diff options
Diffstat (limited to 'src/transport/gnunet-communicator-udp.c')
-rw-r--r-- | src/transport/gnunet-communicator-udp.c | 3873 |
1 files changed, 0 insertions, 3873 deletions
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c deleted file mode 100644 index ef7b1d6c0..000000000 --- a/src/transport/gnunet-communicator-udp.c +++ /dev/null | |||
@@ -1,3873 +0,0 @@ | |||
1 | /* | ||
2 | This file is part of GNUnet | ||
3 | Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V. | ||
4 | |||
5 | GNUnet is free software: you can redistribute it and/or modify it | ||
6 | under the terms of the GNU Affero General Public License as published | ||
7 | by the Free Software Foundation, either version 3 of the License, | ||
8 | or (at your option) any later version. | ||
9 | |||
10 | GNUnet is distributed in the hope that it will be useful, but | ||
11 | WITHOUT ANY WARRANTY; without even the implied warranty of | ||
12 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
13 | Affero General Public License for more details. | ||
14 | |||
15 | You should have received a copy of the GNU Affero General Public License | ||
16 | along with this program. If not, see <http://www.gnu.org/licenses/>. | ||
17 | |||
18 | SPDX-License-Identifier: AGPL3.0-or-later | ||
19 | */ | ||
20 | |||
21 | /** | ||
22 | * @file transport/gnunet-communicator-udp.c | ||
23 | * @brief Transport plugin using UDP. | ||
24 | * @author Christian Grothoff | ||
25 | * | ||
26 | * TODO: | ||
27 | * - consider imposing transmission limits in the absence | ||
28 | * of ACKs; or: maybe this should be done at TNG service level? | ||
29 | * (at least the receiver might want to enforce limits on | ||
30 | * KX/DH operations per sender in here) (#5552) | ||
31 | * - overall, we should look more into flow control support | ||
32 | * (either in backchannel, or general solution in TNG service) | ||
33 | * - handle addresses discovered from broadcasts (#5551) | ||
34 | * (think: what was the story again on address validation? | ||
35 | * where is the API for that!?!) | ||
36 | * - support DNS names in BINDTO option (#5528) | ||
37 | * - support NAT connection reversal method (#5529) | ||
38 | * - support other UDP-specific NAT traversal methods (#) | ||
39 | */ | ||
40 | #include "platform.h" | ||
41 | #include "gnunet_util_lib.h" | ||
42 | #include "gnunet_protocols.h" | ||
43 | #include "gnunet_signatures.h" | ||
44 | #include "gnunet_constants.h" | ||
45 | #include "gnunet_nt_lib.h" | ||
46 | #include "gnunet_nat_service.h" | ||
47 | #include "gnunet_statistics_service.h" | ||
48 | #include "gnunet_transport_application_service.h" | ||
49 | #include "gnunet_transport_communication_service.h" | ||
50 | |||
51 | /** | ||
52 | * How often do we rekey based on time (at least) | ||
53 | */ | ||
54 | #define DEFAULT_REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS | ||
55 | |||
56 | /** | ||
57 | * How long do we wait until we must have received the initial KX? | ||
58 | */ | ||
59 | #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES | ||
60 | |||
61 | /** | ||
62 | * How often do we broadcast our presence on the LAN? | ||
63 | */ | ||
64 | #define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES | ||
65 | |||
66 | /** | ||
67 | * How often do we scan for changes to our network interfaces? | ||
68 | */ | ||
69 | #define INTERFACE_SCAN_FREQUENCY \ | ||
70 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5) | ||
71 | |||
72 | /** | ||
73 | * How long do we believe our addresses to remain up (before | ||
74 | * the other peer should revalidate). | ||
75 | */ | ||
76 | #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS | ||
77 | |||
78 | #define WORKING_QUEUE_INTERVALL \ | ||
79 | GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1) | ||
80 | |||
81 | /** | ||
82 | * AES key size. | ||
83 | */ | ||
84 | #define AES_KEY_SIZE (256 / 8) | ||
85 | |||
86 | /** | ||
87 | * AES (GCM) IV size. | ||
88 | */ | ||
89 | #define AES_IV_SIZE (96 / 8) | ||
90 | |||
91 | /** | ||
92 | * Size of the GCM tag. | ||
93 | */ | ||
94 | #define GCM_TAG_SIZE (128 / 8) | ||
95 | |||
96 | #define GENERATE_AT_ONCE 2 | ||
97 | |||
98 | /** | ||
99 | * If we fall below this number of available KCNs, | ||
100 | * we generate additional ACKs until we reach | ||
101 | * #KCN_TARGET. | ||
102 | * Should be large enough that we don't generate ACKs all | ||
103 | * the time and still have enough time for the ACK to | ||
104 | * arrive before the sender runs out. So really this | ||
105 | * should ideally be based on the RTT. | ||
106 | */ | ||
107 | #define KCN_THRESHOLD 92 | ||
108 | |||
109 | /** | ||
110 | * How many KCNs do we keep around *after* we hit | ||
111 | * the #KCN_THRESHOLD? Should be larger than | ||
112 | * #KCN_THRESHOLD so we do not generate just one | ||
113 | * ACK at the time. | ||
114 | */ | ||
115 | #define KCN_TARGET 128 | ||
116 | |||
117 | /** | ||
118 | * What is the maximum delta between KCN sequence numbers | ||
119 | * that we allow. Used to expire 'ancient' KCNs that likely | ||
120 | * were dropped by the network. Must be larger than | ||
121 | * KCN_TARGET (otherwise we generate new KCNs all the time), | ||
122 | * but not too large (otherwise packet loss may cause | ||
123 | * sender to fall back to KX needlessly when sender runs | ||
124 | * out of ACK'ed KCNs due to losses). | ||
125 | */ | ||
126 | #define MAX_SQN_DELTA 160 | ||
127 | |||
128 | /** | ||
129 | * How many shared master secrets do we keep around | ||
130 | * at most per sender? Should be large enough so | ||
131 | * that we generally have a chance of sending an ACK | ||
132 | * before the sender already rotated out the master | ||
133 | * secret. Generally values around #KCN_TARGET make | ||
134 | * sense. Might make sense to adapt to RTT if we had | ||
135 | * a good measurement... | ||
136 | */ | ||
137 | #define MAX_SECRETS 128000 | ||
138 | |||
139 | /** | ||
140 | * Default value for how often we do rekey based on number of bytes transmitted? | ||
141 | * (additionally randomized). | ||
142 | */ | ||
143 | #define DEFAULT_REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU) | ||
144 | |||
145 | /** | ||
146 | * Address prefix used by the communicator. | ||
147 | */ | ||
148 | |||
149 | #define COMMUNICATOR_ADDRESS_PREFIX "udp" | ||
150 | |||
151 | /** | ||
152 | * Configuration section used by the communicator. | ||
153 | */ | ||
154 | #define COMMUNICATOR_CONFIG_SECTION "communicator-udp" | ||
155 | |||
156 | GNUNET_NETWORK_STRUCT_BEGIN | ||
157 | |||
158 | |||
159 | /** | ||
160 | * Signature we use to verify that the ephemeral key was really chosen by | ||
161 | * the specified sender. If possible, the receiver should respond with | ||
162 | * a `struct UDPAck` (possibly via backchannel). | ||
163 | */ | ||
164 | struct UdpHandshakeSignature | ||
165 | { | ||
166 | /** | ||
167 | * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE | ||
168 | */ | ||
169 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | ||
170 | |||
171 | /** | ||
172 | * Identity of the inititor of the UDP connection (UDP client). | ||
173 | */ | ||
174 | struct GNUNET_PeerIdentity sender; | ||
175 | |||
176 | /** | ||
177 | * Presumed identity of the target of the UDP connection (UDP server) | ||
178 | */ | ||
179 | struct GNUNET_PeerIdentity receiver; | ||
180 | |||
181 | /** | ||
182 | * Ephemeral key used by the @e sender. | ||
183 | */ | ||
184 | struct GNUNET_CRYPTO_EcdhePublicKey ephemeral; | ||
185 | |||
186 | /** | ||
187 | * Monotonic time of @e sender, to possibly help detect replay attacks | ||
188 | * (if receiver persists times by sender). | ||
189 | */ | ||
190 | struct GNUNET_TIME_AbsoluteNBO monotonic_time; | ||
191 | }; | ||
192 | |||
193 | |||
194 | /** | ||
195 | * "Plaintext" header at beginning of KX message. Followed | ||
196 | * by encrypted `struct UDPConfirmation`. | ||
197 | */ | ||
198 | struct InitialKX | ||
199 | { | ||
200 | /** | ||
201 | * Ephemeral key for KX. | ||
202 | */ | ||
203 | struct GNUNET_CRYPTO_EcdhePublicKey ephemeral; | ||
204 | |||
205 | /** | ||
206 | * HMAC for the following encrypted message, using GCM. HMAC uses | ||
207 | * key derived from the handshake with sequence number zero. | ||
208 | */ | ||
209 | char gcm_tag[GCM_TAG_SIZE]; | ||
210 | |||
211 | /** | ||
212 | * A flag indicating, if the sender is doing rekeying. | ||
213 | */ | ||
214 | int rekeying; | ||
215 | }; | ||
216 | |||
217 | |||
218 | /** | ||
219 | * Encrypted continuation of UDP initial handshake, followed | ||
220 | * by message header with payload. | ||
221 | */ | ||
222 | struct UDPConfirmation | ||
223 | { | ||
224 | /** | ||
225 | * Sender's identity | ||
226 | */ | ||
227 | struct GNUNET_PeerIdentity sender; | ||
228 | |||
229 | /** | ||
230 | * Sender's signature of type #GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE | ||
231 | */ | ||
232 | struct GNUNET_CRYPTO_EddsaSignature sender_sig; | ||
233 | |||
234 | /** | ||
235 | * Monotonic time of @e sender, to possibly help detect replay attacks | ||
236 | * (if receiver persists times by sender). | ||
237 | */ | ||
238 | struct GNUNET_TIME_AbsoluteNBO monotonic_time; | ||
239 | |||
240 | /* followed by messages */ | ||
241 | |||
242 | /* padding may follow actual messages */ | ||
243 | }; | ||
244 | |||
245 | |||
246 | /** | ||
247 | * UDP key acknowledgement. May be sent via backchannel. Allows the | ||
248 | * sender to use `struct UDPBox` with the acknowledge key henceforth. | ||
249 | */ | ||
250 | struct UDPAck | ||
251 | { | ||
252 | /** | ||
253 | * Type is #GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK. | ||
254 | */ | ||
255 | struct GNUNET_MessageHeader header; | ||
256 | |||
257 | /** | ||
258 | * Sequence acknowledgement limit. Specifies current maximum sequence | ||
259 | * number supported by receiver. | ||
260 | */ | ||
261 | uint32_t sequence_max GNUNET_PACKED; | ||
262 | |||
263 | /** | ||
264 | * Sequence acknowledgement limit. Specifies current maximum sequence | ||
265 | * number supported by receiver. | ||
266 | */ | ||
267 | uint32_t acks_available GNUNET_PACKED; | ||
268 | |||
269 | /** | ||
270 | * CMAC of the base key being acknowledged. | ||
271 | */ | ||
272 | struct GNUNET_HashCode cmac; | ||
273 | }; | ||
274 | |||
275 | |||
276 | /** | ||
277 | * Signature we use to verify that the broadcast was really made by | ||
278 | * the peer that claims to have made it. Basically, affirms that the | ||
279 | * peer is really using this IP address (albeit possibly not in _our_ | ||
280 | * LAN). Makes it difficult for peers in the LAN to claim to | ||
281 | * be just any global peer -- an attacker must have at least | ||
282 | * shared a LAN with the peer they're pretending to be here. | ||
283 | */ | ||
284 | struct UdpBroadcastSignature | ||
285 | { | ||
286 | /** | ||
287 | * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST | ||
288 | */ | ||
289 | struct GNUNET_CRYPTO_EccSignaturePurpose purpose; | ||
290 | |||
291 | /** | ||
292 | * Identity of the inititor of the UDP broadcast. | ||
293 | */ | ||
294 | struct GNUNET_PeerIdentity sender; | ||
295 | |||
296 | /** | ||
297 | * Hash of the sender's UDP address. | ||
298 | */ | ||
299 | struct GNUNET_HashCode h_address; | ||
300 | }; | ||
301 | |||
302 | |||
303 | /** | ||
304 | * Broadcast by peer in LAN announcing its presence. Unusual in that | ||
305 | * we don't pad these to full MTU, as we cannot prevent being | ||
306 | * recognized in LAN as GNUnet peers if this feature is enabled | ||
307 | * anyway. Also, the entire message is in cleartext. | ||
308 | */ | ||
309 | struct UDPBroadcast | ||
310 | { | ||
311 | /** | ||
312 | * Sender's peer identity. | ||
313 | */ | ||
314 | struct GNUNET_PeerIdentity sender; | ||
315 | |||
316 | /** | ||
317 | * Sender's signature of type | ||
318 | * #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST | ||
319 | */ | ||
320 | struct GNUNET_CRYPTO_EddsaSignature sender_sig; | ||
321 | }; | ||
322 | |||
323 | |||
324 | /** | ||
325 | * UDP message box. Always sent encrypted, only allowed after | ||
326 | * the receiver sent a `struct UDPAck` for the base key! | ||
327 | */ | ||
328 | struct UDPBox | ||
329 | { | ||
330 | /** | ||
331 | * Key and IV identification code. KDF applied to an acknowledged | ||
332 | * base key and a sequence number. Sequence numbers must be used | ||
333 | * monotonically increasing up to the maximum specified in | ||
334 | * `struct UDPAck`. Without further `struct UDPAck`s, the sender | ||
335 | * must fall back to sending handshakes! | ||
336 | */ | ||
337 | struct GNUNET_ShortHashCode kid; | ||
338 | |||
339 | /** | ||
340 | * 128-bit authentication tag for the following encrypted message, | ||
341 | * from GCM. MAC starts at the @e body_start that follows and | ||
342 | * extends until the end of the UDP payload. If the @e hmac is | ||
343 | * wrong, the receiver should check if the message might be a | ||
344 | * `struct UdpHandshakeSignature`. | ||
345 | */ | ||
346 | char gcm_tag[GCM_TAG_SIZE]; | ||
347 | |||
348 | /** | ||
349 | * A flag indicating, if the sender is doing rekeying. | ||
350 | */ | ||
351 | int rekeying; | ||
352 | }; | ||
353 | |||
354 | /** | ||
355 | * UDP message box. Always sent encrypted, only allowed after | ||
356 | * the receiver sent a `struct UDPAck` for the base key! | ||
357 | */ | ||
358 | struct UDPRekey | ||
359 | { | ||
360 | /** | ||
361 | * Key and IV identification code. KDF applied to an acknowledged | ||
362 | * base key and a sequence number. Sequence numbers must be used | ||
363 | * monotonically increasing up to the maximum specified in | ||
364 | * `struct UDPAck`. Without further `struct UDPAck`s, the sender | ||
365 | * must fall back to sending handshakes! | ||
366 | */ | ||
367 | struct GNUNET_ShortHashCode kid; | ||
368 | |||
369 | /** | ||
370 | * 128-bit authentication tag for the following encrypted message, | ||
371 | * from GCM. MAC starts at the @e body_start that follows and | ||
372 | * extends until the end of the UDP payload. If the @e hmac is | ||
373 | * wrong, the receiver should check if the message might be a | ||
374 | * `struct UdpHandshakeSignature`. | ||
375 | */ | ||
376 | char gcm_tag[GCM_TAG_SIZE]; | ||
377 | |||
378 | /** | ||
379 | * Sender's identity | ||
380 | */ | ||
381 | struct GNUNET_PeerIdentity sender; | ||
382 | }; | ||
383 | |||
384 | GNUNET_NETWORK_STRUCT_END | ||
385 | |||
386 | /** | ||
387 | * Shared secret we generated for a particular sender or receiver. | ||
388 | */ | ||
389 | struct SharedSecret; | ||
390 | |||
391 | |||
392 | /** | ||
393 | * Pre-generated "kid" code (key and IV identification code) to | ||
394 | * quickly derive master key for a `struct UDPBox`. | ||
395 | */ | ||
396 | struct KeyCacheEntry | ||
397 | { | ||
398 | /** | ||
399 | * Kept in a DLL. | ||
400 | */ | ||
401 | struct KeyCacheEntry *next; | ||
402 | |||
403 | /** | ||
404 | * Kept in a DLL. | ||
405 | */ | ||
406 | struct KeyCacheEntry *prev; | ||
407 | |||
408 | /** | ||
409 | * Key and IV identification code. KDF applied to an acknowledged | ||
410 | * base key and a sequence number. Sequence numbers must be used | ||
411 | * monotonically increasing up to the maximum specified in | ||
412 | * `struct UDPAck`. Without further `struct UDPAck`s, the sender | ||
413 | * must fall back to sending handshakes! | ||
414 | */ | ||
415 | struct GNUNET_ShortHashCode kid; | ||
416 | |||
417 | /** | ||
418 | * Corresponding shared secret. | ||
419 | */ | ||
420 | struct SharedSecret *ss; | ||
421 | |||
422 | /** | ||
423 | * Sequence number used to derive this entry from master key. | ||
424 | */ | ||
425 | uint32_t sequence_number; | ||
426 | }; | ||
427 | |||
428 | |||
429 | /** | ||
430 | * Information we track per sender address we have recently been | ||
431 | * in contact with (decryption from sender). | ||
432 | */ | ||
433 | struct SenderAddress; | ||
434 | |||
435 | /** | ||
436 | * Information we track per receiving address we have recently been | ||
437 | * in contact with (encryption to receiver). | ||
438 | */ | ||
439 | struct ReceiverAddress; | ||
440 | |||
441 | /** | ||
442 | * Shared secret we generated for a particular sender or receiver. | ||
443 | */ | ||
444 | struct SharedSecret | ||
445 | { | ||
446 | /** | ||
447 | * Kept in a DLL. | ||
448 | */ | ||
449 | struct SharedSecret *next; | ||
450 | |||
451 | /** | ||
452 | * Kept in a DLL. | ||
453 | */ | ||
454 | struct SharedSecret *prev; | ||
455 | |||
456 | /** | ||
457 | * Kept in a DLL, sorted by sequence number. Only if we are decrypting. | ||
458 | */ | ||
459 | struct KeyCacheEntry *kce_head; | ||
460 | |||
461 | /** | ||
462 | * Kept in a DLL, sorted by sequence number. Only if we are decrypting. | ||
463 | */ | ||
464 | struct KeyCacheEntry *kce_tail; | ||
465 | |||
466 | /** | ||
467 | * Sender we use this shared secret with, or NULL. | ||
468 | */ | ||
469 | struct SenderAddress *sender; | ||
470 | |||
471 | /** | ||
472 | * Receiver we use this shared secret with, or NULL. | ||
473 | */ | ||
474 | struct ReceiverAddress *receiver; | ||
475 | |||
476 | /** | ||
477 | * Master shared secret. | ||
478 | */ | ||
479 | struct GNUNET_HashCode master; | ||
480 | |||
481 | /** | ||
482 | * CMAC is used to identify @e master in ACKs. | ||
483 | */ | ||
484 | struct GNUNET_HashCode cmac; | ||
485 | |||
486 | /** | ||
487 | * Up to which sequence number did we use this @e master already? | ||
488 | * (for encrypting only) | ||
489 | */ | ||
490 | uint32_t sequence_used; | ||
491 | |||
492 | /** | ||
493 | * Up to which sequence number did the other peer allow us to use | ||
494 | * this key, or up to which number did we allow the other peer to | ||
495 | * use this key? | ||
496 | */ | ||
497 | uint32_t sequence_allowed; | ||
498 | |||
499 | /** | ||
500 | * Number of active KCN entries. | ||
501 | */ | ||
502 | unsigned int active_kce_count; | ||
503 | }; | ||
504 | |||
505 | |||
506 | /** | ||
507 | * Information we track per sender address we have recently been | ||
508 | * in contact with (we decrypt messages from the sender). | ||
509 | */ | ||
510 | struct SenderAddress | ||
511 | { | ||
512 | /** | ||
513 | * Shared secret we use with @e target for rekeying. | ||
514 | */ | ||
515 | struct SharedSecret *ss_rekey; | ||
516 | |||
517 | /** | ||
518 | * Flag indicating sender is initiated rekeying for this receiver. | ||
519 | */ | ||
520 | int rekeying; | ||
521 | |||
522 | /** | ||
523 | * To whom are we talking to. | ||
524 | */ | ||
525 | struct GNUNET_PeerIdentity target; | ||
526 | |||
527 | /** | ||
528 | * Entry in sender expiration heap. | ||
529 | */ | ||
530 | struct GNUNET_CONTAINER_HeapNode *hn; | ||
531 | |||
532 | /** | ||
533 | * Shared secrets we used with @e target, first used is head. | ||
534 | */ | ||
535 | struct SharedSecret *ss_head; | ||
536 | |||
537 | /** | ||
538 | * Shared secrets we used with @e target, last used is tail. | ||
539 | */ | ||
540 | struct SharedSecret *ss_tail; | ||
541 | |||
542 | /** | ||
543 | * Address of the other peer. | ||
544 | */ | ||
545 | struct sockaddr *address; | ||
546 | |||
547 | /** | ||
548 | * Length of the address. | ||
549 | */ | ||
550 | socklen_t address_len; | ||
551 | |||
552 | /** | ||
553 | * Timeout for this sender. | ||
554 | */ | ||
555 | struct GNUNET_TIME_Absolute timeout; | ||
556 | |||
557 | /** | ||
558 | * Length of the DLL at @a ss_head. | ||
559 | */ | ||
560 | unsigned int num_secrets; | ||
561 | |||
562 | /** | ||
563 | * Number of BOX keys from ACKs we have currently | ||
564 | * available for this sender. | ||
565 | */ | ||
566 | unsigned int acks_available; | ||
567 | |||
568 | /** | ||
569 | * Which network type does this queue use? | ||
570 | */ | ||
571 | enum GNUNET_NetworkType nt; | ||
572 | |||
573 | /** | ||
574 | * sender_destroy already called on sender. | ||
575 | */ | ||
576 | int sender_destroy_called; | ||
577 | |||
578 | |||
579 | /** | ||
580 | * ID of kce working queue task | ||
581 | */ | ||
582 | struct GNUNET_SCHEDULER_Task *kce_task; | ||
583 | |||
584 | /** | ||
585 | * ID of kce rekey working queue task | ||
586 | */ | ||
587 | struct GNUNET_SCHEDULER_Task *kce_task_rekey; | ||
588 | |||
589 | /** | ||
590 | * Is the kce_task finished? | ||
591 | */ | ||
592 | int kce_task_finished; | ||
593 | }; | ||
594 | |||
595 | |||
596 | /** | ||
597 | * Information we track per receiving address we have recently been | ||
598 | * in contact with (encryption to receiver). | ||
599 | */ | ||
600 | struct ReceiverAddress | ||
601 | { | ||
602 | |||
603 | /** | ||
604 | * Shared secret we use with @e target for rekeying. | ||
605 | */ | ||
606 | struct SharedSecret *ss_rekey; | ||
607 | |||
608 | /** | ||
609 | * Acks available when we started rekeying. | ||
610 | */ | ||
611 | unsigned int rekey_acks_available; | ||
612 | |||
613 | /** | ||
614 | * Send bytes for this receiver address. | ||
615 | */ | ||
616 | uint64_t rekey_send_bytes; | ||
617 | |||
618 | /** | ||
619 | * Timeout for this receiver address. | ||
620 | */ | ||
621 | struct GNUNET_TIME_Absolute rekey_timeout; | ||
622 | |||
623 | /** | ||
624 | * Flag indicating sender is initiated rekeying for this receiver. | ||
625 | */ | ||
626 | int rekeying; | ||
627 | |||
628 | /** | ||
629 | * Number of kce we retain for sending the rekeying shared secret. | ||
630 | */ | ||
631 | int number_rekeying_kce; | ||
632 | |||
633 | /** | ||
634 | * To whom are we talking to. | ||
635 | */ | ||
636 | struct GNUNET_PeerIdentity target; | ||
637 | |||
638 | /** | ||
639 | * Shared secrets we received from @e target, first used is head. | ||
640 | */ | ||
641 | struct SharedSecret *ss_head; | ||
642 | |||
643 | /** | ||
644 | * Shared secrets we received with @e target, last used is tail. | ||
645 | */ | ||
646 | struct SharedSecret *ss_tail; | ||
647 | |||
648 | /** | ||
649 | * Address of the receiver in the human-readable format | ||
650 | * with the #COMMUNICATOR_ADDRESS_PREFIX. | ||
651 | */ | ||
652 | char *foreign_addr; | ||
653 | |||
654 | /** | ||
655 | * Address of the other peer. | ||
656 | */ | ||
657 | struct sockaddr *address; | ||
658 | |||
659 | /** | ||
660 | * Length of the address. | ||
661 | */ | ||
662 | socklen_t address_len; | ||
663 | |||
664 | /** | ||
665 | * Entry in sender expiration heap. | ||
666 | */ | ||
667 | struct GNUNET_CONTAINER_HeapNode *hn; | ||
668 | |||
669 | /** | ||
670 | * KX message queue we are providing for the #ch. | ||
671 | */ | ||
672 | struct GNUNET_MQ_Handle *kx_mq; | ||
673 | |||
674 | /** | ||
675 | * Default message queue we are providing for the #ch. | ||
676 | */ | ||
677 | struct GNUNET_MQ_Handle *d_mq; | ||
678 | |||
679 | /** | ||
680 | * handle for KX queue with the #ch. | ||
681 | */ | ||
682 | struct GNUNET_TRANSPORT_QueueHandle *kx_qh; | ||
683 | |||
684 | /** | ||
685 | * handle for default queue with the #ch. | ||
686 | */ | ||
687 | struct GNUNET_TRANSPORT_QueueHandle *d_qh; | ||
688 | |||
689 | /** | ||
690 | * Timeout for this receiver address. | ||
691 | */ | ||
692 | struct GNUNET_TIME_Absolute timeout; | ||
693 | |||
694 | /** | ||
695 | * MTU we allowed transport for this receiver's KX queue. | ||
696 | */ | ||
697 | size_t kx_mtu; | ||
698 | |||
699 | /** | ||
700 | * MTU we allowed transport for this receiver's default queue. | ||
701 | */ | ||
702 | size_t d_mtu; | ||
703 | |||
704 | /** | ||
705 | * Length of the DLL at @a ss_head. | ||
706 | */ | ||
707 | unsigned int num_secrets; | ||
708 | |||
709 | /** | ||
710 | * Number of BOX keys from ACKs we have currently | ||
711 | * available for this receiver. | ||
712 | */ | ||
713 | unsigned int acks_available; | ||
714 | |||
715 | /** | ||
716 | * Which network type does this queue use? | ||
717 | */ | ||
718 | enum GNUNET_NetworkType nt; | ||
719 | |||
720 | /** | ||
721 | * receiver_destroy already called on receiver. | ||
722 | */ | ||
723 | int receiver_destroy_called; | ||
724 | }; | ||
725 | |||
726 | /** | ||
727 | * Interface we broadcast our presence on. | ||
728 | */ | ||
729 | struct BroadcastInterface | ||
730 | { | ||
731 | /** | ||
732 | * Kept in a DLL. | ||
733 | */ | ||
734 | struct BroadcastInterface *next; | ||
735 | |||
736 | /** | ||
737 | * Kept in a DLL. | ||
738 | */ | ||
739 | struct BroadcastInterface *prev; | ||
740 | |||
741 | /** | ||
742 | * Task for this broadcast interface. | ||
743 | */ | ||
744 | struct GNUNET_SCHEDULER_Task *broadcast_task; | ||
745 | |||
746 | /** | ||
747 | * Sender's address of the interface. | ||
748 | */ | ||
749 | struct sockaddr *sa; | ||
750 | |||
751 | /** | ||
752 | * Broadcast address to use on the interface. | ||
753 | */ | ||
754 | struct sockaddr *ba; | ||
755 | |||
756 | /** | ||
757 | * Message we broadcast on this interface. | ||
758 | */ | ||
759 | struct UDPBroadcast bcm; | ||
760 | |||
761 | /** | ||
762 | * If this is an IPv6 interface, this is the request | ||
763 | * we use to join/leave the group. | ||
764 | */ | ||
765 | struct ipv6_mreq mcreq; | ||
766 | |||
767 | /** | ||
768 | * Number of bytes in @e sa. | ||
769 | */ | ||
770 | socklen_t salen; | ||
771 | |||
772 | /** | ||
773 | * Was this interface found in the last #iface_proc() scan? | ||
774 | */ | ||
775 | int found; | ||
776 | }; | ||
777 | |||
778 | /** | ||
779 | * The rekey interval | ||
780 | */ | ||
781 | static struct GNUNET_TIME_Relative rekey_interval; | ||
782 | |||
783 | /** | ||
784 | * How often we do rekey based on number of bytes transmitted | ||
785 | */ | ||
786 | static unsigned long long rekey_max_bytes; | ||
787 | /** | ||
788 | * Shared secret we finished the last kce working queue for. | ||
789 | */ | ||
790 | struct SharedSecret *ss_finished; | ||
791 | |||
792 | /** | ||
793 | * Cache of pre-generated key IDs. | ||
794 | */ | ||
795 | static struct GNUNET_CONTAINER_MultiShortmap *key_cache; | ||
796 | |||
797 | /** | ||
798 | * ID of read task | ||
799 | */ | ||
800 | static struct GNUNET_SCHEDULER_Task *read_task; | ||
801 | |||
802 | /** | ||
803 | * ID of timeout task | ||
804 | */ | ||
805 | static struct GNUNET_SCHEDULER_Task *timeout_task; | ||
806 | |||
807 | /** | ||
808 | * ID of master broadcast task | ||
809 | */ | ||
810 | static struct GNUNET_SCHEDULER_Task *broadcast_task; | ||
811 | |||
812 | /** | ||
813 | * For logging statistics. | ||
814 | */ | ||
815 | static struct GNUNET_STATISTICS_Handle *stats; | ||
816 | |||
817 | /** | ||
818 | * Our environment. | ||
819 | */ | ||
820 | static struct GNUNET_TRANSPORT_CommunicatorHandle *ch; | ||
821 | |||
822 | /** | ||
823 | * Receivers (map from peer identity to `struct ReceiverAddress`) | ||
824 | */ | ||
825 | static struct GNUNET_CONTAINER_MultiPeerMap *receivers; | ||
826 | |||
827 | /** | ||
828 | * Senders (map from peer identity to `struct SenderAddress`) | ||
829 | */ | ||
830 | static struct GNUNET_CONTAINER_MultiPeerMap *senders; | ||
831 | |||
832 | /** | ||
833 | * Expiration heap for senders (contains `struct SenderAddress`) | ||
834 | */ | ||
835 | static struct GNUNET_CONTAINER_Heap *senders_heap; | ||
836 | |||
837 | /** | ||
838 | * Expiration heap for receivers (contains `struct ReceiverAddress`) | ||
839 | */ | ||
840 | static struct GNUNET_CONTAINER_Heap *receivers_heap; | ||
841 | |||
842 | /** | ||
843 | * Broadcast interface tasks. Kept in a DLL. | ||
844 | */ | ||
845 | static struct BroadcastInterface *bi_head; | ||
846 | |||
847 | /** | ||
848 | * Broadcast interface tasks. Kept in a DLL. | ||
849 | */ | ||
850 | static struct BroadcastInterface *bi_tail; | ||
851 | |||
852 | /** | ||
853 | * Our socket. | ||
854 | */ | ||
855 | static struct GNUNET_NETWORK_Handle *udp_sock; | ||
856 | |||
857 | /** | ||
858 | * #GNUNET_YES if #udp_sock supports IPv6. | ||
859 | */ | ||
860 | static int have_v6_socket; | ||
861 | |||
862 | /** | ||
863 | * Our public key. | ||
864 | */ | ||
865 | static struct GNUNET_PeerIdentity my_identity; | ||
866 | |||
867 | /** | ||
868 | * Our private key. | ||
869 | */ | ||
870 | static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key; | ||
871 | |||
872 | /** | ||
873 | * Our configuration. | ||
874 | */ | ||
875 | static const struct GNUNET_CONFIGURATION_Handle *cfg; | ||
876 | |||
877 | /** | ||
878 | * Our handle to report addresses for validation to TRANSPORT. | ||
879 | */ | ||
880 | static struct GNUNET_TRANSPORT_ApplicationHandle *ah; | ||
881 | |||
882 | /** | ||
883 | * Network scanner to determine network types. | ||
884 | */ | ||
885 | static struct GNUNET_NT_InterfaceScanner *is; | ||
886 | |||
887 | /** | ||
888 | * Connection to NAT service. | ||
889 | */ | ||
890 | static struct GNUNET_NAT_Handle *nat; | ||
891 | |||
892 | /** | ||
893 | * Port number to which we are actually bound. | ||
894 | */ | ||
895 | static uint16_t my_port; | ||
896 | |||
897 | |||
898 | /** | ||
899 | * An interface went away, stop broadcasting on it. | ||
900 | * | ||
901 | * @param bi entity to close down | ||
902 | */ | ||
903 | static void | ||
904 | bi_destroy (struct BroadcastInterface *bi) | ||
905 | { | ||
906 | if (AF_INET6 == bi->sa->sa_family) | ||
907 | { | ||
908 | /* Leave the multicast group */ | ||
909 | if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock, | ||
910 | IPPROTO_IPV6, | ||
911 | IPV6_LEAVE_GROUP, | ||
912 | &bi->mcreq, | ||
913 | sizeof(bi->mcreq))) | ||
914 | { | ||
915 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt"); | ||
916 | } | ||
917 | } | ||
918 | GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi); | ||
919 | GNUNET_SCHEDULER_cancel (bi->broadcast_task); | ||
920 | GNUNET_free (bi->sa); | ||
921 | GNUNET_free (bi->ba); | ||
922 | GNUNET_free (bi); | ||
923 | } | ||
924 | |||
925 | |||
926 | /** | ||
927 | * Destroys a receiving state due to timeout or shutdown. | ||
928 | * | ||
929 | * @param receiver entity to close down | ||
930 | */ | ||
931 | static void | ||
932 | receiver_destroy (struct ReceiverAddress *receiver) | ||
933 | { | ||
934 | |||
935 | receiver->receiver_destroy_called = GNUNET_YES; | ||
936 | |||
937 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
938 | "Disconnecting receiver for peer `%s'\n", | ||
939 | GNUNET_i2s (&receiver->target)); | ||
940 | /*if (NULL != (mq = receiver->kx_mq)) | ||
941 | { | ||
942 | receiver->kx_mq = NULL; | ||
943 | GNUNET_MQ_destroy (mq); | ||
944 | }*/ | ||
945 | if (NULL != receiver->kx_qh) | ||
946 | { | ||
947 | GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh); | ||
948 | receiver->kx_qh = NULL; | ||
949 | receiver->kx_mq = NULL; | ||
950 | } | ||
951 | /*if (NULL != (mq = receiver->d_mq)) | ||
952 | { | ||
953 | receiver->d_mq = NULL; | ||
954 | GNUNET_MQ_destroy (mq); | ||
955 | }*/ | ||
956 | if (NULL != receiver->d_qh) | ||
957 | { | ||
958 | GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh); | ||
959 | receiver->d_qh = NULL; | ||
960 | } | ||
961 | GNUNET_assert (GNUNET_YES == | ||
962 | GNUNET_CONTAINER_multipeermap_remove (receivers, | ||
963 | &receiver->target, | ||
964 | receiver)); | ||
965 | GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn)); | ||
966 | GNUNET_STATISTICS_set (stats, | ||
967 | "# receivers active", | ||
968 | GNUNET_CONTAINER_multipeermap_size (receivers), | ||
969 | GNUNET_NO); | ||
970 | GNUNET_free (receiver->address); | ||
971 | GNUNET_free (receiver->foreign_addr); | ||
972 | GNUNET_free (receiver); | ||
973 | } | ||
974 | |||
975 | |||
976 | /** | ||
977 | * Free memory used by key cache entry. | ||
978 | * | ||
979 | * @param kce the key cache entry | ||
980 | */ | ||
981 | static void | ||
982 | kce_destroy (struct KeyCacheEntry *kce) | ||
983 | { | ||
984 | struct SharedSecret *ss = kce->ss; | ||
985 | |||
986 | ss->active_kce_count--; | ||
987 | ss->sender->acks_available--; | ||
988 | GNUNET_CONTAINER_DLL_remove (ss->kce_head, ss->kce_tail, kce); | ||
989 | GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multishortmap_remove (key_cache, | ||
990 | &kce->kid, | ||
991 | kce)); | ||
992 | GNUNET_free (kce); | ||
993 | } | ||
994 | |||
995 | |||
996 | /** | ||
997 | * Compute @a kid. | ||
998 | * | ||
999 | * @param msec master secret for HMAC calculation | ||
1000 | * @param serial number for the @a smac calculation | ||
1001 | * @param kid[out] where to write the key ID | ||
1002 | */ | ||
1003 | static void | ||
1004 | get_kid (const struct GNUNET_HashCode *msec, | ||
1005 | uint32_t serial, | ||
1006 | struct GNUNET_ShortHashCode *kid) | ||
1007 | { | ||
1008 | uint32_t sid = htonl (serial); | ||
1009 | |||
1010 | GNUNET_CRYPTO_hkdf (kid, | ||
1011 | sizeof(*kid), | ||
1012 | GCRY_MD_SHA512, | ||
1013 | GCRY_MD_SHA256, | ||
1014 | &sid, | ||
1015 | sizeof(sid), | ||
1016 | msec, | ||
1017 | sizeof(*msec), | ||
1018 | "UDP-KID", | ||
1019 | strlen ("UDP-KID"), | ||
1020 | NULL, | ||
1021 | 0); | ||
1022 | } | ||
1023 | |||
1024 | |||
1025 | /** | ||
1026 | * Setup key cache entry for sequence number @a seq and shared secret @a ss. | ||
1027 | * | ||
1028 | * @param ss shared secret | ||
1029 | * @param seq sequence number for the key cache entry | ||
1030 | */ | ||
1031 | static void | ||
1032 | kce_generate (struct SharedSecret *ss, uint32_t seq) | ||
1033 | { | ||
1034 | struct KeyCacheEntry *kce; | ||
1035 | |||
1036 | GNUNET_assert (0 < seq); | ||
1037 | kce = GNUNET_new (struct KeyCacheEntry); | ||
1038 | kce->ss = ss; | ||
1039 | kce->sequence_number = seq; | ||
1040 | get_kid (&ss->master, seq, &kce->kid); | ||
1041 | GNUNET_CONTAINER_DLL_insert (ss->kce_head, ss->kce_tail, kce); | ||
1042 | ss->active_kce_count++; | ||
1043 | ss->sender->acks_available++; | ||
1044 | (void) GNUNET_CONTAINER_multishortmap_put ( | ||
1045 | key_cache, | ||
1046 | &kce->kid, | ||
1047 | kce, | ||
1048 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); | ||
1049 | GNUNET_STATISTICS_set (stats, | ||
1050 | "# KIDs active", | ||
1051 | GNUNET_CONTAINER_multishortmap_size (key_cache), | ||
1052 | GNUNET_NO); | ||
1053 | } | ||
1054 | |||
1055 | |||
1056 | /** | ||
1057 | * Destroy @a ss and associated key cache entries. | ||
1058 | * | ||
1059 | * @param ss shared secret to destroy | ||
1060 | * @param withoutKce If GNUNET_YES shared secrets with kce will not be destroyed. | ||
1061 | */ | ||
1062 | static int | ||
1063 | secret_destroy (struct SharedSecret *ss, int withoutKce) | ||
1064 | { | ||
1065 | struct SenderAddress *sender; | ||
1066 | struct ReceiverAddress *receiver; | ||
1067 | struct KeyCacheEntry *kce; | ||
1068 | |||
1069 | if (withoutKce && (ss->sequence_allowed > 0)) | ||
1070 | return GNUNET_NO; | ||
1071 | |||
1072 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1073 | "secret %s destroy %u %u\n", | ||
1074 | GNUNET_h2s (&ss->master), | ||
1075 | withoutKce, | ||
1076 | ss->sequence_allowed); | ||
1077 | if (NULL != (sender = ss->sender)) | ||
1078 | { | ||
1079 | GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss); | ||
1080 | sender->num_secrets--; | ||
1081 | } | ||
1082 | if (NULL != (receiver = ss->receiver)) | ||
1083 | { | ||
1084 | GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss); | ||
1085 | receiver->num_secrets--; | ||
1086 | // Uncomment this for alternativ 1 of backchannel functionality | ||
1087 | receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used); | ||
1088 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1089 | "%u receiver->acks_available 3\n", | ||
1090 | receiver->acks_available); | ||
1091 | // Until here for alternativ 1 | ||
1092 | } | ||
1093 | while (NULL != (kce = ss->kce_head)) | ||
1094 | kce_destroy (kce); | ||
1095 | GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO); | ||
1096 | GNUNET_STATISTICS_set (stats, | ||
1097 | "# KIDs active", | ||
1098 | GNUNET_CONTAINER_multishortmap_size (key_cache), | ||
1099 | GNUNET_NO); | ||
1100 | GNUNET_free (ss); | ||
1101 | return GNUNET_YES; | ||
1102 | } | ||
1103 | |||
1104 | |||
1105 | /** | ||
1106 | * Functions with this signature are called whenever we need | ||
1107 | * to close a sender's state due to timeout. | ||
1108 | * | ||
1109 | * @param sender entity to close down | ||
1110 | */ | ||
1111 | static void | ||
1112 | sender_destroy (struct SenderAddress *sender) | ||
1113 | { | ||
1114 | sender->sender_destroy_called = GNUNET_YES; | ||
1115 | GNUNET_assert ( | ||
1116 | GNUNET_YES == | ||
1117 | GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender)); | ||
1118 | GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn)); | ||
1119 | GNUNET_STATISTICS_set (stats, | ||
1120 | "# senders active", | ||
1121 | GNUNET_CONTAINER_multipeermap_size (senders), | ||
1122 | GNUNET_NO); | ||
1123 | GNUNET_free (sender->address); | ||
1124 | GNUNET_free (sender); | ||
1125 | } | ||
1126 | |||
1127 | |||
1128 | /** | ||
1129 | * Compute @a key and @a iv. | ||
1130 | * | ||
1131 | * @param msec master secret for calculation | ||
1132 | * @param serial number for the @a smac calculation | ||
1133 | * @param key[out] where to write the decryption key | ||
1134 | * @param iv[out] where to write the IV | ||
1135 | */ | ||
1136 | static void | ||
1137 | get_iv_key (const struct GNUNET_HashCode *msec, | ||
1138 | uint32_t serial, | ||
1139 | char key[AES_KEY_SIZE], | ||
1140 | char iv[AES_IV_SIZE]) | ||
1141 | { | ||
1142 | uint32_t sid = htonl (serial); | ||
1143 | char res[AES_KEY_SIZE + AES_IV_SIZE]; | ||
1144 | |||
1145 | GNUNET_CRYPTO_hkdf (res, | ||
1146 | sizeof(res), | ||
1147 | GCRY_MD_SHA512, | ||
1148 | GCRY_MD_SHA256, | ||
1149 | &sid, | ||
1150 | sizeof(sid), | ||
1151 | msec, | ||
1152 | sizeof(*msec), | ||
1153 | "UDP-IV-KEY", | ||
1154 | strlen ("UDP-IV-KEY"), | ||
1155 | NULL, | ||
1156 | 0); | ||
1157 | memcpy (key, res, AES_KEY_SIZE); | ||
1158 | memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE); | ||
1159 | } | ||
1160 | |||
1161 | |||
1162 | /** | ||
1163 | * Increment sender timeout due to activity. | ||
1164 | * | ||
1165 | * @param sender address for which the timeout should be rescheduled | ||
1166 | */ | ||
1167 | static void | ||
1168 | reschedule_sender_timeout (struct SenderAddress *sender) | ||
1169 | { | ||
1170 | sender->timeout = | ||
1171 | GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); | ||
1172 | GNUNET_CONTAINER_heap_update_cost (sender->hn, sender->timeout.abs_value_us); | ||
1173 | } | ||
1174 | |||
1175 | |||
1176 | /** | ||
1177 | * Increment receiver timeout due to activity. | ||
1178 | * | ||
1179 | * @param receiver address for which the timeout should be rescheduled | ||
1180 | */ | ||
1181 | static void | ||
1182 | reschedule_receiver_timeout (struct ReceiverAddress *receiver) | ||
1183 | { | ||
1184 | receiver->timeout = | ||
1185 | GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); | ||
1186 | GNUNET_CONTAINER_heap_update_cost (receiver->hn, | ||
1187 | receiver->timeout.abs_value_us); | ||
1188 | } | ||
1189 | |||
1190 | |||
1191 | /** | ||
1192 | * Task run to check #receiver_heap and #sender_heap for timeouts. | ||
1193 | * | ||
1194 | * @param cls unused, NULL | ||
1195 | */ | ||
1196 | static void | ||
1197 | check_timeouts (void *cls) | ||
1198 | { | ||
1199 | struct GNUNET_TIME_Relative st; | ||
1200 | struct GNUNET_TIME_Relative rt; | ||
1201 | struct GNUNET_TIME_Relative delay; | ||
1202 | struct ReceiverAddress *receiver; | ||
1203 | struct SenderAddress *sender; | ||
1204 | |||
1205 | (void) cls; | ||
1206 | timeout_task = NULL; | ||
1207 | rt = GNUNET_TIME_UNIT_FOREVER_REL; | ||
1208 | while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap))) | ||
1209 | { | ||
1210 | /* if (GNUNET_YES != receiver->receiver_destroy_called) */ | ||
1211 | /* { */ | ||
1212 | rt = GNUNET_TIME_absolute_get_remaining (receiver->timeout); | ||
1213 | if (0 != rt.rel_value_us) | ||
1214 | break; | ||
1215 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1216 | "Receiver timed out\n"); | ||
1217 | receiver_destroy (receiver); | ||
1218 | // } | ||
1219 | } | ||
1220 | st = GNUNET_TIME_UNIT_FOREVER_REL; | ||
1221 | while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap))) | ||
1222 | { | ||
1223 | if (GNUNET_YES != sender->sender_destroy_called) | ||
1224 | { | ||
1225 | st = GNUNET_TIME_absolute_get_remaining (sender->timeout); | ||
1226 | if (0 != st.rel_value_us) | ||
1227 | break; | ||
1228 | sender_destroy (sender); | ||
1229 | } | ||
1230 | } | ||
1231 | delay = GNUNET_TIME_relative_min (rt, st); | ||
1232 | if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us) | ||
1233 | timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL); | ||
1234 | } | ||
1235 | |||
1236 | |||
1237 | /** | ||
1238 | * Calculate cmac from master in @a ss. | ||
1239 | * | ||
1240 | * @param ss[in,out] data structure to complete | ||
1241 | */ | ||
1242 | static void | ||
1243 | calculate_cmac (struct SharedSecret *ss) | ||
1244 | { | ||
1245 | GNUNET_CRYPTO_hkdf (&ss->cmac, | ||
1246 | sizeof(ss->cmac), | ||
1247 | GCRY_MD_SHA512, | ||
1248 | GCRY_MD_SHA256, | ||
1249 | "CMAC", | ||
1250 | strlen ("CMAC"), | ||
1251 | &ss->master, | ||
1252 | sizeof(ss->master), | ||
1253 | "UDP-CMAC", | ||
1254 | strlen ("UDP-CMAC"), | ||
1255 | NULL, | ||
1256 | 0); | ||
1257 | } | ||
1258 | |||
1259 | |||
1260 | /** | ||
1261 | * We received @a plaintext_len bytes of @a plaintext from a @a sender. | ||
1262 | * Pass it on to CORE. | ||
1263 | * | ||
1264 | * @param queue the queue that received the plaintext | ||
1265 | * @param plaintext the plaintext that was received | ||
1266 | * @param plaintext_len number of bytes of plaintext received | ||
1267 | */ | ||
1268 | static void | ||
1269 | pass_plaintext_to_core (struct SenderAddress *sender, | ||
1270 | const void *plaintext, | ||
1271 | size_t plaintext_len) | ||
1272 | { | ||
1273 | const struct GNUNET_MessageHeader *hdr = plaintext; | ||
1274 | const char *pos = plaintext; | ||
1275 | |||
1276 | while (ntohs (hdr->size) < plaintext_len) | ||
1277 | { | ||
1278 | GNUNET_STATISTICS_update (stats, | ||
1279 | "# bytes given to core", | ||
1280 | ntohs (hdr->size), | ||
1281 | GNUNET_NO); | ||
1282 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1283 | "Giving %u bytes to TNG\n", ntohs (hdr->size)); | ||
1284 | GNUNET_assert (GNUNET_SYSERR != | ||
1285 | GNUNET_TRANSPORT_communicator_receive (ch, | ||
1286 | &sender->target, | ||
1287 | hdr, | ||
1288 | ADDRESS_VALIDITY_PERIOD, | ||
1289 | NULL /* no flow control possible */ | ||
1290 | , | ||
1291 | NULL)); | ||
1292 | /* move on to next message, if any */ | ||
1293 | plaintext_len -= ntohs (hdr->size); | ||
1294 | if (plaintext_len < sizeof(*hdr)) | ||
1295 | break; | ||
1296 | pos += ntohs (hdr->size); | ||
1297 | hdr = (const struct GNUNET_MessageHeader *) pos; | ||
1298 | // TODO for now..., we do not actually sen >1msg or have a way of telling | ||
1299 | // if we are done | ||
1300 | break; | ||
1301 | } | ||
1302 | GNUNET_STATISTICS_update (stats, | ||
1303 | "# bytes padding discarded", | ||
1304 | plaintext_len, | ||
1305 | GNUNET_NO); | ||
1306 | } | ||
1307 | |||
1308 | |||
1309 | /** | ||
1310 | * Setup @a cipher based on shared secret @a msec and | ||
1311 | * serial number @a serial. | ||
1312 | * | ||
1313 | * @param msec master shared secret | ||
1314 | * @param serial serial number of cipher to set up | ||
1315 | * @param cipher[out] cipher to initialize | ||
1316 | */ | ||
1317 | static void | ||
1318 | setup_cipher (const struct GNUNET_HashCode *msec, | ||
1319 | uint32_t serial, | ||
1320 | gcry_cipher_hd_t *cipher) | ||
1321 | { | ||
1322 | char key[AES_KEY_SIZE]; | ||
1323 | char iv[AES_IV_SIZE]; | ||
1324 | int rc; | ||
1325 | |||
1326 | GNUNET_assert (0 == | ||
1327 | gcry_cipher_open (cipher, | ||
1328 | GCRY_CIPHER_AES256 /* low level: go for speed */, | ||
1329 | GCRY_CIPHER_MODE_GCM, | ||
1330 | 0 /* flags */)); | ||
1331 | get_iv_key (msec, serial, key, iv); | ||
1332 | rc = gcry_cipher_setkey (*cipher, key, sizeof(key)); | ||
1333 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | ||
1334 | rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv)); | ||
1335 | GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY)); | ||
1336 | } | ||
1337 | |||
1338 | |||
1339 | /** | ||
1340 | * Try to decrypt @a buf using shared secret @a ss and key/iv | ||
1341 | * derived using @a serial. | ||
1342 | * | ||
1343 | * @param ss shared secret | ||
1344 | * @param tag GCM authentication tag | ||
1345 | * @param serial serial number to use | ||
1346 | * @param in_buf input buffer to decrypt | ||
1347 | * @param in_buf_size number of bytes in @a in_buf and available in @a out_buf | ||
1348 | * @param out_buf where to write the result | ||
1349 | * @return #GNUNET_OK on success | ||
1350 | */ | ||
1351 | static int | ||
1352 | try_decrypt (const struct SharedSecret *ss, | ||
1353 | const char tag[GCM_TAG_SIZE], | ||
1354 | uint32_t serial, | ||
1355 | const char *in_buf, | ||
1356 | size_t in_buf_size, | ||
1357 | char *out_buf) | ||
1358 | { | ||
1359 | gcry_cipher_hd_t cipher; | ||
1360 | |||
1361 | setup_cipher (&ss->master, serial, &cipher); | ||
1362 | GNUNET_assert ( | ||
1363 | 0 == | ||
1364 | gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size)); | ||
1365 | if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE)) | ||
1366 | { | ||
1367 | gcry_cipher_close (cipher); | ||
1368 | GNUNET_STATISTICS_update (stats, | ||
1369 | "# AEAD authentication failures", | ||
1370 | 1, | ||
1371 | GNUNET_NO); | ||
1372 | return GNUNET_SYSERR; | ||
1373 | } | ||
1374 | gcry_cipher_close (cipher); | ||
1375 | return GNUNET_OK; | ||
1376 | } | ||
1377 | |||
1378 | |||
1379 | /** | ||
1380 | * Setup shared secret for decryption. | ||
1381 | * | ||
1382 | * @param ephemeral ephemeral key we received from the other peer | ||
1383 | * @return new shared secret | ||
1384 | */ | ||
1385 | static struct SharedSecret * | ||
1386 | setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral) | ||
1387 | { | ||
1388 | struct SharedSecret *ss; | ||
1389 | |||
1390 | ss = GNUNET_new (struct SharedSecret); | ||
1391 | GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master); | ||
1392 | return ss; | ||
1393 | } | ||
1394 | |||
1395 | |||
1396 | /** | ||
1397 | * Setup shared secret for encryption. | ||
1398 | * | ||
1399 | * @param ephemeral ephemeral key we are sending to the other peer | ||
1400 | * @param receiver[in,out] queue to initialize encryption key for | ||
1401 | * @return new shared secret | ||
1402 | */ | ||
1403 | static struct SharedSecret * | ||
1404 | setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, | ||
1405 | struct ReceiverAddress *receiver, int add_to_receiver) | ||
1406 | { | ||
1407 | struct SharedSecret *ss; | ||
1408 | |||
1409 | ss = GNUNET_new (struct SharedSecret); | ||
1410 | GNUNET_CRYPTO_ecdh_eddsa (ephemeral, | ||
1411 | &receiver->target.public_key, | ||
1412 | &ss->master); | ||
1413 | calculate_cmac (ss); | ||
1414 | ss->receiver = receiver; | ||
1415 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); | ||
1416 | receiver->num_secrets++; | ||
1417 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | ||
1418 | return ss; | ||
1419 | } | ||
1420 | |||
1421 | |||
1422 | /** | ||
1423 | * Setup the MQ for the @a receiver. If a queue exists, | ||
1424 | * the existing one is destroyed. Then the MTU is | ||
1425 | * recalculated and a fresh queue is initialized. | ||
1426 | * | ||
1427 | * @param receiver receiver to setup MQ for | ||
1428 | */ | ||
1429 | static void | ||
1430 | setup_receiver_mq (struct ReceiverAddress *receiver); | ||
1431 | |||
1432 | /** | ||
1433 | * Destroying all secrets. Depending on parameter we keep those secrets having a kce. | ||
1434 | * | ||
1435 | * @param ss The secret we will not destroy. | ||
1436 | * @param withoutKce If GNUNET_YES shared secrets with kce will not be destroyed. | ||
1437 | */ | ||
1438 | static void | ||
1439 | destroy_all_secrets (struct SharedSecret *ss, int withoutKce) | ||
1440 | { | ||
1441 | struct SenderAddress *sender; | ||
1442 | struct ReceiverAddress *receiver; | ||
1443 | struct SharedSecret *ss_to_destroy; | ||
1444 | struct SharedSecret *ss_start; | ||
1445 | struct SharedSecret *pos; | ||
1446 | int at_least_one_destroyed = GNUNET_NO; | ||
1447 | |||
1448 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1449 | "Starting destroy all withoutKce: %u.\n", | ||
1450 | withoutKce); | ||
1451 | |||
1452 | if (NULL != (sender = ss->sender)) | ||
1453 | { | ||
1454 | ss_start = sender->ss_head; | ||
1455 | } | ||
1456 | else if (NULL != (receiver = ss->receiver)) | ||
1457 | { | ||
1458 | ss_start = receiver->ss_head; | ||
1459 | } | ||
1460 | else | ||
1461 | { | ||
1462 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
1463 | "Shared secret has no sender or receiver!\n"); | ||
1464 | return; | ||
1465 | } | ||
1466 | |||
1467 | pos = ss_start; | ||
1468 | while (NULL != pos) | ||
1469 | { | ||
1470 | ss_to_destroy = pos; | ||
1471 | pos = pos->next; | ||
1472 | |||
1473 | if (ss != ss_to_destroy) | ||
1474 | at_least_one_destroyed = secret_destroy (ss_to_destroy, withoutKce); | ||
1475 | } | ||
1476 | |||
1477 | if ((ss != ss_start) && ! at_least_one_destroyed) | ||
1478 | { | ||
1479 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1480 | "Really destroying all.\n"); | ||
1481 | destroy_all_secrets (ss_start, GNUNET_NO); | ||
1482 | } | ||
1483 | |||
1484 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1485 | "Finished destroy all.\n"); | ||
1486 | } | ||
1487 | |||
1488 | |||
1489 | static void | ||
1490 | add_acks (struct SharedSecret *ss, int acks_to_add) | ||
1491 | { | ||
1492 | |||
1493 | struct ReceiverAddress *receiver = ss->receiver; | ||
1494 | |||
1495 | GNUNET_assert (NULL != ss); | ||
1496 | GNUNET_assert (NULL != receiver); | ||
1497 | GNUNET_assert (NULL != receiver->d_qh); | ||
1498 | |||
1499 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1500 | "Tell transport we have %u more acks!\n", | ||
1501 | acks_to_add); | ||
1502 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1503 | "%u kce for rekeying.\n", | ||
1504 | receiver->number_rekeying_kce); | ||
1505 | GNUNET_TRANSPORT_communicator_mq_update (ch, | ||
1506 | receiver->d_qh, | ||
1507 | acks_to_add, | ||
1508 | 1); | ||
1509 | // Until here for alternativ 1 | ||
1510 | |||
1511 | /* move ss to head to avoid discarding it anytime soon! */ | ||
1512 | |||
1513 | GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss); | ||
1514 | GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss); | ||
1515 | destroy_all_secrets (ss, GNUNET_YES); | ||
1516 | } | ||
1517 | |||
1518 | |||
1519 | static uint32_t | ||
1520 | reset_rekey_kces (struct ReceiverAddress *receiver, | ||
1521 | uint32_t acks_to_add) | ||
1522 | { | ||
1523 | int needed_for_rekeying; | ||
1524 | |||
1525 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1526 | "%u kce for rekeying and %u acks_to_add\n", | ||
1527 | receiver->number_rekeying_kce, | ||
1528 | acks_to_add); | ||
1529 | |||
1530 | needed_for_rekeying = (3 - receiver->number_rekeying_kce); | ||
1531 | if (acks_to_add <= needed_for_rekeying) | ||
1532 | { | ||
1533 | receiver->number_rekeying_kce += acks_to_add; | ||
1534 | acks_to_add = 0; | ||
1535 | } | ||
1536 | else | ||
1537 | { | ||
1538 | acks_to_add -= (3 - receiver->number_rekeying_kce); | ||
1539 | receiver->number_rekeying_kce = 3; | ||
1540 | } | ||
1541 | |||
1542 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1543 | "%u kce for rekeying and %u acks_to_add\n", | ||
1544 | receiver->number_rekeying_kce, | ||
1545 | acks_to_add); | ||
1546 | return acks_to_add; | ||
1547 | } | ||
1548 | |||
1549 | |||
1550 | static void | ||
1551 | add_acks_rekey (struct ReceiverAddress *receiver) | ||
1552 | { | ||
1553 | uint32_t acks_to_add = receiver->ss_rekey->sequence_allowed; | ||
1554 | |||
1555 | if (receiver->number_rekeying_kce < 3) | ||
1556 | acks_to_add = reset_rekey_kces (receiver, acks_to_add); | ||
1557 | receiver->acks_available = receiver->ss_rekey->sequence_allowed; | ||
1558 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1559 | "%u receiver->acks_available 4\n", | ||
1560 | receiver->acks_available); | ||
1561 | /* add_acks (receiver->ss_rekey, acks_to_add - 3); */ | ||
1562 | if (0 != acks_to_add) | ||
1563 | { | ||
1564 | add_acks (receiver->ss_rekey, acks_to_add); | ||
1565 | } | ||
1566 | receiver->ss_rekey = NULL; | ||
1567 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1568 | "# rekeying successful\n"); | ||
1569 | GNUNET_STATISTICS_update (stats, | ||
1570 | "# rekeying successful", | ||
1571 | 1, | ||
1572 | GNUNET_NO); | ||
1573 | } | ||
1574 | |||
1575 | |||
1576 | /** | ||
1577 | * We received an ACK for @a pid. Check if it is for | ||
1578 | * the receiver in @a value and if so, handle it and | ||
1579 | * return #GNUNET_NO. Otherwise, return #GNUNET_YES. | ||
1580 | * | ||
1581 | * @param cls a `const struct UDPAck` | ||
1582 | * @param pid peer the ACK is from | ||
1583 | * @param value a `struct ReceiverAddress` | ||
1584 | * @return #GNUNET_YES to continue to iterate | ||
1585 | */ | ||
1586 | static int | ||
1587 | handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value) | ||
1588 | { | ||
1589 | const struct UDPAck *ack = cls; | ||
1590 | struct ReceiverAddress *receiver = value; | ||
1591 | uint32_t acks_to_add; | ||
1592 | uint32_t allowed; | ||
1593 | // int needed_for_rekeying; | ||
1594 | |||
1595 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1596 | "in handle ack with cmac %s\n", | ||
1597 | GNUNET_h2s (&ack->cmac)); | ||
1598 | |||
1599 | if (NULL != receiver->ss_rekey) | ||
1600 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1601 | "We have rekey secret with cmac %s \n", | ||
1602 | GNUNET_h2s (&receiver->ss_rekey->cmac)); | ||
1603 | |||
1604 | if ((NULL != receiver->ss_rekey) && (0 == memcmp (&ack->cmac, | ||
1605 | &receiver->ss_rekey->cmac, | ||
1606 | sizeof(struct | ||
1607 | GNUNET_HashCode))) ) | ||
1608 | { | ||
1609 | allowed = ntohl (ack->sequence_max); | ||
1610 | |||
1611 | if (allowed > receiver->ss_rekey->sequence_allowed) | ||
1612 | { | ||
1613 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1614 | "%u > %u (%u %u) for rekey secrect %s\n", allowed, | ||
1615 | receiver->ss_rekey->sequence_allowed, | ||
1616 | receiver->acks_available, | ||
1617 | ack->acks_available, | ||
1618 | GNUNET_h2s (&receiver->ss_rekey->master)); | ||
1619 | |||
1620 | receiver->ss_rekey->sequence_allowed = allowed; | ||
1621 | |||
1622 | if (GNUNET_NO == receiver->rekeying) | ||
1623 | add_acks_rekey (receiver); | ||
1624 | |||
1625 | return GNUNET_NO; | ||
1626 | } | ||
1627 | } | ||
1628 | |||
1629 | (void) pid; | ||
1630 | for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next) | ||
1631 | { | ||
1632 | if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode))) | ||
1633 | { | ||
1634 | |||
1635 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1636 | "Found matching mac\n"); | ||
1637 | |||
1638 | allowed = ntohl (ack->sequence_max); | ||
1639 | |||
1640 | if (allowed > ss->sequence_allowed) | ||
1641 | { | ||
1642 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1643 | "%u > %u (%u %u) for secrect %s\n", allowed, | ||
1644 | ss->sequence_allowed, | ||
1645 | receiver->acks_available, | ||
1646 | ack->acks_available, | ||
1647 | GNUNET_h2s (&ss->master)); | ||
1648 | // Uncomment this for alternativ 1 of backchannel functionality | ||
1649 | acks_to_add = (allowed - ss->sequence_allowed); | ||
1650 | if ((GNUNET_NO == receiver->rekeying) && | ||
1651 | (receiver->number_rekeying_kce < 3) ) | ||
1652 | acks_to_add = reset_rekey_kces (receiver, acks_to_add); | ||
1653 | /* if ((GNUNET_NO == receiver->rekeying) && */ | ||
1654 | /* (receiver->number_rekeying_kce < */ | ||
1655 | /* 3) ) */ | ||
1656 | /* { */ | ||
1657 | /* needed_for_rekeying = (3 - receiver->number_rekeying_kce); */ | ||
1658 | /* if (acks_to_add <= needed_for_rekeying) */ | ||
1659 | /* { */ | ||
1660 | /* receiver->number_rekeying_kce += acks_to_add; */ | ||
1661 | /* acks_to_add = 0; */ | ||
1662 | /* } */ | ||
1663 | /* else */ | ||
1664 | /* { */ | ||
1665 | /* acks_to_add -= (3 - receiver->number_rekeying_kce); */ | ||
1666 | /* receiver->number_rekeying_kce = 3; */ | ||
1667 | /* } */ | ||
1668 | /* } */ | ||
1669 | /* GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, */ | ||
1670 | /* "%u kce for rekeying\n", */ | ||
1671 | /* receiver->number_rekeying_kce); */ | ||
1672 | |||
1673 | if ((0 != acks_to_add) && (GNUNET_NO == receiver->rekeying)) | ||
1674 | { | ||
1675 | receiver->acks_available += (allowed - ss->sequence_allowed); | ||
1676 | ss->sequence_allowed = allowed; | ||
1677 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1678 | "%u receiver->acks_available 5\n", | ||
1679 | receiver->acks_available); | ||
1680 | add_acks (ss, acks_to_add); | ||
1681 | } | ||
1682 | } | ||
1683 | return GNUNET_NO; | ||
1684 | } | ||
1685 | } | ||
1686 | return GNUNET_YES; | ||
1687 | } | ||
1688 | |||
1689 | |||
1690 | /** | ||
1691 | * Test if we have received a valid message in plaintext. | ||
1692 | * If so, handle it. | ||
1693 | * | ||
1694 | * @param sender peer to process inbound plaintext for | ||
1695 | * @param buf buffer we received | ||
1696 | * @param buf_size number of bytes in @a buf | ||
1697 | */ | ||
1698 | static void | ||
1699 | try_handle_plaintext (struct SenderAddress *sender, | ||
1700 | const void *buf, | ||
1701 | size_t buf_size) | ||
1702 | { | ||
1703 | const struct GNUNET_MessageHeader *hdr = | ||
1704 | (const struct GNUNET_MessageHeader *) buf; | ||
1705 | const struct UDPAck *ack = (const struct UDPAck *) buf; | ||
1706 | uint16_t type; | ||
1707 | |||
1708 | if (sizeof(*hdr) > buf_size) | ||
1709 | return; /* not even a header */ | ||
1710 | if (ntohs (hdr->size) > buf_size) | ||
1711 | return; /* not even a header */ | ||
1712 | type = ntohs (hdr->type); | ||
1713 | switch (type) | ||
1714 | { | ||
1715 | case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK: | ||
1716 | /* lookup master secret by 'cmac', then update sequence_max */ | ||
1717 | GNUNET_CONTAINER_multipeermap_get_multiple (receivers, | ||
1718 | &sender->target, | ||
1719 | &handle_ack, | ||
1720 | (void *) ack); | ||
1721 | /* There could be more messages after the ACK, handle those as well */ | ||
1722 | buf += ntohs (hdr->size); | ||
1723 | buf_size -= ntohs (hdr->size); | ||
1724 | pass_plaintext_to_core (sender, buf, buf_size); | ||
1725 | break; | ||
1726 | |||
1727 | case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD: | ||
1728 | /* skip padding */ | ||
1729 | break; | ||
1730 | |||
1731 | default: | ||
1732 | pass_plaintext_to_core (sender, buf, buf_size); | ||
1733 | } | ||
1734 | } | ||
1735 | |||
1736 | |||
1737 | static void | ||
1738 | kce_generate_cb (void *cls) | ||
1739 | { | ||
1740 | struct SharedSecret *ss = cls; | ||
1741 | |||
1742 | ss->sender->kce_task = NULL; | ||
1743 | |||
1744 | if (((GNUNET_NO == ss->sender->rekeying) && (ss->sender->acks_available < | ||
1745 | KCN_TARGET) ) || | ||
1746 | ((ss->sender->ss_rekey == ss) && (GNUNET_YES == ss->sender->rekeying) && | ||
1747 | (ss->sender->acks_available < 128))) | ||
1748 | { | ||
1749 | |||
1750 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1751 | "Precomputing keys for master %s\n", | ||
1752 | GNUNET_h2s (&(ss->master))); | ||
1753 | |||
1754 | for (int i = 0; i < GENERATE_AT_ONCE; i++) | ||
1755 | kce_generate (ss, ++ss->sequence_allowed); | ||
1756 | |||
1757 | ss->sender->kce_task = GNUNET_SCHEDULER_add_delayed ( | ||
1758 | WORKING_QUEUE_INTERVALL, | ||
1759 | kce_generate_cb, | ||
1760 | ss); | ||
1761 | } | ||
1762 | else | ||
1763 | { | ||
1764 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1765 | "We have enough keys.\n"); | ||
1766 | ss_finished = ss; | ||
1767 | ss->sender->kce_task_finished = GNUNET_YES; | ||
1768 | } | ||
1769 | |||
1770 | |||
1771 | } | ||
1772 | |||
1773 | |||
1774 | static void | ||
1775 | kce_generate_rekey_cb (void *cls) | ||
1776 | { | ||
1777 | struct SharedSecret *ss = cls; | ||
1778 | |||
1779 | ss->sender->kce_task_rekey = NULL; | ||
1780 | |||
1781 | if (NULL == ss->sender->kce_task) | ||
1782 | { | ||
1783 | |||
1784 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1785 | "Precomputing keys for rekey master %s\n", | ||
1786 | GNUNET_h2s (&(ss->master))); | ||
1787 | |||
1788 | for (int i = 0; i < GENERATE_AT_ONCE; i++) | ||
1789 | kce_generate (ss, ++ss->sequence_allowed); | ||
1790 | |||
1791 | ss->sender->kce_task = GNUNET_SCHEDULER_add_delayed ( | ||
1792 | WORKING_QUEUE_INTERVALL, | ||
1793 | kce_generate_cb, | ||
1794 | ss); | ||
1795 | ss->sender->kce_task_rekey = NULL; | ||
1796 | } | ||
1797 | else | ||
1798 | { | ||
1799 | ss->sender->kce_task_rekey = GNUNET_SCHEDULER_add_delayed ( | ||
1800 | WORKING_QUEUE_INTERVALL, | ||
1801 | kce_generate_rekey_cb, | ||
1802 | ss); | ||
1803 | } | ||
1804 | } | ||
1805 | |||
1806 | |||
1807 | /** | ||
1808 | * We established a shared secret with a sender. We should try to send | ||
1809 | * the sender an `struct UDPAck` at the next opportunity to allow the | ||
1810 | * sender to use @a ss longer (assuming we did not yet already | ||
1811 | * recently). | ||
1812 | * | ||
1813 | * @param ss shared secret to generate ACKs for | ||
1814 | * @param initial The SharedSecret came with initial KX. | ||
1815 | */ | ||
1816 | static void | ||
1817 | consider_ss_ack (struct SharedSecret *ss, int initial) | ||
1818 | { | ||
1819 | struct GNUNET_SCHEDULER_Task *kce_task_rekey; | ||
1820 | struct GNUNET_SCHEDULER_Task *kce_task; | ||
1821 | int kce_task_finished; | ||
1822 | |||
1823 | kce_task_rekey = ss->sender->kce_task_rekey; | ||
1824 | kce_task_finished = ss->sender->kce_task_finished; | ||
1825 | kce_task = ss->sender->kce_task; | ||
1826 | |||
1827 | GNUNET_assert (NULL != ss->sender); | ||
1828 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1829 | "Considering SS UDPAck %s\n", | ||
1830 | GNUNET_i2s_full (&ss->sender->target)); | ||
1831 | |||
1832 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1833 | "We have %u acks available.\n", | ||
1834 | ss->sender->acks_available); | ||
1835 | /* drop ancient KeyCacheEntries */ | ||
1836 | while ((NULL != ss->kce_head) && | ||
1837 | (MAX_SQN_DELTA < | ||
1838 | ss->kce_head->sequence_number - ss->kce_tail->sequence_number)) | ||
1839 | kce_destroy (ss->kce_tail); | ||
1840 | |||
1841 | |||
1842 | if (GNUNET_NO == initial) | ||
1843 | kce_generate (ss, ++ss->sequence_allowed); | ||
1844 | |||
1845 | /*if (0 == ss->sender->acks_available) | ||
1846 | { | ||
1847 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1848 | "Generating keys\n"); | ||
1849 | while (ss->active_kce_count < KCN_TARGET) | ||
1850 | kce_generate (ss, ++ss->sequence_allowed); | ||
1851 | }*/ | ||
1852 | |||
1853 | if (((NULL != kce_task) && kce_task_finished) || (GNUNET_NO == initial)) | ||
1854 | { | ||
1855 | struct UDPAck ack; | ||
1856 | struct SharedSecret *ss_tell; | ||
1857 | |||
1858 | if (GNUNET_NO != initial) | ||
1859 | ss_tell = ss_finished; | ||
1860 | else | ||
1861 | ss_tell = ss; | ||
1862 | |||
1863 | ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK); | ||
1864 | ack.header.size = htons (sizeof(ack)); | ||
1865 | ack.sequence_max = htonl (ss_tell->sequence_allowed); | ||
1866 | ack.acks_available = ss->sender->acks_available; | ||
1867 | ack.cmac = ss_tell->cmac; | ||
1868 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1869 | "Notifying transport of UDPAck %s with initial %u and master %s\n", | ||
1870 | GNUNET_i2s_full (&ss_tell->sender->target), | ||
1871 | initial, | ||
1872 | GNUNET_h2s (&(ss_tell->master))); | ||
1873 | GNUNET_TRANSPORT_communicator_notify (ch, | ||
1874 | &ss_tell->sender->target, | ||
1875 | COMMUNICATOR_ADDRESS_PREFIX, | ||
1876 | &ack.header); | ||
1877 | if (GNUNET_NO != initial) | ||
1878 | { | ||
1879 | destroy_all_secrets (ss, GNUNET_YES); | ||
1880 | kce_task = NULL; | ||
1881 | kce_task_finished = GNUNET_NO; | ||
1882 | } | ||
1883 | } | ||
1884 | else if ((NULL == kce_task) && ((KCN_THRESHOLD > | ||
1885 | ss->sender->acks_available) || | ||
1886 | (GNUNET_YES == ss->sender->rekeying) || | ||
1887 | (ss->sender->num_secrets > MAX_SECRETS) )) | ||
1888 | { | ||
1889 | |||
1890 | // kce_generate (ss, ++ss->sequence_allowed); | ||
1891 | // kce_generate (ss, ++ss->sequence_allowed); | ||
1892 | // TODO This task must be per sender! | ||
1893 | kce_task = GNUNET_SCHEDULER_add_delayed (WORKING_QUEUE_INTERVALL, | ||
1894 | kce_generate_cb, | ||
1895 | ss); | ||
1896 | kce_task_finished = GNUNET_NO; | ||
1897 | |||
1898 | } | ||
1899 | else if ((NULL == kce_task_rekey) && (GNUNET_YES == | ||
1900 | ss->sender->rekeying) ) | ||
1901 | { | ||
1902 | kce_task_rekey = GNUNET_SCHEDULER_add_delayed (WORKING_QUEUE_INTERVALL, | ||
1903 | kce_generate_rekey_cb, | ||
1904 | ss); | ||
1905 | } | ||
1906 | } | ||
1907 | |||
1908 | |||
1909 | /** | ||
1910 | * We received a @a box with matching @a kce. Decrypt and process it. | ||
1911 | * | ||
1912 | * @param box the data we received | ||
1913 | * @param box_len number of bytes in @a box | ||
1914 | * @param kce key index to decrypt @a box | ||
1915 | */ | ||
1916 | static void | ||
1917 | decrypt_box (const struct UDPBox *box, | ||
1918 | size_t box_len, | ||
1919 | struct KeyCacheEntry *kce) | ||
1920 | { | ||
1921 | struct SharedSecret *ss = kce->ss; | ||
1922 | char out_buf[box_len - sizeof(*box)]; | ||
1923 | |||
1924 | GNUNET_assert (NULL != ss->sender); | ||
1925 | if (GNUNET_OK != try_decrypt (ss, | ||
1926 | box->gcm_tag, | ||
1927 | kce->sequence_number, | ||
1928 | (const char *) &box[1], | ||
1929 | sizeof(out_buf), | ||
1930 | out_buf)) | ||
1931 | { | ||
1932 | GNUNET_STATISTICS_update (stats, | ||
1933 | "# Decryption failures with valid KCE", | ||
1934 | 1, | ||
1935 | GNUNET_NO); | ||
1936 | kce_destroy (kce); | ||
1937 | return; | ||
1938 | } | ||
1939 | kce_destroy (kce); | ||
1940 | GNUNET_STATISTICS_update (stats, | ||
1941 | "# bytes decrypted with BOX", | ||
1942 | sizeof(out_buf), | ||
1943 | GNUNET_NO); | ||
1944 | GNUNET_STATISTICS_update (stats, | ||
1945 | "# messages decrypted with BOX", | ||
1946 | 1, | ||
1947 | GNUNET_NO); | ||
1948 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1949 | "decrypted UDPBox with kid %s\n", | ||
1950 | GNUNET_sh2s (&box->kid)); | ||
1951 | try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf)); | ||
1952 | if ((GNUNET_NO == box->rekeying) && (GNUNET_YES == ss->sender->rekeying)) | ||
1953 | { | ||
1954 | ss->sender->rekeying = GNUNET_NO; | ||
1955 | ss->sender->ss_rekey = NULL; | ||
1956 | // destroy_all_secrets (ss, GNUNET_NO); | ||
1957 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1958 | "Receiver stopped rekeying.\n"); | ||
1959 | } | ||
1960 | else if (GNUNET_NO == box->rekeying) | ||
1961 | consider_ss_ack (ss, GNUNET_NO); | ||
1962 | else | ||
1963 | { | ||
1964 | ss->sender->rekeying = GNUNET_YES; | ||
1965 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1966 | "Got Box: Receiver doing rekeying.\n"); | ||
1967 | } | ||
1968 | } | ||
1969 | |||
1970 | |||
1971 | /** | ||
1972 | * We received a @a rekey with matching @a kce. Decrypt and process it. | ||
1973 | * | ||
1974 | * @param rekey the data we received | ||
1975 | * @param rekey_len number of bytes in @a rekey | ||
1976 | * @param kce key index to decrypt @a rekey | ||
1977 | */ | ||
1978 | static void | ||
1979 | decrypt_rekey (const struct UDPRekey *rekey, | ||
1980 | size_t rekey_len, | ||
1981 | struct KeyCacheEntry *kce, | ||
1982 | struct SenderAddress *sender) | ||
1983 | { | ||
1984 | struct SharedSecret *ss = kce->ss; | ||
1985 | struct SharedSecret *ss_rekey; | ||
1986 | char out_buf[rekey_len - sizeof(*rekey)]; | ||
1987 | struct GNUNET_HashCode *master; | ||
1988 | |||
1989 | |||
1990 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
1991 | "decrypt_rekey.\n"); | ||
1992 | |||
1993 | GNUNET_assert (NULL != ss->sender); | ||
1994 | if (GNUNET_OK != try_decrypt (ss, | ||
1995 | rekey->gcm_tag, | ||
1996 | kce->sequence_number, | ||
1997 | (const char *) &rekey[1], | ||
1998 | sizeof(out_buf), | ||
1999 | out_buf)) | ||
2000 | { | ||
2001 | GNUNET_STATISTICS_update (stats, | ||
2002 | "# Decryption failures with valid KCE", | ||
2003 | 1, | ||
2004 | GNUNET_NO); | ||
2005 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2006 | "Decryption with kid %s failed\n", | ||
2007 | GNUNET_sh2s (&rekey->kid)); | ||
2008 | kce_destroy (kce); | ||
2009 | return; | ||
2010 | } | ||
2011 | kce_destroy (kce); | ||
2012 | GNUNET_STATISTICS_update (stats, | ||
2013 | "# bytes decrypted with Rekey", | ||
2014 | sizeof(out_buf), | ||
2015 | GNUNET_NO); | ||
2016 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2017 | "decrypted UDPRekey with kid %s\n", | ||
2018 | GNUNET_sh2s (&rekey->kid)); | ||
2019 | /*cmac = (struct GNUNET_HashCode *) out_buf; | ||
2020 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2021 | "Received secret with cmac %s \n", | ||
2022 | GNUNET_h2s (&cmac));*/ | ||
2023 | // ss_rekey = (struct SharedSecret *) out_buf; | ||
2024 | master = (struct GNUNET_HashCode *) out_buf; | ||
2025 | ss_rekey = GNUNET_new (struct SharedSecret); | ||
2026 | ss_rekey->master = *master; | ||
2027 | calculate_cmac (ss_rekey); | ||
2028 | ss_rekey->sender = sender; | ||
2029 | // ss_rekey->sequence_used = 0; | ||
2030 | // ss_rekey->sequence_allowed = 0; | ||
2031 | /* ss_rekey->active_kce_count = 0; */ | ||
2032 | /* ss_rekey->prev = NULL; */ | ||
2033 | /* ss_rekey->next = NULL; */ | ||
2034 | /* GNUNET_assert (ss_rekey->prev == NULL && sender->ss_head != ss_rekey); */ | ||
2035 | /* GNUNET_assert (ss_rekey->next == NULL && sender->ss_tail != ss_rekey); */ | ||
2036 | GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey); | ||
2037 | sender->ss_rekey = ss_rekey; | ||
2038 | sender->num_secrets++; | ||
2039 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2040 | "Received secret with cmac %s\n", | ||
2041 | GNUNET_h2s (&(ss_rekey->cmac))); | ||
2042 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2043 | "Received secret with master %s.\n", | ||
2044 | GNUNET_h2s (&(ss_rekey->master))); | ||
2045 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2046 | "We have %u sequence_allowed.\n", | ||
2047 | ss_rekey->sequence_allowed); | ||
2048 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2049 | "We have a sender %p\n", | ||
2050 | ss_rekey->sender); | ||
2051 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2052 | "We have %u acks available.\n", | ||
2053 | ss_rekey->sender->acks_available); | ||
2054 | consider_ss_ack (ss_rekey, GNUNET_YES); | ||
2055 | |||
2056 | } | ||
2057 | |||
2058 | |||
2059 | /** | ||
2060 | * Closure for #find_sender_by_address() | ||
2061 | */ | ||
2062 | struct SearchContext | ||
2063 | { | ||
2064 | /** | ||
2065 | * Address we are looking for. | ||
2066 | */ | ||
2067 | const struct sockaddr *address; | ||
2068 | |||
2069 | /** | ||
2070 | * Number of bytes in @e address. | ||
2071 | */ | ||
2072 | socklen_t address_len; | ||
2073 | |||
2074 | /** | ||
2075 | * Return value to set if we found a match. | ||
2076 | */ | ||
2077 | struct SenderAddress *sender; | ||
2078 | }; | ||
2079 | |||
2080 | |||
2081 | /** | ||
2082 | * Find existing `struct SenderAddress` by matching addresses. | ||
2083 | * | ||
2084 | * @param cls a `struct SearchContext` | ||
2085 | * @param key ignored, must match already | ||
2086 | * @param value a `struct SenderAddress` | ||
2087 | * @return #GNUNET_YES if not found (continue to search), #GNUNET_NO if found | ||
2088 | */ | ||
2089 | static int | ||
2090 | find_sender_by_address (void *cls, | ||
2091 | const struct GNUNET_PeerIdentity *key, | ||
2092 | void *value) | ||
2093 | { | ||
2094 | struct SearchContext *sc = cls; | ||
2095 | struct SenderAddress *sender = value; | ||
2096 | |||
2097 | if ((sender->address_len == sc->address_len) && | ||
2098 | (0 == memcmp (sender->address, sc->address, sender->address_len))) | ||
2099 | { | ||
2100 | sc->sender = sender; | ||
2101 | return GNUNET_NO; /* stop iterating! */ | ||
2102 | } | ||
2103 | return GNUNET_YES; | ||
2104 | } | ||
2105 | |||
2106 | |||
2107 | /** | ||
2108 | * Create sender address for @a target. Note that we | ||
2109 | * might already have one, so a fresh one is only allocated | ||
2110 | * if one does not yet exist for @a address. | ||
2111 | * | ||
2112 | * @param target peer to generate address for | ||
2113 | * @param address target address | ||
2114 | * @param address_len number of bytes in @a address | ||
2115 | * @return data structure to keep track of key material for | ||
2116 | * decrypting data from @a target | ||
2117 | */ | ||
2118 | static struct SenderAddress * | ||
2119 | setup_sender (const struct GNUNET_PeerIdentity *target, | ||
2120 | const struct sockaddr *address, | ||
2121 | socklen_t address_len) | ||
2122 | { | ||
2123 | struct SenderAddress *sender; | ||
2124 | struct SearchContext sc = { .address = address, | ||
2125 | .address_len = address_len, | ||
2126 | .sender = NULL }; | ||
2127 | |||
2128 | GNUNET_CONTAINER_multipeermap_get_multiple (senders, | ||
2129 | target, | ||
2130 | &find_sender_by_address, | ||
2131 | &sc); | ||
2132 | if (NULL != sc.sender) | ||
2133 | { | ||
2134 | reschedule_sender_timeout (sc.sender); | ||
2135 | return sc.sender; | ||
2136 | } | ||
2137 | sender = GNUNET_new (struct SenderAddress); | ||
2138 | sender->target = *target; | ||
2139 | sender->address = GNUNET_memdup (address, address_len); | ||
2140 | sender->address_len = address_len; | ||
2141 | (void) GNUNET_CONTAINER_multipeermap_put ( | ||
2142 | senders, | ||
2143 | &sender->target, | ||
2144 | sender, | ||
2145 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); | ||
2146 | GNUNET_STATISTICS_set (stats, | ||
2147 | "# senders active", | ||
2148 | GNUNET_CONTAINER_multipeermap_size (receivers), | ||
2149 | GNUNET_NO); | ||
2150 | sender->timeout = | ||
2151 | GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); | ||
2152 | sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap, | ||
2153 | sender, | ||
2154 | sender->timeout.abs_value_us); | ||
2155 | sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len); | ||
2156 | if (NULL == timeout_task) | ||
2157 | timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL); | ||
2158 | return sender; | ||
2159 | } | ||
2160 | |||
2161 | |||
2162 | /** | ||
2163 | * Check signature from @a uc against @a ephemeral. | ||
2164 | * | ||
2165 | * @param ephermal key that is signed | ||
2166 | * @param uc signature of claimant | ||
2167 | * @return #GNUNET_OK if signature is valid | ||
2168 | */ | ||
2169 | static int | ||
2170 | verify_confirmation (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, | ||
2171 | const struct UDPConfirmation *uc) | ||
2172 | { | ||
2173 | struct UdpHandshakeSignature uhs; | ||
2174 | |||
2175 | uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE); | ||
2176 | uhs.purpose.size = htonl (sizeof(uhs)); | ||
2177 | uhs.sender = uc->sender; | ||
2178 | uhs.receiver = my_identity; | ||
2179 | uhs.ephemeral = *ephemeral; | ||
2180 | uhs.monotonic_time = uc->monotonic_time; | ||
2181 | return GNUNET_CRYPTO_eddsa_verify ( | ||
2182 | GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE, | ||
2183 | &uhs, | ||
2184 | &uc->sender_sig, | ||
2185 | &uc->sender.public_key); | ||
2186 | } | ||
2187 | |||
2188 | |||
2189 | /** | ||
2190 | * Converts @a address to the address string format used by this | ||
2191 | * communicator in HELLOs. | ||
2192 | * | ||
2193 | * @param address the address to convert, must be AF_INET or AF_INET6. | ||
2194 | * @param address_len number of bytes in @a address | ||
2195 | * @return string representation of @a address | ||
2196 | */ | ||
2197 | static char * | ||
2198 | sockaddr_to_udpaddr_string (const struct sockaddr *address, | ||
2199 | socklen_t address_len) | ||
2200 | { | ||
2201 | char *ret; | ||
2202 | |||
2203 | switch (address->sa_family) | ||
2204 | { | ||
2205 | case AF_INET: | ||
2206 | GNUNET_asprintf (&ret, | ||
2207 | "%s-%s", | ||
2208 | COMMUNICATOR_ADDRESS_PREFIX, | ||
2209 | GNUNET_a2s (address, address_len)); | ||
2210 | break; | ||
2211 | |||
2212 | case AF_INET6: | ||
2213 | GNUNET_asprintf (&ret, | ||
2214 | "%s-%s", | ||
2215 | COMMUNICATOR_ADDRESS_PREFIX, | ||
2216 | GNUNET_a2s (address, address_len)); | ||
2217 | break; | ||
2218 | |||
2219 | default: | ||
2220 | GNUNET_assert (0); | ||
2221 | } | ||
2222 | return ret; | ||
2223 | } | ||
2224 | |||
2225 | |||
2226 | /** | ||
2227 | * Socket read task. | ||
2228 | * | ||
2229 | * @param cls NULL | ||
2230 | */ | ||
2231 | static void | ||
2232 | sock_read (void *cls) | ||
2233 | { | ||
2234 | struct sockaddr_storage sa; | ||
2235 | socklen_t salen = sizeof(sa); | ||
2236 | char buf[UINT16_MAX]; | ||
2237 | ssize_t rcvd; | ||
2238 | |||
2239 | (void) cls; | ||
2240 | read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
2241 | udp_sock, | ||
2242 | &sock_read, | ||
2243 | NULL); | ||
2244 | rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock, | ||
2245 | buf, | ||
2246 | sizeof(buf), | ||
2247 | (struct sockaddr *) &sa, | ||
2248 | &salen); | ||
2249 | if (-1 == rcvd) | ||
2250 | { | ||
2251 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "recv"); | ||
2252 | return; | ||
2253 | } | ||
2254 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2255 | "Read %lu bytes\n", rcvd); | ||
2256 | |||
2257 | if (rcvd > sizeof(struct UDPRekey)) | ||
2258 | { | ||
2259 | const struct UDPRekey *rekey; | ||
2260 | const struct UDPBox *box; | ||
2261 | struct KeyCacheEntry *kce; | ||
2262 | struct SenderAddress *sender; | ||
2263 | int do_decrypt = GNUNET_NO; | ||
2264 | |||
2265 | rekey = (const struct UDPRekey *) buf; | ||
2266 | box = (const struct UDPBox *) buf; | ||
2267 | kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &rekey->kid); | ||
2268 | |||
2269 | if ((GNUNET_YES == box->rekeying) || (GNUNET_NO == box->rekeying)) | ||
2270 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2271 | "UDPRekey has rekeying %u\n", | ||
2272 | box->rekeying); | ||
2273 | else | ||
2274 | do_decrypt = GNUNET_YES; | ||
2275 | |||
2276 | if ((GNUNET_YES == do_decrypt) && (NULL != kce) && (GNUNET_YES == | ||
2277 | kce->ss->sender-> | ||
2278 | rekeying)) | ||
2279 | { | ||
2280 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2281 | "UDPRekey with kid %s\n", | ||
2282 | GNUNET_sh2s (&rekey->kid)); | ||
2283 | sender = setup_sender (&rekey->sender, (const struct sockaddr *) &sa, | ||
2284 | salen); | ||
2285 | |||
2286 | if (NULL != sender->ss_rekey) | ||
2287 | return; | ||
2288 | |||
2289 | decrypt_rekey (rekey, (size_t) rcvd, kce, sender); | ||
2290 | return; | ||
2291 | } | ||
2292 | } | ||
2293 | |||
2294 | /* first, see if it is a UDPBox */ | ||
2295 | if (rcvd > sizeof(struct UDPBox)) | ||
2296 | { | ||
2297 | const struct UDPBox *box; | ||
2298 | struct KeyCacheEntry *kce; | ||
2299 | |||
2300 | box = (const struct UDPBox *) buf; | ||
2301 | kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid); | ||
2302 | if (NULL != kce) | ||
2303 | { | ||
2304 | decrypt_box (box, (size_t) rcvd, kce); | ||
2305 | return; | ||
2306 | } | ||
2307 | } | ||
2308 | |||
2309 | /* next, check if it is a broadcast */ | ||
2310 | if (sizeof(struct UDPBroadcast) == rcvd) | ||
2311 | { | ||
2312 | const struct UDPBroadcast *ub; | ||
2313 | struct UdpBroadcastSignature uhs; | ||
2314 | |||
2315 | ub = (const struct UDPBroadcast *) buf; | ||
2316 | uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST); | ||
2317 | uhs.purpose.size = htonl (sizeof(uhs)); | ||
2318 | uhs.sender = ub->sender; | ||
2319 | GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address); | ||
2320 | if (GNUNET_OK == | ||
2321 | GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST, | ||
2322 | &uhs, | ||
2323 | &ub->sender_sig, | ||
2324 | &ub->sender.public_key)) | ||
2325 | { | ||
2326 | char *addr_s; | ||
2327 | enum GNUNET_NetworkType nt; | ||
2328 | |||
2329 | addr_s = | ||
2330 | sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen); | ||
2331 | GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO); | ||
2332 | /* use our own mechanism to determine network type */ | ||
2333 | nt = | ||
2334 | GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen); | ||
2335 | GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s); | ||
2336 | GNUNET_free (addr_s); | ||
2337 | return; | ||
2338 | } | ||
2339 | /* continue with KX, mostly for statistics... */ | ||
2340 | } | ||
2341 | |||
2342 | |||
2343 | /* finally, test if it is a KX */ | ||
2344 | if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX)) | ||
2345 | { | ||
2346 | GNUNET_STATISTICS_update (stats, | ||
2347 | "# messages dropped (no kid, too small for KX)", | ||
2348 | 1, | ||
2349 | GNUNET_NO); | ||
2350 | return; | ||
2351 | } | ||
2352 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2353 | "Got KX\n"); | ||
2354 | { | ||
2355 | const struct InitialKX *kx; | ||
2356 | struct SharedSecret *ss; | ||
2357 | char pbuf[rcvd - sizeof(struct InitialKX)]; | ||
2358 | const struct UDPConfirmation *uc; | ||
2359 | struct SenderAddress *sender; | ||
2360 | |||
2361 | kx = (const struct InitialKX *) buf; | ||
2362 | ss = setup_shared_secret_dec (&kx->ephemeral); | ||
2363 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2364 | "Before DEC\n"); | ||
2365 | |||
2366 | if (GNUNET_OK != try_decrypt (ss, | ||
2367 | kx->gcm_tag, | ||
2368 | 0, | ||
2369 | &buf[sizeof(*kx)], | ||
2370 | sizeof(pbuf), | ||
2371 | pbuf)) | ||
2372 | { | ||
2373 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2374 | "Unable to decrypt tag, dropping...\n"); | ||
2375 | GNUNET_free (ss); | ||
2376 | GNUNET_STATISTICS_update ( | ||
2377 | stats, | ||
2378 | "# messages dropped (no kid, AEAD decryption failed)", | ||
2379 | 1, | ||
2380 | GNUNET_NO); | ||
2381 | return; | ||
2382 | } | ||
2383 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2384 | "Before VERIFY\n"); | ||
2385 | |||
2386 | uc = (const struct UDPConfirmation *) pbuf; | ||
2387 | if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc)) | ||
2388 | { | ||
2389 | GNUNET_break_op (0); | ||
2390 | GNUNET_free (ss); | ||
2391 | GNUNET_STATISTICS_update (stats, | ||
2392 | "# messages dropped (sender signature invalid)", | ||
2393 | 1, | ||
2394 | GNUNET_NO); | ||
2395 | return; | ||
2396 | } | ||
2397 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2398 | "Before SETUP_SENDER\n"); | ||
2399 | |||
2400 | calculate_cmac (ss); | ||
2401 | sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen); | ||
2402 | ss->sender = sender; | ||
2403 | GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss); | ||
2404 | sender->num_secrets++; | ||
2405 | GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO); | ||
2406 | GNUNET_STATISTICS_update (stats, | ||
2407 | "# messages decrypted without BOX", | ||
2408 | 1, | ||
2409 | GNUNET_NO); | ||
2410 | try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc)); | ||
2411 | if ((GNUNET_NO == kx->rekeying) && (GNUNET_YES == ss->sender->rekeying)) | ||
2412 | { | ||
2413 | ss->sender->rekeying = GNUNET_NO; | ||
2414 | sender->ss_rekey = NULL; | ||
2415 | // destroy_all_secrets (ss, GNUNET_NO); | ||
2416 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2417 | "Receiver stopped rekeying.\n"); | ||
2418 | } | ||
2419 | else if (GNUNET_NO == kx->rekeying) | ||
2420 | consider_ss_ack (ss, GNUNET_YES); | ||
2421 | else | ||
2422 | { | ||
2423 | ss->sender->rekeying = GNUNET_YES; | ||
2424 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2425 | "Got KX: Receiver doing rekeying.\n"); | ||
2426 | } | ||
2427 | /*if (sender->num_secrets > MAX_SECRETS) | ||
2428 | secret_destroy (sender->ss_tail);*/ | ||
2429 | } | ||
2430 | } | ||
2431 | |||
2432 | |||
2433 | /** | ||
2434 | * Convert UDP bind specification to a `struct sockaddr *` | ||
2435 | * | ||
2436 | * @param bindto bind specification to convert | ||
2437 | * @param[out] sock_len set to the length of the address | ||
2438 | * @return converted bindto specification | ||
2439 | */ | ||
2440 | static struct sockaddr * | ||
2441 | udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len) | ||
2442 | { | ||
2443 | struct sockaddr *in; | ||
2444 | unsigned int port; | ||
2445 | char dummy[2]; | ||
2446 | char *colon; | ||
2447 | char *cp; | ||
2448 | |||
2449 | if (1 == sscanf (bindto, "%u%1s", &port, dummy)) | ||
2450 | { | ||
2451 | /* interpreting value as just a PORT number */ | ||
2452 | if (port > UINT16_MAX) | ||
2453 | { | ||
2454 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2455 | "BINDTO specification `%s' invalid: value too large for port\n", | ||
2456 | bindto); | ||
2457 | return NULL; | ||
2458 | } | ||
2459 | if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) || | ||
2460 | (GNUNET_YES == | ||
2461 | GNUNET_CONFIGURATION_get_value_yesno (cfg, | ||
2462 | COMMUNICATOR_CONFIG_SECTION, | ||
2463 | "DISABLE_V6"))) | ||
2464 | { | ||
2465 | struct sockaddr_in *i4; | ||
2466 | |||
2467 | i4 = GNUNET_malloc (sizeof(struct sockaddr_in)); | ||
2468 | i4->sin_family = AF_INET; | ||
2469 | i4->sin_port = htons ((uint16_t) port); | ||
2470 | *sock_len = sizeof(struct sockaddr_in); | ||
2471 | in = (struct sockaddr *) i4; | ||
2472 | } | ||
2473 | else | ||
2474 | { | ||
2475 | struct sockaddr_in6 *i6; | ||
2476 | |||
2477 | i6 = GNUNET_malloc (sizeof(struct sockaddr_in6)); | ||
2478 | i6->sin6_family = AF_INET6; | ||
2479 | i6->sin6_port = htons ((uint16_t) port); | ||
2480 | *sock_len = sizeof(struct sockaddr_in6); | ||
2481 | in = (struct sockaddr *) i6; | ||
2482 | } | ||
2483 | return in; | ||
2484 | } | ||
2485 | cp = GNUNET_strdup (bindto); | ||
2486 | colon = strrchr (cp, ':'); | ||
2487 | if (NULL != colon) | ||
2488 | { | ||
2489 | /* interpret value after colon as port */ | ||
2490 | *colon = '\0'; | ||
2491 | colon++; | ||
2492 | if (1 == sscanf (colon, "%u%1s", &port, dummy)) | ||
2493 | { | ||
2494 | /* interpreting value as just a PORT number */ | ||
2495 | if (port > UINT16_MAX) | ||
2496 | { | ||
2497 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
2498 | "BINDTO specification `%s' invalid: value too large for port\n", | ||
2499 | bindto); | ||
2500 | GNUNET_free (cp); | ||
2501 | return NULL; | ||
2502 | } | ||
2503 | } | ||
2504 | else | ||
2505 | { | ||
2506 | GNUNET_log ( | ||
2507 | GNUNET_ERROR_TYPE_ERROR, | ||
2508 | "BINDTO specification `%s' invalid: last ':' not followed by number\n", | ||
2509 | bindto); | ||
2510 | GNUNET_free (cp); | ||
2511 | return NULL; | ||
2512 | } | ||
2513 | } | ||
2514 | else | ||
2515 | { | ||
2516 | /* interpret missing port as 0, aka pick any free one */ | ||
2517 | port = 0; | ||
2518 | } | ||
2519 | { | ||
2520 | /* try IPv4 */ | ||
2521 | struct sockaddr_in v4; | ||
2522 | if (1 == inet_pton (AF_INET, cp, &v4.sin_addr)) | ||
2523 | { | ||
2524 | v4.sin_family = AF_INET; | ||
2525 | v4.sin_port = htons ((uint16_t) port); | ||
2526 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
2527 | v4.sin_len = sizeof(struct sockaddr_in); | ||
2528 | #endif | ||
2529 | in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in)); | ||
2530 | *sock_len = sizeof(struct sockaddr_in); | ||
2531 | GNUNET_free (cp); | ||
2532 | return in; | ||
2533 | } | ||
2534 | } | ||
2535 | { | ||
2536 | /* try IPv6 */ | ||
2537 | struct sockaddr_in6 v6; | ||
2538 | const char *start; | ||
2539 | |||
2540 | start = cp; | ||
2541 | if (('[' == *cp) && (']' == cp[strlen (cp) - 1])) | ||
2542 | { | ||
2543 | start++; /* skip over '[' */ | ||
2544 | cp[strlen (cp) - 1] = '\0'; /* eat ']' */ | ||
2545 | } | ||
2546 | if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr)) | ||
2547 | { | ||
2548 | v6.sin6_family = AF_INET6; | ||
2549 | v6.sin6_port = htons ((uint16_t) port); | ||
2550 | #if HAVE_SOCKADDR_IN_SIN_LEN | ||
2551 | v6.sin6_len = sizeof(sizeof(struct sockaddr_in6)); | ||
2552 | #endif | ||
2553 | in = GNUNET_memdup (&v6, sizeof(v6)); | ||
2554 | *sock_len = sizeof(v6); | ||
2555 | GNUNET_free (cp); | ||
2556 | return in; | ||
2557 | } | ||
2558 | } | ||
2559 | /* #5528 FIXME (feature!): maybe also try getnameinfo()? */ | ||
2560 | GNUNET_free (cp); | ||
2561 | return NULL; | ||
2562 | } | ||
2563 | |||
2564 | |||
2565 | /** | ||
2566 | * Pad @a dgram by @a pad_size using @a out_cipher. | ||
2567 | * | ||
2568 | * @param out_cipher cipher to use | ||
2569 | * @param dgram datagram to pad | ||
2570 | * @param pad_size number of bytes of padding to append | ||
2571 | */ | ||
2572 | static void | ||
2573 | do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size) | ||
2574 | { | ||
2575 | char pad[pad_size]; | ||
2576 | |||
2577 | GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, pad, sizeof(pad)); | ||
2578 | if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader)) | ||
2579 | { | ||
2580 | struct GNUNET_MessageHeader hdr = | ||
2581 | { .size = htons (sizeof(pad)), | ||
2582 | .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) }; | ||
2583 | |||
2584 | memcpy (pad, &hdr, sizeof(hdr)); | ||
2585 | } | ||
2586 | GNUNET_assert ( | ||
2587 | 0 == | ||
2588 | gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad))); | ||
2589 | } | ||
2590 | |||
2591 | |||
2592 | /** | ||
2593 | * Signature of functions implementing the sending functionality of a | ||
2594 | * message queue. | ||
2595 | * | ||
2596 | * @param mq the message queue | ||
2597 | * @param msg the message to send | ||
2598 | * @param impl_state our `struct ReceiverAddress` | ||
2599 | */ | ||
2600 | static void | ||
2601 | mq_send_kx (struct GNUNET_MQ_Handle *mq, | ||
2602 | const struct GNUNET_MessageHeader *msg, | ||
2603 | void *impl_state) | ||
2604 | { | ||
2605 | struct ReceiverAddress *receiver = impl_state; | ||
2606 | uint16_t msize = ntohs (msg->size); | ||
2607 | struct UdpHandshakeSignature uhs; | ||
2608 | struct UDPConfirmation uc; | ||
2609 | struct InitialKX kx; | ||
2610 | struct GNUNET_CRYPTO_EcdhePrivateKey epriv; | ||
2611 | char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)]; | ||
2612 | size_t dpos; | ||
2613 | gcry_cipher_hd_t out_cipher; | ||
2614 | struct SharedSecret *ss; | ||
2615 | |||
2616 | GNUNET_assert (mq == receiver->kx_mq); | ||
2617 | if (msize > receiver->kx_mtu) | ||
2618 | { | ||
2619 | GNUNET_break (0); | ||
2620 | if (GNUNET_YES != receiver->receiver_destroy_called) | ||
2621 | receiver_destroy (receiver); | ||
2622 | return; | ||
2623 | } | ||
2624 | reschedule_receiver_timeout (receiver); | ||
2625 | |||
2626 | /* setup key material */ | ||
2627 | GNUNET_CRYPTO_ecdhe_key_create (&epriv); | ||
2628 | |||
2629 | ss = setup_shared_secret_enc (&epriv, receiver, GNUNET_YES); | ||
2630 | |||
2631 | if (receiver->num_secrets > MAX_SECRETS) | ||
2632 | { | ||
2633 | destroy_all_secrets (ss, GNUNET_YES); | ||
2634 | } | ||
2635 | |||
2636 | setup_cipher (&ss->master, 0, &out_cipher); | ||
2637 | /* compute 'uc' */ | ||
2638 | uc.sender = my_identity; | ||
2639 | uc.monotonic_time = | ||
2640 | GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg)); | ||
2641 | uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE); | ||
2642 | uhs.purpose.size = htonl (sizeof(uhs)); | ||
2643 | uhs.sender = my_identity; | ||
2644 | uhs.receiver = receiver->target; | ||
2645 | GNUNET_CRYPTO_ecdhe_key_get_public (&epriv, &uhs.ephemeral); | ||
2646 | uhs.monotonic_time = uc.monotonic_time; | ||
2647 | GNUNET_CRYPTO_eddsa_sign (my_private_key, | ||
2648 | &uhs, | ||
2649 | &uc.sender_sig); | ||
2650 | /* Leave space for kx */ | ||
2651 | dpos = sizeof(kx); | ||
2652 | /* Append encrypted uc to dgram */ | ||
2653 | GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher, | ||
2654 | &dgram[dpos], | ||
2655 | sizeof(uc), | ||
2656 | &uc, | ||
2657 | sizeof(uc))); | ||
2658 | dpos += sizeof(uc); | ||
2659 | /* Append encrypted payload to dgram */ | ||
2660 | GNUNET_assert ( | ||
2661 | 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize)); | ||
2662 | dpos += msize; | ||
2663 | do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos); | ||
2664 | /* Datagram starts with kx */ | ||
2665 | kx.ephemeral = uhs.ephemeral; | ||
2666 | GNUNET_assert ( | ||
2667 | 0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag))); | ||
2668 | gcry_cipher_close (out_cipher); | ||
2669 | if (GNUNET_NO == receiver->rekeying) | ||
2670 | kx.rekeying = GNUNET_NO; | ||
2671 | else | ||
2672 | kx.rekeying = GNUNET_YES; | ||
2673 | memcpy (dgram, &kx, sizeof(kx)); | ||
2674 | if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock, | ||
2675 | dgram, | ||
2676 | sizeof(dgram), | ||
2677 | receiver->address, | ||
2678 | receiver->address_len)) | ||
2679 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send"); | ||
2680 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2681 | "Sending KX to %s\n", GNUNET_a2s (receiver->address, | ||
2682 | receiver->address_len)); | ||
2683 | GNUNET_MQ_impl_send_continue (mq); | ||
2684 | } | ||
2685 | |||
2686 | |||
2687 | static void | ||
2688 | check_for_rekeying (struct ReceiverAddress *receiver, struct UDPBox *box) | ||
2689 | { | ||
2690 | |||
2691 | struct GNUNET_TIME_Relative rt; | ||
2692 | |||
2693 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2694 | "Timeout is %llu\n.", | ||
2695 | (unsigned long long) receiver->rekey_timeout.abs_value_us); | ||
2696 | |||
2697 | if (0 == receiver->rekey_timeout.abs_value_us) | ||
2698 | { | ||
2699 | receiver->rekey_timeout = GNUNET_TIME_relative_to_absolute ( | ||
2700 | rekey_interval); | ||
2701 | } | ||
2702 | else | ||
2703 | { | ||
2704 | rt = GNUNET_TIME_absolute_get_remaining (receiver->rekey_timeout); | ||
2705 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2706 | "Relative time is %llu and timeout is %llu\n.", | ||
2707 | (unsigned long long) rt.rel_value_us, | ||
2708 | (unsigned long long) receiver->rekey_timeout.abs_value_us); | ||
2709 | |||
2710 | if ((0 == rt.rel_value_us) || (receiver->rekey_send_bytes > | ||
2711 | rekey_max_bytes) ) | ||
2712 | { | ||
2713 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2714 | "Bytes send %llu greater than %llu max bytes\n.", | ||
2715 | (unsigned long long) receiver->rekey_send_bytes, | ||
2716 | rekey_max_bytes); | ||
2717 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2718 | "Relative time is %llu and timeout is %llu\n.", | ||
2719 | (unsigned long long) rt.rel_value_us, | ||
2720 | (unsigned long long) receiver->rekey_timeout.abs_value_us); | ||
2721 | |||
2722 | receiver->rekey_timeout.abs_value_us = 0; | ||
2723 | receiver->rekey_send_bytes = 0; | ||
2724 | receiver->ss_rekey = NULL; | ||
2725 | // destroy_all_secrets (ss, GNUNET_NO); | ||
2726 | receiver->rekeying = GNUNET_YES; | ||
2727 | receiver->rekey_acks_available = receiver->acks_available; | ||
2728 | box->rekeying = GNUNET_YES; | ||
2729 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2730 | "Sender started rekeying.\n"); | ||
2731 | if (GNUNET_YES == box->rekeying) | ||
2732 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2733 | "Sending rekeying with kid %s\n", | ||
2734 | GNUNET_sh2s (&box->kid)); | ||
2735 | } | ||
2736 | } | ||
2737 | } | ||
2738 | |||
2739 | |||
2740 | static void | ||
2741 | send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss) | ||
2742 | { | ||
2743 | uint8_t is_ss_rekey_sequence_allowed_zero = GNUNET_NO; | ||
2744 | uint8_t is_acks_available_below = GNUNET_NO; | ||
2745 | uint8_t send_rekey = GNUNET_NO; | ||
2746 | uint16_t not_below; | ||
2747 | struct GNUNET_CRYPTO_EcdhePrivateKey epriv; | ||
2748 | struct UDPRekey *rekey; | ||
2749 | size_t dpos; | ||
2750 | |||
2751 | char rekey_dgram[sizeof(struct UDPRekey) + receiver->d_mtu]; | ||
2752 | |||
2753 | if (NULL != receiver->ss_rekey) | ||
2754 | { | ||
2755 | not_below = (receiver->rekey_acks_available | ||
2756 | - (receiver->rekey_acks_available % 3)) / 3; | ||
2757 | is_ss_rekey_sequence_allowed_zero = (0 == | ||
2758 | receiver->ss_rekey->sequence_allowed); | ||
2759 | is_acks_available_below = (receiver->acks_available >= not_below); | ||
2760 | send_rekey = (0 == (receiver->acks_available - not_below) % not_below) && | ||
2761 | is_acks_available_below && is_ss_rekey_sequence_allowed_zero; | ||
2762 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2763 | "send_rekey: %u, %u, %u\n", | ||
2764 | send_rekey, | ||
2765 | receiver->rekey_acks_available, | ||
2766 | receiver->acks_available); | ||
2767 | } | ||
2768 | else if (NULL == receiver->ss_rekey) | ||
2769 | { | ||
2770 | /* setup key material */ | ||
2771 | GNUNET_CRYPTO_ecdhe_key_create (&epriv); | ||
2772 | receiver->ss_rekey = setup_shared_secret_enc (&epriv, receiver, | ||
2773 | GNUNET_NO); | ||
2774 | receiver->ss_rekey->sequence_allowed = 0; | ||
2775 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2776 | "Setup secret with cmac %s\n", | ||
2777 | GNUNET_h2s (&(receiver->ss_rekey->cmac))); | ||
2778 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2779 | "Setup secret with master %s.\n", | ||
2780 | GNUNET_h2s (&(receiver->ss_rekey->master))); | ||
2781 | } | ||
2782 | |||
2783 | if (send_rekey) | ||
2784 | { | ||
2785 | GNUNET_assert (0 != receiver->number_rekeying_kce); | ||
2786 | gcry_cipher_hd_t rekey_out_cipher; | ||
2787 | |||
2788 | while (NULL != ss && ss->sequence_used >= ss->sequence_allowed) | ||
2789 | { | ||
2790 | ss = ss->prev; | ||
2791 | } | ||
2792 | |||
2793 | if (NULL != ss) | ||
2794 | { | ||
2795 | rekey = (struct UDPRekey *) rekey_dgram; | ||
2796 | rekey->sender = my_identity; | ||
2797 | ss->sequence_used++; | ||
2798 | get_kid (&ss->master, ss->sequence_used, &rekey->kid); | ||
2799 | receiver->number_rekeying_kce--; | ||
2800 | setup_cipher (&ss->master, ss->sequence_used, &rekey_out_cipher); | ||
2801 | /* Append encrypted payload to dgram */ | ||
2802 | dpos = sizeof(struct UDPRekey); | ||
2803 | |||
2804 | GNUNET_assert ( | ||
2805 | 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], | ||
2806 | sizeof(receiver->ss_rekey->master), | ||
2807 | &(receiver->ss_rekey->master), | ||
2808 | sizeof(receiver->ss_rekey->master))); | ||
2809 | dpos += sizeof(receiver->ss_rekey->master); | ||
2810 | /* GNUNET_assert ( */ | ||
2811 | /* 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], */ | ||
2812 | /* /\*sizeof(receiver->ss_rekey->cmac), */ | ||
2813 | /* &(receiver->ss_rekey->cmac), */ | ||
2814 | /* sizeof(receiver->ss_rekey->cmac))); */ | ||
2815 | /* dpos += sizeof(receiver->ss_rekey->cmac);*\/ */ | ||
2816 | /* sizeof(receiver->ss_rekey), */ | ||
2817 | /* receiver->ss_rekey, */ | ||
2818 | /* sizeof(receiver->ss_rekey))); */ | ||
2819 | /* dpos += sizeof(receiver->ss_rekey); */ | ||
2820 | do_pad (rekey_out_cipher, &rekey_dgram[dpos], sizeof(rekey_dgram) | ||
2821 | - dpos); | ||
2822 | GNUNET_assert (0 == gcry_cipher_gettag (rekey_out_cipher, | ||
2823 | rekey->gcm_tag, | ||
2824 | sizeof(rekey->gcm_tag))); | ||
2825 | gcry_cipher_close (rekey_out_cipher); | ||
2826 | |||
2827 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2828 | "Sending rekey with kid %s and master %s\n", | ||
2829 | GNUNET_sh2s (&rekey->kid), | ||
2830 | GNUNET_h2s (&(receiver->ss_rekey->master))); | ||
2831 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2832 | "Sending rekey with cmac %s\n", | ||
2833 | GNUNET_h2s (&(receiver->ss_rekey->cmac))); | ||
2834 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2835 | "%u rekey kces left.\n", | ||
2836 | receiver->number_rekeying_kce); | ||
2837 | |||
2838 | if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock, | ||
2839 | rekey_dgram, | ||
2840 | sizeof(rekey_dgram), | ||
2841 | receiver->address, | ||
2842 | receiver->address_len)) | ||
2843 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send"); | ||
2844 | |||
2845 | receiver->acks_available--; | ||
2846 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2847 | "%u receiver->acks_available 1\n", | ||
2848 | receiver->acks_available); | ||
2849 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2850 | "Sending UDPRekey to %s\n", GNUNET_a2s (receiver->address, | ||
2851 | receiver-> | ||
2852 | address_len)); | ||
2853 | } | ||
2854 | } | ||
2855 | } | ||
2856 | |||
2857 | |||
2858 | /** | ||
2859 | * Signature of functions implementing the sending functionality of a | ||
2860 | * message queue. | ||
2861 | * | ||
2862 | * @param mq the message queue | ||
2863 | * @param msg the message to send | ||
2864 | * @param impl_state our `struct ReceiverAddress` | ||
2865 | */ | ||
2866 | static void | ||
2867 | mq_send_d (struct GNUNET_MQ_Handle *mq, | ||
2868 | const struct GNUNET_MessageHeader *msg, | ||
2869 | void *impl_state) | ||
2870 | { | ||
2871 | struct ReceiverAddress *receiver = impl_state; | ||
2872 | uint16_t msize = ntohs (msg->size); | ||
2873 | |||
2874 | GNUNET_assert (mq == receiver->d_mq); | ||
2875 | if ((msize > receiver->d_mtu) || | ||
2876 | (0 == receiver->acks_available)) | ||
2877 | { | ||
2878 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2879 | "msize: %u, mtu: %lu, acks: %u\n", | ||
2880 | msize, | ||
2881 | receiver->d_mtu, | ||
2882 | receiver->acks_available); | ||
2883 | |||
2884 | GNUNET_break (0); | ||
2885 | if (GNUNET_YES != receiver->receiver_destroy_called) | ||
2886 | receiver_destroy (receiver); | ||
2887 | return; | ||
2888 | } | ||
2889 | reschedule_receiver_timeout (receiver); | ||
2890 | |||
2891 | /* begin "BOX" encryption method, scan for ACKs from tail! */ | ||
2892 | for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev) | ||
2893 | { | ||
2894 | if (0 < ss->sequence_used) | ||
2895 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2896 | "Trying to send UDPBox with shared secrect %s sequence_used %u and ss->sequence_allowed %u\n", | ||
2897 | GNUNET_h2s (&ss->master), | ||
2898 | ss->sequence_used, | ||
2899 | ss->sequence_allowed); | ||
2900 | // Uncomment this for alternativ 1 of backchannel functionality | ||
2901 | if (ss->sequence_used >= ss->sequence_allowed) | ||
2902 | // Until here for alternativ 1 | ||
2903 | // Uncomment this for alternativ 2 of backchannel functionality | ||
2904 | // if (0 == ss->sequence_allowed) | ||
2905 | // Until here for alternativ 2 | ||
2906 | { | ||
2907 | continue; | ||
2908 | } | ||
2909 | char dgram[sizeof(struct UDPBox) + receiver->d_mtu]; | ||
2910 | struct UDPBox *box; | ||
2911 | gcry_cipher_hd_t out_cipher; | ||
2912 | size_t dpos; | ||
2913 | |||
2914 | box = (struct UDPBox *) dgram; | ||
2915 | ss->sequence_used++; | ||
2916 | get_kid (&ss->master, ss->sequence_used, &box->kid); | ||
2917 | setup_cipher (&ss->master, ss->sequence_used, &out_cipher); | ||
2918 | /* Append encrypted payload to dgram */ | ||
2919 | dpos = sizeof(struct UDPBox); | ||
2920 | GNUNET_assert ( | ||
2921 | 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize)); | ||
2922 | dpos += msize; | ||
2923 | do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos); | ||
2924 | GNUNET_assert (0 == gcry_cipher_gettag (out_cipher, | ||
2925 | box->gcm_tag, | ||
2926 | sizeof(box->gcm_tag))); | ||
2927 | gcry_cipher_close (out_cipher); | ||
2928 | |||
2929 | receiver->rekey_send_bytes += sizeof(struct UDPBox) + receiver->d_mtu; | ||
2930 | |||
2931 | if (GNUNET_NO == receiver->rekeying) | ||
2932 | box->rekeying = GNUNET_NO; | ||
2933 | else | ||
2934 | box->rekeying = GNUNET_YES; | ||
2935 | |||
2936 | if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock, | ||
2937 | dgram, | ||
2938 | sizeof(dgram), | ||
2939 | receiver->address, | ||
2940 | receiver->address_len)) | ||
2941 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send"); | ||
2942 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2943 | "Sending UDPBox %u acks left\n", | ||
2944 | receiver->acks_available); | ||
2945 | GNUNET_MQ_impl_send_continue (mq); | ||
2946 | receiver->acks_available--; | ||
2947 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2948 | "%u receiver->acks_available 2\n", | ||
2949 | receiver->acks_available); | ||
2950 | check_for_rekeying (receiver, box); | ||
2951 | if (0 == receiver->acks_available - receiver->number_rekeying_kce) | ||
2952 | { | ||
2953 | /* We have no more ACKs */ | ||
2954 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2955 | "No more acks\n"); | ||
2956 | if (GNUNET_YES == receiver->rekeying) | ||
2957 | { | ||
2958 | receiver->rekeying = GNUNET_NO; | ||
2959 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2960 | "Sender stopped rekeying\n"); | ||
2961 | |||
2962 | if ((NULL != receiver->ss_rekey) && (0 < | ||
2963 | receiver->ss_rekey-> | ||
2964 | sequence_allowed) ) | ||
2965 | add_acks_rekey (receiver); | ||
2966 | } | ||
2967 | } | ||
2968 | else if ((GNUNET_YES == receiver->rekeying) ) | ||
2969 | { | ||
2970 | send_UDPRekey (receiver, ss); | ||
2971 | } | ||
2972 | |||
2973 | return; | ||
2974 | } | ||
2975 | } | ||
2976 | |||
2977 | |||
2978 | /** | ||
2979 | * Signature of functions implementing the destruction of a message | ||
2980 | * queue. Implementations must not free @a mq, but should take care | ||
2981 | * of @a impl_state. | ||
2982 | * | ||
2983 | * @param mq the message queue to destroy | ||
2984 | * @param impl_state our `struct ReceiverAddress` | ||
2985 | */ | ||
2986 | static void | ||
2987 | mq_destroy_d (struct GNUNET_MQ_Handle *mq, void *impl_state) | ||
2988 | { | ||
2989 | struct ReceiverAddress *receiver = impl_state; | ||
2990 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
2991 | "Default MQ destroyed\n"); | ||
2992 | if (mq == receiver->d_mq) | ||
2993 | { | ||
2994 | receiver->d_mq = NULL; | ||
2995 | if (GNUNET_YES != receiver->receiver_destroy_called) | ||
2996 | receiver_destroy (receiver); | ||
2997 | } | ||
2998 | } | ||
2999 | |||
3000 | |||
3001 | /** | ||
3002 | * Signature of functions implementing the destruction of a message | ||
3003 | * queue. Implementations must not free @a mq, but should take care | ||
3004 | * of @a impl_state. | ||
3005 | * | ||
3006 | * @param mq the message queue to destroy | ||
3007 | * @param impl_state our `struct ReceiverAddress` | ||
3008 | */ | ||
3009 | static void | ||
3010 | mq_destroy_kx (struct GNUNET_MQ_Handle *mq, void *impl_state) | ||
3011 | { | ||
3012 | struct ReceiverAddress *receiver = impl_state; | ||
3013 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3014 | "KX MQ destroyed\n"); | ||
3015 | if (mq == receiver->kx_mq) | ||
3016 | { | ||
3017 | receiver->kx_mq = NULL; | ||
3018 | if (GNUNET_YES != receiver->receiver_destroy_called) | ||
3019 | receiver_destroy (receiver); | ||
3020 | } | ||
3021 | } | ||
3022 | |||
3023 | |||
3024 | /** | ||
3025 | * Implementation function that cancels the currently sent message. | ||
3026 | * | ||
3027 | * @param mq message queue | ||
3028 | * @param impl_state our `struct RecvierAddress` | ||
3029 | */ | ||
3030 | static void | ||
3031 | mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state) | ||
3032 | { | ||
3033 | /* Cancellation is impossible with UDP; bail */ | ||
3034 | GNUNET_assert (0); | ||
3035 | } | ||
3036 | |||
3037 | |||
3038 | /** | ||
3039 | * Generic error handler, called with the appropriate | ||
3040 | * error code and the same closure specified at the creation of | ||
3041 | * the message queue. | ||
3042 | * Not every message queue implementation supports an error handler. | ||
3043 | * | ||
3044 | * @param cls our `struct ReceiverAddress` | ||
3045 | * @param error error code | ||
3046 | */ | ||
3047 | static void | ||
3048 | mq_error (void *cls, enum GNUNET_MQ_Error error) | ||
3049 | { | ||
3050 | struct ReceiverAddress *receiver = cls; | ||
3051 | |||
3052 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
3053 | "MQ error in queue to %s: %d\n", | ||
3054 | GNUNET_i2s (&receiver->target), | ||
3055 | (int) error); | ||
3056 | receiver_destroy (receiver); | ||
3057 | } | ||
3058 | |||
3059 | |||
3060 | /** | ||
3061 | * Setup the MQ for the @a receiver. If a queue exists, | ||
3062 | * the existing one is destroyed. Then the MTU is | ||
3063 | * recalculated and a fresh queue is initialized. | ||
3064 | * | ||
3065 | * @param receiver receiver to setup MQ for | ||
3066 | */ | ||
3067 | static void | ||
3068 | setup_receiver_mq (struct ReceiverAddress *receiver) | ||
3069 | { | ||
3070 | size_t base_mtu; | ||
3071 | |||
3072 | /*if (NULL != receiver->kx_qh) | ||
3073 | { | ||
3074 | GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh); | ||
3075 | receiver->kx_qh = NULL; | ||
3076 | } | ||
3077 | if (NULL != receiver->d_qh) | ||
3078 | { | ||
3079 | GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh); | ||
3080 | receiver->d_qh = NULL; | ||
3081 | }*/ | ||
3082 | // GNUNET_assert (NULL == receiver->mq); | ||
3083 | switch (receiver->address->sa_family) | ||
3084 | { | ||
3085 | case AF_INET: | ||
3086 | base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */ | ||
3087 | - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */ | ||
3088 | - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */; | ||
3089 | break; | ||
3090 | |||
3091 | case AF_INET6: | ||
3092 | base_mtu = 1280 /* Minimum MTU required by IPv6 */ | ||
3093 | - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */ | ||
3094 | - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */; | ||
3095 | break; | ||
3096 | |||
3097 | default: | ||
3098 | GNUNET_assert (0); | ||
3099 | break; | ||
3100 | } | ||
3101 | /* MTU based on full KX messages */ | ||
3102 | receiver->kx_mtu = base_mtu - sizeof(struct InitialKX) /* 48 */ | ||
3103 | - sizeof(struct UDPConfirmation); /* 104 */ | ||
3104 | /* MTU based on BOXed messages */ | ||
3105 | receiver->d_mtu = base_mtu - sizeof(struct UDPBox); | ||
3106 | |||
3107 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3108 | "Setting up MQs and QHs\n"); | ||
3109 | /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to | ||
3110 | 1404 (IPv4 + Box) bytes, depending on circumstances... */ | ||
3111 | if (NULL == receiver->kx_mq) | ||
3112 | receiver->kx_mq = GNUNET_MQ_queue_for_callbacks (&mq_send_kx, | ||
3113 | &mq_destroy_kx, | ||
3114 | &mq_cancel, | ||
3115 | receiver, | ||
3116 | NULL, | ||
3117 | &mq_error, | ||
3118 | receiver); | ||
3119 | if (NULL == receiver->d_mq) | ||
3120 | receiver->d_mq = GNUNET_MQ_queue_for_callbacks (&mq_send_d, | ||
3121 | &mq_destroy_d, | ||
3122 | &mq_cancel, | ||
3123 | receiver, | ||
3124 | NULL, | ||
3125 | &mq_error, | ||
3126 | receiver); | ||
3127 | |||
3128 | receiver->kx_qh = | ||
3129 | GNUNET_TRANSPORT_communicator_mq_add (ch, | ||
3130 | &receiver->target, | ||
3131 | receiver->foreign_addr, | ||
3132 | receiver->kx_mtu, | ||
3133 | GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED, | ||
3134 | 0, /* Priority */ | ||
3135 | receiver->nt, | ||
3136 | GNUNET_TRANSPORT_CS_OUTBOUND, | ||
3137 | receiver->kx_mq); | ||
3138 | receiver->d_qh = | ||
3139 | GNUNET_TRANSPORT_communicator_mq_add (ch, | ||
3140 | &receiver->target, | ||
3141 | receiver->foreign_addr, | ||
3142 | receiver->d_mtu, | ||
3143 | 0, /* Initialize with 0 acks */ | ||
3144 | 1, /* Priority */ | ||
3145 | receiver->nt, | ||
3146 | GNUNET_TRANSPORT_CS_OUTBOUND, | ||
3147 | receiver->d_mq); | ||
3148 | |||
3149 | } | ||
3150 | |||
3151 | |||
3152 | /** | ||
3153 | * Function called by the transport service to initialize a | ||
3154 | * message queue given address information about another peer. | ||
3155 | * If and when the communication channel is established, the | ||
3156 | * communicator must call #GNUNET_TRANSPORT_communicator_mq_add() | ||
3157 | * to notify the service that the channel is now up. It is | ||
3158 | * the responsibility of the communicator to manage sane | ||
3159 | * retries and timeouts for any @a peer/@a address combination | ||
3160 | * provided by the transport service. Timeouts and retries | ||
3161 | * do not need to be signalled to the transport service. | ||
3162 | * | ||
3163 | * @param cls closure | ||
3164 | * @param peer identity of the other peer | ||
3165 | * @param address where to send the message, human-readable | ||
3166 | * communicator-specific format, 0-terminated, UTF-8 | ||
3167 | * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is | ||
3168 | * invalid | ||
3169 | */ | ||
3170 | static int | ||
3171 | mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address) | ||
3172 | { | ||
3173 | struct ReceiverAddress *receiver; | ||
3174 | const char *path; | ||
3175 | struct sockaddr *in; | ||
3176 | socklen_t in_len; | ||
3177 | |||
3178 | if (0 != strncmp (address, | ||
3179 | COMMUNICATOR_ADDRESS_PREFIX "-", | ||
3180 | strlen (COMMUNICATOR_ADDRESS_PREFIX "-"))) | ||
3181 | { | ||
3182 | GNUNET_break_op (0); | ||
3183 | return GNUNET_SYSERR; | ||
3184 | } | ||
3185 | path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")]; | ||
3186 | in = udp_address_to_sockaddr (path, &in_len); | ||
3187 | |||
3188 | receiver = GNUNET_new (struct ReceiverAddress); | ||
3189 | receiver->address = in; | ||
3190 | receiver->address_len = in_len; | ||
3191 | receiver->target = *peer; | ||
3192 | receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len); | ||
3193 | (void) GNUNET_CONTAINER_multipeermap_put ( | ||
3194 | receivers, | ||
3195 | &receiver->target, | ||
3196 | receiver, | ||
3197 | GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE); | ||
3198 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3199 | "Added %s to receivers\n", | ||
3200 | GNUNET_i2s_full (&receiver->target)); | ||
3201 | receiver->timeout = | ||
3202 | GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT); | ||
3203 | receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap, | ||
3204 | receiver, | ||
3205 | receiver->timeout.abs_value_us); | ||
3206 | GNUNET_STATISTICS_set (stats, | ||
3207 | "# receivers active", | ||
3208 | GNUNET_CONTAINER_multipeermap_size (receivers), | ||
3209 | GNUNET_NO); | ||
3210 | receiver->foreign_addr = | ||
3211 | sockaddr_to_udpaddr_string (receiver->address, receiver->address_len); | ||
3212 | setup_receiver_mq (receiver); | ||
3213 | if (NULL == timeout_task) | ||
3214 | timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL); | ||
3215 | return GNUNET_OK; | ||
3216 | } | ||
3217 | |||
3218 | |||
3219 | /** | ||
3220 | * Iterator over all receivers to clean up. | ||
3221 | * | ||
3222 | * @param cls NULL | ||
3223 | * @param target unused | ||
3224 | * @param value the queue to destroy | ||
3225 | * @return #GNUNET_OK to continue to iterate | ||
3226 | */ | ||
3227 | static int | ||
3228 | get_receiver_delete_it (void *cls, | ||
3229 | const struct GNUNET_PeerIdentity *target, | ||
3230 | void *value) | ||
3231 | { | ||
3232 | struct ReceiverAddress *receiver = value; | ||
3233 | |||
3234 | (void) cls; | ||
3235 | (void) target; | ||
3236 | receiver_destroy (receiver); | ||
3237 | return GNUNET_OK; | ||
3238 | } | ||
3239 | |||
3240 | |||
3241 | /** | ||
3242 | * Iterator over all senders to clean up. | ||
3243 | * | ||
3244 | * @param cls NULL | ||
3245 | * @param target unused | ||
3246 | * @param value the queue to destroy | ||
3247 | * @return #GNUNET_OK to continue to iterate | ||
3248 | */ | ||
3249 | static int | ||
3250 | get_sender_delete_it (void *cls, | ||
3251 | const struct GNUNET_PeerIdentity *target, | ||
3252 | void *value) | ||
3253 | { | ||
3254 | struct SenderAddress *sender = value; | ||
3255 | |||
3256 | (void) cls; | ||
3257 | (void) target; | ||
3258 | |||
3259 | if (NULL != sender->kce_task_rekey) | ||
3260 | { | ||
3261 | GNUNET_SCHEDULER_cancel (sender->kce_task_rekey); | ||
3262 | sender->kce_task_rekey = NULL; | ||
3263 | } | ||
3264 | if (NULL != sender->kce_task) | ||
3265 | { | ||
3266 | GNUNET_SCHEDULER_cancel (sender->kce_task); | ||
3267 | sender->kce_task = NULL; | ||
3268 | } | ||
3269 | |||
3270 | sender_destroy (sender); | ||
3271 | return GNUNET_OK; | ||
3272 | } | ||
3273 | |||
3274 | |||
3275 | /** | ||
3276 | * Shutdown the UNIX communicator. | ||
3277 | * | ||
3278 | * @param cls NULL (always) | ||
3279 | */ | ||
3280 | static void | ||
3281 | do_shutdown (void *cls) | ||
3282 | { | ||
3283 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3284 | "do_shutdown\n"); | ||
3285 | if (NULL != nat) | ||
3286 | { | ||
3287 | GNUNET_NAT_unregister (nat); | ||
3288 | nat = NULL; | ||
3289 | } | ||
3290 | while (NULL != bi_head) | ||
3291 | bi_destroy (bi_head); | ||
3292 | if (NULL != broadcast_task) | ||
3293 | { | ||
3294 | GNUNET_SCHEDULER_cancel (broadcast_task); | ||
3295 | broadcast_task = NULL; | ||
3296 | } | ||
3297 | if (NULL != timeout_task) | ||
3298 | { | ||
3299 | GNUNET_SCHEDULER_cancel (timeout_task); | ||
3300 | timeout_task = NULL; | ||
3301 | } | ||
3302 | if (NULL != read_task) | ||
3303 | { | ||
3304 | GNUNET_SCHEDULER_cancel (read_task); | ||
3305 | read_task = NULL; | ||
3306 | } | ||
3307 | if (NULL != udp_sock) | ||
3308 | { | ||
3309 | GNUNET_break (GNUNET_OK == | ||
3310 | GNUNET_NETWORK_socket_close (udp_sock)); | ||
3311 | udp_sock = NULL; | ||
3312 | } | ||
3313 | GNUNET_CONTAINER_multipeermap_iterate (receivers, | ||
3314 | &get_receiver_delete_it, | ||
3315 | NULL); | ||
3316 | GNUNET_CONTAINER_multipeermap_destroy (receivers); | ||
3317 | GNUNET_CONTAINER_multipeermap_iterate (senders, | ||
3318 | &get_sender_delete_it, | ||
3319 | NULL); | ||
3320 | GNUNET_CONTAINER_multipeermap_destroy (senders); | ||
3321 | GNUNET_CONTAINER_multishortmap_destroy (key_cache); | ||
3322 | GNUNET_CONTAINER_heap_destroy (senders_heap); | ||
3323 | GNUNET_CONTAINER_heap_destroy (receivers_heap); | ||
3324 | if (NULL != timeout_task) | ||
3325 | { | ||
3326 | GNUNET_SCHEDULER_cancel (timeout_task); | ||
3327 | timeout_task = NULL; | ||
3328 | } | ||
3329 | if (NULL != ch) | ||
3330 | { | ||
3331 | GNUNET_TRANSPORT_communicator_disconnect (ch); | ||
3332 | ch = NULL; | ||
3333 | } | ||
3334 | if (NULL != ah) | ||
3335 | { | ||
3336 | GNUNET_TRANSPORT_application_done (ah); | ||
3337 | ah = NULL; | ||
3338 | } | ||
3339 | if (NULL != stats) | ||
3340 | { | ||
3341 | GNUNET_STATISTICS_destroy (stats, GNUNET_NO); | ||
3342 | stats = NULL; | ||
3343 | } | ||
3344 | if (NULL != my_private_key) | ||
3345 | { | ||
3346 | GNUNET_free (my_private_key); | ||
3347 | my_private_key = NULL; | ||
3348 | } | ||
3349 | if (NULL != is) | ||
3350 | { | ||
3351 | GNUNET_NT_scanner_done (is); | ||
3352 | is = NULL; | ||
3353 | } | ||
3354 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3355 | "do_shutdown finished\n"); | ||
3356 | } | ||
3357 | |||
3358 | |||
3359 | /** | ||
3360 | * Function called when the transport service has received a | ||
3361 | * backchannel message for this communicator (!) via a different return | ||
3362 | * path. Should be an acknowledgement. | ||
3363 | * | ||
3364 | * @param cls closure, NULL | ||
3365 | * @param sender which peer sent the notification | ||
3366 | * @param msg payload | ||
3367 | */ | ||
3368 | static void | ||
3369 | enc_notify_cb (void *cls, | ||
3370 | const struct GNUNET_PeerIdentity *sender, | ||
3371 | const struct GNUNET_MessageHeader *msg) | ||
3372 | { | ||
3373 | const struct UDPAck *ack; | ||
3374 | |||
3375 | (void) cls; | ||
3376 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3377 | "Storing UDPAck received from backchannel from %s\n", | ||
3378 | GNUNET_i2s_full (sender)); | ||
3379 | if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) || | ||
3380 | (ntohs (msg->size) != sizeof(struct UDPAck))) | ||
3381 | { | ||
3382 | GNUNET_break_op (0); | ||
3383 | return; | ||
3384 | } | ||
3385 | ack = (const struct UDPAck *) msg; | ||
3386 | GNUNET_CONTAINER_multipeermap_get_multiple (receivers, | ||
3387 | sender, | ||
3388 | &handle_ack, | ||
3389 | (void *) ack); | ||
3390 | } | ||
3391 | |||
3392 | |||
3393 | /** | ||
3394 | * Signature of the callback passed to #GNUNET_NAT_register() for | ||
3395 | * a function to call whenever our set of 'valid' addresses changes. | ||
3396 | * | ||
3397 | * @param cls closure | ||
3398 | * @param app_ctx[in,out] location where the app can store stuff | ||
3399 | * on add and retrieve it on remove | ||
3400 | * @param add_remove #GNUNET_YES to add a new public IP address, | ||
3401 | * #GNUNET_NO to remove a previous (now invalid) one | ||
3402 | * @param ac address class the address belongs to | ||
3403 | * @param addr either the previous or the new public IP address | ||
3404 | * @param addrlen actual length of the @a addr | ||
3405 | */ | ||
3406 | static void | ||
3407 | nat_address_cb (void *cls, | ||
3408 | void **app_ctx, | ||
3409 | int add_remove, | ||
3410 | enum GNUNET_NAT_AddressClass ac, | ||
3411 | const struct sockaddr *addr, | ||
3412 | socklen_t addrlen) | ||
3413 | { | ||
3414 | char *my_addr; | ||
3415 | struct GNUNET_TRANSPORT_AddressIdentifier *ai; | ||
3416 | |||
3417 | if (GNUNET_YES == add_remove) | ||
3418 | { | ||
3419 | enum GNUNET_NetworkType nt; | ||
3420 | |||
3421 | GNUNET_asprintf (&my_addr, | ||
3422 | "%s-%s", | ||
3423 | COMMUNICATOR_ADDRESS_PREFIX, | ||
3424 | GNUNET_a2s (addr, addrlen)); | ||
3425 | nt = GNUNET_NT_scanner_get_type (is, addr, addrlen); | ||
3426 | ai = | ||
3427 | GNUNET_TRANSPORT_communicator_address_add (ch, | ||
3428 | my_addr, | ||
3429 | nt, | ||
3430 | GNUNET_TIME_UNIT_FOREVER_REL); | ||
3431 | GNUNET_free (my_addr); | ||
3432 | *app_ctx = ai; | ||
3433 | } | ||
3434 | else | ||
3435 | { | ||
3436 | ai = *app_ctx; | ||
3437 | GNUNET_TRANSPORT_communicator_address_remove (ai); | ||
3438 | *app_ctx = NULL; | ||
3439 | } | ||
3440 | } | ||
3441 | |||
3442 | |||
3443 | /** | ||
3444 | * Broadcast our presence on one of our interfaces. | ||
3445 | * | ||
3446 | * @param cls a `struct BroadcastInterface` | ||
3447 | */ | ||
3448 | static void | ||
3449 | ifc_broadcast (void *cls) | ||
3450 | { | ||
3451 | struct BroadcastInterface *bi = cls; | ||
3452 | struct GNUNET_TIME_Relative delay; | ||
3453 | |||
3454 | delay = BROADCAST_FREQUENCY; | ||
3455 | delay.rel_value_us = | ||
3456 | GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, delay.rel_value_us); | ||
3457 | bi->broadcast_task = | ||
3458 | GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY, &ifc_broadcast, bi); | ||
3459 | |||
3460 | switch (bi->sa->sa_family) | ||
3461 | { | ||
3462 | case AF_INET: { | ||
3463 | static int yes = 1; | ||
3464 | static int no = 0; | ||
3465 | ssize_t sent; | ||
3466 | |||
3467 | if (GNUNET_OK != | ||
3468 | GNUNET_NETWORK_socket_setsockopt (udp_sock, | ||
3469 | SOL_SOCKET, | ||
3470 | SO_BROADCAST, | ||
3471 | &yes, | ||
3472 | sizeof(int))) | ||
3473 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, | ||
3474 | "setsockopt"); | ||
3475 | sent = GNUNET_NETWORK_socket_sendto (udp_sock, | ||
3476 | &bi->bcm, | ||
3477 | sizeof(bi->bcm), | ||
3478 | bi->ba, | ||
3479 | bi->salen); | ||
3480 | if (-1 == sent) | ||
3481 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, | ||
3482 | "sendto"); | ||
3483 | if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock, | ||
3484 | SOL_SOCKET, | ||
3485 | SO_BROADCAST, | ||
3486 | &no, | ||
3487 | sizeof(int))) | ||
3488 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, | ||
3489 | "setsockopt"); | ||
3490 | break; | ||
3491 | } | ||
3492 | |||
3493 | case AF_INET6: { | ||
3494 | ssize_t sent; | ||
3495 | struct sockaddr_in6 dst; | ||
3496 | |||
3497 | dst.sin6_family = AF_INET6; | ||
3498 | dst.sin6_port = htons (my_port); | ||
3499 | dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr; | ||
3500 | dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id; | ||
3501 | |||
3502 | sent = GNUNET_NETWORK_socket_sendto (udp_sock, | ||
3503 | &bi->bcm, | ||
3504 | sizeof(bi->bcm), | ||
3505 | (const struct sockaddr *) &dst, | ||
3506 | sizeof(dst)); | ||
3507 | if (-1 == sent) | ||
3508 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "sendto"); | ||
3509 | break; | ||
3510 | } | ||
3511 | |||
3512 | default: | ||
3513 | GNUNET_break (0); | ||
3514 | break; | ||
3515 | } | ||
3516 | } | ||
3517 | |||
3518 | |||
3519 | /** | ||
3520 | * Callback function invoked for each interface found. | ||
3521 | * Activates/deactivates broadcast interfaces. | ||
3522 | * | ||
3523 | * @param cls NULL | ||
3524 | * @param name name of the interface (can be NULL for unknown) | ||
3525 | * @param isDefault is this presumably the default interface | ||
3526 | * @param addr address of this interface (can be NULL for unknown or unassigned) | ||
3527 | * @param broadcast_addr the broadcast address (can be NULL for unknown or | ||
3528 | * unassigned) | ||
3529 | * @param netmask the network mask (can be NULL for unknown or unassigned) | ||
3530 | * @param addrlen length of the address | ||
3531 | * @return #GNUNET_OK to continue iteration, #GNUNET_SYSERR to abort | ||
3532 | */ | ||
3533 | static int | ||
3534 | iface_proc (void *cls, | ||
3535 | const char *name, | ||
3536 | int isDefault, | ||
3537 | const struct sockaddr *addr, | ||
3538 | const struct sockaddr *broadcast_addr, | ||
3539 | const struct sockaddr *netmask, | ||
3540 | socklen_t addrlen) | ||
3541 | { | ||
3542 | struct BroadcastInterface *bi; | ||
3543 | enum GNUNET_NetworkType network; | ||
3544 | struct UdpBroadcastSignature ubs; | ||
3545 | |||
3546 | (void) cls; | ||
3547 | (void) netmask; | ||
3548 | if (NULL == addr) | ||
3549 | return GNUNET_YES; /* need to know our address! */ | ||
3550 | network = GNUNET_NT_scanner_get_type (is, addr, addrlen); | ||
3551 | if (GNUNET_NT_LOOPBACK == network) | ||
3552 | { | ||
3553 | /* Broadcasting on loopback does not make sense */ | ||
3554 | return GNUNET_YES; | ||
3555 | } | ||
3556 | for (bi = bi_head; NULL != bi; bi = bi->next) | ||
3557 | { | ||
3558 | if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen))) | ||
3559 | { | ||
3560 | bi->found = GNUNET_YES; | ||
3561 | return GNUNET_OK; | ||
3562 | } | ||
3563 | } | ||
3564 | |||
3565 | if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr)) | ||
3566 | return GNUNET_OK; /* broadcast_addr is required for IPv6! */ | ||
3567 | if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket)) | ||
3568 | return GNUNET_OK; /* not using IPv6 */ | ||
3569 | |||
3570 | bi = GNUNET_new (struct BroadcastInterface); | ||
3571 | bi->sa = GNUNET_memdup (addr, | ||
3572 | addrlen); | ||
3573 | if ( (NULL != broadcast_addr) && | ||
3574 | (addrlen == sizeof (struct sockaddr_in)) ) | ||
3575 | { | ||
3576 | struct sockaddr_in *ba; | ||
3577 | |||
3578 | ba = GNUNET_memdup (broadcast_addr, | ||
3579 | addrlen); | ||
3580 | ba->sin_port = htons (2086); /* always GNUnet port, ignore configuration! */ | ||
3581 | bi->ba = (struct sockaddr *) ba; | ||
3582 | } | ||
3583 | bi->salen = addrlen; | ||
3584 | bi->found = GNUNET_YES; | ||
3585 | bi->bcm.sender = my_identity; | ||
3586 | ubs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST); | ||
3587 | ubs.purpose.size = htonl (sizeof(ubs)); | ||
3588 | ubs.sender = my_identity; | ||
3589 | GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address); | ||
3590 | GNUNET_CRYPTO_eddsa_sign (my_private_key, | ||
3591 | &ubs, | ||
3592 | &bi->bcm.sender_sig); | ||
3593 | if (NULL != bi->ba) | ||
3594 | { | ||
3595 | bi->broadcast_task = GNUNET_SCHEDULER_add_now (&ifc_broadcast, bi); | ||
3596 | GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi); | ||
3597 | } | ||
3598 | if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr)) | ||
3599 | { | ||
3600 | /* Create IPv6 multicast request */ | ||
3601 | const struct sockaddr_in6 *s6 = | ||
3602 | (const struct sockaddr_in6 *) broadcast_addr; | ||
3603 | |||
3604 | GNUNET_assert ( | ||
3605 | 1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr)); | ||
3606 | |||
3607 | /* http://tools.ietf.org/html/rfc2553#section-5.2: | ||
3608 | * | ||
3609 | * IPV6_JOIN_GROUP | ||
3610 | * | ||
3611 | * Join a multicast group on a specified local interface. If the | ||
3612 | * interface index is specified as 0, the kernel chooses the local | ||
3613 | * interface. For example, some kernels look up the multicast | ||
3614 | * group in the normal IPv6 routing table and using the resulting | ||
3615 | * interface; we do this for each interface, so no need to use | ||
3616 | * zero (anymore...). | ||
3617 | */bi->mcreq.ipv6mr_interface = s6->sin6_scope_id; | ||
3618 | |||
3619 | /* Join the multicast group */ | ||
3620 | if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock, | ||
3621 | IPPROTO_IPV6, | ||
3622 | IPV6_JOIN_GROUP, | ||
3623 | &bi->mcreq, | ||
3624 | sizeof(bi->mcreq))) | ||
3625 | { | ||
3626 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt"); | ||
3627 | } | ||
3628 | } | ||
3629 | return GNUNET_OK; | ||
3630 | } | ||
3631 | |||
3632 | |||
3633 | /** | ||
3634 | * Scan interfaces to broadcast our presence on the LAN. | ||
3635 | * | ||
3636 | * @param cls NULL, unused | ||
3637 | */ | ||
3638 | static void | ||
3639 | do_broadcast (void *cls) | ||
3640 | { | ||
3641 | struct BroadcastInterface *bin; | ||
3642 | |||
3643 | (void) cls; | ||
3644 | for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next) | ||
3645 | bi->found = GNUNET_NO; | ||
3646 | GNUNET_OS_network_interfaces_list (&iface_proc, NULL); | ||
3647 | for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin) | ||
3648 | { | ||
3649 | bin = bi->next; | ||
3650 | if (GNUNET_NO == bi->found) | ||
3651 | bi_destroy (bi); | ||
3652 | } | ||
3653 | broadcast_task = GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY, | ||
3654 | &do_broadcast, | ||
3655 | NULL); | ||
3656 | } | ||
3657 | |||
3658 | |||
3659 | /** | ||
3660 | * Setup communicator and launch network interactions. | ||
3661 | * | ||
3662 | * @param cls NULL (always) | ||
3663 | * @param args remaining command-line arguments | ||
3664 | * @param cfgfile name of the configuration file used (for saving, can be NULL!) | ||
3665 | * @param c configuration | ||
3666 | */ | ||
3667 | static void | ||
3668 | run (void *cls, | ||
3669 | char *const *args, | ||
3670 | const char *cfgfile, | ||
3671 | const struct GNUNET_CONFIGURATION_Handle *c) | ||
3672 | { | ||
3673 | char *bindto; | ||
3674 | struct sockaddr *in; | ||
3675 | socklen_t in_len; | ||
3676 | struct sockaddr_storage in_sto; | ||
3677 | socklen_t sto_len; | ||
3678 | |||
3679 | (void) cls; | ||
3680 | cfg = c; | ||
3681 | if (GNUNET_OK != | ||
3682 | GNUNET_CONFIGURATION_get_value_string (cfg, | ||
3683 | COMMUNICATOR_CONFIG_SECTION, | ||
3684 | "BINDTO", | ||
3685 | &bindto)) | ||
3686 | { | ||
3687 | GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, | ||
3688 | COMMUNICATOR_CONFIG_SECTION, | ||
3689 | "BINDTO"); | ||
3690 | return; | ||
3691 | } | ||
3692 | |||
3693 | if (GNUNET_OK != | ||
3694 | GNUNET_CONFIGURATION_get_value_time (cfg, | ||
3695 | COMMUNICATOR_CONFIG_SECTION, | ||
3696 | "REKEY_INTERVAL", | ||
3697 | &rekey_interval)) | ||
3698 | rekey_interval = DEFAULT_REKEY_TIME_INTERVAL; | ||
3699 | |||
3700 | if (GNUNET_OK != | ||
3701 | GNUNET_CONFIGURATION_get_value_size (cfg, | ||
3702 | COMMUNICATOR_CONFIG_SECTION, | ||
3703 | "REKEY_MAX_BYTES", | ||
3704 | &rekey_max_bytes)) | ||
3705 | rekey_max_bytes = DEFAULT_REKEY_MAX_BYTES; | ||
3706 | |||
3707 | in = udp_address_to_sockaddr (bindto, &in_len); | ||
3708 | if (NULL == in) | ||
3709 | { | ||
3710 | GNUNET_log (GNUNET_ERROR_TYPE_ERROR, | ||
3711 | "Failed to setup UDP socket address with path `%s'\n", | ||
3712 | bindto); | ||
3713 | GNUNET_free (bindto); | ||
3714 | return; | ||
3715 | } | ||
3716 | udp_sock = | ||
3717 | GNUNET_NETWORK_socket_create (in->sa_family, | ||
3718 | SOCK_DGRAM, | ||
3719 | IPPROTO_UDP); | ||
3720 | if (NULL == udp_sock) | ||
3721 | { | ||
3722 | GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "socket"); | ||
3723 | GNUNET_free (in); | ||
3724 | GNUNET_free (bindto); | ||
3725 | return; | ||
3726 | } | ||
3727 | if (AF_INET6 == in->sa_family) | ||
3728 | have_v6_socket = GNUNET_YES; | ||
3729 | if (GNUNET_OK != | ||
3730 | GNUNET_NETWORK_socket_bind (udp_sock, | ||
3731 | in, | ||
3732 | in_len)) | ||
3733 | { | ||
3734 | GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, | ||
3735 | "bind", | ||
3736 | bindto); | ||
3737 | GNUNET_NETWORK_socket_close (udp_sock); | ||
3738 | udp_sock = NULL; | ||
3739 | GNUNET_free (in); | ||
3740 | GNUNET_free (bindto); | ||
3741 | return; | ||
3742 | } | ||
3743 | |||
3744 | /* We might have bound to port 0, allowing the OS to figure it out; | ||
3745 | thus, get the real IN-address from the socket */ | ||
3746 | sto_len = sizeof(in_sto); | ||
3747 | if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock), | ||
3748 | (struct sockaddr *) &in_sto, | ||
3749 | &sto_len)) | ||
3750 | { | ||
3751 | memcpy (&in_sto, in, in_len); | ||
3752 | sto_len = in_len; | ||
3753 | } | ||
3754 | GNUNET_free (in); | ||
3755 | GNUNET_free (bindto); | ||
3756 | in = (struct sockaddr *) &in_sto; | ||
3757 | in_len = sto_len; | ||
3758 | GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, | ||
3759 | "Bound to `%s'\n", | ||
3760 | GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len)); | ||
3761 | switch (in->sa_family) | ||
3762 | { | ||
3763 | case AF_INET: | ||
3764 | my_port = ntohs (((struct sockaddr_in *) in)->sin_port); | ||
3765 | break; | ||
3766 | |||
3767 | case AF_INET6: | ||
3768 | my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port); | ||
3769 | break; | ||
3770 | |||
3771 | default: | ||
3772 | GNUNET_break (0); | ||
3773 | my_port = 0; | ||
3774 | } | ||
3775 | stats = GNUNET_STATISTICS_create ("C-UDP", cfg); | ||
3776 | senders = GNUNET_CONTAINER_multipeermap_create (32, GNUNET_YES); | ||
3777 | receivers = GNUNET_CONTAINER_multipeermap_create (32, GNUNET_YES); | ||
3778 | senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); | ||
3779 | receivers_heap = | ||
3780 | GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN); | ||
3781 | key_cache = GNUNET_CONTAINER_multishortmap_create (1024, GNUNET_YES); | ||
3782 | GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL); | ||
3783 | is = GNUNET_NT_scanner_init (); | ||
3784 | my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg); | ||
3785 | if (NULL == my_private_key) | ||
3786 | { | ||
3787 | GNUNET_log ( | ||
3788 | GNUNET_ERROR_TYPE_ERROR, | ||
3789 | _ ( | ||
3790 | "Transport service is lacking key configuration settings. Exiting.\n")); | ||
3791 | GNUNET_SCHEDULER_shutdown (); | ||
3792 | return; | ||
3793 | } | ||
3794 | GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, &my_identity.public_key); | ||
3795 | /* start reading */ | ||
3796 | read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL, | ||
3797 | udp_sock, | ||
3798 | &sock_read, | ||
3799 | NULL); | ||
3800 | ch = GNUNET_TRANSPORT_communicator_connect (cfg, | ||
3801 | COMMUNICATOR_CONFIG_SECTION, | ||
3802 | COMMUNICATOR_ADDRESS_PREFIX, | ||
3803 | GNUNET_TRANSPORT_CC_UNRELIABLE, | ||
3804 | &mq_init, | ||
3805 | NULL, | ||
3806 | &enc_notify_cb, | ||
3807 | NULL); | ||
3808 | if (NULL == ch) | ||
3809 | { | ||
3810 | GNUNET_break (0); | ||
3811 | GNUNET_SCHEDULER_shutdown (); | ||
3812 | return; | ||
3813 | } | ||
3814 | ah = GNUNET_TRANSPORT_application_init (cfg); | ||
3815 | if (NULL == ah) | ||
3816 | { | ||
3817 | GNUNET_break (0); | ||
3818 | GNUNET_SCHEDULER_shutdown (); | ||
3819 | return; | ||
3820 | } | ||
3821 | /* start broadcasting */ | ||
3822 | if (GNUNET_YES != | ||
3823 | GNUNET_CONFIGURATION_get_value_yesno (cfg, | ||
3824 | COMMUNICATOR_CONFIG_SECTION, | ||
3825 | "DISABLE_BROADCAST")) | ||
3826 | { | ||
3827 | broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL); | ||
3828 | } | ||
3829 | nat = GNUNET_NAT_register (cfg, | ||
3830 | COMMUNICATOR_CONFIG_SECTION, | ||
3831 | IPPROTO_UDP, | ||
3832 | 1 /* one address */, | ||
3833 | (const struct sockaddr **) &in, | ||
3834 | &in_len, | ||
3835 | &nat_address_cb, | ||
3836 | NULL /* FIXME: support reversal: #5529 */, | ||
3837 | NULL /* closure */); | ||
3838 | } | ||
3839 | |||
3840 | |||
3841 | /** | ||
3842 | * The main function for the UNIX communicator. | ||
3843 | * | ||
3844 | * @param argc number of arguments from the command line | ||
3845 | * @param argv command line arguments | ||
3846 | * @return 0 ok, 1 on error | ||
3847 | */ | ||
3848 | int | ||
3849 | main (int argc, char *const *argv) | ||
3850 | { | ||
3851 | static const struct GNUNET_GETOPT_CommandLineOption options[] = { | ||
3852 | GNUNET_GETOPT_OPTION_END | ||
3853 | }; | ||
3854 | int ret; | ||
3855 | |||
3856 | if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv)) | ||
3857 | return 2; | ||
3858 | |||
3859 | ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc, | ||
3860 | argv, | ||
3861 | "gnunet-communicator-udp", | ||
3862 | _ ("GNUnet UDP communicator"), | ||
3863 | options, | ||
3864 | &run, | ||
3865 | NULL)) | ||
3866 | ? 0 | ||
3867 | : 1; | ||
3868 | GNUNET_free_nz ((void *) argv); | ||
3869 | return ret; | ||
3870 | } | ||
3871 | |||
3872 | |||
3873 | /* end of gnunet-communicator-udp.c */ | ||