aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/core/gnunet-service-core_kx.c113
-rw-r--r--src/include/gnunet_core_service.h116
-rw-r--r--src/include/gnunet_crypto_lib.h11
-rw-r--r--src/include/gnunet_peerstore_service.h18
-rw-r--r--src/include/gnunet_protocols.h5
-rw-r--r--src/include/gnunet_signatures.h5
-rw-r--r--src/transport/Makefile.am1
-rw-r--r--src/transport/gnunet-communicator-tcp.c680
-rw-r--r--src/transport/gnunet-service-tng.c13
-rw-r--r--src/transport/test_communicator_basic.c16
-rw-r--r--src/transport/test_communicator_tcp_basic_peer1.conf5
-rw-r--r--src/transport/test_communicator_tcp_basic_peer2.conf5
-rw-r--r--src/transport/test_communicator_tcp_rekey_peer1.conf9
-rw-r--r--src/transport/test_communicator_tcp_rekey_peer2.conf9
-rw-r--r--src/transport/test_communicator_udp_backchannel_peer1.conf7
-rw-r--r--src/transport/test_communicator_udp_backchannel_peer2.conf7
-rw-r--r--src/transport/test_communicator_udp_basic_peer1.conf7
-rw-r--r--src/transport/test_communicator_udp_basic_peer2.conf8
-rw-r--r--src/transport/test_communicator_udp_rekey_peer1.conf7
-rw-r--r--src/transport/test_communicator_udp_rekey_peer2.conf7
-rw-r--r--src/transport/test_communicator_unix_basic_peer1.conf7
-rw-r--r--src/transport/test_communicator_unix_basic_peer2.conf7
-rw-r--r--src/transport/transport-testing2.c77
23 files changed, 940 insertions, 200 deletions
diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c
index cafe658e8..a79ef075b 100644
--- a/src/core/gnunet-service-core_kx.c
+++ b/src/core/gnunet-service-core_kx.c
@@ -77,119 +77,6 @@
77GNUNET_NETWORK_STRUCT_BEGIN 77GNUNET_NETWORK_STRUCT_BEGIN
78 78
79/** 79/**
80 * Message transmitted with the signed ephemeral key of a peer. The
81 * session key is then derived from the two ephemeral keys (ECDHE).
82 */
83struct EphemeralKeyMessage
84{
85 /**
86 * Message type is #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY.
87 */
88 struct GNUNET_MessageHeader header;
89
90 /**
91 * Status of the sender (should be in `enum PeerStateMachine`), nbo.
92 */
93 int32_t sender_status GNUNET_PACKED;
94
95 /**
96 * An ECC signature of the @e origin_identity asserting the validity
97 * of the given ephemeral key.
98 */
99 struct GNUNET_CRYPTO_EddsaSignature signature;
100
101 /**
102 * Information about what is being signed.
103 */
104 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
105
106 /**
107 * At what time was this key created (beginning of validity).
108 */
109 struct GNUNET_TIME_AbsoluteNBO creation_time;
110
111 /**
112 * When does the given ephemeral key expire (end of validity).
113 */
114 struct GNUNET_TIME_AbsoluteNBO expiration_time;
115
116 /**
117 * Ephemeral public ECC key.
118 */
119 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
120
121 /**
122 * Public key of the signing peer (persistent version, not the
123 * ephemeral public key).
124 */
125 struct GNUNET_PeerIdentity origin_identity;
126};
127
128
129/**
130 * We're sending an (encrypted) PING to the other peer to check if it
131 * can decrypt. The other peer should respond with a PONG with the
132 * same content, except this time encrypted with the receiver's key.
133 */
134struct PingMessage
135{
136 /**
137 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PING.
138 */
139 struct GNUNET_MessageHeader header;
140
141 /**
142 * Seed for the IV
143 */
144 uint32_t iv_seed GNUNET_PACKED;
145
146 /**
147 * Intended target of the PING, used primarily to check
148 * that decryption actually worked.
149 */
150 struct GNUNET_PeerIdentity target;
151
152 /**
153 * Random number chosen to make replay harder.
154 */
155 uint32_t challenge GNUNET_PACKED;
156};
157
158
159/**
160 * Response to a PING. Includes data from the original PING.
161 */
162struct PongMessage
163{
164 /**
165 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PONG.
166 */
167 struct GNUNET_MessageHeader header;
168
169 /**
170 * Seed for the IV
171 */
172 uint32_t iv_seed GNUNET_PACKED;
173
174 /**
175 * Random number to make replay attacks harder.
176 */
177 uint32_t challenge GNUNET_PACKED;
178
179 /**
180 * Reserved, always zero.
181 */
182 uint32_t reserved;
183
184 /**
185 * Intended target of the PING, used primarily to check
186 * that decryption actually worked.
187 */
188 struct GNUNET_PeerIdentity target;
189};
190
191
192/**
193 * Encapsulation for encrypted messages exchanged between 80 * Encapsulation for encrypted messages exchanged between
194 * peers. Followed by the actual encrypted data. 81 * peers. Followed by the actual encrypted data.
195 */ 82 */
diff --git a/src/include/gnunet_core_service.h b/src/include/gnunet_core_service.h
index 66b292c3c..60bc3c2a6 100644
--- a/src/include/gnunet_core_service.h
+++ b/src/include/gnunet_core_service.h
@@ -48,6 +48,122 @@ extern "C" {
48 */ 48 */
49#define GNUNET_CORE_VERSION 0x00000001 49#define GNUNET_CORE_VERSION 0x00000001
50 50
51GNUNET_NETWORK_STRUCT_BEGIN
52
53/**
54 * Message transmitted with the signed ephemeral key of a peer. The
55 * session key is then derived from the two ephemeral keys (ECDHE).
56 */
57struct EphemeralKeyMessage
58{
59 /**
60 * Message type is #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY.
61 */
62 struct GNUNET_MessageHeader header;
63
64 /**
65 * Status of the sender (should be in `enum PeerStateMachine`), nbo.
66 */
67 int32_t sender_status GNUNET_PACKED;
68
69 /**
70 * An ECC signature of the @e origin_identity asserting the validity
71 * of the given ephemeral key.
72 */
73 struct GNUNET_CRYPTO_EddsaSignature signature;
74
75 /**
76 * Information about what is being signed.
77 */
78 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
79
80 /**
81 * At what time was this key created (beginning of validity).
82 */
83 struct GNUNET_TIME_AbsoluteNBO creation_time;
84
85 /**
86 * When does the given ephemeral key expire (end of validity).
87 */
88 struct GNUNET_TIME_AbsoluteNBO expiration_time;
89
90 /**
91 * Ephemeral public ECC key.
92 */
93 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
94
95 /**
96 * Public key of the signing peer (persistent version, not the
97 * ephemeral public key).
98 */
99 struct GNUNET_PeerIdentity origin_identity;
100};
101
102
103/**
104 * We're sending an (encrypted) PING to the other peer to check if it
105 * can decrypt. The other peer should respond with a PONG with the
106 * same content, except this time encrypted with the receiver's key.
107 */
108struct PingMessage
109{
110 /**
111 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PING.
112 */
113 struct GNUNET_MessageHeader header;
114
115 /**
116 * Seed for the IV
117 */
118 uint32_t iv_seed GNUNET_PACKED;
119
120 /**
121 * Intended target of the PING, used primarily to check
122 * that decryption actually worked.
123 */
124 struct GNUNET_PeerIdentity target;
125
126 /**
127 * Random number chosen to make replay harder.
128 */
129 uint32_t challenge GNUNET_PACKED;
130};
131
132
133/**
134 * Response to a PING. Includes data from the original PING.
135 */
136struct PongMessage
137{
138 /**
139 * Message type is #GNUNET_MESSAGE_TYPE_CORE_PONG.
140 */
141 struct GNUNET_MessageHeader header;
142
143 /**
144 * Seed for the IV
145 */
146 uint32_t iv_seed GNUNET_PACKED;
147
148 /**
149 * Random number to make replay attacks harder.
150 */
151 uint32_t challenge GNUNET_PACKED;
152
153 /**
154 * Reserved, always zero.
155 */
156 uint32_t reserved;
157
158 /**
159 * Intended target of the PING, used primarily to check
160 * that decryption actually worked.
161 */
162 struct GNUNET_PeerIdentity target;
163};
164
165
166GNUNET_NETWORK_STRUCT_END
51 167
52/** 168/**
53 * Opaque handle to the service. 169 * Opaque handle to the service.
diff --git a/src/include/gnunet_crypto_lib.h b/src/include/gnunet_crypto_lib.h
index 320701643..c1b0b3b1b 100644
--- a/src/include/gnunet_crypto_lib.h
+++ b/src/include/gnunet_crypto_lib.h
@@ -289,6 +289,17 @@ struct GNUNET_CRYPTO_SymmetricSessionKey
289 unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH]; 289 unsigned char twofish_key[GNUNET_CRYPTO_AES_KEY_LENGTH];
290}; 290};
291 291
292/**
293 * Type of a nonce used for challenges.
294 */
295struct ChallengeNonceP
296{
297 /**
298 * The value of the nonce. Note that this is NOT a hash.
299 */
300 struct GNUNET_ShortHashCode value;
301};
302
292GNUNET_NETWORK_STRUCT_END 303GNUNET_NETWORK_STRUCT_END
293 304
294/** 305/**
diff --git a/src/include/gnunet_peerstore_service.h b/src/include/gnunet_peerstore_service.h
index cd68dad66..91a8f2e66 100644
--- a/src/include/gnunet_peerstore_service.h
+++ b/src/include/gnunet_peerstore_service.h
@@ -67,6 +67,24 @@ extern "C" {
67#define GNUNET_PEERSTORE_TRANSPORT_DVLEARN_MONOTIME \ 67#define GNUNET_PEERSTORE_TRANSPORT_DVLEARN_MONOTIME \
68 "transport-dv-learn-monotonic-time" 68 "transport-dv-learn-monotonic-time"
69 69
70/**
71 * Key used to store sender's monotonic time from handshake message.
72 */
73#define GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE \
74 "transport-tcp-communicator-handshake"
75
76/**
77 * Key used to store sender's monotonic time from handshake ack message.
78 */
79#define GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE_ACK \
80 "transport-tcp-communicator-handshake-ack"
81
82/**
83 * Key used to store sender's monotonic time from rekey message.
84 */
85#define GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_REKEY \
86 "transport-tcp-communicator-rekey"
87
70 88
71/** 89/**
72 * Options for storing values in PEERSTORE 90 * Options for storing values in PEERSTORE
diff --git a/src/include/gnunet_protocols.h b/src/include/gnunet_protocols.h
index 0db6150aa..5af58664f 100644
--- a/src/include/gnunet_protocols.h
+++ b/src/include/gnunet_protocols.h
@@ -3293,6 +3293,11 @@ extern "C" {
3293#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH 1452 3293#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH 1452
3294 3294
3295/** 3295/**
3296 * TCP communicator confirmation ack.
3297 */
3298#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_CONFIRMATION_ACK 1453
3299
3300/**
3296 * UDP KX acknowledgement. 3301 * UDP KX acknowledgement.
3297 */ 3302 */
3298#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK 1460 3303#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK 1460
diff --git a/src/include/gnunet_signatures.h b/src/include/gnunet_signatures.h
index 503113770..7c0c1d104 100644
--- a/src/include/gnunet_signatures.h
+++ b/src/include/gnunet_signatures.h
@@ -246,6 +246,11 @@ extern "C"
246 */ 246 */
247#define GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR 38 247#define GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR 38
248 248
249/**
250 * Signature by a peer sending back the nonce received at initial handshake.
251 */
252#define GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK 39
253
249#if 0 /* keep Emacsens' auto-indent happy */ 254#if 0 /* keep Emacsens' auto-indent happy */
250{ 255{
251#endif 256#endif
diff --git a/src/transport/Makefile.am b/src/transport/Makefile.am
index 354bb1cf4..e0369059d 100644
--- a/src/transport/Makefile.am
+++ b/src/transport/Makefile.am
@@ -278,6 +278,7 @@ gnunet_communicator_tcp_SOURCES = \
278 gnunet-communicator-tcp.c 278 gnunet-communicator-tcp.c
279gnunet_communicator_tcp_LDADD = \ 279gnunet_communicator_tcp_LDADD = \
280 libgnunettransportcommunicator.la \ 280 libgnunettransportcommunicator.la \
281 $(top_builddir)/src/peerstore/libgnunetpeerstore.la \
281 $(top_builddir)/src/nat/libgnunetnatnew.la \ 282 $(top_builddir)/src/nat/libgnunetnatnew.la \
282 $(top_builddir)/src/nt/libgnunetnt.la \ 283 $(top_builddir)/src/nt/libgnunetnt.la \
283 $(top_builddir)/src/statistics/libgnunetstatistics.la \ 284 $(top_builddir)/src/statistics/libgnunetstatistics.la \
diff --git a/src/transport/gnunet-communicator-tcp.c b/src/transport/gnunet-communicator-tcp.c
index 177b5c26c..ec9f5986a 100644
--- a/src/transport/gnunet-communicator-tcp.c
+++ b/src/transport/gnunet-communicator-tcp.c
@@ -24,26 +24,22 @@
24 * @author Christian Grothoff 24 * @author Christian Grothoff
25 * 25 *
26 * TODO: 26 * TODO:
27 * - support DNS names in BINDTO option (#5528)
28 * - support NAT connection reversal method (#5529) 27 * - support NAT connection reversal method (#5529)
29 * - support other TCP-specific NAT traversal methods (#5531) 28 * - support other TCP-specific NAT traversal methods (#5531)
30 * - add replay protection support to the protocol by
31 * adding a nonce in the KX and requiring (!) a
32 * nounce ACK to be send within the first X bytes of
33 * data (#5530)
34 */ 29 */
35#include "platform.h" 30#include "platform.h"
36#include "gnunet_util_lib.h" 31#include "gnunet_util_lib.h"
32#include "gnunet_core_service.h"
33#include "gnunet_peerstore_service.h"
37#include "gnunet_protocols.h" 34#include "gnunet_protocols.h"
38#include "gnunet_signatures.h" 35#include "gnunet_signatures.h"
39#include "gnunet_constants.h" 36#include "gnunet_constants.h"
40#include "gnunet_nt_lib.h" 37#include "gnunet_nt_lib.h"
41#include "gnunet_nat_service.h" 38#include "gnunet_nat_service.h"
42#include "gnunet_statistics_service.h" 39#include "gnunet_statistics_service.h"
43#include "gnunet_ats_transport_service.h"
44#include "transport.h"
45#include "gnunet_transport_communication_service.h" 40#include "gnunet_transport_communication_service.h"
46#include "gnunet_resolver_service.h" 41#include "gnunet_resolver_service.h"
42
47/** 43/**
48 * How long do we believe our addresses to remain up (before 44 * How long do we believe our addresses to remain up (before
49 * the other peer should revalidate). 45 * the other peer should revalidate).
@@ -91,6 +87,13 @@
91 (sizeof(struct GNUNET_CRYPTO_EcdhePublicKey) \ 87 (sizeof(struct GNUNET_CRYPTO_EcdhePublicKey) \
92 + sizeof(struct TCPConfirmation)) 88 + sizeof(struct TCPConfirmation))
93 89
90/**
91 * Size of the initial core key exchange messages.
92 */
93#define INITIAL_CORE_KX_SIZE \
94 (sizeof(struct EphemeralKeyMessage) \
95 + sizeof(struct PingMessage) \
96 + sizeof(struct PongMessage))
94 97
95/** 98/**
96 * Address prefix used by the communicator. 99 * Address prefix used by the communicator.
@@ -136,8 +139,45 @@ struct TcpHandshakeSignature
136 * (if receiver persists times by sender). 139 * (if receiver persists times by sender).
137 */ 140 */
138 struct GNUNET_TIME_AbsoluteNBO monotonic_time; 141 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
142
143 /**
144 * Challenge value used to protect against replay attack, if there is no stored monotonic time value.
145 */
146 struct ChallengeNonceP challenge;
139}; 147};
140 148
149/**
150 * Signature we use to verify that the ack from the receiver of the ephemeral key was really send by
151 * the specified sender.
152 */
153struct TcpHandshakeAckSignature
154{
155 /**
156 * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK
157 */
158 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
159
160 /**
161 * Identity of the inititor of the TCP connection (TCP client).
162 */
163 struct GNUNET_PeerIdentity sender;
164
165 /**
166 * Presumed identity of the target of the TCP connection (TCP server)
167 */
168 struct GNUNET_PeerIdentity receiver;
169
170 /**
171 * Monotonic time of @e sender, to possibly help detect replay attacks
172 * (if receiver persists times by sender).
173 */
174 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
175
176 /**
177 * Challenge value used to protect against replay attack, if there is no stored monotonic time value.
178 */
179 struct ChallengeNonceP challenge;
180};
141 181
142/** 182/**
143 * Encrypted continuation of TCP initial handshake. 183 * Encrypted continuation of TCP initial handshake.
@@ -159,8 +199,48 @@ struct TCPConfirmation
159 * (if receiver persists times by sender). 199 * (if receiver persists times by sender).
160 */ 200 */
161 struct GNUNET_TIME_AbsoluteNBO monotonic_time; 201 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
202
203 /**
204 * Challenge value used to protect against replay attack, if there is no stored monotonic time value.
205 */
206 struct ChallengeNonceP challenge;
207
162}; 208};
163 209
210/**
211 * Ack for the encrypted continuation of TCP initial handshake.
212 */
213struct TCPConfirmationAck
214{
215
216
217 /**
218 * Type is #GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_CONFIRMATION_ACK.
219 */
220 struct GNUNET_MessageHeader header;
221
222 /**
223 * Sender's identity
224 */
225 struct GNUNET_PeerIdentity sender;
226
227 /**
228 * Sender's signature of type #GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK
229 */
230 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
231
232 /**
233 * Monotonic time of @e sender, to possibly help detect replay attacks
234 * (if receiver persists times by sender).
235 */
236 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
237
238 /**
239 * Challenge value used to protect against replay attack, if there is no stored monotonic time value.
240 */
241 struct ChallengeNonceP challenge;
242
243};
164 244
165/** 245/**
166 * TCP message box. Always sent encrypted! 246 * TCP message box. Always sent encrypted!
@@ -456,6 +536,56 @@ struct Queue
456 * re-decrypt ciphertext. 536 * re-decrypt ciphertext.
457 */ 537 */
458 int rekeyed; 538 int rekeyed;
539
540 /**
541 * Monotonic time value for rekey message.
542 */
543 struct GNUNET_TIME_AbsoluteNBO rekey_monotonic_time;
544
545 /**
546 * Monotonic time value for handshake message.
547 */
548 struct GNUNET_TIME_AbsoluteNBO handshake_monotonic_time;
549
550 /**
551 * Monotonic time value for handshake ack message.
552 */
553 struct GNUNET_TIME_AbsoluteNBO handshake_ack_monotonic_time;
554
555 /**
556 * Challenge value used to protect against replay attack, if there is no stored monotonic time value.
557 */
558 struct ChallengeNonceP challenge;
559
560 /**
561 * Iteration Context for retrieving the monotonic time send with key for rekeying.
562 */
563 struct GNUNET_PEERSTORE_IterateContext *rekey_monotime_get;
564
565 /**
566 * Iteration Context for retrieving the monotonic time send with the handshake.
567 */
568 struct GNUNET_PEERSTORE_IterateContext *handshake_monotime_get;
569
570 /**
571 * Iteration Context for retrieving the monotonic time send with the handshake ack.
572 */
573 struct GNUNET_PEERSTORE_IterateContext *handshake_ack_monotime_get;
574
575 /**
576 * Store Context for retrieving the monotonic time send with key for rekeying.
577 */
578 struct GNUNET_PEERSTORE_StoreContext *rekey_monotime_sc;
579
580 /**
581 * Store Context for retrieving the monotonic time send with the handshake.
582 */
583 struct GNUNET_PEERSTORE_StoreContext *handshake_monotime_sc;
584
585 /**
586 * Store Context for retrieving the monotonic time send with the handshake ack.
587 */
588 struct GNUNET_PEERSTORE_StoreContext *handshake_ack_monotime_sc;
459}; 589};
460 590
461 591
@@ -535,7 +665,7 @@ struct PortOnlyIpv4Ipv6
535 /** 665 /**
536 * Length of ipv4 address. 666 * Length of ipv4 address.
537 */ 667 */
538 socklen_t *addr_len_ipv4; 668 socklen_t addr_len_ipv4;
539 669
540 /** 670 /**
541 * Ipv6 address we like to bind to. 671 * Ipv6 address we like to bind to.
@@ -545,7 +675,7 @@ struct PortOnlyIpv4Ipv6
545 /** 675 /**
546 * Length of ipv6 address. 676 * Length of ipv6 address.
547 */ 677 */
548 socklen_t *addr_len_ipv6; 678 socklen_t addr_len_ipv6;
549 679
550}; 680};
551 681
@@ -658,6 +788,16 @@ struct Addresses *addrs_tail;
658int addrs_lens; 788int addrs_lens;
659 789
660/** 790/**
791 * Size of data received without KX challenge played back.
792 */
793size_t unverified_size;
794
795/**
796 * Database for peer's HELLOs.
797 */
798static struct GNUNET_PEERSTORE_Handle *peerstore;
799
800/**
661 * We have been notified that our listen socket has something to 801 * We have been notified that our listen socket has something to
662 * read. Do the read and reschedule this function to be called again 802 * read. Do the read and reschedule this function to be called again
663 * once more is available. 803 * once more is available.
@@ -687,6 +827,36 @@ queue_destroy (struct Queue *queue)
687 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 827 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
688 "Disconnecting queue for peer `%s'\n", 828 "Disconnecting queue for peer `%s'\n",
689 GNUNET_i2s (&queue->target)); 829 GNUNET_i2s (&queue->target));
830 if (NULL != queue->rekey_monotime_sc)
831 {
832 GNUNET_PEERSTORE_store_cancel (queue->rekey_monotime_sc);
833 queue->rekey_monotime_sc = NULL;
834 }
835 if (NULL != queue->handshake_monotime_sc)
836 {
837 GNUNET_PEERSTORE_store_cancel (queue->handshake_monotime_sc);
838 queue->handshake_monotime_sc = NULL;
839 }
840 if (NULL != queue->handshake_ack_monotime_sc)
841 {
842 GNUNET_PEERSTORE_store_cancel (queue->handshake_ack_monotime_sc);
843 queue->handshake_ack_monotime_sc = NULL;
844 }
845 if (NULL != queue->rekey_monotime_get)
846 {
847 GNUNET_PEERSTORE_iterate_cancel (queue->rekey_monotime_get);
848 queue->rekey_monotime_get = NULL;
849 }
850 if (NULL != queue->handshake_monotime_get)
851 {
852 GNUNET_PEERSTORE_iterate_cancel (queue->handshake_monotime_get);
853 queue->handshake_monotime_get = NULL;
854 }
855 if (NULL != queue->handshake_ack_monotime_get)
856 {
857 GNUNET_PEERSTORE_iterate_cancel (queue->handshake_ack_monotime_get);
858 queue->handshake_ack_monotime_get = NULL;
859 }
690 if (NULL != (mq = queue->mq)) 860 if (NULL != (mq = queue->mq))
691 { 861 {
692 queue->mq = NULL; 862 queue->mq = NULL;
@@ -964,6 +1134,78 @@ setup_in_cipher (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
964 setup_cipher (&dh, &my_identity, &queue->in_cipher, &queue->in_hmac); 1134 setup_cipher (&dh, &my_identity, &queue->in_cipher, &queue->in_hmac);
965} 1135}
966 1136
1137/**
1138 * Callback called when peerstore store operation for rekey monotime value is finished.
1139 * @param cls Queue context the store operation was executed.
1140 * @param success Store operation was successful (GNUNET_OK) or not.
1141 */
1142static void
1143rekey_monotime_store_cb (void *cls, int success)
1144{
1145 struct Queue *queue = cls;
1146 if (GNUNET_OK != success)
1147 {
1148 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1149 "Failed to store rekey monotonic time in PEERSTORE!\n");
1150 }
1151 queue->rekey_monotime_sc = NULL;
1152}
1153
1154/**
1155 * Callback called by peerstore when records for GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_REKEY
1156 * where found.
1157 * @param cls Queue context the store operation was executed.
1158 * @param record The record found or NULL if there is no record left.
1159 * @param emsg Message from peerstore.
1160 */
1161static void
1162rekey_monotime_cb (void *cls,
1163 const struct GNUNET_PEERSTORE_Record *record,
1164 const char *emsg)
1165{
1166 struct Queue *queue = cls;
1167 struct GNUNET_TIME_AbsoluteNBO *mtbe;
1168 struct GNUNET_TIME_Absolute mt;
1169 const struct GNUNET_PeerIdentity *pid;
1170 struct GNUNET_TIME_AbsoluteNBO *rekey_monotonic_time;
1171
1172 (void) emsg;
1173
1174 rekey_monotonic_time = &queue->rekey_monotonic_time;
1175 pid = &queue->target;
1176 if (NULL == record)
1177 {
1178 queue->rekey_monotime_get = NULL;
1179 return;
1180 }
1181 if (sizeof(*mtbe) != record->value_size)
1182 {
1183 GNUNET_break (0);
1184 return;
1185 }
1186 mtbe = record->value;
1187 mt = GNUNET_TIME_absolute_ntoh (*mtbe);
1188 if (mt.abs_value_us > GNUNET_TIME_absolute_ntoh (
1189 queue->rekey_monotonic_time).abs_value_us)
1190 {
1191 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1192 "Queue from %s dropped, rekey monotime in the past\n",
1193 GNUNET_i2s (&queue->target));
1194 GNUNET_break (0);
1195 queue_finish (queue);
1196 return;
1197 }
1198 queue->rekey_monotime_sc = GNUNET_PEERSTORE_store (peerstore,
1199 "transport_tcp_communicator",
1200 pid,
1201 GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_REKEY,
1202 rekey_monotonic_time,
1203 sizeof(rekey_monotonic_time),
1204 GNUNET_TIME_UNIT_FOREVER_ABS,
1205 GNUNET_PEERSTORE_STOREOPTION_REPLACE,
1206 &rekey_monotime_store_cb,
1207 queue);
1208}
967 1209
968/** 1210/**
969 * Handle @a rekey message on @a queue. The message was already 1211 * Handle @a rekey message on @a queue. The message was already
@@ -983,7 +1225,6 @@ do_rekey (struct Queue *queue, const struct TCPRekey *rekey)
983 thp.receiver = my_identity; 1225 thp.receiver = my_identity;
984 thp.ephemeral = rekey->ephemeral; 1226 thp.ephemeral = rekey->ephemeral;
985 thp.monotonic_time = rekey->monotonic_time; 1227 thp.monotonic_time = rekey->monotonic_time;
986 /* FIXME: check monotonic time is monotonic... */
987 if (GNUNET_OK != 1228 if (GNUNET_OK !=
988 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_TCP_REKEY, 1229 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_TCP_REKEY,
989 &thp, 1230 &thp,
@@ -994,11 +1235,93 @@ do_rekey (struct Queue *queue, const struct TCPRekey *rekey)
994 queue_finish (queue); 1235 queue_finish (queue);
995 return; 1236 return;
996 } 1237 }
1238 queue->rekey_monotonic_time = rekey->monotonic_time;
1239 queue->rekey_monotime_get = GNUNET_PEERSTORE_iterate (peerstore,
1240 "transport_tcp_communicator",
1241 &queue->target,
1242 GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_REKEY,
1243 &rekey_monotime_cb,
1244 queue);
997 gcry_cipher_close (queue->in_cipher); 1245 gcry_cipher_close (queue->in_cipher);
998 queue->rekeyed = GNUNET_YES; 1246 queue->rekeyed = GNUNET_YES;
999 setup_in_cipher (&rekey->ephemeral, queue); 1247 setup_in_cipher (&rekey->ephemeral, queue);
1000} 1248}
1001 1249
1250/**
1251 * Callback called when peerstore store operation for handshake ack monotime value is finished.
1252 * @param cls Queue context the store operation was executed.
1253 * @param success Store operation was successful (GNUNET_OK) or not.
1254 */
1255static void
1256handshake_ack_monotime_store_cb (void *cls, int success)
1257{
1258 struct Queue *queue = cls;
1259
1260 if (GNUNET_OK != success)
1261 {
1262 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1263 "Failed to store handshake ack monotonic time in PEERSTORE!\n");
1264 }
1265 queue->handshake_ack_monotime_sc = NULL;
1266}
1267
1268/**
1269 * Callback called by peerstore when records for GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE_ACK
1270 * where found.
1271 * @param cls Queue context the store operation was executed.
1272 * @param record The record found or NULL if there is no record left.
1273 * @param emsg Message from peerstore.
1274 */
1275static void
1276handshake_ack_monotime_cb (void *cls,
1277 const struct GNUNET_PEERSTORE_Record *record,
1278 const char *emsg)
1279{
1280 struct Queue *queue = cls;
1281 struct GNUNET_TIME_AbsoluteNBO *mtbe;
1282 struct GNUNET_TIME_Absolute mt;
1283 const struct GNUNET_PeerIdentity *pid;
1284 struct GNUNET_TIME_AbsoluteNBO *handshake_ack_monotonic_time;
1285
1286 (void) emsg;
1287
1288 handshake_ack_monotonic_time = &queue->handshake_ack_monotonic_time;
1289 pid = &queue->target;
1290 if (NULL == record)
1291 {
1292 queue->handshake_ack_monotime_get = NULL;
1293 return;
1294 }
1295 if (sizeof(*mtbe) != record->value_size)
1296 {
1297 GNUNET_break (0);
1298 return;
1299 }
1300 mtbe = record->value;
1301 mt = GNUNET_TIME_absolute_ntoh (*mtbe);
1302 if (mt.abs_value_us > GNUNET_TIME_absolute_ntoh (
1303 queue->handshake_ack_monotonic_time).abs_value_us)
1304 {
1305 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1306 "Queue from %s dropped, handshake ack monotime in the past\n",
1307 GNUNET_i2s (&queue->target));
1308 GNUNET_break (0);
1309 queue_finish (queue);
1310 return;
1311 }
1312 queue->handshake_ack_monotime_sc = GNUNET_PEERSTORE_store (peerstore,
1313 "transport_tcp_communicator",
1314 pid,
1315 GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE_ACK,
1316 handshake_ack_monotonic_time,
1317 sizeof(
1318 handshake_ack_monotonic_time),
1319 GNUNET_TIME_UNIT_FOREVER_ABS,
1320 GNUNET_PEERSTORE_STOREOPTION_REPLACE,
1321 &
1322 handshake_ack_monotime_store_cb,
1323 queue);
1324}
1002 1325
1003/** 1326/**
1004 * Test if we have received a full message in plaintext. 1327 * Test if we have received a full message in plaintext.
@@ -1012,6 +1335,8 @@ try_handle_plaintext (struct Queue *queue)
1012{ 1335{
1013 const struct GNUNET_MessageHeader *hdr = 1336 const struct GNUNET_MessageHeader *hdr =
1014 (const struct GNUNET_MessageHeader *) queue->pread_buf; 1337 (const struct GNUNET_MessageHeader *) queue->pread_buf;
1338 const struct TCPConfirmationAck *tca = (const struct
1339 TCPConfirmationAck *) queue->pread_buf;
1015 const struct TCPBox *box = (const struct TCPBox *) queue->pread_buf; 1340 const struct TCPBox *box = (const struct TCPBox *) queue->pread_buf;
1016 const struct TCPRekey *rekey = (const struct TCPRekey *) queue->pread_buf; 1341 const struct TCPRekey *rekey = (const struct TCPRekey *) queue->pread_buf;
1017 const struct TCPFinish *fin = (const struct TCPFinish *) queue->pread_buf; 1342 const struct TCPFinish *fin = (const struct TCPFinish *) queue->pread_buf;
@@ -1020,12 +1345,92 @@ try_handle_plaintext (struct Queue *queue)
1020 struct GNUNET_ShortHashCode tmac; 1345 struct GNUNET_ShortHashCode tmac;
1021 uint16_t type; 1346 uint16_t type;
1022 size_t size = 0; /* make compiler happy */ 1347 size_t size = 0; /* make compiler happy */
1348 struct TcpHandshakeAckSignature thas;
1349 const struct ChallengeNonceP challenge = queue->challenge;
1023 1350
1024 if (sizeof(*hdr) > queue->pread_off) 1351 if ((sizeof(*hdr) > queue->pread_off))
1352 {
1353 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1354 "Handling plaintext, not even a header!\n");
1025 return 0; /* not even a header */ 1355 return 0; /* not even a header */
1356 }
1357
1358 if ((-1 != unverified_size) && (unverified_size > INITIAL_CORE_KX_SIZE))
1359 {
1360 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1361 "Already received data of size %u bigger than KX size %u!\n",
1362 unverified_size,
1363 INITIAL_CORE_KX_SIZE);
1364 GNUNET_break_op (0);
1365 queue_finish (queue);
1366 return 0;
1367 }
1368
1026 type = ntohs (hdr->type); 1369 type = ntohs (hdr->type);
1027 switch (type) 1370 switch (type)
1028 { 1371 {
1372 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_CONFIRMATION_ACK:
1373 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1374 "start processing ack\n");
1375 if (sizeof(*tca) > queue->pread_off)
1376 {
1377 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1378 "Handling plaintext size of tca greater than pread offset.\n");
1379 return 0;
1380 }
1381 if (ntohs (hdr->size) != sizeof(*tca))
1382 {
1383 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1384 "Handling plaintext size does not match message type.\n");
1385 GNUNET_break_op (0);
1386 queue_finish (queue);
1387 return 0;
1388 }
1389
1390 thas.purpose.purpose = htonl (
1391 GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK);
1392 thas.purpose.size = htonl (sizeof(thas));
1393 thas.sender = tca->sender;
1394 thas.receiver = my_identity;
1395 thas.monotonic_time = tca->monotonic_time;
1396 thas.challenge = tca->challenge;
1397
1398 if (GNUNET_SYSERR == GNUNET_CRYPTO_eddsa_verify (
1399 GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK,
1400 &thas,
1401 &tca->sender_sig,
1402 &tca->sender.public_key))
1403 {
1404 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1405 "Verification of signature failed!\n");
1406 GNUNET_break (0);
1407 queue_finish (queue);
1408 return 0;
1409 }
1410 if (0 != GNUNET_memcmp (&tca->challenge, &challenge))
1411 {
1412 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1413 "Challenge in TCPConfirmationAck not correct!\n");
1414 GNUNET_break (0);
1415 queue_finish (queue);
1416 return 0;
1417 }
1418
1419 queue->handshake_ack_monotime_get = GNUNET_PEERSTORE_iterate (peerstore,
1420 "transport_tcp_communicator",
1421 &queue->target,
1422 GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE_ACK,
1423 &
1424 handshake_ack_monotime_cb,
1425 queue);
1426
1427 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1428 "Handling plaintext, ack processed!");
1429
1430 unverified_size = -1;
1431
1432 size = ntohs (hdr->size);
1433 break;
1029 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_BOX: 1434 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_BOX:
1030 /* Special case: header size excludes box itself! */ 1435 /* Special case: header size excludes box itself! */
1031 if (ntohs (hdr->size) + sizeof(struct TCPBox) > queue->pread_off) 1436 if (ntohs (hdr->size) + sizeof(struct TCPBox) > queue->pread_off)
@@ -1039,6 +1444,8 @@ try_handle_plaintext (struct Queue *queue)
1039 } 1444 }
1040 pass_plaintext_to_core (queue, (const void *) &box[1], ntohs (hdr->size)); 1445 pass_plaintext_to_core (queue, (const void *) &box[1], ntohs (hdr->size));
1041 size = ntohs (hdr->size) + sizeof(*box); 1446 size = ntohs (hdr->size) + sizeof(*box);
1447 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1448 "Handling plaintext, box processed!\n");
1042 break; 1449 break;
1043 1450
1044 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY: 1451 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_REKEY:
@@ -1061,6 +1468,8 @@ try_handle_plaintext (struct Queue *queue)
1061 } 1468 }
1062 do_rekey (queue, rekey); 1469 do_rekey (queue, rekey);
1063 size = ntohs (hdr->size); 1470 size = ntohs (hdr->size);
1471 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1472 "Handling plaintext, rekey processed!\n");
1064 break; 1473 break;
1065 1474
1066 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH: 1475 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_FINISH:
@@ -1083,14 +1492,20 @@ try_handle_plaintext (struct Queue *queue)
1083 } 1492 }
1084 /* handle FINISH by destroying queue */ 1493 /* handle FINISH by destroying queue */
1085 queue_destroy (queue); 1494 queue_destroy (queue);
1495 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1496 "Handling plaintext, finish processed!\n");
1086 break; 1497 break;
1087 1498
1088 default: 1499 default:
1500 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1501 "Handling plaintext, nothing processed!\n");
1089 GNUNET_break_op (0); 1502 GNUNET_break_op (0);
1090 queue_finish (queue); 1503 queue_finish (queue);
1091 return 0; 1504 return 0;
1092 } 1505 }
1093 GNUNET_assert (0 != size); 1506 GNUNET_assert (0 != size);
1507 if (-1 != unverified_size)
1508 unverified_size += size;
1094 return size; 1509 return size;
1095} 1510}
1096 1511
@@ -1216,10 +1631,6 @@ tcp_address_to_sockaddr_numeric_v6 (socklen_t *sock_len, struct sockaddr_in6 v6,
1216{ 1631{
1217 struct sockaddr *in; 1632 struct sockaddr *in;
1218 1633
1219 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1220 "1 address %s\n",
1221 GNUNET_a2s (in, *sock_len));
1222
1223 v6.sin6_family = AF_INET6; 1634 v6.sin6_family = AF_INET6;
1224 v6.sin6_port = htons ((uint16_t) port); 1635 v6.sin6_port = htons ((uint16_t) port);
1225#if HAVE_SOCKADDR_IN_SIN_LEN 1636#if HAVE_SOCKADDR_IN_SIN_LEN
@@ -1227,9 +1638,6 @@ tcp_address_to_sockaddr_numeric_v6 (socklen_t *sock_len, struct sockaddr_in6 v6,
1227#endif 1638#endif
1228 in = GNUNET_memdup (&v6, sizeof(v6)); 1639 in = GNUNET_memdup (&v6, sizeof(v6));
1229 *sock_len = sizeof(struct sockaddr_in6); 1640 *sock_len = sizeof(struct sockaddr_in6);
1230 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1231 "address %s\n",
1232 GNUNET_a2s (in, *sock_len));
1233 1641
1234 return in; 1642 return in;
1235} 1643}
@@ -1294,7 +1702,7 @@ tcp_address_to_sockaddr_port_only (const char *bindto, unsigned int *port)
1294 i4 = GNUNET_malloc (sizeof(struct sockaddr_in)); 1702 i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
1295 po->addr_ipv4 = tcp_address_to_sockaddr_numeric_v4 (&sock_len_ipv4, *i4, 1703 po->addr_ipv4 = tcp_address_to_sockaddr_numeric_v4 (&sock_len_ipv4, *i4,
1296 *port); 1704 *port);
1297 po->addr_len_ipv4 = &sock_len_ipv4; 1705 po->addr_len_ipv4 = sock_len_ipv4;
1298 } 1706 }
1299 else 1707 else
1300 { 1708 {
@@ -1302,21 +1710,19 @@ tcp_address_to_sockaddr_port_only (const char *bindto, unsigned int *port)
1302 i4 = GNUNET_malloc (sizeof(struct sockaddr_in)); 1710 i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
1303 po->addr_ipv4 = tcp_address_to_sockaddr_numeric_v4 (&sock_len_ipv4, *i4, 1711 po->addr_ipv4 = tcp_address_to_sockaddr_numeric_v4 (&sock_len_ipv4, *i4,
1304 *port); 1712 *port);
1305 po->addr_len_ipv4 = &sock_len_ipv4; 1713 po->addr_len_ipv4 = sock_len_ipv4;
1306
1307 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1308 "3.5 address %s\n",
1309 GNUNET_a2s (po->addr_ipv4, sock_len_ipv4));
1310 1714
1311 i6 = GNUNET_malloc (sizeof(struct sockaddr_in6)); 1715 i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
1312 po->addr_ipv6 = tcp_address_to_sockaddr_numeric_v6 (&sock_len_ipv6, *i6, 1716 po->addr_ipv6 = tcp_address_to_sockaddr_numeric_v6 (&sock_len_ipv6, *i6,
1313 *port); 1717 *port);
1314 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1315 "3 address %s\n",
1316 GNUNET_a2s (po->addr_ipv6, sock_len_ipv6));
1317 1718
1318 po->addr_len_ipv6 = &sock_len_ipv6; 1719 po->addr_len_ipv6 = sock_len_ipv6;
1720
1721 GNUNET_free (i6);
1319 } 1722 }
1723
1724 GNUNET_free (i4);
1725
1320 return po; 1726 return po;
1321} 1727}
1322 1728
@@ -1361,7 +1767,7 @@ extract_address (const char *bindto)
1361 } 1767 }
1362 } 1768 }
1363 1769
1364 // GNUNET_free(cp); 1770 GNUNET_free (cp);
1365 1771
1366 return start; 1772 return start;
1367} 1773}
@@ -1827,12 +2233,16 @@ transmit_kx (struct Queue *queue,
1827 tc.sender = my_identity; 2233 tc.sender = my_identity;
1828 tc.monotonic_time = 2234 tc.monotonic_time =
1829 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg)); 2235 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
2236 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
2237 &tc.challenge,
2238 sizeof(tc.challenge));
1830 ths.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE); 2239 ths.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE);
1831 ths.purpose.size = htonl (sizeof(ths)); 2240 ths.purpose.size = htonl (sizeof(ths));
1832 ths.sender = my_identity; 2241 ths.sender = my_identity;
1833 ths.receiver = queue->target; 2242 ths.receiver = queue->target;
1834 ths.ephemeral = *epub; 2243 ths.ephemeral = *epub;
1835 ths.monotonic_time = tc.monotonic_time; 2244 ths.monotonic_time = tc.monotonic_time;
2245 ths.challenge = tc.challenge;
1836 GNUNET_CRYPTO_eddsa_sign (my_private_key, 2246 GNUNET_CRYPTO_eddsa_sign (my_private_key,
1837 &ths, 2247 &ths,
1838 &tc.sender_sig); 2248 &tc.sender_sig);
@@ -1842,7 +2252,12 @@ transmit_kx (struct Queue *queue,
1842 sizeof(tc), 2252 sizeof(tc),
1843 &tc, 2253 &tc,
1844 sizeof(tc))); 2254 sizeof(tc)));
2255 queue->challenge = tc.challenge;
1845 queue->cwrite_off += sizeof(tc); 2256 queue->cwrite_off += sizeof(tc);
2257
2258 GNUNET_log_from_nocheck (GNUNET_ERROR_TYPE_DEBUG,
2259 "transport",
2260 "handshake written\n");
1846} 2261}
1847 2262
1848 2263
@@ -1864,6 +2279,80 @@ start_initial_kx_out (struct Queue *queue)
1864 transmit_kx (queue, &epub); 2279 transmit_kx (queue, &epub);
1865} 2280}
1866 2281
2282/**
2283 * Callback called when peerstore store operation for handshake monotime is finished.
2284 * @param cls Queue context the store operation was executed.
2285 * @param success Store operation was successful (GNUNET_OK) or not.
2286 */
2287static void
2288handshake_monotime_store_cb (void *cls, int success)
2289{
2290 struct Queue *queue = cls;
2291 if (GNUNET_OK != success)
2292 {
2293 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2294 "Failed to store handshake monotonic time in PEERSTORE!\n");
2295 }
2296 queue->handshake_monotime_sc = NULL;
2297}
2298
2299/**
2300 * Callback called by peerstore when records for GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE
2301 * where found.
2302 * @param cls Queue context the store operation was executed.
2303 * @param record The record found or NULL if there is no record left.
2304 * @param emsg Message from peerstore.
2305 */
2306static void
2307handshake_monotime_cb (void *cls,
2308 const struct GNUNET_PEERSTORE_Record *record,
2309 const char *emsg)
2310{
2311 struct Queue *queue = cls;
2312 struct GNUNET_TIME_AbsoluteNBO *mtbe;
2313 struct GNUNET_TIME_Absolute mt;
2314 const struct GNUNET_PeerIdentity *pid;
2315 struct GNUNET_TIME_AbsoluteNBO *handshake_monotonic_time;
2316
2317 (void) emsg;
2318
2319 handshake_monotonic_time = &queue->handshake_monotonic_time;
2320 pid = &queue->target;
2321 if (NULL == record)
2322 {
2323 queue->handshake_monotime_get = NULL;
2324 return;
2325 }
2326 if (sizeof(*mtbe) != record->value_size)
2327 {
2328 GNUNET_break (0);
2329 return;
2330 }
2331 mtbe = record->value;
2332 mt = GNUNET_TIME_absolute_ntoh (*mtbe);
2333 if (mt.abs_value_us > GNUNET_TIME_absolute_ntoh (
2334 queue->handshake_monotonic_time).abs_value_us)
2335 {
2336 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2337 "Queue from %s dropped, handshake monotime in the past\n",
2338 GNUNET_i2s (&queue->target));
2339 GNUNET_break (0);
2340 queue_finish (queue);
2341 return;
2342 }
2343 queue->handshake_monotime_sc = GNUNET_PEERSTORE_store (peerstore,
2344 "transport_tcp_communicator",
2345 pid,
2346 GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE,
2347 handshake_monotonic_time,
2348 sizeof(
2349 handshake_monotonic_time),
2350 GNUNET_TIME_UNIT_FOREVER_ABS,
2351 GNUNET_PEERSTORE_STOREOPTION_REPLACE,
2352 &
2353 handshake_monotime_store_cb,
2354 queue);
2355}
1867 2356
1868/** 2357/**
1869 * We have received the first bytes from the other side on a @a queue. 2358 * We have received the first bytes from the other side on a @a queue.
@@ -1896,13 +2385,19 @@ decrypt_and_check_tc (struct Queue *queue,
1896 ths.receiver = my_identity; 2385 ths.receiver = my_identity;
1897 memcpy (&ths.ephemeral, ibuf, sizeof(struct GNUNET_CRYPTO_EcdhePublicKey)); 2386 memcpy (&ths.ephemeral, ibuf, sizeof(struct GNUNET_CRYPTO_EcdhePublicKey));
1898 ths.monotonic_time = tc->monotonic_time; 2387 ths.monotonic_time = tc->monotonic_time;
1899 /* FIXME: check monotonic time against previous mono times 2388 ths.challenge = tc->challenge;
1900 from this sender! */
1901 return GNUNET_CRYPTO_eddsa_verify ( 2389 return GNUNET_CRYPTO_eddsa_verify (
1902 GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE, 2390 GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE,
1903 &ths, 2391 &ths,
1904 &tc->sender_sig, 2392 &tc->sender_sig,
1905 &tc->sender.public_key); 2393 &tc->sender.public_key);
2394 queue->handshake_monotime_get = GNUNET_PEERSTORE_iterate (peerstore,
2395 "transport_tcp_communicator",
2396 &queue->target,
2397 GNUNET_PEERSTORE_TRANSPORT_TCP_COMMUNICATOR_HANDSHAKE,
2398 &
2399 handshake_monotime_cb,
2400 queue);
1906} 2401}
1907 2402
1908 2403
@@ -1930,6 +2425,47 @@ free_proto_queue (struct ProtoQueue *pq)
1930 GNUNET_free (pq); 2425 GNUNET_free (pq);
1931} 2426}
1932 2427
2428/**
2429 * Sending challenge with TcpConfirmationAck back to sender of ephemeral key.
2430 *
2431 * @param tc The TCPConfirmation originally send.
2432 * @param queue The queue context.
2433 */
2434static void
2435send_challenge (struct TCPConfirmation tc, struct Queue *queue)
2436{
2437 struct TCPConfirmationAck tca;
2438 struct TcpHandshakeAckSignature thas;
2439
2440 GNUNET_log_from_nocheck (GNUNET_ERROR_TYPE_DEBUG,
2441 "transport",
2442 "sending challenge\n");
2443
2444 tca.header.type = ntohs (
2445 GNUNET_MESSAGE_TYPE_COMMUNICATOR_TCP_CONFIRMATION_ACK);
2446 tca.header.size = ntohs (sizeof(tca));
2447 tca.challenge = tc.challenge;
2448 tca.sender = my_identity;
2449 tca.monotonic_time =
2450 GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
2451 thas.purpose.purpose = htonl (
2452 GNUNET_SIGNATURE_COMMUNICATOR_TCP_HANDSHAKE_ACK);
2453 thas.purpose.size = htonl (sizeof(thas));
2454 thas.sender = my_identity;
2455 thas.receiver = queue->target;
2456 thas.monotonic_time = tca.monotonic_time;
2457 thas.challenge = tca.challenge;
2458 GNUNET_CRYPTO_eddsa_sign (my_private_key,
2459 &thas,
2460 &tca.sender_sig);
2461 GNUNET_assert (0 ==
2462 gcry_cipher_encrypt (queue->out_cipher,
2463 &queue->cwrite_buf[queue->cwrite_off],
2464 sizeof(tca),
2465 &tca,
2466 sizeof(tca)));
2467 queue->cwrite_off += sizeof(tca);
2468}
1933 2469
1934/** 2470/**
1935 * Read from the socket of the proto queue until we have enough data 2471 * Read from the socket of the proto queue until we have enough data
@@ -1999,6 +2535,11 @@ proto_read_kx (void *cls)
1999 queue->listen_task = pq->listen_task; 2535 queue->listen_task = pq->listen_task;
2000 queue->listen_sock = pq->listen_sock; 2536 queue->listen_sock = pq->listen_sock;
2001 queue->sock = pq->sock; 2537 queue->sock = pq->sock;
2538
2539
2540 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2541 "start kx proto\n");
2542
2002 start_initial_kx_out (queue); 2543 start_initial_kx_out (queue);
2003 boot_queue (queue, GNUNET_TRANSPORT_CS_INBOUND); 2544 boot_queue (queue, GNUNET_TRANSPORT_CS_INBOUND);
2004 queue->read_task = 2545 queue->read_task =
@@ -2011,6 +2552,8 @@ proto_read_kx (void *cls)
2011 queue->sock, 2552 queue->sock,
2012 &queue_write, 2553 &queue_write,
2013 queue); 2554 queue);
2555 send_challenge (tc, queue);
2556
2014 GNUNET_CONTAINER_DLL_remove (proto_head, proto_tail, pq); 2557 GNUNET_CONTAINER_DLL_remove (proto_head, proto_tail, pq);
2015 GNUNET_free (pq); 2558 GNUNET_free (pq);
2016} 2559}
@@ -2134,7 +2677,7 @@ queue_read_kx (void *cls)
2134 queue_destroy (queue); 2677 queue_destroy (queue);
2135 return; 2678 return;
2136 } 2679 }
2137 2680 send_challenge (tc, queue);
2138 /* update queue timeout */ 2681 /* update queue timeout */
2139 reschedule_queue_timeout (queue); 2682 reschedule_queue_timeout (queue);
2140 /* prepare to continue with regular read task immediately */ 2683 /* prepare to continue with regular read task immediately */
@@ -2227,6 +2770,11 @@ mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2227 queue->sock, 2770 queue->sock,
2228 &queue_read_kx, 2771 &queue_read_kx,
2229 queue); 2772 queue);
2773
2774
2775 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2776 "start kx mq_init\n");
2777
2230 start_initial_kx_out (queue); 2778 start_initial_kx_out (queue);
2231 queue->write_task = 2779 queue->write_task =
2232 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL, 2780 GNUNET_SCHEDULER_add_write_net (GNUNET_TIME_UNIT_FOREVER_REL,
@@ -2346,10 +2894,6 @@ nat_address_cb (void *cls,
2346 char *my_addr; 2894 char *my_addr;
2347 struct GNUNET_TRANSPORT_AddressIdentifier *ai; 2895 struct GNUNET_TRANSPORT_AddressIdentifier *ai;
2348 2896
2349 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2350 "1 nat_address %s\n",
2351 GNUNET_a2s (addr, addrlen));
2352
2353 if (GNUNET_YES == add_remove) 2897 if (GNUNET_YES == add_remove)
2354 { 2898 {
2355 enum GNUNET_NetworkType nt; 2899 enum GNUNET_NetworkType nt;
@@ -2399,10 +2943,6 @@ init_socket (const struct sockaddr *addr,
2399 return GNUNET_SYSERR; 2943 return GNUNET_SYSERR;
2400 } 2944 }
2401 2945
2402 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2403 "4 address %s\n",
2404 GNUNET_a2s (addr, in_len));
2405
2406 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 2946 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2407 "address %s\n", 2947 "address %s\n",
2408 GNUNET_a2s (addr, in_len)); 2948 GNUNET_a2s (addr, in_len));
@@ -2465,7 +3005,8 @@ init_socket (const struct sockaddr *addr,
2465 GNUNET_ERROR_TYPE_ERROR, 3005 GNUNET_ERROR_TYPE_ERROR,
2466 _ ( 3006 _ (
2467 "Transport service is lacking key configuration settings. Exiting.\n")); 3007 "Transport service is lacking key configuration settings. Exiting.\n"));
2468 GNUNET_RESOLVER_request_cancel (resolve_request_handle); 3008 if (NULL != resolve_request_handle)
3009 GNUNET_RESOLVER_request_cancel (resolve_request_handle);
2469 GNUNET_SCHEDULER_shutdown (); 3010 GNUNET_SCHEDULER_shutdown ();
2470 return GNUNET_SYSERR; 3011 return GNUNET_SYSERR;
2471 } 3012 }
@@ -2496,7 +3037,8 @@ init_socket (const struct sockaddr *addr,
2496 if (NULL == ch) 3037 if (NULL == ch)
2497 { 3038 {
2498 GNUNET_break (0); 3039 GNUNET_break (0);
2499 GNUNET_RESOLVER_request_cancel (resolve_request_handle); 3040 if (NULL != resolve_request_handle)
3041 GNUNET_RESOLVER_request_cancel (resolve_request_handle);
2500 GNUNET_SCHEDULER_shutdown (); 3042 GNUNET_SCHEDULER_shutdown ();
2501 return GNUNET_SYSERR; 3043 return GNUNET_SYSERR;
2502 } 3044 }
@@ -2518,35 +3060,20 @@ nat_register ()
2518 int i; 3060 int i;
2519 struct Addresses *pos; 3061 struct Addresses *pos;
2520 3062
2521 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2522 "nat here\n");
2523
2524 i = 0; 3063 i = 0;
2525 saddrs = GNUNET_malloc ((addrs_lens + 1) * sizeof(struct sockaddr *)); 3064 saddrs = GNUNET_malloc ((addrs_lens + 1) * sizeof(struct sockaddr *));
2526 3065
2527 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2528 "2 nat here\n");
2529
2530 saddr_lens = GNUNET_malloc ((addrs_lens + 1) * sizeof(socklen_t)); 3066 saddr_lens = GNUNET_malloc ((addrs_lens + 1) * sizeof(socklen_t));
2531 3067
2532 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2533 "3 nat here\n");
2534
2535 for (pos = addrs_head; NULL != pos; pos = pos->next) 3068 for (pos = addrs_head; NULL != pos; pos = pos->next)
2536 { 3069 {
2537 3070
2538 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2539 "5 nat here\n");
2540
2541 saddr_lens[i] = addrs_head->addr_len; 3071 saddr_lens[i] = addrs_head->addr_len;
2542 saddrs[i] = GNUNET_malloc (saddr_lens[i]); 3072 saddrs[i] = GNUNET_malloc (saddr_lens[i]);
2543 saddrs[i] = addrs_head->addr; 3073 saddrs[i] = addrs_head->addr;
2544 3074
2545 i++; 3075 i++;
2546 3076
2547 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2548 "6 nat here\n");
2549
2550 } 3077 }
2551 3078
2552 nat = GNUNET_NAT_register (cfg, 3079 nat = GNUNET_NAT_register (cfg,
@@ -2559,10 +3086,18 @@ nat_register ()
2559 NULL /* FIXME: support reversal: #5529 */, 3086 NULL /* FIXME: support reversal: #5529 */,
2560 NULL /* closure */); 3087 NULL /* closure */);
2561 3088
3089 i = 0;
3090
3091 /*for (i = addrs_lens - 1; i >= 0; i--)
3092 GNUNET_free (saddrs[i]);*/
3093 GNUNET_free_non_null (saddrs);
3094 GNUNET_free_non_null (saddr_lens);
3095
2562 if (NULL == nat) 3096 if (NULL == nat)
2563 { 3097 {
2564 GNUNET_break (0); 3098 GNUNET_break (0);
2565 GNUNET_RESOLVER_request_cancel (resolve_request_handle); 3099 if (NULL != resolve_request_handle)
3100 GNUNET_RESOLVER_request_cancel (resolve_request_handle);
2566 GNUNET_SCHEDULER_shutdown (); 3101 GNUNET_SCHEDULER_shutdown ();
2567 } 3102 }
2568} 3103}
@@ -2662,6 +3197,8 @@ run (void *cls,
2662 char dummy[2]; 3197 char dummy[2];
2663 char *rest = NULL; 3198 char *rest = NULL;
2664 struct PortOnlyIpv4Ipv6 *po; 3199 struct PortOnlyIpv4Ipv6 *po;
3200 socklen_t addr_len_ipv4;
3201 socklen_t addr_len_ipv6;
2665 3202
2666 (void) cls; 3203 (void) cls;
2667 cfg = c; 3204 cfg = c;
@@ -2689,6 +3226,13 @@ run (void *cls,
2689 &rekey_interval)) 3226 &rekey_interval))
2690 rekey_interval = DEFAULT_REKEY_INTERVAL; 3227 rekey_interval = DEFAULT_REKEY_INTERVAL;
2691 3228
3229 peerstore = GNUNET_PEERSTORE_connect (cfg);
3230 if (NULL == peerstore)
3231 {
3232 GNUNET_break (0);
3233 GNUNET_SCHEDULER_shutdown ();
3234 return;
3235 }
2692 3236
2693 // cp = GNUNET_strdup (bindto); 3237 // cp = GNUNET_strdup (bindto);
2694 start = extract_address (bindto); 3238 start = extract_address (bindto);
@@ -2697,16 +3241,24 @@ run (void *cls,
2697 { 3241 {
2698 po = tcp_address_to_sockaddr_port_only (bindto, &port); 3242 po = tcp_address_to_sockaddr_port_only (bindto, &port);
2699 3243
2700 if (NULL != &po->addr_ipv4) 3244 addr_len_ipv4 = po->addr_len_ipv4;
3245
3246
3247 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
3248 "address po %s\n",
3249 GNUNET_a2s (po->addr_ipv4, addr_len_ipv4));
3250
3251 if (NULL != po->addr_ipv4)
2701 { 3252 {
2702 init_socket (po->addr_ipv4, *po->addr_len_ipv4); 3253 init_socket (po->addr_ipv4, addr_len_ipv4);
2703 add_addr (po->addr_ipv4, *po->addr_len_ipv4); 3254 add_addr (po->addr_ipv4, addr_len_ipv4);
2704 } 3255 }
2705 3256
2706 if (NULL != &po->addr_ipv6) 3257 if (NULL != po->addr_ipv6)
2707 { 3258 {
2708 init_socket (po->addr_ipv6, *po->addr_len_ipv6); 3259 addr_len_ipv6 = po->addr_len_ipv6;
2709 add_addr (po->addr_ipv6, *po->addr_len_ipv6); 3260 init_socket (po->addr_ipv6, addr_len_ipv6);
3261 add_addr (po->addr_ipv6, addr_len_ipv6);
2710 } 3262 }
2711 3263
2712 nat_register (); 3264 nat_register ();
diff --git a/src/transport/gnunet-service-tng.c b/src/transport/gnunet-service-tng.c
index 5f3178939..baefdfa88 100644
--- a/src/transport/gnunet-service-tng.c
+++ b/src/transport/gnunet-service-tng.c
@@ -329,19 +329,6 @@ struct AcknowledgementUUIDP
329 struct GNUNET_Uuid value; 329 struct GNUNET_Uuid value;
330}; 330};
331 331
332
333/**
334 * Type of a nonce used for challenges.
335 */
336struct ChallengeNonceP
337{
338 /**
339 * The value of the nonce. Note that this is NOT a hash.
340 */
341 struct GNUNET_ShortHashCode value;
342};
343
344
345/** 332/**
346 * Outer layer of an encapsulated backchannel message. 333 * Outer layer of an encapsulated backchannel message.
347 */ 334 */
diff --git a/src/transport/test_communicator_basic.c b/src/transport/test_communicator_basic.c
index 45c268684..e2d2eb73c 100644
--- a/src/transport/test_communicator_basic.c
+++ b/src/transport/test_communicator_basic.c
@@ -587,6 +587,7 @@ main (int argc,
587 GNUNET_asprintf (&communicator_binary, 587 GNUNET_asprintf (&communicator_binary,
588 "gnunet-communicator-%s", 588 "gnunet-communicator-%s",
589 communicator_name); 589 communicator_name);
590
590 if (GNUNET_OK != 591 if (GNUNET_OK !=
591 GNUNET_log_setup ("test_communicator_basic", 592 GNUNET_log_setup ("test_communicator_basic",
592 "DEBUG", 593 "DEBUG",
@@ -645,6 +646,21 @@ main (int argc,
645 GNUNET_i2s_full (&peer_id[i])); 646 GNUNET_i2s_full (&peer_id[i]));
646 } 647 }
647 LOG (GNUNET_ERROR_TYPE_MESSAGE, "Starting test...\n"); 648 LOG (GNUNET_ERROR_TYPE_MESSAGE, "Starting test...\n");
649 LOG (GNUNET_ERROR_TYPE_DEBUG,
650 "argv[0]: %s\n",
651 argv[0]);
652 LOG (GNUNET_ERROR_TYPE_DEBUG,
653 "test_name: %s\n",
654 test_name);
655
656 LOG (GNUNET_ERROR_TYPE_DEBUG,
657 "communicator_name: %s\n",
658 communicator_name);
659
660 LOG (GNUNET_ERROR_TYPE_DEBUG,
661 "communicator_binary: %s\n",
662 communicator_binary);
663
648 GNUNET_SCHEDULER_run (&run, 664 GNUNET_SCHEDULER_run (&run,
649 NULL); 665 NULL);
650 return ret; 666 return ret;
diff --git a/src/transport/test_communicator_tcp_basic_peer1.conf b/src/transport/test_communicator_tcp_basic_peer1.conf
index d0293ff51..c08737b7b 100644
--- a/src/transport/test_communicator_tcp_basic_peer1.conf
+++ b/src/transport/test_communicator_tcp_basic_peer1.conf
@@ -19,10 +19,15 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_1.sock
19[nat] 19[nat]
20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock 20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock
21 21
22[peerstore]
23UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/peerstore.sock
24
22[communicator-unix] 25[communicator-unix]
23UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock 26UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock
24 27
25[communicator-tcp] 28[communicator-tcp]
29#PREFIX = xterm -geometry 100x85 -T peer1 -e gdb --args
30#PREFIX = valgrind --leak-check=full --track-origins=yes
26BINDTO = 60002 31BINDTO = 60002
27DISABLE_V6 = NO 32DISABLE_V6 = NO
28 33
diff --git a/src/transport/test_communicator_tcp_basic_peer2.conf b/src/transport/test_communicator_tcp_basic_peer2.conf
index 5b9050547..45b7e7844 100644
--- a/src/transport/test_communicator_tcp_basic_peer2.conf
+++ b/src/transport/test_communicator_tcp_basic_peer2.conf
@@ -20,10 +20,15 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_2.sock
20[nat] 20[nat]
21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock 21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/peerstore.sock
25
23[communicator-unix] 26[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock 27UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock
25 28
26[communicator-tcp] 29[communicator-tcp]
30#PREFIX = xterm -geometry 100x85 -T peer2 -e gdb --args
31#PREFIX = valgrind --leak-check=full --track-origins=yes
27BINDTO = 60003 32BINDTO = 60003
28DISABLE_V6 = NO 33DISABLE_V6 = NO
29 34
diff --git a/src/transport/test_communicator_tcp_rekey_peer1.conf b/src/transport/test_communicator_tcp_rekey_peer1.conf
index 18028cd48..901f415ef 100644
--- a/src/transport/test_communicator_tcp_rekey_peer1.conf
+++ b/src/transport/test_communicator_tcp_rekey_peer1.conf
@@ -20,10 +20,19 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_1.sock
20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock 20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock
21ENABLE_IPSCAN = YES 21ENABLE_IPSCAN = YES
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/peerstore.sock
25
26[resolver]
27PORT = 62089
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_1.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock
25 32
26[communicator-tcp] 33[communicator-tcp]
34#PREFIX = xterm -geometry 100x85 -T peer1 -e gdb --args
35#PREFIX = valgrind --leak-check=full --track-origins=yes
27BINDTO = 60002 36BINDTO = 60002
28DISABLE_V6 = YES 37DISABLE_V6 = YES
29REKEY_INTERVAL = 100ms 38REKEY_INTERVAL = 100ms
diff --git a/src/transport/test_communicator_tcp_rekey_peer2.conf b/src/transport/test_communicator_tcp_rekey_peer2.conf
index 7d7179578..138650a3b 100644
--- a/src/transport/test_communicator_tcp_rekey_peer2.conf
+++ b/src/transport/test_communicator_tcp_rekey_peer2.conf
@@ -20,10 +20,19 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_2.sock
20[nat] 20[nat]
21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock 21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/peerstore.sock
25
26[resolver]
27PORT = 62090
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_2.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock
25 32
26[communicator-tcp] 33[communicator-tcp]
34#PREFIX = xterm -geometry 100x85 -T peer1 -e gdb --args
35#PREFIX = valgrind --leak-check=full --track-origins=yes
27BINDTO = 60003 36BINDTO = 60003
28DISABLE_V6 = YES 37DISABLE_V6 = YES
29REKEY_INTERVAL = 100ms 38REKEY_INTERVAL = 100ms
diff --git a/src/transport/test_communicator_udp_backchannel_peer1.conf b/src/transport/test_communicator_udp_backchannel_peer1.conf
index 0c595b77b..b99a76d6c 100644
--- a/src/transport/test_communicator_udp_backchannel_peer1.conf
+++ b/src/transport/test_communicator_udp_backchannel_peer1.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_1.sock
20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock 20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock
21ENABLE_IPSCAN = YES 21ENABLE_IPSCAN = YES
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/peerstore.sock
25
26[resolver]
27PORT = 62089
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_1.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock
25 32
diff --git a/src/transport/test_communicator_udp_backchannel_peer2.conf b/src/transport/test_communicator_udp_backchannel_peer2.conf
index d29f37ec9..48bd54c8b 100644
--- a/src/transport/test_communicator_udp_backchannel_peer2.conf
+++ b/src/transport/test_communicator_udp_backchannel_peer2.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_2.sock
20[nat] 20[nat]
21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock 21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/peerstore.sock
25
26[resolver]
27PORT = 62090
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_2.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock
25 32
diff --git a/src/transport/test_communicator_udp_basic_peer1.conf b/src/transport/test_communicator_udp_basic_peer1.conf
index 4cfb6f72f..d53a55210 100644
--- a/src/transport/test_communicator_udp_basic_peer1.conf
+++ b/src/transport/test_communicator_udp_basic_peer1.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_1.sock
20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock 20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock
21ENABLE_IPSCAN = YES 21ENABLE_IPSCAN = YES
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/peerstore.sock
25
26[resolver]
27PORT = 62089
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_1.sock
29
23[communicator-udp] 30[communicator-udp]
24BINDTO = 60002 31BINDTO = 60002
25DISABLE_V6 = YES 32DISABLE_V6 = YES
diff --git a/src/transport/test_communicator_udp_basic_peer2.conf b/src/transport/test_communicator_udp_basic_peer2.conf
index b9bed2756..f05ebc5cb 100644
--- a/src/transport/test_communicator_udp_basic_peer2.conf
+++ b/src/transport/test_communicator_udp_basic_peer2.conf
@@ -20,6 +20,14 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_2.sock
20[nat] 20[nat]
21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock 21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock
22 22
23
24[peerstore]
25UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/peerstore.sock
26
27[resolver]
28PORT = 62090
29UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_2.sock
30
23[communicator-udp] 31[communicator-udp]
24BINDTO = 60003 32BINDTO = 60003
25DISABLE_V6 = YES 33DISABLE_V6 = YES
diff --git a/src/transport/test_communicator_udp_rekey_peer1.conf b/src/transport/test_communicator_udp_rekey_peer1.conf
index 18028cd48..e7161e488 100644
--- a/src/transport/test_communicator_udp_rekey_peer1.conf
+++ b/src/transport/test_communicator_udp_rekey_peer1.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_1.sock
20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock 20UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/nat.sock
21ENABLE_IPSCAN = YES 21ENABLE_IPSCAN = YES
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/peerstore.sock
25
26[resolver]
27PORT = 62089
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_1.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_1.sock
25 32
diff --git a/src/transport/test_communicator_udp_rekey_peer2.conf b/src/transport/test_communicator_udp_rekey_peer2.conf
index 7d7179578..8f175a405 100644
--- a/src/transport/test_communicator_udp_rekey_peer2.conf
+++ b/src/transport/test_communicator_udp_rekey_peer2.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_2.sock
20[nat] 20[nat]
21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock 21UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/nat.sock
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/peerstore.sock
25
26[resolver]
27PORT = 62090
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_2.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/test_gnunet-communicator-unix_2.sock
25 32
diff --git a/src/transport/test_communicator_unix_basic_peer1.conf b/src/transport/test_communicator_unix_basic_peer1.conf
index d50588007..71283e381 100644
--- a/src/transport/test_communicator_unix_basic_peer1.conf
+++ b/src/transport/test_communicator_unix_basic_peer1.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_1.sock
20UNIXPATH = $GNUNET_TMP/communicator-unix-1/nat.sock 20UNIXPATH = $GNUNET_TMP/communicator-unix-1/nat.sock
21ENABLE_IPSCAN = YES 21ENABLE_IPSCAN = YES
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-1/peerstore.sock
25
26[resolver]
27PORT = 62089
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_1.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/communicator-unix-1.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/communicator-unix-1.sock
25 32
diff --git a/src/transport/test_communicator_unix_basic_peer2.conf b/src/transport/test_communicator_unix_basic_peer2.conf
index fe27ef1a6..ac95845b2 100644
--- a/src/transport/test_communicator_unix_basic_peer2.conf
+++ b/src/transport/test_communicator_unix_basic_peer2.conf
@@ -20,6 +20,13 @@ UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-transport_test_2.sock
20[nat] 20[nat]
21UNIXPATH = $GNUNET_TMP/communicator-unix-2/nat.sock 21UNIXPATH = $GNUNET_TMP/communicator-unix-2/nat.sock
22 22
23[peerstore]
24UNIXPATH = $GNUNET_TMP/test-communicator-unix-2/peerstore.sock
25
26[resolver]
27PORT = 62090
28UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-resolver_test_2.sock
29
23[communicator-unix] 30[communicator-unix]
24UNIXPATH = $GNUNET_RUNTIME_DIR/communicator-unix-2.sock 31UNIXPATH = $GNUNET_RUNTIME_DIR/communicator-unix-2.sock
25 32
diff --git a/src/transport/transport-testing2.c b/src/transport/transport-testing2.c
index 772ad9f2d..10b064241 100644
--- a/src/transport/transport-testing2.c
+++ b/src/transport/transport-testing2.c
@@ -114,6 +114,11 @@ struct GNUNET_TRANSPORT_TESTING_TransportCommunicatorHandle
114 struct GNUNET_OS_Process *resolver_proc; 114 struct GNUNET_OS_Process *resolver_proc;
115 115
116 /** 116 /**
117 * peerstore service process
118 */
119 struct GNUNET_OS_Process *ps_proc;
120
121 /**
117 * @brief Task that will be run on shutdown to stop and clean communicator 122 * @brief Task that will be run on shutdown to stop and clean communicator
118 */ 123 */
119 struct GNUNET_SCHEDULER_Task *c_shutdown_task; 124 struct GNUNET_SCHEDULER_Task *c_shutdown_task;
@@ -892,6 +897,12 @@ shutdown_process (struct GNUNET_OS_Process *proc)
892 GNUNET_OS_process_destroy (proc); 897 GNUNET_OS_process_destroy (proc);
893} 898}
894 899
900static void
901shutdown_peerstore (void *cls)
902{
903 struct GNUNET_OS_Process *proc = cls;
904 shutdown_process (proc);
905}
895 906
896static void 907static void
897shutdown_communicator (void *cls) 908shutdown_communicator (void *cls)
@@ -912,19 +923,31 @@ communicator_start (
912 const char *binary_name) 923 const char *binary_name)
913{ 924{
914 char *binary; 925 char *binary;
926 char *loprefix;
927 char *section_name;
915 928
916 LOG (GNUNET_ERROR_TYPE_DEBUG, "communicator_start\n"); 929 LOG (GNUNET_ERROR_TYPE_DEBUG, "communicator_start\n");
930
931 section_name = strchr (binary_name, '-');
932 section_name++;
933
934 if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (tc_h->cfg,
935 section_name,
936 "PREFIX",
937 &loprefix))
938 loprefix = GNUNET_strdup ("");
939
940
917 binary = GNUNET_OS_get_libexec_binary_path (binary_name); 941 binary = GNUNET_OS_get_libexec_binary_path (binary_name);
918 tc_h->c_proc = GNUNET_OS_start_process (GNUNET_OS_INHERIT_STD_OUT_AND_ERR 942 tc_h->c_proc = GNUNET_OS_start_process_s (GNUNET_YES,
919 | GNUNET_OS_USE_PIPE_CONTROL, 943 GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
920 NULL, 944 NULL,
921 NULL, 945 loprefix,
922 NULL, 946 binary,
923 binary, 947 binary_name,
924 binary_name, 948 "-c",
925 "-c", 949 tc_h->cfg_filename,
926 tc_h->cfg_filename, 950 NULL);
927 NULL);
928 if (NULL == tc_h->c_proc) 951 if (NULL == tc_h->c_proc)
929 { 952 {
930 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to start communicator!"); 953 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to start communicator!");
@@ -992,6 +1015,37 @@ resolver_start (struct
992 1015
993 1016
994/** 1017/**
1018 * @brief Start Peerstore
1019 *
1020 */
1021static void
1022peerstore_start (
1023 struct GNUNET_TRANSPORT_TESTING_TransportCommunicatorHandle *tc_h)
1024{
1025 char *binary;
1026
1027 LOG (GNUNET_ERROR_TYPE_DEBUG, "peerstore_start\n");
1028 binary = GNUNET_OS_get_libexec_binary_path ("gnunet-service-peerstore");
1029 tc_h->ps_proc = GNUNET_OS_start_process (GNUNET_YES,
1030 GNUNET_OS_INHERIT_STD_OUT_AND_ERR,
1031 NULL,
1032 NULL,
1033 NULL,
1034 binary,
1035 "gnunet-service-peerstore",
1036 "-c",
1037 tc_h->cfg_filename,
1038 NULL);
1039 if (NULL == tc_h->ps_proc)
1040 {
1041 GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Failed to start Peerstore!");
1042 return;
1043 }
1044 LOG (GNUNET_ERROR_TYPE_INFO, "started Peerstore\n");
1045 GNUNET_free (binary);
1046}
1047
1048/**
995 * @brief Start NAT 1049 * @brief Start NAT
996 * 1050 *
997 */ 1051 */
@@ -1087,6 +1141,8 @@ GNUNET_TRANSPORT_TESTING_transport_communicator_service_start (
1087 nat_start (tc_h); 1141 nat_start (tc_h);
1088 /* Start resolver service */ 1142 /* Start resolver service */
1089 resolver_start (tc_h); 1143 resolver_start (tc_h);
1144 /* Start peerstore service */
1145 peerstore_start (tc_h);
1090 /* Schedule start communicator */ 1146 /* Schedule start communicator */
1091 communicator_start (tc_h, 1147 communicator_start (tc_h,
1092 binary_name); 1148 binary_name);
@@ -1102,6 +1158,7 @@ GNUNET_TRANSPORT_TESTING_transport_communicator_service_stop (
1102 shutdown_service (tc_h->sh); 1158 shutdown_service (tc_h->sh);
1103 shutdown_nat (tc_h->nat_proc); 1159 shutdown_nat (tc_h->nat_proc);
1104 shutdown_resolver (tc_h->resolver_proc); 1160 shutdown_resolver (tc_h->resolver_proc);
1161 shutdown_peerstore (tc_h->ps_proc);
1105 GNUNET_CONFIGURATION_destroy (tc_h->cfg); 1162 GNUNET_CONFIGURATION_destroy (tc_h->cfg);
1106 GNUNET_free (tc_h); 1163 GNUNET_free (tc_h);
1107} 1164}