET_NO);
1186 setup_fresh_ping (kx);
1187 send_ping (kx);
1188 retry = GNUNET_TIME_relative_max (GNUNET_TIME_relative_divide (left, 2),
1189 MIN_PING_FREQUENCY);
1190 kx->keep_alive_task =
1191 GNUNET_SCHEDULER_add_delayed (retry, &send_keep_alive, kx);
1192}
1193
1194
1195/**
1196 * We've seen a valid message from the other peer.
1197 * Update the time when the session would time out
1198 * and delay sending our keep alive message further.
1199 *
1200 * @param kx key exchange where we saw activity
1201 */
1202static void
1203update_timeout (struct GSC_KeyExchangeInfo *kx)
1204{
1205 struct GNUNET_TIME_Relative delta;
1206
1207 kx->timeout =
1208 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1209 delta =
1210 GNUNET_TIME_absolute_get_difference (kx->last_notify_timeout, kx->timeout);
1211 if (delta.rel_value_us > 5LL * 1000LL * 1000LL)
1212 {
1213 /* we only notify monitors about timeout changes if those
1214 are bigger than the threshold (5s) */
1215 monitor_notify_all (kx);
1216 }
1217 if (NULL != kx->keep_alive_task)
1218 GNUNET_SCHEDULER_cancel (kx->keep_alive_task);
1219 kx->keep_alive_task = GNUNET_SCHEDULER_add_delayed (
1220 GNUNET_TIME_relative_divide (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, 2),
1221 &send_keep_alive,
1222 kx);
1223}
1224
1225
1226/**
1227 * We received a PONG message. Validate and update our status.
1228 *
1229 * @param kx key exchange context for the the PONG
1230 * @param m the encrypted PONG message itself
1231 */
1232static void
1233handle_pong (void *cls, const struct PongMessage *m)
1234{
1235 struct GSC_KeyExchangeInfo *kx = cls;
1236 struct PongMessage t;
1237 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1238
1239 GNUNET_STATISTICS_update (GSC_stats,
1240 gettext_noop ("# PONG messages received"),
1241 1,
1242 GNUNET_NO);
1243 switch (kx->status)
1244 {
1245 case GNUNET_CORE_KX_STATE_DOWN:
1246 GNUNET_STATISTICS_update (GSC_stats,
1247 gettext_noop (
1248 "# PONG messages dropped (connection down)"),
1249 1,
1250 GNUNET_NO);
1251 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1252 return;
1253
1254 case GNUNET_CORE_KX_STATE_KEY_SENT:
1255 GNUNET_STATISTICS_update (GSC_stats,
1256 gettext_noop (
1257 "# PONG messages dropped (out of order)"),
1258 1,
1259 GNUNET_NO);
1260 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1261 return;
1262
1263 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1264 break;
1265
1266 case GNUNET_CORE_KX_STATE_UP:
1267 break;
1268
1269 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1270 break;
1271
1272 default:
1273 GNUNET_break (0);
1274 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1275 return;
1276 }
1277 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1278 "Core service receives PONG response from `%s'.\n",
1279 GNUNET_i2s (kx->peer));
1280 /* mark as garbage, just to be sure */
1281 memset (&t, 255, sizeof(t));
1282 derive_pong_iv (&iv,
1283 &kx->decrypt_key,
1284 m->iv_seed,
1285 kx->ping_challenge,
1286 &GSC_my_identity);
1287 if (GNUNET_OK != do_decrypt (kx,
1288 &iv,
1289 &m->challenge,
1290 &t.challenge,
1291 sizeof(struct PongMessage)
1292 - ((void *) &m->challenge - (void *) m)))
1293 {
1294 GNUNET_break_op (0);
1295 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1296 return;
1297 }
1298 GNUNET_STATISTICS_update (GSC_stats,
1299 gettext_noop ("# PONG messages decrypted"),
1300 1,
1301 GNUNET_NO);
1302 if ((0 !=
1303 memcmp (&t.target, kx->peer, sizeof(struct GNUNET_PeerIdentity))) ||
1304 (kx->ping_challenge != t.challenge))
1305 {
1306 /* PONG malformed */
1307 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1308 "Received malformed PONG wanted sender `%s' with challenge %u\n",
1309 GNUNET_i2s (kx->peer),
1310 (unsigned int) kx->ping_challenge);
1311 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1312 "Received malformed PONG received from `%s' with challenge %u\n",
1313 GNUNET_i2s (&t.target),
1314 (unsigned int) t.challenge);
1315 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1316 return;
1317 }
1318 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1319 "Received valid PONG from `%s'\n",
1320 GNUNET_i2s (kx->peer));
1321 /* no need to resend key any longer */
1322 if (NULL != kx->retry_set_key_task)
1323 {
1324 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
1325 kx->retry_set_key_task = NULL;
1326 }
1327 switch (kx->status)
1328 {
1329 case GNUNET_CORE_KX_STATE_DOWN:
1330 GNUNET_assert (0); /* should be impossible */
1331 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1332 return;
1333
1334 case GNUNET_CORE_KX_STATE_KEY_SENT:
1335 GNUNET_assert (0); /* should be impossible */
1336 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1337 return;
1338
1339 case GNUNET_CORE_KX_STATE_KEY_RECEIVED:
1340 GNUNET_STATISTICS_update (GSC_stats,
1341 gettext_noop (
1342 "# session keys confirmed via PONG"),
1343 1,
1344 GNUNET_NO);
1345 kx->status = GNUNET_CORE_KX_STATE_UP;
1346 monitor_notify_all (kx);
1347 GSC_SESSIONS_create (kx->peer, kx);
1348 GNUNET_assert (NULL == kx->keep_alive_task);
1349 update_timeout (kx);
1350 break;
1351
1352 case GNUNET_CORE_KX_STATE_UP:
1353 GNUNET_STATISTICS_update (GSC_stats,
1354 gettext_noop ("# timeouts prevented via PONG"),
1355 1,
1356 GNUNET_NO);
1357 update_timeout (kx);
1358 break;
1359
1360 case GNUNET_CORE_KX_STATE_REKEY_SENT:
1361 GNUNET_STATISTICS_update (GSC_stats,
1362 gettext_noop (
1363 "# rekey operations confirmed via PONG"),
1364 1,
1365 GNUNET_NO);
1366 kx->status = GNUNET_CORE_KX_STATE_UP;
1367 monitor_notify_all (kx);
1368 update_timeout (kx);
1369 break;
1370
1371 default:
1372 GNUNET_break (0);
1373 break;
1374 }
1375 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1376}
1377
1378
1379/**
1380 * Send our key to the other peer.
1381 *
1382 * @param kx key exchange context
1383 */
1384static void
1385send_key (struct GSC_KeyExchangeInfo *kx)
1386{
1387 struct GNUNET_MQ_Envelope *env;
1388
1389 GNUNET_assert (GNUNET_CORE_KX_STATE_DOWN != kx->status);
1390 if (NULL != kx->retry_set_key_task)
1391 {
1392 GNUNET_SCHEDULER_cancel (kx->retry_set_key_task);
1393 kx->retry_set_key_task = NULL;
1394 }
1395 /* always update sender status in SET KEY message */
1396#if DEBUG_KX
1397 {
1398 struct GNUNET_HashCode hc;
1399
1400 GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
1401 sizeof(current_ekm.ephemeral_key),
1402 &hc);
1403 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1404 "Sending EPHEMERAL_KEY %s to `%s' (my status: %d)\n",
1405 GNUNET_h2s (&hc),
1406 GNUNET_i2s (kx->peer),
1407 kx->status);
1408 }
1409#endif
1410 current_ekm.sender_status = htonl ((int32_t) (kx->status));
1411 env = GNUNET_MQ_msg_copy (&current_ekm.header);
1412 GNUNET_MQ_send (kx->mq, env);
1413 if (GNUNET_CORE_KX_STATE_KEY_SENT != kx->status)
1414 send_ping (kx);
1415 kx->retry_set_key_task =
1416 GNUNET_SCHEDULER_add_delayed (kx->set_key_retry_frequency,
1417 &set_key_retry_task,
1418 kx);
1419}
1420
1421
1422void
1423GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx,
1424 const void *payload,
1425 size_t payload_size)
1426{
1427 size_t used = payload_size + sizeof(struct EncryptedMessage);
1428 char pbuf[used]; /* plaintext */
1429 struct EncryptedMessage *em; /* encrypted message */
1430 struct EncryptedMessage *ph; /* plaintext header */
1431 struct GNUNET_MQ_Envelope *env;
1432 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1433 struct GNUNET_CRYPTO_AuthKey auth_key;
1434
1435 ph = (struct EncryptedMessage *) pbuf;
1436 ph->sequence_number = htonl (++kx->last_sequence_number_sent);
1437 ph->iv_seed = calculate_seed (kx);
1438 ph->reserved = 0;
1439 ph->timestamp = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
1440 GNUNET_memcpy (&ph[1], payload, payload_size);
1441 env = GNUNET_MQ_msg_extra (em,
1442 payload_size,
1443 GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE);
1444 em->iv_seed = ph->iv_seed;
1445 derive_iv (&iv, &kx->encrypt_key, ph->iv_seed, kx->peer);
1446 GNUNET_assert (GNUNET_OK == do_encrypt (kx,
1447 &iv,
1448 &ph->sequence_number,
1449 &em->sequence_number,
1450 used - ENCRYPTED_HEADER_SIZE));
1451#if DEBUG_KX
1452 {
1453 struct GNUNET_HashCode hc;
1454
1455 GNUNET_CRYPTO_hash (&ph->sequence_number,
1456 used - ENCRYPTED_HEADER_SIZE,
1457 &hc);
1458 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1459 "Encrypted payload `%s' of %u bytes for %s\n",
1460 GNUNET_h2s (&hc),
1461 (unsigned int) (used - ENCRYPTED_HEADER_SIZE),
1462 GNUNET_i2s (kx->peer));
1463 }
1464#endif
1465 derive_auth_key (&auth_key, &kx->encrypt_key, ph->iv_seed);
1466 GNUNET_CRYPTO_hmac (&auth_key,
1467 &em->sequence_number,
1468 used - ENCRYPTED_HEADER_SIZE,
1469 &em->hmac);
1470#if DEBUG_KX
1471 {
1472 struct GNUNET_HashCode hc;
1473
1474 GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1475 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1476 "For peer %s, used AC %s to create hmac %s\n",
1477 GNUNET_i2s (kx->peer),
1478 GNUNET_h2s (&hc),
1479 GNUNET_h2s2 (&em->hmac));
1480 }
1481#endif
1482 kx->has_excess_bandwidth = GNUNET_NO;
1483 GNUNET_MQ_send (kx->mq, env);
1484}
1485
1486
1487/**
1488 * We received an encrypted message. Check that it is
1489 * well-formed (size-wise).
1490 *
1491 * @param cls key exchange context for encrypting the message
1492 * @param m encrypted message
1493 * @return #GNUNET_OK if @a msg is well-formed (size-wise)
1494 */
1495static int
1496check_encrypted (void *cls, const struct EncryptedMessage *m)
1497{
1498 uint16_t size = ntohs (m->header.size) - sizeof(*m);
1499
1500 if (size < sizeof(struct GNUNET_MessageHeader))
1501 {
1502 GNUNET_break_op (0);
1503 return GNUNET_SYSERR;
1504 }
1505 return GNUNET_OK;
1506}
1507
1508
1509/**
1510 * We received an encrypted message. Decrypt, validate and
1511 * pass on to the appropriate clients.
1512 *
1513 * @param cls key exchange context for encrypting the message
1514 * @param m encrypted message
1515 */
1516static void
1517handle_encrypted (void *cls, const struct EncryptedMessage *m)
1518{
1519 struct GSC_KeyExchangeInfo *kx = cls;
1520 struct EncryptedMessage *pt; /* plaintext */
1521 struct GNUNET_HashCode ph;
1522 uint32_t snum;
1523 struct GNUNET_TIME_Absolute t;
1524 struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
1525 struct GNUNET_CRYPTO_AuthKey auth_key;
1526 uint16_t size = ntohs (m->header.size);
1527 char buf[size] GNUNET_ALIGN;
1528
1529 if (GNUNET_CORE_KX_STATE_UP != kx->status)
1530 {
1531 GNUNET_STATISTICS_update (GSC_stats,
1532 gettext_noop (
1533 "# DATA message dropped (out of order)"),
1534 1,
1535 GNUNET_NO);
1536 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1537 return;
1538 }
1539 if (0 ==
1540 GNUNET_TIME_absolute_get_remaining (kx->foreign_key_expires).rel_value_us)
1541 {
1542 GNUNET_log (
1543 GNUNET_ERROR_TYPE_WARNING,
1544 _ (
1545 "Session to peer `%s' went down due to key expiration (should not happen)\n"),
1546 GNUNET_i2s (kx->peer));
1547 GNUNET_STATISTICS_update (GSC_stats,
1548 gettext_noop (
1549 "# sessions terminated by key expiration"),
1550 1,
1551 GNUNET_NO);
1552 GSC_SESSIONS_end (kx->peer);
1553 if (NULL != kx->keep_alive_task)
1554 {
1555 GNUNET_SCHEDULER_cancel (kx->keep_alive_task);
1556 kx->keep_alive_task = NULL;
1557 }
1558 kx->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1559 monitor_notify_all (kx);
1560 send_key (kx);
1561 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1562 return;
1563 }
1564
1565 /* validate hash */
1566#if DEBUG_KX
1567 {
1568 struct GNUNET_HashCode hc;
1569
1570 GNUNET_CRYPTO_hash (&m->sequence_number, size - ENCRYPTED_HEADER_SIZE, &hc);
1571 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1572 "Received encrypted payload `%s' of %u bytes from %s\n",
1573 GNUNET_h2s (&hc),
1574 (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
1575 GNUNET_i2s (kx->peer));
1576 }
1577#endif
1578 derive_auth_key (&auth_key, &kx->decrypt_key, m->iv_seed);
1579 GNUNET_CRYPTO_hmac (&auth_key,
1580 &m->sequence_number,
1581 size - ENCRYPTED_HEADER_SIZE,
1582 &ph);
1583#if DEBUG_KX
1584 {
1585 struct GNUNET_HashCode hc;
1586
1587 GNUNET_CRYPTO_hash (&auth_key, sizeof(auth_key), &hc);
1588 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1589 "For peer %s, used AC %s to verify hmac %s\n",
1590 GNUNET_i2s (kx->peer),
1591 GNUNET_h2s (&hc),
1592 GNUNET_h2s2 (&m->hmac));
1593 }
1594#endif
1595 if (0 != memcmp (&ph, &m->hmac, sizeof(struct GNUNET_HashCode)))
1596 {
1597 /* checksum failed */
1598 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1599 "Failed checksum validation for a message from `%s'\n",
1600 GNUNET_i2s (kx->peer));
1601 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1602 return;
1603 }
1604 derive_iv (&iv, &kx->decrypt_key, m->iv_seed, &GSC_my_identity);
1605 /* decrypt */
1606 if (GNUNET_OK != do_decrypt (kx,
1607 &iv,
1608 &m->sequence_number,
1609 &buf[ENCRYPTED_HEADER_SIZE],
1610 size - ENCRYPTED_HEADER_SIZE))
1611 {
1612 GNUNET_break_op (0);
1613 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1614 return;
1615 }
1616 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1617 "Decrypted %u bytes from %s\n",
1618 (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
1619 GNUNET_i2s (kx->peer));
1620 pt = (struct EncryptedMessage *) buf;
1621
1622 /* validate sequence number */
1623 snum = ntohl (pt->sequence_number);
1624 if (kx->last_sequence_number_received == snum)
1625 {
1626 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1627 "Received duplicate message, ignoring.\n");
1628 /* duplicate, ignore */
1629 GNUNET_STATISTICS_update (GSC_stats,
1630 gettext_noop ("# bytes dropped (duplicates)"),
1631 size,
1632 GNUNET_NO);
1633 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1634 return;
1635 }
1636 if ((kx->last_sequence_number_received > snum) &&
1637 (kx->last_sequence_number_received - snum > 32))
1638 {
1639 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1640 "Received ancient out of sequence message, ignoring.\n");
1641 /* ancient out of sequence, ignore */
1642 GNUNET_STATISTICS_update (GSC_stats,
1643 gettext_noop (
1644 "# bytes dropped (out of sequence)"),
1645 size,
1646 GNUNET_NO);
1647 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1648 return;
1649 }
1650 if (kx->last_sequence_number_received > snum)
1651 {
1652 uint32_t rotbit = 1U << (kx->last_sequence_number_received - snum - 1);
1653
1654 if ((kx->last_packets_bitmap & rotbit) != 0)
1655 {
1656 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1657 "Received duplicate message, ignoring.\n");
1658 GNUNET_STATISTICS_update (GSC_stats,
1659 gettext_noop ("# bytes dropped (duplicates)"),
1660 size,
1661 GNUNET_NO);
1662 /* duplicate, ignore */
1663 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1664 return;
1665 }
1666 kx->last_packets_bitmap |= rotbit;
1667 }
1668 if (kx->last_sequence_number_received < snum)
1669 {
1670 unsigned int shift = (snum - kx->last_sequence_number_received);
1671
1672 if (shift >= 8 * sizeof(kx->last_packets_bitmap))
1673 kx->last_packets_bitmap = 0;
1674 else
1675 kx->last_packets_bitmap <<= shift;
1676 kx->last_sequence_number_received = snum;
1677 }
1678
1679 /* check timestamp */
1680 t = GNUNET_TIME_absolute_ntoh (pt->timestamp);
1681 if (GNUNET_TIME_absolute_get_duration (t).rel_value_us >
1682 MAX_MESSAGE_AGE.rel_value_us)
1683 {
1684 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1685 "Message received far too old (%s). Content ignored.\n",
1686 GNUNET_STRINGS_relative_time_to_string (
1687 GNUNET_TIME_absolute_get_duration (t),
1688 GNUNET_YES));
1689 GNUNET_STATISTICS_update (GSC_stats,
1690 gettext_noop (
1691 "# bytes dropped (ancient message)"),
1692 size,
1693 GNUNET_NO);
1694 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1695 return;
1696 }
1697
1698 /* process decrypted message(s) */
1699 update_timeout (kx);
1700 GNUNET_STATISTICS_update (GSC_stats,
1701 gettext_noop ("# bytes of payload decrypted"),
1702 size - sizeof(struct EncryptedMessage),
1703 GNUNET_NO);
1704 if (GNUNET_OK !=
1705 GNUNET_MST_from_buffer (kx->mst,
1706 &buf[sizeof(struct EncryptedMessage)],
1707 size - sizeof(struct EncryptedMessage),
1708 GNUNET_YES,
1709 GNUNET_NO))
1710 GNUNET_break_op (0);
1711
1712 GNUNET_TRANSPORT_core_receive_continue (transport, kx->peer);
1713}
1714
1715
1716/**
1717 * Setup the message that links the ephemeral key to our persistent
1718 * public key and generate the appropriate signature.
1719 */
1720static void
1721sign_ephemeral_key ()
1722{
1723 current_ekm.header.size = htons (sizeof(struct EphemeralKeyMessage));
1724 current_ekm.header.type = htons (GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY);
1725 current_ekm.sender_status = 0; /* to be set later */
1726 current_ekm.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_SET_ECC_KEY);
1727 current_ekm.purpose.size =
1728 htonl (sizeof(struct GNUNET_CRYPTO_EccSignaturePurpose)
1729 + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1730 + sizeof(struct GNUNET_TIME_AbsoluteNBO)
1731 + sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)
1732 + sizeof(struct GNUNET_PeerIdentity));
1733 current_ekm.creation_time =
1734 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
1735 if (GNUNET_YES == GNUNET_CONFIGURATION_get_value_yesno (GSC_cfg,
1736 "core",
1737 "USE_EPHEMERAL_KEYS"))
1738 {
1739 current_ekm.expiration_time =
1740 GNUNET_TIME_absolute_hton (GNUNET_TIME_relative_to_absolute (
1741 GNUNET_TIME_relative_add (REKEY_FREQUENCY,
1742 REKEY_TOLERANCE)));
1743 }
1744 else
1745 {
1746 current_ekm.expiration_time =
1747 GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS);
1748 }
1749 GNUNET_CRYPTO_ecdhe_key_get_public (&my_ephemeral_key,
1750 &current_ekm.ephemeral_key);
1751 current_ekm.origin_identity = GSC_my_identity;
1752 GNUNET_assert (GNUNET_OK ==
1753 GNUNET_CRYPTO_eddsa_sign_ (&my_private_key,
1754 &current_ekm.purpose,
1755 &current_ekm.signature));
1756}
1757
1758
1759/**
1760 * Task run to trigger rekeying.
1761 *
1762 * @param cls closure, NULL
1763 */
1764static void
1765do_rekey (void *cls)
1766{
1767 struct GSC_KeyExchangeInfo *pos;
1768
1769 (void) cls;
1770 rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
1771 GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
1772 sign_ephemeral_key ();
1773 {
1774 struct GNUNET_HashCode eh;
1775
1776 GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
1777 sizeof(current_ekm.ephemeral_key),
1778 &eh);
1779 GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Rekeying to %s\n", GNUNET_h2s (&eh));
1780 }
1781 for (pos = kx_head; NULL != pos; pos = pos->next)
1782 {
1783 if (GNUNET_CORE_KX_STATE_UP == pos->status)
1784 {
1785 pos->status = GNUNET_CORE_KX_STATE_REKEY_SENT;
1786 derive_session_keys (pos);
1787 }
1788 else if (GNUNET_CORE_KX_STATE_DOWN == pos->status)
1789 {
1790 pos->status = GNUNET_CORE_KX_STATE_KEY_SENT;
1791 }
1792 monitor_notify_all (pos);
1793 send_key (pos);
1794 }
1795}
1796
1797
1798/**
1799 * Initialize KX subsystem.
1800 *
1801 * @param pk private key to use for the peer
1802 * @return #GNUNET_OK on success, #GNUNET_SYSERR on failure
1803 */
1804int
1805GSC_KX_init (struct GNUNET_CRYPTO_EddsaPrivateKey *pk)
1806{
1807 struct GNUNET_MQ_MessageHandler handlers[] = {
1808 GNUNET_MQ_hd_fixed_size (ephemeral_key,
1809 GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY,
1810 struct EphemeralKeyMessage,
1811 NULL),
1812 GNUNET_MQ_hd_fixed_size (ping,
1813 GNUNET_MESSAGE_TYPE_CORE_PING,
1814 struct PingMessage,
1815 NULL),
1816 GNUNET_MQ_hd_fixed_size (pong,
1817 GNUNET_MESSAGE_TYPE_CORE_PONG,
1818 struct PongMessage,
1819 NULL),
1820 GNUNET_MQ_hd_var_size (encrypted,
1821 GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE,
1822 struct EncryptedMessage,
1823 NULL),
1824 GNUNET_MQ_handler_end ()
1825 };
1826
1827 my_private_key = *pk;
1828 GNUNET_CRYPTO_eddsa_key_get_public (&my_private_key,
1829 &GSC_my_identity.public_key);
1830 GNUNET_CRYPTO_ecdhe_key_create (&my_ephemeral_key);
1831 sign_ephemeral_key ();
1832 {
1833 struct GNUNET_HashCode eh;
1834
1835 GNUNET_CRYPTO_hash (&current_ekm.ephemeral_key,
1836 sizeof(current_ekm.ephemeral_key),
1837 &eh);
1838 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
1839 "Starting with ephemeral key %s\n",
1840 GNUNET_h2s (&eh));
1841 }
1842
1843 nc = GNUNET_notification_context_create (1);
1844 rekey_task = GNUNET_SCHEDULER_add_delayed (REKEY_FREQUENCY, &do_rekey, NULL);
1845 transport =
1846 GNUNET_TRANSPORT_core_connect (GSC_cfg,
1847 &GSC_my_identity,
1848 handlers,
1849 NULL,
1850 &handle_transport_notify_connect,
1851 &handle_transport_notify_disconnect);
1852 if (NULL == transport)
1853 {
1854 GSC_KX_done ();
1855 return GNUNET_SYSERR;
1856 }
1857 return GNUNET_OK;
1858}
1859
1860
1861/**
1862 * Shutdown KX subsystem.
1863 */
1864void
1865GSC_KX_done ()
1866{
1867 if (NULL != transport)
1868 {
1869 GNUNET_TRANSPORT_core_disconnect (transport);
1870 transport = NULL;
1871 }
1872 if (NULL != rekey_task)
1873 {
1874 GNUNET_SCHEDULER_cancel (rekey_task);
1875 rekey_task = NULL;
1876 }
1877 memset (&my_ephemeral_key,
1878 0,
1879 sizeof (my_ephemeral_key));
1880 memset (&my_private_key,
1881 0,
1882 sizeof (my_private_key));
1883 if (NULL != nc)
1884 {
1885 GNUNET_notification_context_destroy (nc);
1886 nc = NULL;
1887 }
1888}
1889
1890
1891/**
1892 * Check how many messages are queued for the given neighbour.
1893 *
1894 * @param kxinfo data about neighbour to check
1895 * @return number of items in the message queue
1896 */
1897unsigned int
1898GSC_NEIGHBOURS_get_queue_length (const struct GSC_KeyExchangeInfo *kxinfo)
1899{
1900 return GNUNET_MQ_get_length (kxinfo->mq);
1901}
1902
1903
1904int
1905GSC_NEIGHBOURS_check_excess_bandwidth (const struct GSC_KeyExchangeInfo *kxinfo)
1906{
1907 return kxinfo->has_excess_bandwidth;
1908}
1909
1910
1911/**
1912 * Handle #GNUNET_MESSAGE_TYPE_CORE_MONITOR_PEERS request. For this
1913 * request type, the client does not have to have transmitted an INIT
1914 * request. All current peers are returned, regardless of which
1915 * message types they accept.
1916 *
1917 * @param mq message queue to add for monitoring
1918 */
1919void
1920GSC_KX_handle_client_monitor_peers (struct GNUNET_MQ_Handle *mq)
1921{
1922 struct GNUNET_MQ_Envelope *env;
1923 struct MonitorNotifyMessage *done_msg;
1924 struct GSC_KeyExchangeInfo *kx;
1925
1926 GNUNET_notification_context_add (nc, mq);
1927 for (kx = kx_head; NULL != kx; kx = kx->next)
1928 {
1929 struct GNUNET_MQ_Envelope *env;
1930 struct MonitorNotifyMessage *msg;
1931
1932 env = GNUNET_MQ_msg (msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
1933 msg->state = htonl ((uint32_t) kx->status);
1934 msg->peer = *kx->peer;
1935 msg->timeout = GNUNET_TIME_absolute_hton (kx->timeout);
1936 GNUNET_MQ_send (mq, env);
1937 }
1938 env = GNUNET_MQ_msg (done_msg, GNUNET_MESSAGE_TYPE_CORE_MONITOR_NOTIFY);
1939 done_msg->state = htonl ((uint32_t) GNUNET_CORE_KX_ITERATION_FINISHED);
1940 done_msg->timeout = GNUNET_TIME_absolute_hton (GNUNET_TIME_UNIT_FOREVER_ABS);
1941 GNUNET_MQ_send (mq, env);
1942}
1943
1944
1945/* end of gnunet-service-core_kx.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-22 05:00:56 +0000