aboutsummaryrefslogtreecommitdiff
path: root/src/transport/gnunet-communicator-udp.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/transport/gnunet-communicator-udp.c')
-rw-r--r--src/transport/gnunet-communicator-udp.c3449
1 files changed, 0 insertions, 3449 deletions
diff --git a/src/transport/gnunet-communicator-udp.c b/src/transport/gnunet-communicator-udp.c
deleted file mode 100644
index f5cf7ab0f..000000000
--- a/src/transport/gnunet-communicator-udp.c
+++ /dev/null
@@ -1,3449 +0,0 @@
1/*
2 This file is part of GNUnet
3 Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
4
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
9
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
14 :
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
17
18 SPDX-License-Identifier: AGPL3.0-or-later
19 */
20
21/**
22 * @file transport/gnunet-communicator-udp.c
23 * @brief Transport plugin using UDP.
24 * @author Christian Grothoff
25 *
26 * TODO:
27 * - consider imposing transmission limits in the absence
28 * of ACKs; or: maybe this should be done at TNG service level?
29 * (at least the receiver might want to enforce limits on
30 * KX/DH operations per sender in here) (#5552)
31 * - overall, we should look more into flow control support
32 * (either in backchannel, or general solution in TNG service)
33 * - handle addresses discovered from broadcasts (#5551)
34 * (think: what was the story again on address validation?
35 * where is the API for that!?!)
36 * - support DNS names in BINDTO option (#5528)
37 * - support NAT connection reversal method (#5529)
38 * - support other UDP-specific NAT traversal methods (#)
39 */
40#include "platform.h"
41#include "gnunet_common.h"
42#include "gnunet_util_lib.h"
43#include "gnunet_protocols.h"
44#include "gnunet_signatures.h"
45#include "gnunet_constants.h"
46#include "gnunet_nt_lib.h"
47#include "gnunet_nat_service.h"
48#include "gnunet_statistics_service.h"
49#include "gnunet_transport_application_service.h"
50#include "gnunet_transport_communication_service.h"
51
52/**
53 * How often do we rekey based on time (at least)
54 */
55#define DEFAULT_REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
56
57/**
58 * How long do we wait until we must have received the initial KX?
59 */
60#define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
61
62/**
63 * How often do we broadcast our presence on the LAN?
64 */
65#define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
66
67/**
68 * How often do we scan for changes to our network interfaces?
69 */
70#define INTERFACE_SCAN_FREQUENCY \
71 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
72
73/**
74 * How long do we believe our addresses to remain up (before
75 * the other peer should revalidate).
76 */
77#define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
78
79#define WORKING_QUEUE_INTERVALL \
80 GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)
81
82/**
83 * AES key size.
84 */
85#define AES_KEY_SIZE (256 / 8)
86
87/**
88 * AES (GCM) IV size.
89 */
90#define AES_IV_SIZE (96 / 8)
91
92/**
93 * Size of the GCM tag.
94 */
95#define GCM_TAG_SIZE (128 / 8)
96
97#define GENERATE_AT_ONCE 16
98
99/**
100 * If we fall below this number of available KCNs,
101 * we generate additional ACKs until we reach
102 * #KCN_TARGET.
103 * Should be large enough that we don't generate ACKs all
104 * the time and still have enough time for the ACK to
105 * arrive before the sender runs out. So really this
106 * should ideally be based on the RTT.
107 */
108#define KCN_THRESHOLD 96
109
110/**
111 * How many KCNs do we keep around *after* we hit
112 * the #KCN_THRESHOLD? Should be larger than
113 * #KCN_THRESHOLD so we do not generate just one
114 * ACK at the time.
115 */
116#define KCN_TARGET 128
117
118/**
119 * What is the maximum delta between KCN sequence numbers
120 * that we allow. Used to expire 'ancient' KCNs that likely
121 * were dropped by the network. Must be larger than
122 * KCN_TARGET (otherwise we generate new KCNs all the time),
123 * but not too large (otherwise packet loss may cause
124 * sender to fall back to KX needlessly when sender runs
125 * out of ACK'ed KCNs due to losses).
126 */
127#define MAX_SQN_DELTA 160
128
129/**
130 * How many shared master secrets do we keep around
131 * at most per sender? Should be large enough so
132 * that we generally have a chance of sending an ACK
133 * before the sender already rotated out the master
134 * secret. Generally values around #KCN_TARGET make
135 * sense. Might make sense to adapt to RTT if we had
136 * a good measurement...
137 */
138#define MAX_SECRETS 256
139
140/**
141 * Default value for how often we do rekey based on number of bytes transmitted?
142 * (additionally randomized).
143 */
144#define DEFAULT_REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
145
146/**
147 * Address prefix used by the communicator.
148 */
149
150#define COMMUNICATOR_ADDRESS_PREFIX "udp"
151
152/**
153 * Configuration section used by the communicator.
154 */
155#define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
156
157GNUNET_NETWORK_STRUCT_BEGIN
158
159
160/**
161 * Signature we use to verify that the ephemeral key was really chosen by
162 * the specified sender. If possible, the receiver should respond with
163 * a `struct UDPAck` (possibly via backchannel).
164 */
165struct UdpHandshakeSignature
166{
167 /**
168 * Purpose must be #GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE
169 */
170 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
171
172 /**
173 * Identity of the inititor of the UDP connection (UDP client).
174 */
175 struct GNUNET_PeerIdentity sender;
176
177 /**
178 * Presumed identity of the target of the UDP connection (UDP server)
179 */
180 struct GNUNET_PeerIdentity receiver;
181
182 /**
183 * Ephemeral key used by the @e sender.
184 */
185 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral;
186
187 /**
188 * Monotonic time of @e sender, to possibly help detect replay attacks
189 * (if receiver persists times by sender).
190 */
191 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
192};
193
194
195/**
196 * "Plaintext" header at beginning of KX message. Followed
197 * by encrypted `struct UDPConfirmation`.
198 */
199struct InitialKX
200{
201 /**
202 * Ephemeral key for KX.
203 */
204 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral;
205
206 /**
207 * HMAC for the following encrypted message, using GCM. HMAC uses
208 * key derived from the handshake with sequence number zero.
209 */
210 uint8_t gcm_tag[GCM_TAG_SIZE];
211
212};
213
214
215/**
216 * Encrypted continuation of UDP initial handshake, followed
217 * by message header with payload.
218 */
219struct UDPConfirmation
220{
221 /**
222 * Sender's identity
223 */
224 struct GNUNET_PeerIdentity sender;
225
226 /**
227 * Sender's signature of type #GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE
228 */
229 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
230
231 /**
232 * Monotonic time of @e sender, to possibly help detect replay attacks
233 * (if receiver persists times by sender).
234 */
235 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
236
237 /* followed by messages */
238
239 /* padding may follow actual messages */
240};
241
242
243/**
244 * UDP key acknowledgement. May be sent via backchannel. Allows the
245 * sender to use `struct UDPBox` with the acknowledge key henceforth.
246 */
247struct UDPAck
248{
249 /**
250 * Type is #GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
251 */
252 struct GNUNET_MessageHeader header;
253
254 /**
255 * Sequence acknowledgement limit. Specifies current maximum sequence
256 * number supported by receiver.
257 */
258 uint32_t sequence_ack GNUNET_PACKED;
259
260 /**
261 * CMAC of the base key being acknowledged.
262 */
263 struct GNUNET_HashCode cmac;
264};
265
266
267/**
268 * Signature we use to verify that the broadcast was really made by
269 * the peer that claims to have made it. Basically, affirms that the
270 * peer is really using this IP address (albeit possibly not in _our_
271 * LAN). Makes it difficult for peers in the LAN to claim to
272 * be just any global peer -- an attacker must have at least
273 * shared a LAN with the peer they're pretending to be here.
274 */
275struct UdpBroadcastSignature
276{
277 /**
278 * Purpose must be #GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST
279 */
280 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
281
282 /**
283 * Identity of the inititor of the UDP broadcast.
284 */
285 struct GNUNET_PeerIdentity sender;
286
287 /**
288 * Hash of the sender's UDP address.
289 */
290 struct GNUNET_HashCode h_address;
291};
292
293
294/**
295 * Broadcast by peer in LAN announcing its presence. Unusual in that
296 * we don't pad these to full MTU, as we cannot prevent being
297 * recognized in LAN as GNUnet peers if this feature is enabled
298 * anyway. Also, the entire message is in cleartext.
299 */
300struct UDPBroadcast
301{
302 /**
303 * Sender's peer identity.
304 */
305 struct GNUNET_PeerIdentity sender;
306
307 /**
308 * Sender's signature of type
309 * #GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST
310 */
311 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
312};
313
314
315/**
316 * UDP message box. Always sent encrypted, only allowed after
317 * the receiver sent a `struct UDPAck` for the base key!
318 */
319struct UDPBox
320{
321 /**
322 * Key and IV identification code. KDF applied to an acknowledged
323 * base key and a sequence number. Sequence numbers must be used
324 * monotonically increasing up to the maximum specified in
325 * `struct UDPAck`. Without further `struct UDPAck`s, the sender
326 * must fall back to sending handshakes!
327 */
328 struct GNUNET_ShortHashCode kid;
329
330 /**
331 * 128-bit authentication tag for the following encrypted message,
332 * from GCM. MAC starts at the @e body_start that follows and
333 * extends until the end of the UDP payload. If the @e hmac is
334 * wrong, the receiver should check if the message might be a
335 * `struct UdpHandshakeSignature`.
336 */
337 uint8_t gcm_tag[GCM_TAG_SIZE];
338
339};
340
341/**
342 * Plaintext of a rekey payload in a UDPBox.
343 */
344struct UDPRekey
345{
346 /**
347 * Type is #GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY.
348 */
349 struct GNUNET_MessageHeader header;
350
351 /**
352 * Ephemeral key to rekey with.
353 */
354 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral;
355};
356
357GNUNET_NETWORK_STRUCT_END
358
359/**
360 * Shared secret we generated for a particular sender or receiver.
361 */
362struct SharedSecret;
363
364
365/**
366 * Pre-generated "kid" code (key and IV identification code) to
367 * quickly derive master key for a `struct UDPBox`.
368 */
369struct KeyCacheEntry
370{
371 /**
372 * Kept in a DLL.
373 */
374 struct KeyCacheEntry *next;
375
376 /**
377 * Kept in a DLL.
378 */
379 struct KeyCacheEntry *prev;
380
381 /**
382 * Key and IV identification code. KDF applied to an acknowledged
383 * base key and a sequence number. Sequence numbers must be used
384 * monotonically increasing up to the maximum specified in
385 * `struct UDPAck`. Without further `struct UDPAck`s, the sender
386 * must fall back to sending handshakes!
387 */
388 struct GNUNET_ShortHashCode kid;
389
390 /**
391 * Corresponding shared secret.
392 */
393 struct SharedSecret *ss;
394
395 /**
396 * Sequence number used to derive this entry from master key.
397 */
398 uint32_t sequence_number;
399};
400
401
402/**
403 * Information we track per sender address we have recently been
404 * in contact with (decryption from sender).
405 */
406struct SenderAddress;
407
408/**
409 * Information we track per receiving address we have recently been
410 * in contact with (encryption to receiver).
411 */
412struct ReceiverAddress;
413
414/**
415 * Shared secret we generated for a particular sender or receiver.
416 */
417struct SharedSecret
418{
419 /**
420 * Kept in a DLL.
421 */
422 struct SharedSecret *next;
423
424 /**
425 * Kept in a DLL.
426 */
427 struct SharedSecret *prev;
428
429 /**
430 * Kept in a DLL, sorted by sequence number. Only if we are decrypting.
431 */
432 struct KeyCacheEntry *kce_head;
433
434 /**
435 * Kept in a DLL, sorted by sequence number. Only if we are decrypting.
436 */
437 struct KeyCacheEntry *kce_tail;
438
439 /**
440 * Sender we use this shared secret with, or NULL.
441 */
442 struct SenderAddress *sender;
443
444 /**
445 * Receiver we use this shared secret with, or NULL.
446 */
447 struct ReceiverAddress *receiver;
448
449 /**
450 * Master shared secret.
451 */
452 struct GNUNET_HashCode master;
453
454 /**
455 * CMAC is used to identify @e master in ACKs.
456 */
457 struct GNUNET_HashCode cmac;
458
459 /**
460 * Up to which sequence number did we use this @e master already?
461 * (for encrypting only)
462 */
463 uint32_t sequence_used;
464
465 /**
466 * Up to which sequence number did the other peer allow us to use
467 * this key, or up to which number did we allow the other peer to
468 * use this key?
469 */
470 uint32_t sequence_allowed;
471
472 /**
473 * Number of active KCN entries.
474 */
475 unsigned int active_kce_count;
476
477 /**
478 * Bytes sent with this shared secret
479 */
480 size_t bytes_sent;
481
482 /**
483 * rekey initiated for this secret?
484 */
485 int rekey_initiated;
486
487 /**
488 * Also precompute keys despite sufficient acks (for rekey)
489 */
490 int override_available_acks;
491};
492
493
494/**
495 * Information we track per sender address we have recently been
496 * in contact with (we decrypt messages from the sender).
497 */
498struct SenderAddress
499{
500 /**
501 * To whom are we talking to.
502 */
503 struct GNUNET_PeerIdentity target;
504
505 /**
506 * Entry in sender expiration heap.
507 */
508 struct GNUNET_CONTAINER_HeapNode *hn;
509
510 /**
511 * Shared secrets we used with @e target, first used is head.
512 */
513 struct SharedSecret *ss_head;
514
515 /**
516 * Shared secrets we used with @e target, last used is tail.
517 */
518 struct SharedSecret *ss_tail;
519
520 /**
521 * Address of the other peer.
522 */
523 struct sockaddr *address;
524
525 /**
526 * Length of the address.
527 */
528 socklen_t address_len;
529
530 /**
531 * Timeout for this sender.
532 */
533 struct GNUNET_TIME_Absolute timeout;
534
535 /**
536 * Length of the DLL at @a ss_head.
537 */
538 unsigned int num_secrets;
539
540 /**
541 * Number of BOX keys from ACKs we have currently
542 * available for this sender.
543 */
544 unsigned int acks_available;
545
546 /**
547 * Which network type does this queue use?
548 */
549 enum GNUNET_NetworkType nt;
550
551 /**
552 * sender_destroy already called on sender.
553 */
554 int sender_destroy_called;
555
556 /**
557 * ID of kce working queue task
558 */
559 struct GNUNET_SCHEDULER_Task *kce_task;
560
561 /**
562 * Is the kce_task finished?
563 */
564 int kce_task_finished;
565
566 /**
567 * When KCE finishes, send ACK if GNUNET_YES
568 */
569 int kce_send_ack_on_finish;
570};
571
572
573/**
574 * Information we track per receiving address we have recently been
575 * in contact with (encryption to receiver).
576 */
577struct ReceiverAddress
578{
579 /**
580 * Timeout for this receiver address.
581 */
582 struct GNUNET_TIME_Absolute rekey_timeout;
583
584 /**
585 * To whom are we talking to.
586 */
587 struct GNUNET_PeerIdentity target;
588
589 /**
590 * Shared secrets we received from @e target, first used is head.
591 */
592 struct SharedSecret *ss_head;
593
594 /**
595 * Shared secrets we received with @e target, last used is tail.
596 */
597 struct SharedSecret *ss_tail;
598
599 /**
600 * Address of the receiver in the human-readable format
601 * with the #COMMUNICATOR_ADDRESS_PREFIX.
602 */
603 char *foreign_addr;
604
605 /**
606 * Address of the other peer.
607 */
608 struct sockaddr *address;
609
610 /**
611 * Length of the address.
612 */
613 socklen_t address_len;
614
615 /**
616 * Entry in sender expiration heap.
617 */
618 struct GNUNET_CONTAINER_HeapNode *hn;
619
620 /**
621 * KX message queue we are providing for the #ch.
622 */
623 struct GNUNET_MQ_Handle *kx_mq;
624
625 /**
626 * Default message queue we are providing for the #ch.
627 */
628 struct GNUNET_MQ_Handle *d_mq;
629
630 /**
631 * handle for KX queue with the #ch.
632 */
633 struct GNUNET_TRANSPORT_QueueHandle *kx_qh;
634
635 /**
636 * handle for default queue with the #ch.
637 */
638 struct GNUNET_TRANSPORT_QueueHandle *d_qh;
639
640 /**
641 * Timeout for this receiver address.
642 */
643 struct GNUNET_TIME_Absolute timeout;
644
645 /**
646 * MTU we allowed transport for this receiver's KX queue.
647 */
648 size_t kx_mtu;
649
650 /**
651 * MTU we allowed transport for this receiver's default queue.
652 */
653 size_t d_mtu;
654
655 /**
656 * Length of the DLL at @a ss_head.
657 */
658 unsigned int num_secrets;
659
660 /**
661 * Number of BOX keys from ACKs we have currently
662 * available for this receiver.
663 */
664 unsigned int acks_available;
665
666 /**
667 * Which network type does this queue use?
668 */
669 enum GNUNET_NetworkType nt;
670
671 /**
672 * receiver_destroy already called on receiver.
673 */
674 int receiver_destroy_called;
675};
676
677/**
678 * Interface we broadcast our presence on.
679 */
680struct BroadcastInterface
681{
682 /**
683 * Kept in a DLL.
684 */
685 struct BroadcastInterface *next;
686
687 /**
688 * Kept in a DLL.
689 */
690 struct BroadcastInterface *prev;
691
692 /**
693 * Task for this broadcast interface.
694 */
695 struct GNUNET_SCHEDULER_Task *broadcast_task;
696
697 /**
698 * Sender's address of the interface.
699 */
700 struct sockaddr *sa;
701
702 /**
703 * Broadcast address to use on the interface.
704 */
705 struct sockaddr *ba;
706
707 /**
708 * Message we broadcast on this interface.
709 */
710 struct UDPBroadcast bcm;
711
712 /**
713 * If this is an IPv6 interface, this is the request
714 * we use to join/leave the group.
715 */
716 struct ipv6_mreq mcreq;
717
718 /**
719 * Number of bytes in @e sa.
720 */
721 socklen_t salen;
722
723 /**
724 * Was this interface found in the last #iface_proc() scan?
725 */
726 int found;
727};
728
729/**
730 * The rekey interval
731 */
732static struct GNUNET_TIME_Relative rekey_interval;
733
734/**
735 * How often we do rekey based on number of bytes transmitted
736 */
737static unsigned long long rekey_max_bytes;
738
739/**
740 * Cache of pre-generated key IDs.
741 */
742static struct GNUNET_CONTAINER_MultiShortmap *key_cache;
743
744/**
745 * ID of read task
746 */
747static struct GNUNET_SCHEDULER_Task *read_task;
748
749/**
750 * ID of timeout task
751 */
752static struct GNUNET_SCHEDULER_Task *timeout_task;
753
754/**
755 * ID of master broadcast task
756 */
757static struct GNUNET_SCHEDULER_Task *broadcast_task;
758
759/**
760 * For logging statistics.
761 */
762static struct GNUNET_STATISTICS_Handle *stats;
763
764/**
765 * Our environment.
766 */
767static struct GNUNET_TRANSPORT_CommunicatorHandle *ch;
768
769/**
770 * Receivers (map from peer identity to `struct ReceiverAddress`)
771 */
772static struct GNUNET_CONTAINER_MultiPeerMap *receivers;
773
774/**
775 * Senders (map from peer identity to `struct SenderAddress`)
776 */
777static struct GNUNET_CONTAINER_MultiPeerMap *senders;
778
779/**
780 * Expiration heap for senders (contains `struct SenderAddress`)
781 */
782static struct GNUNET_CONTAINER_Heap *senders_heap;
783
784/**
785 * Expiration heap for receivers (contains `struct ReceiverAddress`)
786 */
787static struct GNUNET_CONTAINER_Heap *receivers_heap;
788
789/**
790 * Broadcast interface tasks. Kept in a DLL.
791 */
792static struct BroadcastInterface *bi_head;
793
794/**
795 * Broadcast interface tasks. Kept in a DLL.
796 */
797static struct BroadcastInterface *bi_tail;
798
799/**
800 * Our socket.
801 */
802static struct GNUNET_NETWORK_Handle *udp_sock;
803
804/**
805 * #GNUNET_YES if #udp_sock supports IPv6.
806 */
807static int have_v6_socket;
808
809/**
810 * Our public key.
811 */
812static struct GNUNET_PeerIdentity my_identity;
813
814/**
815 * Our private key.
816 */
817static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key;
818
819/**
820 * Our configuration.
821 */
822static const struct GNUNET_CONFIGURATION_Handle *cfg;
823
824/**
825 * Our handle to report addresses for validation to TRANSPORT.
826 */
827static struct GNUNET_TRANSPORT_ApplicationHandle *ah;
828
829/**
830 * Network scanner to determine network types.
831 */
832static struct GNUNET_NT_InterfaceScanner *is;
833
834/**
835 * Connection to NAT service.
836 */
837static struct GNUNET_NAT_Handle *nat;
838
839/**
840 * Port number to which we are actually bound.
841 */
842static uint16_t my_port;
843
844
845/**
846 * An interface went away, stop broadcasting on it.
847 *
848 * @param bi entity to close down
849 */
850static void
851bi_destroy (struct BroadcastInterface *bi)
852{
853 if (AF_INET6 == bi->sa->sa_family)
854 {
855 /* Leave the multicast group */
856 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
857 IPPROTO_IPV6,
858 IPV6_LEAVE_GROUP,
859 &bi->mcreq,
860 sizeof(bi->mcreq)))
861 {
862 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
863 }
864 }
865 GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
866 GNUNET_SCHEDULER_cancel (bi->broadcast_task);
867 GNUNET_free (bi->sa);
868 GNUNET_free (bi->ba);
869 GNUNET_free (bi);
870}
871
872
873/**
874 * Destroys a receiving state due to timeout or shutdown.
875 *
876 * @param receiver entity to close down
877 */
878static void
879receiver_destroy (struct ReceiverAddress *receiver)
880{
881
882 receiver->receiver_destroy_called = GNUNET_YES;
883
884 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
885 "Disconnecting receiver for peer `%s'\n",
886 GNUNET_i2s (&receiver->target));
887 if (NULL != receiver->kx_qh)
888 {
889 GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh);
890 receiver->kx_qh = NULL;
891 receiver->kx_mq = NULL;
892 }
893 if (NULL != receiver->d_qh)
894 {
895 GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh);
896 receiver->d_qh = NULL;
897 }
898 GNUNET_assert (GNUNET_YES ==
899 GNUNET_CONTAINER_multipeermap_remove (receivers,
900 &receiver->target,
901 receiver));
902 GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
903 GNUNET_STATISTICS_set (stats,
904 "# receivers active",
905 GNUNET_CONTAINER_multipeermap_size (receivers),
906 GNUNET_NO);
907 GNUNET_free (receiver->address);
908 GNUNET_free (receiver->foreign_addr);
909 GNUNET_free (receiver);
910}
911
912
913/**
914 * Free memory used by key cache entry.
915 *
916 * @param kce the key cache entry
917 */
918static void
919kce_destroy (struct KeyCacheEntry *kce)
920{
921 struct SharedSecret *ss = kce->ss;
922
923 ss->active_kce_count--;
924 ss->sender->acks_available--;
925 GNUNET_CONTAINER_DLL_remove (ss->kce_head, ss->kce_tail, kce);
926 GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multishortmap_remove (key_cache,
927 &kce->kid,
928 kce));
929 GNUNET_free (kce);
930}
931
932
933/**
934 * Compute @a kid.
935 *
936 * @param msec master secret for HMAC calculation
937 * @param serial number for the @a smac calculation
938 * @param[out] kid where to write the key ID
939 */
940static void
941get_kid (const struct GNUNET_HashCode *msec,
942 uint32_t serial,
943 struct GNUNET_ShortHashCode *kid)
944{
945 uint32_t sid = htonl (serial);
946
947 GNUNET_CRYPTO_hkdf (kid,
948 sizeof(*kid),
949 GCRY_MD_SHA512,
950 GCRY_MD_SHA256,
951 &sid,
952 sizeof(sid),
953 msec,
954 sizeof(*msec),
955 "UDP-KID",
956 strlen ("UDP-KID"),
957 NULL,
958 0);
959}
960
961
962/**
963 * Setup key cache entry for sequence number @a seq and shared secret @a ss.
964 *
965 * @param ss shared secret
966 * @param seq sequence number for the key cache entry
967 */
968static void
969kce_generate (struct SharedSecret *ss, uint32_t seq)
970{
971 struct KeyCacheEntry *kce;
972
973 GNUNET_assert (0 < seq);
974 kce = GNUNET_new (struct KeyCacheEntry);
975 kce->ss = ss;
976 kce->sequence_number = seq;
977 get_kid (&ss->master, seq, &kce->kid);
978 GNUNET_CONTAINER_DLL_insert (ss->kce_head, ss->kce_tail, kce);
979 ss->active_kce_count++;
980 ss->sender->acks_available++;
981 (void) GNUNET_CONTAINER_multishortmap_put (
982 key_cache,
983 &kce->kid,
984 kce,
985 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
986 GNUNET_STATISTICS_set (stats,
987 "# KIDs active",
988 GNUNET_CONTAINER_multishortmap_size (key_cache),
989 GNUNET_NO);
990}
991
992
993/**
994 * Destroy @a ss and associated key cache entries.
995 *
996 * @param ss shared secret to destroy
997 * @param withoutKce If GNUNET_YES shared secrets with kce will not be destroyed.
998 */
999static int
1000secret_destroy (struct SharedSecret *ss)
1001{
1002 struct SenderAddress *sender;
1003 struct ReceiverAddress *receiver;
1004 struct KeyCacheEntry *kce;
1005
1006 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1007 "secret %s destroy %u\n",
1008 GNUNET_h2s (&ss->master),
1009 ss->sequence_allowed);
1010 if (NULL != (sender = ss->sender))
1011 {
1012 GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
1013 sender->num_secrets--;
1014 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1015 "%u sender->num_secrets\n",
1016 receiver->num_secrets);
1017 if (NULL != ss->sender->kce_task)
1018 {
1019 GNUNET_SCHEDULER_cancel (ss->sender->kce_task);
1020 ss->sender->kce_task = NULL;
1021 }
1022 }
1023 if (NULL != (receiver = ss->receiver))
1024 {
1025 GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1026 receiver->num_secrets--;
1027 receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
1028 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1029 "%u receiver->num_secrets\n",
1030 receiver->num_secrets);
1031 }
1032 while (NULL != (kce = ss->kce_head))
1033 kce_destroy (kce);
1034 GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
1035 GNUNET_STATISTICS_set (stats,
1036 "# KIDs active",
1037 GNUNET_CONTAINER_multishortmap_size (key_cache),
1038 GNUNET_NO);
1039 GNUNET_free (ss);
1040 return GNUNET_YES;
1041}
1042
1043
1044/**
1045 * Functions with this signature are called whenever we need
1046 * to close a sender's state due to timeout.
1047 *
1048 * @param sender entity to close down
1049 */
1050static void
1051sender_destroy (struct SenderAddress *sender)
1052{
1053 sender->sender_destroy_called = GNUNET_YES;
1054 GNUNET_assert (
1055 GNUNET_YES ==
1056 GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
1057 GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
1058 GNUNET_STATISTICS_set (stats,
1059 "# senders active",
1060 GNUNET_CONTAINER_multipeermap_size (senders),
1061 GNUNET_NO);
1062 GNUNET_free (sender->address);
1063 GNUNET_free (sender);
1064}
1065
1066
1067/**
1068 * Compute @a key and @a iv.
1069 *
1070 * @param msec master secret for calculation
1071 * @param serial number for the @a smac calculation
1072 * @param[out] key where to write the decryption key
1073 * @param[out] iv where to write the IV
1074 */
1075static void
1076get_iv_key (const struct GNUNET_HashCode *msec,
1077 uint32_t serial,
1078 char key[AES_KEY_SIZE],
1079 char iv[AES_IV_SIZE])
1080{
1081 uint32_t sid = htonl (serial);
1082 char res[AES_KEY_SIZE + AES_IV_SIZE];
1083
1084 GNUNET_CRYPTO_hkdf (res,
1085 sizeof(res),
1086 GCRY_MD_SHA512,
1087 GCRY_MD_SHA256,
1088 &sid,
1089 sizeof(sid),
1090 msec,
1091 sizeof(*msec),
1092 "UDP-IV-KEY",
1093 strlen ("UDP-IV-KEY"),
1094 NULL,
1095 0);
1096 memcpy (key, res, AES_KEY_SIZE);
1097 memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
1098}
1099
1100
1101/**
1102 * Increment sender timeout due to activity.
1103 *
1104 * @param sender address for which the timeout should be rescheduled
1105 */
1106static void
1107reschedule_sender_timeout (struct SenderAddress *sender)
1108{
1109 sender->timeout =
1110 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1111 GNUNET_CONTAINER_heap_update_cost (sender->hn, sender->timeout.abs_value_us);
1112}
1113
1114
1115/**
1116 * Increment receiver timeout due to activity.
1117 *
1118 * @param receiver address for which the timeout should be rescheduled
1119 */
1120static void
1121reschedule_receiver_timeout (struct ReceiverAddress *receiver)
1122{
1123 receiver->timeout =
1124 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1125 GNUNET_CONTAINER_heap_update_cost (receiver->hn,
1126 receiver->timeout.abs_value_us);
1127}
1128
1129
1130/**
1131 * Task run to check #receiver_heap and #sender_heap for timeouts.
1132 *
1133 * @param cls unused, NULL
1134 */
1135static void
1136check_timeouts (void *cls)
1137{
1138 struct GNUNET_TIME_Relative st;
1139 struct GNUNET_TIME_Relative rt;
1140 struct GNUNET_TIME_Relative delay;
1141 struct ReceiverAddress *receiver;
1142 struct SenderAddress *sender;
1143
1144 (void) cls;
1145 timeout_task = NULL;
1146 rt = GNUNET_TIME_UNIT_FOREVER_REL;
1147 while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1148 {
1149 rt = GNUNET_TIME_absolute_get_remaining (receiver->timeout);
1150 if (0 != rt.rel_value_us)
1151 break;
1152 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1153 "Receiver timed out\n");
1154 receiver_destroy (receiver);
1155 }
1156 st = GNUNET_TIME_UNIT_FOREVER_REL;
1157 while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1158 {
1159 if (GNUNET_YES != sender->sender_destroy_called)
1160 {
1161 st = GNUNET_TIME_absolute_get_remaining (sender->timeout);
1162 if (0 != st.rel_value_us)
1163 break;
1164 sender_destroy (sender);
1165 }
1166 }
1167 delay = GNUNET_TIME_relative_min (rt, st);
1168 if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1169 timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1170}
1171
1172
1173/**
1174 * Calculate cmac from master in @a ss.
1175 *
1176 * @param[in,out] ss data structure to complete
1177 */
1178static void
1179calculate_cmac (struct SharedSecret *ss)
1180{
1181 GNUNET_CRYPTO_hkdf (&ss->cmac,
1182 sizeof(ss->cmac),
1183 GCRY_MD_SHA512,
1184 GCRY_MD_SHA256,
1185 "CMAC",
1186 strlen ("CMAC"),
1187 &ss->master,
1188 sizeof(ss->master),
1189 "UDP-CMAC",
1190 strlen ("UDP-CMAC"),
1191 NULL,
1192 0);
1193}
1194
1195
1196/**
1197 * We received @a plaintext_len bytes of @a plaintext from a @a sender.
1198 * Pass it on to CORE.
1199 *
1200 * @param queue the queue that received the plaintext
1201 * @param plaintext the plaintext that was received
1202 * @param plaintext_len number of bytes of plaintext received
1203 */
1204static void
1205pass_plaintext_to_core (struct SenderAddress *sender,
1206 const void *plaintext,
1207 size_t plaintext_len)
1208{
1209 const struct GNUNET_MessageHeader *hdr = plaintext;
1210 const char *pos = plaintext;
1211
1212 while (ntohs (hdr->size) <= plaintext_len)
1213 {
1214 GNUNET_STATISTICS_update (stats,
1215 "# bytes given to core",
1216 ntohs (hdr->size),
1217 GNUNET_NO);
1218 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1219 "Giving %u bytes to TNG\n", ntohs (hdr->size));
1220 GNUNET_assert (GNUNET_SYSERR !=
1221 GNUNET_TRANSPORT_communicator_receive (ch,
1222 &sender->target,
1223 hdr,
1224 ADDRESS_VALIDITY_PERIOD,
1225 NULL /* no flow control possible */
1226 ,
1227 NULL));
1228 /* move on to next message, if any */
1229 plaintext_len -= ntohs (hdr->size);
1230 if (plaintext_len < sizeof(*hdr))
1231 break;
1232 pos += ntohs (hdr->size);
1233 hdr = (const struct GNUNET_MessageHeader *) pos;
1234 // TODO for now..., we do not actually sen >1msg or have a way of telling
1235 // if we are done
1236 break;
1237 }
1238 GNUNET_STATISTICS_update (stats,
1239 "# bytes padding discarded",
1240 plaintext_len,
1241 GNUNET_NO);
1242}
1243
1244
1245/**
1246 * Setup @a cipher based on shared secret @a msec and
1247 * serial number @a serial.
1248 *
1249 * @param msec master shared secret
1250 * @param serial serial number of cipher to set up
1251 * @param cipher[out] cipher to initialize
1252 */
1253static void
1254setup_cipher (const struct GNUNET_HashCode *msec,
1255 uint32_t serial,
1256 gcry_cipher_hd_t *cipher)
1257{
1258 char key[AES_KEY_SIZE];
1259 char iv[AES_IV_SIZE];
1260 int rc;
1261
1262 GNUNET_assert (0 ==
1263 gcry_cipher_open (cipher,
1264 GCRY_CIPHER_AES256 /* low level: go for speed */,
1265 GCRY_CIPHER_MODE_GCM,
1266 0 /* flags */));
1267 get_iv_key (msec, serial, key, iv);
1268 rc = gcry_cipher_setkey (*cipher, key, sizeof(key));
1269 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1270 rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1271 GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1272}
1273
1274
1275/**
1276 * Try to decrypt @a buf using shared secret @a ss and key/iv
1277 * derived using @a serial.
1278 *
1279 * @param ss shared secret
1280 * @param tag GCM authentication tag
1281 * @param serial serial number to use
1282 * @param in_buf input buffer to decrypt
1283 * @param in_buf_size number of bytes in @a in_buf and available in @a out_buf
1284 * @param out_buf where to write the result
1285 * @return #GNUNET_OK on success
1286 */
1287static int
1288try_decrypt (const struct SharedSecret *ss,
1289 const uint8_t *tag,
1290 uint32_t serial,
1291 const char *in_buf,
1292 size_t in_buf_size,
1293 char *out_buf)
1294{
1295 gcry_cipher_hd_t cipher;
1296
1297 setup_cipher (&ss->master, serial, &cipher);
1298 GNUNET_assert (
1299 0 ==
1300 gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1301 if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1302 {
1303 gcry_cipher_close (cipher);
1304 GNUNET_STATISTICS_update (stats,
1305 "# AEAD authentication failures",
1306 1,
1307 GNUNET_NO);
1308 return GNUNET_SYSERR;
1309 }
1310 gcry_cipher_close (cipher);
1311 return GNUNET_OK;
1312}
1313
1314
1315/**
1316 * Setup shared secret for decryption.
1317 *
1318 * @param ephemeral ephemeral key we received from the other peer
1319 * @return new shared secret
1320 */
1321static struct SharedSecret *
1322setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
1323{
1324 struct SharedSecret *ss;
1325
1326 ss = GNUNET_new (struct SharedSecret);
1327 GNUNET_CRYPTO_eddsa_kem_decaps (my_private_key, ephemeral, &ss->master);
1328 calculate_cmac (ss);
1329 return ss;
1330}
1331
1332
1333/**
1334 * Setup new shared secret for encryption using KEM.
1335 *
1336 * @param[out] ephemeral ephemeral key to be sent to other peer (encapsulated key from KEM)
1337 * @param[in,out] receiver queue to initialize encryption key for
1338 * @return new shared secret
1339 */
1340static struct SharedSecret *
1341setup_shared_secret_ephemeral (struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
1342 struct ReceiverAddress *receiver)
1343{
1344 struct SharedSecret *ss;
1345 struct GNUNET_HashCode k;
1346
1347 GNUNET_CRYPTO_eddsa_kem_encaps (&receiver->target.public_key, ephemeral, &k);
1348 ss = GNUNET_new (struct SharedSecret);
1349 memcpy (&ss->master, &k, sizeof (k));
1350 calculate_cmac (ss);
1351 ss->receiver = receiver;
1352 GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1353 receiver->num_secrets++;
1354 GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1355 return ss;
1356}
1357
1358
1359/**
1360 * Setup the MQ for the @a receiver. If a queue exists,
1361 * the existing one is destroyed. Then the MTU is
1362 * recalculated and a fresh queue is initialized.
1363 *
1364 * @param receiver receiver to setup MQ for
1365 */
1366static void
1367setup_receiver_mq (struct ReceiverAddress *receiver);
1368
1369
1370/**
1371 * Best effort try to purge some secrets.
1372 * Ideally those, not ACKed.
1373 *
1374 * @param ss_list_tail the oldest secret in the list of interest.
1375 * @return GNUNET_YES if any secret was deleted.
1376 */
1377static enum GNUNET_GenericReturnValue
1378purge_secrets (struct SharedSecret *ss_list_tail)
1379{
1380 struct SharedSecret *pos;
1381 struct SharedSecret *ss_to_purge;
1382 int deleted = 0;
1383
1384 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1385 "Purging secrets.\n");
1386 pos = ss_list_tail;
1387 while (NULL != pos)
1388 {
1389 ss_to_purge = pos;
1390 pos = pos->prev;
1391
1392 // FIXME we may also want to purge old unacked.
1393 if (rekey_max_bytes <= ss_to_purge->bytes_sent)
1394 {
1395 secret_destroy (ss_to_purge);
1396 deleted++;
1397 }
1398 }
1399 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1400 "Finished purging all, deleted %u.\n", deleted);
1401}
1402
1403
1404static void
1405add_acks (struct SharedSecret *ss, int acks_to_add)
1406{
1407
1408 struct ReceiverAddress *receiver = ss->receiver;
1409
1410 GNUNET_assert (NULL != ss);
1411 GNUNET_assert (NULL != receiver);
1412
1413 if (NULL == receiver->d_qh)
1414 {
1415 receiver->d_qh =
1416 GNUNET_TRANSPORT_communicator_mq_add (ch,
1417 &receiver->target,
1418 receiver->foreign_addr,
1419 receiver->d_mtu,
1420 acks_to_add,
1421 1, /* Priority */
1422 receiver->nt,
1423 GNUNET_TRANSPORT_CS_OUTBOUND,
1424 receiver->d_mq);
1425 }
1426 else
1427 {
1428 GNUNET_TRANSPORT_communicator_mq_update (ch,
1429 receiver->d_qh,
1430 acks_to_add,
1431 1);
1432 }
1433
1434 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1435 "Tell transport we have %u more acks!\n",
1436 acks_to_add);
1437
1438 // Until here for alternativ 1
1439
1440 /* move ss to head to avoid discarding it anytime soon! */
1441
1442 GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1443 GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1444}
1445
1446
1447/**
1448 * We received an ACK for @a pid. Check if it is for
1449 * the receiver in @a value and if so, handle it and
1450 * return #GNUNET_NO. Otherwise, return #GNUNET_YES.
1451 *
1452 * @param cls a `const struct UDPAck`
1453 * @param pid peer the ACK is from
1454 * @param value a `struct ReceiverAddress`
1455 * @return #GNUNET_YES to continue to iterate
1456 */
1457static int
1458handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1459{
1460 const struct UDPAck *ack = cls;
1461 struct ReceiverAddress *receiver = value;
1462 uint32_t acks_to_add;
1463 uint32_t allowed;
1464
1465 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1466 "in handle ack with cmac %s\n",
1467 GNUNET_h2s (&ack->cmac));
1468
1469 (void) pid;
1470 for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1471 {
1472 if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1473 {
1474
1475 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1476 "Found matching cmac\n");
1477
1478 allowed = ntohl (ack->sequence_ack);
1479
1480 if (allowed <= ss->sequence_allowed)
1481 {
1482 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1483 "Ignoring ack, not giving us increased window\n.");
1484 return GNUNET_NO;
1485 }
1486 acks_to_add = (allowed - ss->sequence_allowed);
1487 GNUNET_assert (0 != acks_to_add);
1488 receiver->acks_available += (allowed - ss->sequence_allowed);
1489 ss->sequence_allowed = allowed;
1490 add_acks (ss, acks_to_add);
1491 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1492 "New sequence allows until %u (+%u). Acks available to us: %u. For secret %s\n",
1493 allowed,
1494 acks_to_add,
1495 receiver->acks_available,
1496 GNUNET_h2s (&ss->master));
1497 return GNUNET_NO;
1498 }
1499 }
1500 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1501 "Matching cmac not found for ack!\n");
1502 return GNUNET_YES;
1503}
1504
1505
1506/**
1507 * We established a shared secret with a sender. We should try to send
1508 * the sender an `struct UDPAck` at the next opportunity to allow the
1509 * sender to use @a ss longer (assuming we did not yet already
1510 * recently).
1511 *
1512 * @param ss shared secret to generate ACKs for
1513 */
1514static void
1515consider_ss_ack (struct SharedSecret *ss)
1516{
1517 struct UDPAck ack;
1518 GNUNET_assert (NULL != ss->sender);
1519 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1520 "Considering SS UDPAck %s\n",
1521 GNUNET_i2s_full (&ss->sender->target));
1522
1523 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1524 "Sender has %u acks available.\n",
1525 ss->sender->acks_available);
1526 /* drop ancient KeyCacheEntries */
1527 while ((NULL != ss->kce_head) &&
1528 (MAX_SQN_DELTA <
1529 ss->kce_head->sequence_number - ss->kce_tail->sequence_number))
1530 kce_destroy (ss->kce_tail);
1531
1532
1533 ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK);
1534 ack.header.size = htons (sizeof(ack));
1535 ack.sequence_ack = htonl (ss->sequence_allowed);
1536 ack.cmac = ss->cmac;
1537 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1538 "Notifying transport with UDPAck %s, sequence %u and master %s\n",
1539 GNUNET_i2s_full (&ss->sender->target),
1540 ss->sequence_allowed,
1541 GNUNET_h2s (&(ss->master)));
1542 GNUNET_TRANSPORT_communicator_notify (ch,
1543 &ss->sender->target,
1544 COMMUNICATOR_ADDRESS_PREFIX,
1545 &ack.header);
1546}
1547
1548
1549static void
1550kce_generate_cb (void *cls)
1551{
1552 struct SharedSecret *ss = cls;
1553 static uint64_t kce_last_available = 0;
1554 ss->sender->kce_task = NULL;
1555
1556 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1557 "Precomputing %u keys for master %s\n",
1558 GENERATE_AT_ONCE,
1559 GNUNET_h2s (&(ss->master)));
1560 if ((ss->override_available_acks != GNUNET_YES) &&
1561 (KCN_TARGET < ss->sender->acks_available))
1562 return;
1563 for (int i = 0; i < GENERATE_AT_ONCE; i++)
1564 kce_generate (ss, ++ss->sequence_allowed);
1565
1566 /**
1567 * As long as we loose over 30% of max acks in reschedule,
1568 * We keep generating acks for this ss.
1569 */
1570 if (KCN_TARGET > ss->sender->acks_available)
1571 {
1572 ss->sender->kce_task = GNUNET_SCHEDULER_add_delayed (
1573 WORKING_QUEUE_INTERVALL,
1574 kce_generate_cb,
1575 ss);
1576 return;
1577 }
1578 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1579 "We have enough keys (ACKs: %u).\n", ss->sender->acks_available);
1580 ss->sender->kce_task_finished = GNUNET_YES;
1581 ss->override_available_acks = GNUNET_NO;
1582 if (ss->sender->kce_send_ack_on_finish == GNUNET_YES)
1583 consider_ss_ack (ss);
1584}
1585
1586
1587/**
1588 * Test if we have received a valid message in plaintext.
1589 * If so, handle it.
1590 *
1591 * @param sender peer to process inbound plaintext for
1592 * @param buf buffer we received
1593 * @param buf_size number of bytes in @a buf
1594 */
1595static void
1596try_handle_plaintext (struct SenderAddress *sender,
1597 const void *buf,
1598 size_t buf_size)
1599{
1600 const struct GNUNET_MessageHeader *hdr;
1601 const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_pubkey;
1602 const struct UDPAck *ack;
1603 const struct UDPRekey *rekey;
1604 struct SharedSecret *ss_rekey;
1605 const char *buf_pos = buf;
1606 size_t bytes_remaining = buf_size;
1607 uint16_t type;
1608
1609 hdr = (struct GNUNET_MessageHeader*) buf_pos;
1610 if (sizeof(*hdr) > bytes_remaining)
1611 {
1612 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Plaintext too short, dropping...\n");
1613 return; /* no data left */
1614 }
1615 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1616 "try_handle_plaintext of size %lu (%u %lu) and type %u\n",
1617 bytes_remaining,
1618 ntohs (hdr->size),
1619 sizeof(*hdr),
1620 ntohs (hdr->type));
1621 if (ntohs (hdr->size) > bytes_remaining)
1622 return; /* buffer too short for indicated message length */
1623 type = ntohs (hdr->type);
1624 switch (type)
1625 {
1626 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY:
1627 rekey = (struct UDPRekey*) buf_pos;
1628 ss_rekey = setup_shared_secret_dec (&rekey->ephemeral);
1629 ss_rekey->sender = sender;
1630 GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey);
1631 sender->num_secrets++;
1632 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1633 "Received rekey secret with cmac %s\n",
1634 GNUNET_h2s (&(ss_rekey->cmac)));
1635 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1636 "Received secret with master %s.\n",
1637 GNUNET_h2s (&(ss_rekey->master)));
1638 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1639 "We have %u sequence_allowed.\n",
1640 ss_rekey->sequence_allowed);
1641 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1642 "We have a sender %p\n",
1643 ss_rekey->sender);
1644 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1645 "We have %u acks available.\n",
1646 ss_rekey->sender->acks_available);
1647 ss_rekey->sender->kce_send_ack_on_finish = GNUNET_YES;
1648 ss_rekey->override_available_acks = GNUNET_YES;
1649 // FIXME
1650 ss_rekey->sender->kce_task = GNUNET_SCHEDULER_add_delayed (
1651 WORKING_QUEUE_INTERVALL,
1652 kce_generate_cb,
1653 ss_rekey);
1654 // FIXME: Theoretically, this could be an Ack
1655 buf_pos += ntohs (hdr->size);
1656 bytes_remaining -= ntohs (hdr->size);
1657 pass_plaintext_to_core (sender, buf_pos, bytes_remaining);
1658 if (sender->num_secrets > MAX_SECRETS)
1659 {
1660 if (GNUNET_NO == purge_secrets (sender->ss_tail))
1661 {
1662 // No secret purged. Delete oldest.
1663 secret_destroy (sender->ss_tail);
1664 }
1665 }
1666 break;
1667 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK:
1668 /* lookup master secret by 'cmac', then update sequence_max */
1669 ack = (struct UDPAck*) buf_pos;
1670 GNUNET_CONTAINER_multipeermap_get_multiple (receivers,
1671 &sender->target,
1672 &handle_ack,
1673 (void *) ack);
1674 /* There could be more messages after the ACK, handle those as well */
1675 buf_pos += ntohs (hdr->size);
1676 bytes_remaining -= ntohs (hdr->size);
1677 pass_plaintext_to_core (sender, buf_pos, bytes_remaining);
1678 break;
1679
1680 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD:
1681 /* skip padding */
1682 break;
1683
1684 default:
1685 pass_plaintext_to_core (sender, buf_pos, bytes_remaining);
1686 }
1687 return;
1688}
1689
1690
1691/**
1692 * We received a @a box with matching @a kce. Decrypt and process it.
1693 *
1694 * @param box the data we received
1695 * @param box_len number of bytes in @a box
1696 * @param kce key index to decrypt @a box
1697 */
1698static void
1699decrypt_box (const struct UDPBox *box,
1700 size_t box_len,
1701 struct KeyCacheEntry *kce)
1702{
1703 struct SharedSecret *ss = kce->ss;
1704 char out_buf[box_len - sizeof(*box)];
1705 uint16_t rekeying;
1706
1707 GNUNET_assert (NULL != ss->sender);
1708 if (GNUNET_OK != try_decrypt (ss,
1709 box->gcm_tag,
1710 kce->sequence_number,
1711 (const char *) &box[1],
1712 sizeof(out_buf),
1713 out_buf))
1714 {
1715 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Failed decryption.\n");
1716 GNUNET_STATISTICS_update (stats,
1717 "# Decryption failures with valid KCE",
1718 1,
1719 GNUNET_NO);
1720 kce_destroy (kce);
1721 return;
1722 }
1723 kce_destroy (kce);
1724 kce = NULL;
1725 GNUNET_STATISTICS_update (stats,
1726 "# bytes decrypted with BOX",
1727 sizeof(out_buf),
1728 GNUNET_NO);
1729 GNUNET_STATISTICS_update (stats,
1730 "# messages decrypted with BOX",
1731 1,
1732 GNUNET_NO);
1733 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1734 "decrypted UDPBox with kid %s\n",
1735 GNUNET_sh2s (&box->kid));
1736 try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1737 if ((KCN_THRESHOLD > ss->sender->acks_available) &&
1738 (NULL == ss->sender->kce_task) &&
1739 (GNUNET_YES == ss->sender->kce_task_finished))
1740 {
1741 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1742 "Sender has %u ack left which is under threshold.\n",
1743 ss->sender->acks_available);
1744 ss->sender->kce_send_ack_on_finish = GNUNET_YES;
1745 ss->sender->kce_task = GNUNET_SCHEDULER_add_now (
1746 kce_generate_cb,
1747 ss);
1748 }
1749}
1750
1751
1752/**
1753 * Closure for #find_sender_by_address()
1754 */
1755struct SearchContext
1756{
1757 /**
1758 * Address we are looking for.
1759 */
1760 const struct sockaddr *address;
1761
1762 /**
1763 * Number of bytes in @e address.
1764 */
1765 socklen_t address_len;
1766
1767 /**
1768 * Return value to set if we found a match.
1769 */
1770 struct SenderAddress *sender;
1771};
1772
1773
1774/**
1775 * Find existing `struct SenderAddress` by matching addresses.
1776 *
1777 * @param cls a `struct SearchContext`
1778 * @param key ignored, must match already
1779 * @param value a `struct SenderAddress`
1780 * @return #GNUNET_YES if not found (continue to search), #GNUNET_NO if found
1781 */
1782static int
1783find_sender_by_address (void *cls,
1784 const struct GNUNET_PeerIdentity *key,
1785 void *value)
1786{
1787 struct SearchContext *sc = cls;
1788 struct SenderAddress *sender = value;
1789
1790 if ((sender->address_len == sc->address_len) &&
1791 (0 == memcmp (sender->address, sc->address, sender->address_len)))
1792 {
1793 sc->sender = sender;
1794 return GNUNET_NO; /* stop iterating! */
1795 }
1796 return GNUNET_YES;
1797}
1798
1799
1800/**
1801 * Create sender address for @a target. Note that we
1802 * might already have one, so a fresh one is only allocated
1803 * if one does not yet exist for @a address.
1804 *
1805 * @param target peer to generate address for
1806 * @param address target address
1807 * @param address_len number of bytes in @a address
1808 * @return data structure to keep track of key material for
1809 * decrypting data from @a target
1810 */
1811static struct SenderAddress *
1812setup_sender (const struct GNUNET_PeerIdentity *target,
1813 const struct sockaddr *address,
1814 socklen_t address_len)
1815{
1816 struct SenderAddress *sender;
1817 struct SearchContext sc = { .address = address,
1818 .address_len = address_len,
1819 .sender = NULL };
1820
1821 GNUNET_CONTAINER_multipeermap_get_multiple (senders,
1822 target,
1823 &find_sender_by_address,
1824 &sc);
1825 if (NULL != sc.sender)
1826 {
1827 reschedule_sender_timeout (sc.sender);
1828 return sc.sender;
1829 }
1830 sender = GNUNET_new (struct SenderAddress);
1831 sender->target = *target;
1832 sender->address = GNUNET_memdup (address, address_len);
1833 sender->address_len = address_len;
1834 (void) GNUNET_CONTAINER_multipeermap_put (
1835 senders,
1836 &sender->target,
1837 sender,
1838 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1839 GNUNET_STATISTICS_set (stats,
1840 "# senders active",
1841 GNUNET_CONTAINER_multipeermap_size (receivers),
1842 GNUNET_NO);
1843 sender->timeout =
1844 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1845 sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1846 sender,
1847 sender->timeout.abs_value_us);
1848 sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
1849 if (NULL == timeout_task)
1850 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
1851 return sender;
1852}
1853
1854
1855/**
1856 * Check signature from @a uc against @a ephemeral.
1857 *
1858 * @param ephemeral key that is signed
1859 * @param uc signature of claimant
1860 * @return #GNUNET_OK if signature is valid
1861 */
1862static int
1863verify_confirmation (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
1864 const struct UDPConfirmation *uc)
1865{
1866 struct UdpHandshakeSignature uhs;
1867
1868 uhs.purpose.purpose = htonl (
1869 GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE);
1870 uhs.purpose.size = htonl (sizeof(uhs));
1871 uhs.sender = uc->sender;
1872 uhs.receiver = my_identity;
1873 uhs.ephemeral = *ephemeral;
1874 uhs.monotonic_time = uc->monotonic_time;
1875 return GNUNET_CRYPTO_eddsa_verify (
1876 GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE,
1877 &uhs,
1878 &uc->sender_sig,
1879 &uc->sender.public_key);
1880}
1881
1882
1883/**
1884 * Converts @a address to the address string format used by this
1885 * communicator in HELLOs.
1886 *
1887 * @param address the address to convert, must be AF_INET or AF_INET6.
1888 * @param address_len number of bytes in @a address
1889 * @return string representation of @a address
1890 */
1891static char *
1892sockaddr_to_udpaddr_string (const struct sockaddr *address,
1893 socklen_t address_len)
1894{
1895 char *ret;
1896
1897 switch (address->sa_family)
1898 {
1899 case AF_INET:
1900 GNUNET_asprintf (&ret,
1901 "%s-%s",
1902 COMMUNICATOR_ADDRESS_PREFIX,
1903 GNUNET_a2s (address, address_len));
1904 break;
1905
1906 case AF_INET6:
1907 GNUNET_asprintf (&ret,
1908 "%s-%s",
1909 COMMUNICATOR_ADDRESS_PREFIX,
1910 GNUNET_a2s (address, address_len));
1911 break;
1912
1913 default:
1914 GNUNET_assert (0);
1915 }
1916 return ret;
1917}
1918
1919
1920/**
1921 * Socket read task.
1922 *
1923 * @param cls NULL
1924 */
1925static void
1926sock_read (void *cls)
1927{
1928 struct sockaddr_storage sa;
1929 struct sockaddr_in *addr_verify;
1930 socklen_t salen = sizeof(sa);
1931 char buf[UINT16_MAX];
1932 ssize_t rcvd;
1933
1934 (void) cls;
1935 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1936 udp_sock,
1937 &sock_read,
1938 NULL);
1939 while (1)
1940 {
1941 rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1942 buf,
1943 sizeof(buf),
1944 (struct sockaddr *) &sa,
1945 &salen);
1946 if (-1 == rcvd)
1947 {
1948 if (EAGAIN == errno)
1949 break; // We are done reading data
1950 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG, "recv");
1951 return;
1952 }
1953 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1954 "Read %lu bytes\n", rcvd);
1955
1956 /* first, see if it is a UDPBox */
1957 if (rcvd > sizeof(struct UDPBox))
1958 {
1959 const struct UDPBox *box;
1960 struct KeyCacheEntry *kce;
1961
1962 box = (const struct UDPBox *) buf;
1963 kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
1964 if (NULL != kce)
1965 {
1966 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1967 "Found KCE with kid %s\n",
1968 GNUNET_sh2s (&box->kid));
1969 decrypt_box (box, (size_t) rcvd, kce);
1970 continue;
1971 }
1972 }
1973
1974 /* next, check if it is a broadcast */
1975 if (sizeof(struct UDPBroadcast) == rcvd)
1976 {
1977 const struct UDPBroadcast *ub;
1978 struct UdpBroadcastSignature uhs;
1979 struct GNUNET_PeerIdentity sender;
1980
1981 addr_verify = GNUNET_memdup (&sa, salen);
1982 addr_verify->sin_port = 0;
1983 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1984 "received UDPBroadcast from %s\n",
1985 GNUNET_a2s ((const struct sockaddr *) addr_verify, salen));
1986 ub = (const struct UDPBroadcast *) buf;
1987 uhs.purpose.purpose = htonl (
1988 GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST);
1989 uhs.purpose.size = htonl (sizeof(uhs));
1990 uhs.sender = ub->sender;
1991 sender = ub->sender;
1992 if (0 == memcmp (&sender, &my_identity, sizeof (struct
1993 GNUNET_PeerIdentity)))
1994 {
1995 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1996 "Received our own broadcast\n");
1997 GNUNET_free (addr_verify);
1998 continue;
1999 }
2000 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2001 "checking UDPBroadcastSignature for %s\n",
2002 GNUNET_i2s (&sender));
2003 GNUNET_CRYPTO_hash ((struct sockaddr *) addr_verify, salen,
2004 &uhs.h_address);
2005 if (GNUNET_OK ==
2006 GNUNET_CRYPTO_eddsa_verify (
2007 GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST,
2008 &uhs,
2009 &ub->sender_sig,
2010 &ub->sender.public_key))
2011 {
2012 char *addr_s;
2013 enum GNUNET_NetworkType nt;
2014
2015 addr_s =
2016 sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
2017 GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
2018 /* use our own mechanism to determine network type */
2019 nt =
2020 GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
2021 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2022 "validating address %s received from UDPBroadcast\n",
2023 GNUNET_i2s (&sender));
2024 GNUNET_TRANSPORT_application_validate (ah, &sender, nt, addr_s);
2025 GNUNET_free (addr_s);
2026 GNUNET_free (addr_verify);
2027 continue;
2028 }
2029 else
2030 {
2031 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2032 "VerifyingPeer %s is verifying UDPBroadcast\n",
2033 GNUNET_i2s (&my_identity));
2034 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
2035 "Verifying UDPBroadcast from %s failed\n",
2036 GNUNET_i2s (&ub->sender));
2037 }
2038 GNUNET_free (addr_verify);
2039 /* continue with KX, mostly for statistics... */
2040 }
2041
2042
2043 /* finally, test if it is a KX */
2044 if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
2045 {
2046 GNUNET_STATISTICS_update (stats,
2047 "# messages dropped (no kid, too small for KX)",
2048 1,
2049 GNUNET_NO);
2050 continue;
2051 }
2052 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2053 "Got KX\n");
2054 {
2055 const struct InitialKX *kx;
2056 struct SharedSecret *ss;
2057 char pbuf[rcvd - sizeof(struct InitialKX)];
2058 const struct UDPConfirmation *uc;
2059 struct SenderAddress *sender;
2060
2061 kx = (const struct InitialKX *) buf;
2062 ss = setup_shared_secret_dec (&kx->ephemeral);
2063 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2064 "Before DEC\n");
2065
2066 if (GNUNET_OK != try_decrypt (ss,
2067 kx->gcm_tag,
2068 0,
2069 &buf[sizeof(*kx)],
2070 sizeof(pbuf),
2071 pbuf))
2072 {
2073 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2074 "Unable to decrypt tag, dropping...\n");
2075 GNUNET_free (ss);
2076 GNUNET_STATISTICS_update (
2077 stats,
2078 "# messages dropped (no kid, AEAD decryption failed)",
2079 1,
2080 GNUNET_NO);
2081 continue;
2082 }
2083 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2084 "Before VERIFY\n");
2085
2086 uc = (const struct UDPConfirmation *) pbuf;
2087 if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
2088 {
2089 GNUNET_break_op (0);
2090 GNUNET_free (ss);
2091 GNUNET_STATISTICS_update (stats,
2092 "# messages dropped (sender signature invalid)",
2093 1,
2094 GNUNET_NO);
2095 continue;
2096 }
2097 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2098 "Before SETUP_SENDER\n");
2099
2100 calculate_cmac (ss);
2101 sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
2102 ss->sender = sender;
2103 GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
2104 if ((KCN_THRESHOLD > ss->sender->acks_available) &&
2105 (NULL == ss->sender->kce_task) &&
2106 (GNUNET_NO == ss->sender->kce_task_finished))
2107 {
2108 // TODO This task must be per sender! FIXME: This is a nice todo, but I do not know what must be done here to fix.
2109 ss->sender->kce_send_ack_on_finish = GNUNET_YES;
2110 ss->sender->kce_task = GNUNET_SCHEDULER_add_now (
2111 kce_generate_cb,
2112 ss);
2113 }
2114 sender->num_secrets++;
2115 GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
2116 GNUNET_STATISTICS_update (stats,
2117 "# messages decrypted without BOX",
2118 1,
2119 GNUNET_NO);
2120 try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
2121 if (sender->num_secrets > MAX_SECRETS)
2122 {
2123 if (GNUNET_NO == purge_secrets (sender->ss_tail))
2124 {
2125 // No secret purged. Delete oldest.
2126 secret_destroy (sender->ss_tail);
2127 }
2128 }
2129 }
2130 }
2131}
2132
2133
2134/**
2135 * Convert UDP bind specification to a `struct sockaddr *`
2136 *
2137 * @param bindto bind specification to convert
2138 * @param[out] sock_len set to the length of the address
2139 * @return converted bindto specification
2140 */
2141static struct sockaddr *
2142udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
2143{
2144 struct sockaddr *in;
2145 unsigned int port;
2146 char dummy[2];
2147 char *colon;
2148 char *cp;
2149
2150 if (1 == sscanf (bindto, "%u%1s", &port, dummy))
2151 {
2152 /* interpreting value as just a PORT number */
2153 if (port > UINT16_MAX)
2154 {
2155 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2156 "BINDTO specification `%s' invalid: value too large for port\n",
2157 bindto);
2158 return NULL;
2159 }
2160 if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
2161 (GNUNET_YES ==
2162 GNUNET_CONFIGURATION_get_value_yesno (cfg,
2163 COMMUNICATOR_CONFIG_SECTION,
2164 "DISABLE_V6")))
2165 {
2166 struct sockaddr_in *i4;
2167
2168 i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
2169 i4->sin_family = AF_INET;
2170 i4->sin_port = htons ((uint16_t) port);
2171 *sock_len = sizeof(struct sockaddr_in);
2172 in = (struct sockaddr *) i4;
2173 }
2174 else
2175 {
2176 struct sockaddr_in6 *i6;
2177
2178 i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
2179 i6->sin6_family = AF_INET6;
2180 i6->sin6_port = htons ((uint16_t) port);
2181 *sock_len = sizeof(struct sockaddr_in6);
2182 in = (struct sockaddr *) i6;
2183 }
2184 return in;
2185 }
2186 cp = GNUNET_strdup (bindto);
2187 colon = strrchr (cp, ':');
2188 if (NULL != colon)
2189 {
2190 /* interpret value after colon as port */
2191 *colon = '\0';
2192 colon++;
2193 if (1 == sscanf (colon, "%u%1s", &port, dummy))
2194 {
2195 /* interpreting value as just a PORT number */
2196 if (port > UINT16_MAX)
2197 {
2198 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2199 "BINDTO specification `%s' invalid: value too large for port\n",
2200 bindto);
2201 GNUNET_free (cp);
2202 return NULL;
2203 }
2204 }
2205 else
2206 {
2207 GNUNET_log (
2208 GNUNET_ERROR_TYPE_ERROR,
2209 "BINDTO specification `%s' invalid: last ':' not followed by number\n",
2210 bindto);
2211 GNUNET_free (cp);
2212 return NULL;
2213 }
2214 }
2215 else
2216 {
2217 /* interpret missing port as 0, aka pick any free one */
2218 port = 0;
2219 }
2220 {
2221 /* try IPv4 */
2222 struct sockaddr_in v4;
2223
2224 memset (&v4, 0, sizeof(v4));
2225 if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
2226 {
2227 v4.sin_family = AF_INET;
2228 v4.sin_port = htons ((uint16_t) port);
2229#if HAVE_SOCKADDR_IN_SIN_LEN
2230 v4.sin_len = sizeof(struct sockaddr_in);
2231#endif
2232 in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
2233 *sock_len = sizeof(struct sockaddr_in);
2234 GNUNET_free (cp);
2235 return in;
2236 }
2237 }
2238 {
2239 /* try IPv6 */
2240 struct sockaddr_in6 v6;
2241 const char *start;
2242
2243 memset (&v6, 0, sizeof(v6));
2244 start = cp;
2245 if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
2246 {
2247 start++; /* skip over '[' */
2248 cp[strlen (cp) - 1] = '\0'; /* eat ']' */
2249 }
2250 if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
2251 {
2252 v6.sin6_family = AF_INET6;
2253 v6.sin6_port = htons ((uint16_t) port);
2254#if HAVE_SOCKADDR_IN_SIN_LEN
2255 v6.sin6_len = sizeof(sizeof(struct sockaddr_in6));
2256#endif
2257 in = GNUNET_memdup (&v6, sizeof(v6));
2258 *sock_len = sizeof(v6);
2259 GNUNET_free (cp);
2260 return in;
2261 }
2262 }
2263 /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
2264 GNUNET_free (cp);
2265 return NULL;
2266}
2267
2268
2269/**
2270 * Pad @a dgram by @a pad_size using @a out_cipher.
2271 *
2272 * @param out_cipher cipher to use
2273 * @param dgram datagram to pad
2274 * @param pad_size number of bytes of padding to append
2275 */
2276static void
2277do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
2278{
2279 char pad[pad_size];
2280
2281 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, pad, sizeof(pad));
2282 if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
2283 {
2284 struct GNUNET_MessageHeader hdr =
2285 { .size = htons (sizeof(pad)),
2286 .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
2287
2288 memcpy (pad, &hdr, sizeof(hdr));
2289 }
2290 GNUNET_assert (
2291 0 ==
2292 gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
2293}
2294
2295
2296static void
2297send_msg_with_kx (const struct GNUNET_MessageHeader *msg, struct
2298 ReceiverAddress *receiver)
2299{
2300 uint16_t msize = ntohs (msg->size);
2301 struct UdpHandshakeSignature uhs;
2302 struct UDPConfirmation uc;
2303 struct InitialKX kx;
2304 char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)];
2305 size_t dpos;
2306 gcry_cipher_hd_t out_cipher;
2307 struct SharedSecret *ss;
2308
2309 if (msize > receiver->kx_mtu)
2310 {
2311 GNUNET_break (0);
2312 if (GNUNET_YES != receiver->receiver_destroy_called)
2313 receiver_destroy (receiver);
2314 return;
2315 }
2316 reschedule_receiver_timeout (receiver);
2317
2318 /* setup key material */
2319
2320 ss = setup_shared_secret_ephemeral (&uhs.ephemeral, receiver);
2321
2322 if (receiver->num_secrets > MAX_SECRETS)
2323 {
2324 if (GNUNET_NO == purge_secrets (receiver->ss_tail))
2325 {
2326 // No secret purged. Delete oldest.
2327 secret_destroy (receiver->ss_tail);
2328 }
2329 }
2330
2331 setup_cipher (&ss->master, 0, &out_cipher);
2332 /* compute 'uc' */
2333 uc.sender = my_identity;
2334 uc.monotonic_time =
2335 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
2336 uhs.purpose.purpose = htonl (
2337 GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE);
2338 uhs.purpose.size = htonl (sizeof(uhs));
2339 uhs.sender = my_identity;
2340 uhs.receiver = receiver->target;
2341 uhs.monotonic_time = uc.monotonic_time;
2342 GNUNET_CRYPTO_eddsa_sign (my_private_key,
2343 &uhs,
2344 &uc.sender_sig);
2345 /* Leave space for kx */
2346 dpos = sizeof(kx);
2347 /* Append encrypted uc to dgram */
2348 GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
2349 &dgram[dpos],
2350 sizeof(uc),
2351 &uc,
2352 sizeof(uc)));
2353 dpos += sizeof(uc);
2354 /* Append encrypted payload to dgram */
2355 GNUNET_assert (
2356 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2357 dpos += msize;
2358 do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2359 /* Datagram starts with kx */
2360 kx.ephemeral = uhs.ephemeral;
2361 GNUNET_assert (
2362 0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
2363 gcry_cipher_close (out_cipher);
2364 memcpy (dgram, &kx, sizeof(kx));
2365 if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2366 dgram,
2367 sizeof(dgram),
2368 receiver->address,
2369 receiver->address_len))
2370 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
2371 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2372 "Sending KX with payload size %u to %s\n",
2373 msize,
2374 GNUNET_a2s (receiver->address,
2375 receiver->address_len));
2376}
2377
2378
2379/**
2380 * Signature of functions implementing the sending functionality of a
2381 * message queue.
2382 *
2383 * @param mq the message queue
2384 * @param msg the message to send
2385 * @param impl_state our `struct ReceiverAddress`
2386 */
2387static void
2388mq_send_kx (struct GNUNET_MQ_Handle *mq,
2389 const struct GNUNET_MessageHeader *msg,
2390 void *impl_state)
2391{
2392 struct ReceiverAddress *receiver = impl_state;
2393
2394 GNUNET_assert (mq == receiver->kx_mq);
2395 send_msg_with_kx (msg, receiver);
2396 GNUNET_MQ_impl_send_continue (mq);
2397}
2398
2399
2400static void
2401create_rekey (struct ReceiverAddress *receiver, struct SharedSecret *ss, struct
2402 UDPRekey *rekey)
2403{
2404 uint8_t is_ss_rekey_sequence_allowed_zero = GNUNET_NO;
2405 uint8_t is_acks_available_below = GNUNET_NO;
2406 uint8_t send_rekey = GNUNET_NO;
2407 struct SharedSecret *ss_rekey;
2408
2409 ss->rekey_initiated = GNUNET_YES;
2410 /* setup key material */
2411 ss_rekey = setup_shared_secret_ephemeral (&rekey->ephemeral,
2412 receiver);
2413 ss_rekey->sequence_allowed = 0;
2414 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2415 "Setup secret with k = %s\n",
2416 GNUNET_h2s (&(ss_rekey->master)));
2417 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2418 "Setup secret with H(k) = %s\n",
2419 GNUNET_h2s (&(ss_rekey->cmac)));
2420
2421 /* Append encrypted payload to dgram */
2422 rekey->header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY);
2423 rekey->header.size = htons (sizeof (struct UDPRekey));
2424}
2425
2426
2427/**
2428 * Signature of functions implementing the sending functionality of a
2429 * message queue.
2430 *
2431 * @param mq the message queue
2432 * @param msg the message to send
2433 * @param impl_state our `struct ReceiverAddress`
2434 */
2435static void
2436mq_send_d (struct GNUNET_MQ_Handle *mq,
2437 const struct GNUNET_MessageHeader *msg,
2438 void *impl_state)
2439{
2440 struct ReceiverAddress *receiver = impl_state;
2441 struct UDPRekey rekey;
2442 struct SharedSecret *ss;
2443 int inject_rekey = GNUNET_NO;
2444 uint16_t msize = ntohs (msg->size);
2445
2446 GNUNET_assert (mq == receiver->d_mq);
2447 if ((msize > receiver->d_mtu) ||
2448 (0 == receiver->acks_available))
2449 {
2450 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2451 "msize: %u, mtu: %lu, acks: %u\n",
2452 msize,
2453 receiver->d_mtu,
2454 receiver->acks_available);
2455
2456 GNUNET_break (0);
2457 if (GNUNET_YES != receiver->receiver_destroy_called)
2458 receiver_destroy (receiver);
2459 return;
2460 }
2461 reschedule_receiver_timeout (receiver);
2462
2463 if (receiver->num_secrets > MAX_SECRETS)
2464 {
2465 if (GNUNET_NO == purge_secrets (receiver->ss_tail))
2466 {
2467 // No secret purged. Delete oldest.
2468 secret_destroy (receiver->ss_tail);
2469 }
2470 }
2471 /* begin "BOX" encryption method, scan for ACKs from tail! */
2472 for (ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
2473 {
2474 size_t payload_len = sizeof(struct UDPBox) + receiver->d_mtu;
2475 if (ss->sequence_used >= ss->sequence_allowed)
2476 {
2477 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2478 "Skipping ss because no acks to use.\n");
2479 continue;
2480 }
2481 if (ss->bytes_sent >= rekey_max_bytes)
2482 {
2483 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2484 "Skipping ss because rekey bytes reached.\n");
2485 // FIXME cleanup ss with too many bytes sent!
2486 continue;
2487 }
2488 if (ss->bytes_sent > rekey_max_bytes * 0.7)
2489 {
2490 if (ss->rekey_initiated == GNUNET_NO)
2491 {
2492 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2493 "Injecting rekey for ss with byte sent %u\n",
2494 ss->bytes_sent);
2495 create_rekey (receiver, ss, &rekey);
2496 inject_rekey = GNUNET_YES;
2497 payload_len += sizeof (rekey);
2498 ss->rekey_initiated = GNUNET_YES;
2499 }
2500 }
2501 if (0 < ss->sequence_used)
2502 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2503 "Trying to send UDPBox with shared secrect %s sequence_used %u and ss->sequence_allowed %u\n",
2504 GNUNET_h2s (&ss->master),
2505 ss->sequence_used,
2506 ss->sequence_allowed);
2507
2508 char dgram[payload_len];
2509 struct UDPBox *box;
2510 gcry_cipher_hd_t out_cipher;
2511 size_t dpos;
2512
2513 box = (struct UDPBox *) dgram;
2514 ss->sequence_used++;
2515 get_kid (&ss->master, ss->sequence_used, &box->kid);
2516 setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
2517 /* Append encrypted payload to dgram */
2518 dpos = sizeof(struct UDPBox);
2519 if (GNUNET_YES == inject_rekey)
2520 {
2521 GNUNET_assert (
2522 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], sizeof (rekey),
2523 &rekey, sizeof (rekey)));
2524 dpos += sizeof (rekey);
2525 }
2526 GNUNET_assert (
2527 0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2528 dpos += msize;
2529 do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2530 GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
2531 box->gcm_tag,
2532 sizeof(box->gcm_tag)));
2533 gcry_cipher_close (out_cipher);
2534
2535 if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2536 dgram,
2537 payload_len, // FIXME why always send sizeof dgram?
2538 receiver->address,
2539 receiver->address_len))
2540 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
2541 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2542 "Sending UDPBox with payload size %u, %u acks left, %u bytes sent\n",
2543 msize,
2544 receiver->acks_available);
2545 ss->bytes_sent += sizeof (dgram);
2546 receiver->acks_available--;
2547 GNUNET_MQ_impl_send_continue (mq);
2548 return;
2549 }
2550 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2551 "No suitable ss found, sending as KX...\n");
2552 send_msg_with_kx (msg, receiver);
2553 GNUNET_MQ_impl_send_continue (mq);
2554}
2555
2556
2557/**
2558 * Signature of functions implementing the destruction of a message
2559 * queue. Implementations must not free @a mq, but should take care
2560 * of @a impl_state.
2561 *
2562 * @param mq the message queue to destroy
2563 * @param impl_state our `struct ReceiverAddress`
2564 */
2565static void
2566mq_destroy_d (struct GNUNET_MQ_Handle *mq, void *impl_state)
2567{
2568 struct ReceiverAddress *receiver = impl_state;
2569 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2570 "Default MQ destroyed\n");
2571 if (mq == receiver->d_mq)
2572 {
2573 receiver->d_mq = NULL;
2574 if (GNUNET_YES != receiver->receiver_destroy_called)
2575 receiver_destroy (receiver);
2576 }
2577}
2578
2579
2580/**
2581 * Signature of functions implementing the destruction of a message
2582 * queue. Implementations must not free @a mq, but should take care
2583 * of @a impl_state.
2584 *
2585 * @param mq the message queue to destroy
2586 * @param impl_state our `struct ReceiverAddress`
2587 */
2588static void
2589mq_destroy_kx (struct GNUNET_MQ_Handle *mq, void *impl_state)
2590{
2591 struct ReceiverAddress *receiver = impl_state;
2592 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2593 "KX MQ destroyed\n");
2594 if (mq == receiver->kx_mq)
2595 {
2596 receiver->kx_mq = NULL;
2597 if (GNUNET_YES != receiver->receiver_destroy_called)
2598 receiver_destroy (receiver);
2599 }
2600}
2601
2602
2603/**
2604 * Implementation function that cancels the currently sent message.
2605 *
2606 * @param mq message queue
2607 * @param impl_state our `struct RecvierAddress`
2608 */
2609static void
2610mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
2611{
2612 /* Cancellation is impossible with UDP; bail */
2613 GNUNET_assert (0);
2614}
2615
2616
2617/**
2618 * Generic error handler, called with the appropriate
2619 * error code and the same closure specified at the creation of
2620 * the message queue.
2621 * Not every message queue implementation supports an error handler.
2622 *
2623 * @param cls our `struct ReceiverAddress`
2624 * @param error error code
2625 */
2626static void
2627mq_error (void *cls, enum GNUNET_MQ_Error error)
2628{
2629 struct ReceiverAddress *receiver = cls;
2630
2631 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2632 "MQ error in queue to %s: %d\n",
2633 GNUNET_i2s (&receiver->target),
2634 (int) error);
2635 receiver_destroy (receiver);
2636}
2637
2638
2639/**
2640 * Setup the MQ for the @a receiver. If a queue exists,
2641 * the existing one is destroyed. Then the MTU is
2642 * recalculated and a fresh queue is initialized.
2643 *
2644 * @param receiver receiver to setup MQ for
2645 */
2646static void
2647setup_receiver_mq (struct ReceiverAddress *receiver)
2648{
2649 size_t base_mtu;
2650
2651 switch (receiver->address->sa_family)
2652 {
2653 case AF_INET:
2654 base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
2655 - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
2656 - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2657 break;
2658
2659 case AF_INET6:
2660 base_mtu = 1280 /* Minimum MTU required by IPv6 */
2661 - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
2662 - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2663 break;
2664
2665 default:
2666 GNUNET_assert (0);
2667 break;
2668 }
2669 /* MTU based on full KX messages */
2670 receiver->kx_mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
2671 - sizeof(struct UDPConfirmation); /* 104 */
2672 /* MTU based on BOXed messages */
2673 receiver->d_mtu = base_mtu - sizeof(struct UDPBox);
2674
2675 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2676 "Setting up MQs and QHs\n");
2677 /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
2678 1404 (IPv4 + Box) bytes, depending on circumstances... */
2679 if (NULL == receiver->kx_mq)
2680 receiver->kx_mq = GNUNET_MQ_queue_for_callbacks (&mq_send_kx,
2681 &mq_destroy_kx,
2682 &mq_cancel,
2683 receiver,
2684 NULL,
2685 &mq_error,
2686 receiver);
2687 if (NULL == receiver->d_mq)
2688 receiver->d_mq = GNUNET_MQ_queue_for_callbacks (&mq_send_d,
2689 &mq_destroy_d,
2690 &mq_cancel,
2691 receiver,
2692 NULL,
2693 &mq_error,
2694 receiver);
2695
2696 receiver->kx_qh =
2697 GNUNET_TRANSPORT_communicator_mq_add (ch,
2698 &receiver->target,
2699 receiver->foreign_addr,
2700 receiver->kx_mtu,
2701 GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED,
2702 0, /* Priority */
2703 receiver->nt,
2704 GNUNET_TRANSPORT_CS_OUTBOUND,
2705 receiver->kx_mq);
2706}
2707
2708
2709/**
2710 * Function called by the transport service to initialize a
2711 * message queue given address information about another peer.
2712 * If and when the communication channel is established, the
2713 * communicator must call #GNUNET_TRANSPORT_communicator_mq_add()
2714 * to notify the service that the channel is now up. It is
2715 * the responsibility of the communicator to manage sane
2716 * retries and timeouts for any @a peer/@a address combination
2717 * provided by the transport service. Timeouts and retries
2718 * do not need to be signalled to the transport service.
2719 *
2720 * @param cls closure
2721 * @param peer identity of the other peer
2722 * @param address where to send the message, human-readable
2723 * communicator-specific format, 0-terminated, UTF-8
2724 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is
2725 * invalid
2726 */
2727static int
2728mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2729{
2730 struct ReceiverAddress *receiver;
2731 const char *path;
2732 struct sockaddr *in;
2733 socklen_t in_len;
2734
2735 if (0 != strncmp (address,
2736 COMMUNICATOR_ADDRESS_PREFIX "-",
2737 strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
2738 {
2739 GNUNET_break_op (0);
2740 return GNUNET_SYSERR;
2741 }
2742 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2743 in = udp_address_to_sockaddr (path, &in_len);
2744
2745 receiver = GNUNET_new (struct ReceiverAddress);
2746 receiver->address = in;
2747 receiver->address_len = in_len;
2748 receiver->target = *peer;
2749 receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
2750 (void) GNUNET_CONTAINER_multipeermap_put (
2751 receivers,
2752 &receiver->target,
2753 receiver,
2754 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
2755 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2756 "Added %s to receivers\n",
2757 GNUNET_i2s_full (&receiver->target));
2758 receiver->timeout =
2759 GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
2760 receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
2761 receiver,
2762 receiver->timeout.abs_value_us);
2763 GNUNET_STATISTICS_set (stats,
2764 "# receivers active",
2765 GNUNET_CONTAINER_multipeermap_size (receivers),
2766 GNUNET_NO);
2767 receiver->foreign_addr =
2768 sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
2769 setup_receiver_mq (receiver);
2770 if (NULL == timeout_task)
2771 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2772 return GNUNET_OK;
2773}
2774
2775
2776/**
2777 * Iterator over all receivers to clean up.
2778 *
2779 * @param cls NULL
2780 * @param target unused
2781 * @param value the queue to destroy
2782 * @return #GNUNET_OK to continue to iterate
2783 */
2784static int
2785get_receiver_delete_it (void *cls,
2786 const struct GNUNET_PeerIdentity *target,
2787 void *value)
2788{
2789 struct ReceiverAddress *receiver = value;
2790
2791 (void) cls;
2792 (void) target;
2793 receiver_destroy (receiver);
2794 return GNUNET_OK;
2795}
2796
2797
2798/**
2799 * Iterator over all senders to clean up.
2800 *
2801 * @param cls NULL
2802 * @param target unused
2803 * @param value the queue to destroy
2804 * @return #GNUNET_OK to continue to iterate
2805 */
2806static int
2807get_sender_delete_it (void *cls,
2808 const struct GNUNET_PeerIdentity *target,
2809 void *value)
2810{
2811 struct SenderAddress *sender = value;
2812
2813 (void) cls;
2814 (void) target;
2815
2816
2817 sender_destroy (sender);
2818 return GNUNET_OK;
2819}
2820
2821
2822/**
2823 * Shutdown the UNIX communicator.
2824 *
2825 * @param cls NULL (always)
2826 */
2827static void
2828do_shutdown (void *cls)
2829{
2830 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2831 "do_shutdown\n");
2832 if (NULL != nat)
2833 {
2834 GNUNET_NAT_unregister (nat);
2835 nat = NULL;
2836 }
2837 while (NULL != bi_head)
2838 bi_destroy (bi_head);
2839 if (NULL != broadcast_task)
2840 {
2841 GNUNET_SCHEDULER_cancel (broadcast_task);
2842 broadcast_task = NULL;
2843 }
2844 if (NULL != timeout_task)
2845 {
2846 GNUNET_SCHEDULER_cancel (timeout_task);
2847 timeout_task = NULL;
2848 }
2849 if (NULL != read_task)
2850 {
2851 GNUNET_SCHEDULER_cancel (read_task);
2852 read_task = NULL;
2853 }
2854 if (NULL != udp_sock)
2855 {
2856 GNUNET_break (GNUNET_OK ==
2857 GNUNET_NETWORK_socket_close (udp_sock));
2858 udp_sock = NULL;
2859 }
2860 GNUNET_CONTAINER_multipeermap_iterate (receivers,
2861 &get_receiver_delete_it,
2862 NULL);
2863 GNUNET_CONTAINER_multipeermap_destroy (receivers);
2864 GNUNET_CONTAINER_multipeermap_iterate (senders,
2865 &get_sender_delete_it,
2866 NULL);
2867 GNUNET_CONTAINER_multipeermap_destroy (senders);
2868 GNUNET_CONTAINER_multishortmap_destroy (key_cache);
2869 GNUNET_CONTAINER_heap_destroy (senders_heap);
2870 GNUNET_CONTAINER_heap_destroy (receivers_heap);
2871 if (NULL != timeout_task)
2872 {
2873 GNUNET_SCHEDULER_cancel (timeout_task);
2874 timeout_task = NULL;
2875 }
2876 if (NULL != ch)
2877 {
2878 GNUNET_TRANSPORT_communicator_disconnect (ch);
2879 ch = NULL;
2880 }
2881 if (NULL != ah)
2882 {
2883 GNUNET_TRANSPORT_application_done (ah);
2884 ah = NULL;
2885 }
2886 if (NULL != stats)
2887 {
2888 GNUNET_STATISTICS_destroy (stats, GNUNET_NO);
2889 stats = NULL;
2890 }
2891 if (NULL != my_private_key)
2892 {
2893 GNUNET_free (my_private_key);
2894 my_private_key = NULL;
2895 }
2896 if (NULL != is)
2897 {
2898 GNUNET_NT_scanner_done (is);
2899 is = NULL;
2900 }
2901 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2902 "do_shutdown finished\n");
2903}
2904
2905
2906/**
2907 * Function called when the transport service has received a
2908 * backchannel message for this communicator (!) via a different return
2909 * path. Should be an acknowledgement.
2910 *
2911 * @param cls closure, NULL
2912 * @param sender which peer sent the notification
2913 * @param msg payload
2914 */
2915static void
2916enc_notify_cb (void *cls,
2917 const struct GNUNET_PeerIdentity *sender,
2918 const struct GNUNET_MessageHeader *msg)
2919{
2920 const struct UDPAck *ack;
2921
2922 (void) cls;
2923 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2924 "Storing UDPAck received from backchannel from %s\n",
2925 GNUNET_i2s_full (sender));
2926 if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2927 (ntohs (msg->size) != sizeof(struct UDPAck)))
2928 {
2929 GNUNET_break_op (0);
2930 return;
2931 }
2932 ack = (const struct UDPAck *) msg;
2933 GNUNET_CONTAINER_multipeermap_get_multiple (receivers,
2934 sender,
2935 &handle_ack,
2936 (void *) ack);
2937}
2938
2939
2940/**
2941 * Signature of the callback passed to #GNUNET_NAT_register() for
2942 * a function to call whenever our set of 'valid' addresses changes.
2943 *
2944 * @param cls closure
2945 * @param app_ctx[in,out] location where the app can store stuff
2946 * on add and retrieve it on remove
2947 * @param add_remove #GNUNET_YES to add a new public IP address,
2948 * #GNUNET_NO to remove a previous (now invalid) one
2949 * @param ac address class the address belongs to
2950 * @param addr either the previous or the new public IP address
2951 * @param addrlen actual length of the @a addr
2952 */
2953static void
2954nat_address_cb (void *cls,
2955 void **app_ctx,
2956 int add_remove,
2957 enum GNUNET_NAT_AddressClass ac,
2958 const struct sockaddr *addr,
2959 socklen_t addrlen)
2960{
2961 char *my_addr;
2962 struct GNUNET_TRANSPORT_AddressIdentifier *ai;
2963
2964 if (GNUNET_YES == add_remove)
2965 {
2966 enum GNUNET_NetworkType nt;
2967
2968 GNUNET_asprintf (&my_addr,
2969 "%s-%s",
2970 COMMUNICATOR_ADDRESS_PREFIX,
2971 GNUNET_a2s (addr, addrlen));
2972 nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2973 ai =
2974 GNUNET_TRANSPORT_communicator_address_add (ch,
2975 my_addr,
2976 nt,
2977 GNUNET_TIME_UNIT_FOREVER_REL);
2978 GNUNET_free (my_addr);
2979 *app_ctx = ai;
2980 }
2981 else
2982 {
2983 ai = *app_ctx;
2984 GNUNET_TRANSPORT_communicator_address_remove (ai);
2985 *app_ctx = NULL;
2986 }
2987}
2988
2989
2990/**
2991 * Broadcast our presence on one of our interfaces.
2992 *
2993 * @param cls a `struct BroadcastInterface`
2994 */
2995static void
2996ifc_broadcast (void *cls)
2997{
2998 struct BroadcastInterface *bi = cls;
2999 struct GNUNET_TIME_Relative delay;
3000
3001 delay = BROADCAST_FREQUENCY;
3002 delay.rel_value_us =
3003 GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, delay.rel_value_us);
3004 bi->broadcast_task =
3005 GNUNET_SCHEDULER_add_delayed (delay, &ifc_broadcast, bi);
3006
3007 switch (bi->sa->sa_family)
3008 {
3009 case AF_INET: {
3010 static int yes = 1;
3011 static int no = 0;
3012 ssize_t sent;
3013
3014 if (GNUNET_OK !=
3015 GNUNET_NETWORK_socket_setsockopt (udp_sock,
3016 SOL_SOCKET,
3017 SO_BROADCAST,
3018 &yes,
3019 sizeof(int)))
3020 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
3021 "setsockopt");
3022 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3023 "creating UDPBroadcast from %s\n",
3024 GNUNET_i2s (&(bi->bcm.sender)));
3025 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3026 "sending UDPBroadcast to add %s\n",
3027 GNUNET_a2s (bi->ba, bi->salen));
3028 sent = GNUNET_NETWORK_socket_sendto (udp_sock,
3029 &bi->bcm,
3030 sizeof(bi->bcm),
3031 bi->ba,
3032 bi->salen);
3033 if (-1 == sent)
3034 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
3035 "sendto");
3036 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
3037 SOL_SOCKET,
3038 SO_BROADCAST,
3039 &no,
3040 sizeof(int)))
3041 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
3042 "setsockopt");
3043 break;
3044 }
3045
3046 case AF_INET6: {
3047 ssize_t sent;
3048 struct sockaddr_in6 dst;
3049
3050 dst.sin6_family = AF_INET6;
3051 dst.sin6_port = htons (my_port);
3052 dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
3053 dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
3054
3055 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3056 "sending UDPBroadcast\n");
3057 sent = GNUNET_NETWORK_socket_sendto (udp_sock,
3058 &bi->bcm,
3059 sizeof(bi->bcm),
3060 (const struct sockaddr *) &dst,
3061 sizeof(dst));
3062 if (-1 == sent)
3063 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "sendto");
3064 break;
3065 }
3066
3067 default:
3068 GNUNET_break (0);
3069 break;
3070 }
3071}
3072
3073
3074/**
3075 * Callback function invoked for each interface found.
3076 * Activates/deactivates broadcast interfaces.
3077 *
3078 * @param cls NULL
3079 * @param name name of the interface (can be NULL for unknown)
3080 * @param isDefault is this presumably the default interface
3081 * @param addr address of this interface (can be NULL for unknown or unassigned)
3082 * @param broadcast_addr the broadcast address (can be NULL for unknown or
3083 * unassigned)
3084 * @param netmask the network mask (can be NULL for unknown or unassigned)
3085 * @param addrlen length of the address
3086 * @return #GNUNET_OK to continue iteration, #GNUNET_SYSERR to abort
3087 */
3088static int
3089iface_proc (void *cls,
3090 const char *name,
3091 int isDefault,
3092 const struct sockaddr *addr,
3093 const struct sockaddr *broadcast_addr,
3094 const struct sockaddr *netmask,
3095 socklen_t addrlen)
3096{
3097 struct BroadcastInterface *bi;
3098 enum GNUNET_NetworkType network;
3099 struct UdpBroadcastSignature ubs;
3100
3101 (void) cls;
3102 (void) netmask;
3103 if (NULL == addr)
3104 return GNUNET_YES; /* need to know our address! */
3105 network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
3106 if (GNUNET_NT_LOOPBACK == network)
3107 {
3108 /* Broadcasting on loopback does not make sense */
3109 return GNUNET_YES;
3110 }
3111 for (bi = bi_head; NULL != bi; bi = bi->next)
3112 {
3113 if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
3114 {
3115 bi->found = GNUNET_YES;
3116 return GNUNET_OK;
3117 }
3118 }
3119
3120 if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
3121 return GNUNET_OK; /* broadcast_addr is required for IPv6! */
3122 if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
3123 return GNUNET_OK; /* not using IPv6 */
3124
3125 bi = GNUNET_new (struct BroadcastInterface);
3126 bi->sa = GNUNET_memdup (addr,
3127 addrlen);
3128 if ( (NULL != broadcast_addr) &&
3129 (addrlen == sizeof (struct sockaddr_in)) )
3130 {
3131 struct sockaddr_in *ba;
3132
3133 ba = GNUNET_memdup (broadcast_addr,
3134 addrlen);
3135 ba->sin_port = htons (2086); /* always GNUnet port, ignore configuration! */
3136 bi->ba = (struct sockaddr *) ba;
3137 }
3138 bi->salen = addrlen;
3139 bi->found = GNUNET_YES;
3140 bi->bcm.sender = my_identity;
3141 ubs.purpose.purpose = htonl (
3142 GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST);
3143 ubs.purpose.size = htonl (sizeof(ubs));
3144 ubs.sender = my_identity;
3145 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3146 "creating UDPBroadcastSignature for %s\n",
3147 GNUNET_a2s (addr, addrlen));
3148 GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
3149 GNUNET_CRYPTO_eddsa_sign (my_private_key,
3150 &ubs,
3151 &bi->bcm.sender_sig);
3152 if (NULL != bi->ba)
3153 {
3154 bi->broadcast_task = GNUNET_SCHEDULER_add_now (&ifc_broadcast, bi);
3155 GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
3156 }
3157 if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
3158 {
3159 /* Create IPv6 multicast request */
3160 const struct sockaddr_in6 *s6 =
3161 (const struct sockaddr_in6 *) broadcast_addr;
3162
3163 GNUNET_assert (
3164 1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
3165
3166 /* http://tools.ietf.org/html/rfc2553#section-5.2:
3167 *
3168 * IPV6_JOIN_GROUP
3169 *
3170 * Join a multicast group on a specified local interface. If the
3171 * interface index is specified as 0, the kernel chooses the local
3172 * interface. For example, some kernels look up the multicast
3173 * group in the normal IPv6 routing table and using the resulting
3174 * interface; we do this for each interface, so no need to use
3175 * zero (anymore...).
3176 */
3177 bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
3178
3179 /* Join the multicast group */
3180 if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (udp_sock,
3181 IPPROTO_IPV6,
3182 IPV6_JOIN_GROUP,
3183 &bi->mcreq,
3184 sizeof(bi->mcreq)))
3185 {
3186 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
3187 }
3188 }
3189 return GNUNET_OK;
3190}
3191
3192
3193/**
3194 * Scan interfaces to broadcast our presence on the LAN.
3195 *
3196 * @param cls NULL, unused
3197 */
3198static void
3199do_broadcast (void *cls)
3200{
3201 struct BroadcastInterface *bin;
3202
3203 (void) cls;
3204 for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
3205 bi->found = GNUNET_NO;
3206 GNUNET_OS_network_interfaces_list (&iface_proc, NULL);
3207 for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
3208 {
3209 bin = bi->next;
3210 if (GNUNET_NO == bi->found)
3211 bi_destroy (bi);
3212 }
3213 broadcast_task = GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY,
3214 &do_broadcast,
3215 NULL);
3216}
3217
3218
3219static void
3220try_connection_reversal (void *cls,
3221 const struct sockaddr *addr,
3222 socklen_t addrlen)
3223{
3224 /* FIXME: support reversal: #5529 */
3225 GNUNET_log (GNUNET_ERROR_TYPE_INFO,
3226 "No connection reversal implemented!");
3227}
3228
3229
3230/**
3231 * Setup communicator and launch network interactions.
3232 *
3233 * @param cls NULL (always)
3234 * @param args remaining command-line arguments
3235 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
3236 * @param c configuration
3237 */
3238static void
3239run (void *cls,
3240 char *const *args,
3241 const char *cfgfile,
3242 const struct GNUNET_CONFIGURATION_Handle *c)
3243{
3244 char *bindto;
3245 struct sockaddr *in;
3246 socklen_t in_len;
3247 struct sockaddr_storage in_sto;
3248 socklen_t sto_len;
3249
3250 (void) cls;
3251 cfg = c;
3252 if (GNUNET_OK !=
3253 GNUNET_CONFIGURATION_get_value_string (cfg,
3254 COMMUNICATOR_CONFIG_SECTION,
3255 "BINDTO",
3256 &bindto))
3257 {
3258 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
3259 COMMUNICATOR_CONFIG_SECTION,
3260 "BINDTO");
3261 return;
3262 }
3263
3264 if (GNUNET_OK !=
3265 GNUNET_CONFIGURATION_get_value_time (cfg,
3266 COMMUNICATOR_CONFIG_SECTION,
3267 "REKEY_INTERVAL",
3268 &rekey_interval))
3269 rekey_interval = DEFAULT_REKEY_TIME_INTERVAL;
3270
3271 if (GNUNET_OK !=
3272 GNUNET_CONFIGURATION_get_value_size (cfg,
3273 COMMUNICATOR_CONFIG_SECTION,
3274 "REKEY_MAX_BYTES",
3275 &rekey_max_bytes))
3276 rekey_max_bytes = DEFAULT_REKEY_MAX_BYTES;
3277
3278 in = udp_address_to_sockaddr (bindto, &in_len);
3279 if (NULL == in)
3280 {
3281 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
3282 "Failed to setup UDP socket address with path `%s'\n",
3283 bindto);
3284 GNUNET_free (bindto);
3285 return;
3286 }
3287 udp_sock =
3288 GNUNET_NETWORK_socket_create (in->sa_family,
3289 SOCK_DGRAM,
3290 IPPROTO_UDP);
3291 if (NULL == udp_sock)
3292 {
3293 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "socket");
3294 GNUNET_free (in);
3295 GNUNET_free (bindto);
3296 return;
3297 }
3298 if (AF_INET6 == in->sa_family)
3299 have_v6_socket = GNUNET_YES;
3300 if (GNUNET_OK !=
3301 GNUNET_NETWORK_socket_bind (udp_sock,
3302 in,
3303 in_len))
3304 {
3305 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
3306 "bind",
3307 bindto);
3308 GNUNET_NETWORK_socket_close (udp_sock);
3309 udp_sock = NULL;
3310 GNUNET_free (in);
3311 GNUNET_free (bindto);
3312 return;
3313 }
3314
3315 /* We might have bound to port 0, allowing the OS to figure it out;
3316 thus, get the real IN-address from the socket */
3317 sto_len = sizeof(in_sto);
3318 if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
3319 (struct sockaddr *) &in_sto,
3320 &sto_len))
3321 {
3322 memcpy (&in_sto, in, in_len);
3323 sto_len = in_len;
3324 }
3325 GNUNET_free (in);
3326 GNUNET_free (bindto);
3327 in = (struct sockaddr *) &in_sto;
3328 in_len = sto_len;
3329 GNUNET_log_from_nocheck (GNUNET_ERROR_TYPE_DEBUG,
3330 "transport",
3331 "Bound to `%s'\n",
3332 GNUNET_a2s ((const struct sockaddr *) &in_sto,
3333 sto_len));
3334 switch (in->sa_family)
3335 {
3336 case AF_INET:
3337 my_port = ntohs (((struct sockaddr_in *) in)->sin_port);
3338 break;
3339
3340 case AF_INET6:
3341 my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port);
3342 break;
3343
3344 default:
3345 GNUNET_break (0);
3346 my_port = 0;
3347 }
3348 stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
3349 senders = GNUNET_CONTAINER_multipeermap_create (32, GNUNET_YES);
3350 receivers = GNUNET_CONTAINER_multipeermap_create (32, GNUNET_YES);
3351 senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
3352 receivers_heap =
3353 GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
3354 key_cache = GNUNET_CONTAINER_multishortmap_create (1024, GNUNET_YES);
3355 GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
3356 is = GNUNET_NT_scanner_init ();
3357 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg);
3358 if (NULL == my_private_key)
3359 {
3360 GNUNET_log (
3361 GNUNET_ERROR_TYPE_ERROR,
3362 _ (
3363 "Transport service is lacking key configuration settings. Exiting.\n"));
3364 GNUNET_SCHEDULER_shutdown ();
3365 return;
3366 }
3367 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key, &my_identity.public_key);
3368 /* start reading */
3369 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
3370 udp_sock,
3371 &sock_read,
3372 NULL);
3373 ch = GNUNET_TRANSPORT_communicator_connect (cfg,
3374 COMMUNICATOR_CONFIG_SECTION,
3375 COMMUNICATOR_ADDRESS_PREFIX,
3376 GNUNET_TRANSPORT_CC_UNRELIABLE,
3377 &mq_init,
3378 NULL,
3379 &enc_notify_cb,
3380 NULL);
3381 if (NULL == ch)
3382 {
3383 GNUNET_break (0);
3384 GNUNET_SCHEDULER_shutdown ();
3385 return;
3386 }
3387 ah = GNUNET_TRANSPORT_application_init (cfg);
3388 if (NULL == ah)
3389 {
3390 GNUNET_break (0);
3391 GNUNET_SCHEDULER_shutdown ();
3392 return;
3393 }
3394 /* start broadcasting */
3395 if (GNUNET_YES !=
3396 GNUNET_CONFIGURATION_get_value_yesno (cfg,
3397 COMMUNICATOR_CONFIG_SECTION,
3398 "DISABLE_BROADCAST"))
3399 {
3400 broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
3401 }
3402 nat = GNUNET_NAT_register (cfg,
3403 COMMUNICATOR_CONFIG_SECTION,
3404 IPPROTO_UDP,
3405 1 /* one address */,
3406 (const struct sockaddr **) &in,
3407 &in_len,
3408 &nat_address_cb,
3409 try_connection_reversal,
3410 NULL /* closure */);
3411}
3412
3413
3414/**
3415 * The main function for the UNIX communicator.
3416 *
3417 * @param argc number of arguments from the command line
3418 * @param argv command line arguments
3419 * @return 0 ok, 1 on error
3420 */
3421int
3422main (int argc, char *const *argv)
3423{
3424 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
3425 GNUNET_GETOPT_OPTION_END
3426 };
3427 int ret;
3428
3429 GNUNET_log_from_nocheck (GNUNET_ERROR_TYPE_DEBUG,
3430 "transport",
3431 "Starting udp communicator\n");
3432 if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
3433 return 2;
3434
3435 ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
3436 argv,
3437 "gnunet-communicator-udp",
3438 _ ("GNUnet UDP communicator"),
3439 options,
3440 &run,
3441 NULL))
3442 ? 0
3443 : 1;
3444 GNUNET_free_nz ((void *) argv);
3445 return ret;
3446}
3447
3448
3449/* end of gnunet-communicator-udp.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-25 21:47:45 +0000