GNUnet  0.20.0
Macros | Typedefs | Enumerations | Functions
gnunet-service-cadet_tunnels.h File Reference

Information we track per tunnel. More...

#include "gnunet-service-cadet.h"
#include "cadet_protocol.h"
Include dependency graph for gnunet-service-cadet_tunnels.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define DESIRED_CONNECTIONS_PER_TUNNEL   3
 How many connections would we like to have per tunnel? More...
 

Typedefs

typedef void(* GCT_SendContinuation) (void *cls, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid)
 Function called when a transmission requested using GCT_send is done. More...
 
typedef void(* GCT_ConnectionIterator) (void *cls, struct CadetTConnection *ct)
 Iterator over connections. More...
 
typedef void(* GCT_ChannelIterator) (void *cls, struct CadetChannel *ch)
 Iterator over channels. More...
 

Enumerations

enum  CadetTunnelEState {
  CADET_TUNNEL_KEY_UNINITIALIZED , CADET_TUNNEL_KEY_AX_SENT , CADET_TUNNEL_KEY_AX_RECV , CADET_TUNNEL_KEY_AX_SENT_AND_RECV ,
  CADET_TUNNEL_KEY_AX_AUTH_SENT , CADET_TUNNEL_KEY_OK
}
 All the encryption states a tunnel can be in. More...
 

Functions

int GCT_alice_or_betty (const struct GNUNET_PeerIdentity *other)
 Am I Alice or Betty (some call her Bob), or talking to myself? More...
 
const char * GCT_2s (const struct CadetTunnel *t)
 Get the static string for the peer this tunnel is directed. More...
 
struct CadetTunnelGCT_create_tunnel (struct CadetPeer *destination)
 Create a tunnel to destination. More...
 
void GCT_destroy_tunnel_now (struct CadetTunnel *t)
 Destroys the tunnel t now, without delay. More...
 
int GCT_add_inbound_connection (struct CadetTunnel *t, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, struct CadetPeerPath *path)
 Add a connection to the tunnel. More...
 
void GCT_connection_lost (struct CadetTConnection *ct)
 We lost a connection, remove it from our list and clean up the connection object itself. More...
 
struct CadetPeerGCT_get_destination (struct CadetTunnel *t)
 Return the peer to which this tunnel goes. More...
 
void GCT_consider_path (struct CadetTunnel *t, struct CadetPeerPath *p, unsigned int off)
 Consider using the path p for the tunnel t. More...
 
struct GNUNET_CADET_ChannelTunnelNumber GCT_add_channel (struct CadetTunnel *t, struct CadetChannel *ch)
 Add a channel to a tunnel. More...
 
void GCT_remove_channel (struct CadetTunnel *t, struct CadetChannel *ch, struct GNUNET_CADET_ChannelTunnelNumber ctn)
 Remove a channel from a tunnel. More...
 
void GCT_send_channel_destroy (struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn)
 Send a DESTROY message via the tunnel. More...
 
struct CadetTunnelQueueEntryGCT_send (struct CadetTunnel *t, const struct GNUNET_MessageHeader *message, GCT_SendContinuation cont, void *cont_cls, struct GNUNET_CADET_ChannelTunnelNumber *ctn)
 Sends an already built message on a tunnel, encrypting it and choosing the best connection if not provided. More...
 
void GCT_send_cancel (struct CadetTunnelQueueEntry *q)
 Cancel a previously sent message while it's in the queue. More...
 
unsigned int GCT_count_channels (struct CadetTunnel *t)
 Returns the number of channels using a tunnel. More...
 
unsigned int GCT_count_any_connections (const struct CadetTunnel *t)
 Counts the number of connections created for a tunnel, including busy connections. More...
 
void GCT_iterate_connections (struct CadetTunnel *t, GCT_ConnectionIterator iter, void *iter_cls)
 Iterate over all connections of a tunnel. More...
 
void GCT_iterate_channels (struct CadetTunnel *t, GCT_ChannelIterator iter, void *iter_cls)
 Iterate over all channels of a tunnel. More...
 
enum CadetTunnelEState GCT_get_estate (struct CadetTunnel *t)
 Get the encryption state of a tunnel. More...
 
void GCT_change_estate (struct CadetTunnel *t, enum CadetTunnelEState state)
 Change the tunnel encryption state. More...
 
void GCT_handle_kx (struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg)
 Handle KX message that lacks authentication (and which will thus only be considered authenticated after we respond with our own KX_AUTH and finally successfully decrypt the payload). More...
 
void GCT_handle_kx_auth (struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg)
 Handle KX_AUTH message. More...
 
void GCT_handle_encrypted (struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelEncryptedMessage *msg)
 Handle encrypted message. More...
 
void GCT_debug (const struct CadetTunnel *t, enum GNUNET_ErrorType level)
 Log all possible info about the tunnel state. More...
 

Detailed Description

Information we track per tunnel.

Author
Bartlomiej Polot
Christian Grothoff

Definition in file gnunet-service-cadet_tunnels.h.

Macro Definition Documentation

◆ DESIRED_CONNECTIONS_PER_TUNNEL

#define DESIRED_CONNECTIONS_PER_TUNNEL   3

How many connections would we like to have per tunnel?

Definition at line 37 of file gnunet-service-cadet_tunnels.h.

Typedef Documentation

◆ GCT_SendContinuation

typedef void(* GCT_SendContinuation) (void *cls, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid)

Function called when a transmission requested using GCT_send is done.

Parameters
clsclosure
ctnidentifier of the connection used for transmission, NULL if the transmission failed (to be used to match ACKs to the respective connection for connection performance evaluation)

Definition at line 217 of file gnunet-service-cadet_tunnels.h.

◆ GCT_ConnectionIterator

typedef void(* GCT_ConnectionIterator) (void *cls, struct CadetTConnection *ct)

Iterator over connections.

Parameters
clsclosure
ctone of the connections

Definition at line 281 of file gnunet-service-cadet_tunnels.h.

◆ GCT_ChannelIterator

typedef void(* GCT_ChannelIterator) (void *cls, struct CadetChannel *ch)

Iterator over channels.

Parameters
clsclosure
chone of the channels

Definition at line 305 of file gnunet-service-cadet_tunnels.h.

Enumeration Type Documentation

◆ CadetTunnelEState

enum CadetTunnelEState

All the encryption states a tunnel can be in.

Enumerator
CADET_TUNNEL_KEY_UNINITIALIZED 

Uninitialized status, we need to send KX.

We will stay in this state until the first connection is up.

CADET_TUNNEL_KEY_AX_SENT 

KX message sent, waiting for other peer's KX_AUTH.

CADET_TUNNEL_KEY_AX_RECV 

KX message received, trying to send back KX_AUTH.

CADET_TUNNEL_KEY_AX_SENT_AND_RECV 

KX message sent and received, trying to send back KX_AUTH.

CADET_TUNNEL_KEY_AX_AUTH_SENT 

KX received and we sent KX_AUTH back, but we got no traffic yet, so we're waiting for either KX_AUTH or ENCRYPED traffic from the other peer.

We will not yet send traffic, as this might have been a replay. The other (initiating) peer should send a CHANNEL_OPEN next anyway, and then we are in business!

CADET_TUNNEL_KEY_OK 

Handshake completed: session key available.

Definition at line 43 of file gnunet-service-cadet_tunnels.h.

44 {
49  CADET_TUNNEL_KEY_UNINITIALIZED,
50 
54  CADET_TUNNEL_KEY_AX_SENT,
55 
59  CADET_TUNNEL_KEY_AX_RECV,
60 
64  CADET_TUNNEL_KEY_AX_SENT_AND_RECV,
65 
75  CADET_TUNNEL_KEY_AX_AUTH_SENT,
76 
80  CADET_TUNNEL_KEY_OK
81 };
CADET_TUNNEL_KEY_AX_AUTH_SENT
@ CADET_TUNNEL_KEY_AX_AUTH_SENT
KX received and we sent KX_AUTH back, but we got no traffic yet, so we're waiting for either KX_AUTH ...
Definition: gnunet-service-cadet_tunnels.h:75
CADET_TUNNEL_KEY_AX_SENT
@ CADET_TUNNEL_KEY_AX_SENT
KX message sent, waiting for other peer's KX_AUTH.
Definition: gnunet-service-cadet_tunnels.h:54
CADET_TUNNEL_KEY_UNINITIALIZED
@ CADET_TUNNEL_KEY_UNINITIALIZED
Uninitialized status, we need to send KX.
Definition: gnunet-service-cadet_tunnels.h:49
CADET_TUNNEL_KEY_AX_SENT_AND_RECV
@ CADET_TUNNEL_KEY_AX_SENT_AND_RECV
KX message sent and received, trying to send back KX_AUTH.
Definition: gnunet-service-cadet_tunnels.h:64
CADET_TUNNEL_KEY_OK
@ CADET_TUNNEL_KEY_OK
Handshake completed: session key available.
Definition: gnunet-service-cadet_tunnels.h:80
CADET_TUNNEL_KEY_AX_RECV
@ CADET_TUNNEL_KEY_AX_RECV
KX message received, trying to send back KX_AUTH.
Definition: gnunet-service-cadet_tunnels.h:59

Function Documentation

◆ GCT_alice_or_betty()

int GCT_alice_or_betty ( const struct GNUNET_PeerIdentity other)

Am I Alice or Betty (some call her Bob), or talking to myself?

Parameters
otherthe other peer
Returns
GNUNET_YES for Alice, GNUNET_NO for Betty, GNUNET_SYSERR if talking to myself

Definition at line 468 of file gnunet-service-cadet_tunnels.c.

469 {
470  if (0 > GNUNET_memcmp (&my_full_id,
471  other))
472  return GNUNET_YES;
473  else if (0 < GNUNET_memcmp (&my_full_id,
474  other))
475  return GNUNET_NO;
476  else
477  {
478  GNUNET_break_op (0);
479  return GNUNET_SYSERR;
480  }
481 }
my_full_id
struct GNUNET_PeerIdentity my_full_id
Local peer own ID.
Definition: gnunet-service-cadet.c:126
GNUNET_memcmp
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
Definition: gnunet_common.h:1224
GNUNET_YES
@ GNUNET_YES
Definition: gnunet_common.h:111
GNUNET_NO
@ GNUNET_NO
Definition: gnunet_common.h:108
GNUNET_SYSERR
@ GNUNET_SYSERR
Definition: gnunet_common.h:107
GNUNET_break_op
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
Definition: gnunet_common.h:1046

References GNUNET_break_op, GNUNET_memcmp, GNUNET_NO, GNUNET_SYSERR, GNUNET_YES, and my_full_id.

Referenced by GCT_handle_kx(), send_create(), send_kx(), and update_ax_by_kx().

Here is the caller graph for this function:

◆ GCT_2s()

const char* GCT_2s ( const struct CadetTunnel t)

Get the static string for the peer this tunnel is directed.

Parameters
tTunnel.
Returns
Static string the destination peer's ID.

Definition at line 517 of file gnunet-service-cadet_tunnels.c.

518 {
519  static char buf[64];
520 
521  if (NULL == t)
522  return "Tunnel(NULL)";
523  GNUNET_snprintf (buf,
524  sizeof(buf),
525  "Tunnel %s",
526  GNUNET_i2s (GCP_get_id (t->destination)));
527  return buf;
528 }
GCP_get_id
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
Definition: gnunet-service-cadet_peer.c:1135
buf
static char buf[2048]
Definition: gnunet-service-testbed_meminfo.c:64
t
static struct GNUNET_SCHEDULER_Task * t
Main task.
Definition: gnunet-zonewalk.c:119
GNUNET_i2s
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
Definition: common_logging.c:1275
GNUNET_snprintf
int GNUNET_snprintf(char *buf, size_t size, const char *format,...) __attribute__((format(printf
Like snprintf, just aborts if the buffer is of insufficient size.

References buf, GCP_get_id(), GNUNET_i2s(), GNUNET_snprintf(), and t.

Referenced by connection_ready_cb(), consider_path_cb(), destroy_tunnel(), GCC_2s(), GCCH_bind(), GCCH_channel_local_new(), GCCH_debug(), GCP_drop_tunnel(), GCT_add_channel(), GCT_add_inbound_connection(), GCT_change_estate(), GCT_consider_path(), GCT_debug(), GCT_handle_encrypted(), GCT_handle_kx(), GCT_remove_channel(), GCT_send(), handle_plaintext_channel_destroy(), handle_plaintext_channel_open(), handle_plaintext_channel_open_ack(), handle_plaintext_keepalive(), maintain_connections_cb(), retry_kx(), send_keepalive(), send_kx(), send_kx_auth(), try_send_normal_payload(), and update_state().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_create_tunnel()

struct CadetTunnel* GCT_create_tunnel ( struct CadetPeer destination)

Create a tunnel to destination.

Must only be called from within GCP_get_tunnel().

Parameters
destinationwhere to create the tunnel to
Returns
new tunnel to destination

Definition at line 3137 of file gnunet-service-cadet_tunnels.c.

3138 {
3139  struct CadetTunnel *t = GNUNET_new (struct CadetTunnel);
3140  struct GNUNET_MQ_MessageHandler handlers[] = {
3141  GNUNET_MQ_hd_fixed_size (plaintext_keepalive,
3142  GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE,
3143  struct GNUNET_MessageHeader,
3144  t),
3145  GNUNET_MQ_hd_var_size (plaintext_data,
3146  GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA,
3147  struct GNUNET_CADET_ChannelAppDataMessage,
3148  t),
3149  GNUNET_MQ_hd_fixed_size (plaintext_data_ack,
3150  GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK,
3151  struct GNUNET_CADET_ChannelDataAckMessage,
3152  t),
3153  GNUNET_MQ_hd_fixed_size (plaintext_channel_open,
3154  GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN,
3155  struct GNUNET_CADET_ChannelOpenMessage,
3156  t),
3157  GNUNET_MQ_hd_fixed_size (plaintext_channel_open_ack,
3158  GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK,
3159  struct GNUNET_CADET_ChannelOpenAckMessage,
3160  t),
3161  GNUNET_MQ_hd_fixed_size (plaintext_channel_destroy,
3162  GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY,
3163  struct GNUNET_CADET_ChannelDestroyMessage,
3164  t),
3165  GNUNET_MQ_handler_end ()
3166  };
3167 
3168  t->kx_retry_delay = INITIAL_KX_RETRY_DELAY;
3169  new_ephemeral (&t->ax);
3170  GNUNET_CRYPTO_ecdhe_key_create (&t->ax.kx_0);
3171  t->destination = destination;
3172  t->channels = GNUNET_CONTAINER_multihashmap32_create (8);
3173  t->maintain_connections_task
3174  = GNUNET_SCHEDULER_add_now (&maintain_connections_cb,
3175  t);
3176  t->mq = GNUNET_MQ_queue_for_callbacks (NULL,
3177  NULL,
3178  NULL,
3179  NULL,
3180  handlers,
3181  &decrypted_error_cb,
3182  t);
3183  t->mst = GNUNET_MST_create (&handle_decrypted,
3184  t);
3185  return t;
3186 }
handlers
static struct GNUNET_CADET_MessageHandler handlers[]
Handlers, for diverse services.
Definition: gnunet-cadet-profiler.c:800
new_ephemeral
static void new_ephemeral(struct CadetTunnelAxolotl *ax)
Create a new Axolotl ephemeral (ratchet) key.
Definition: gnunet-service-cadet_tunnels.c:662
handle_decrypted
static int handle_decrypted(void *cls, const struct GNUNET_MessageHeader *msg)
Handles a message we decrypted, by injecting it into our message queue (which will do the dispatching...
Definition: gnunet-service-cadet_tunnels.c:3102
decrypted_error_cb
static void decrypted_error_cb(void *cls, enum GNUNET_MQ_Error error)
Function called if we had an error processing an incoming decrypted message.
Definition: gnunet-service-cadet_tunnels.c:3122
maintain_connections_cb
static void maintain_connections_cb(void *cls)
Function called to maintain the connections underlying our tunnel.
Definition: gnunet-service-cadet_tunnels.c:2771
INITIAL_KX_RETRY_DELAY
#define INITIAL_KX_RETRY_DELAY
How long do we wait initially before retransmitting the KX? TODO: replace by 2 RTT if/once we have co...
Definition: gnunet-service-cadet_tunnels.c:64
GNUNET_CRYPTO_ecdhe_key_create
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:436
GNUNET_CONTAINER_multihashmap32_create
struct GNUNET_CONTAINER_MultiHashMap32 * GNUNET_CONTAINER_multihashmap32_create(unsigned int len)
Create a 32-bit key multi hash map.
Definition: container_multihashmap32.c:143
GNUNET_new
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition: gnunet_common.h:1214
GNUNET_MQ_handler_end
#define GNUNET_MQ_handler_end()
End-marker for the handlers array.
Definition: gnunet_mq_lib.h:532
GNUNET_MQ_queue_for_callbacks
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:465
GNUNET_MQ_hd_var_size
#define GNUNET_MQ_hd_var_size(name, code, str, ctx)
Definition: gnunet_mq_lib.h:618
GNUNET_MQ_hd_fixed_size
#define GNUNET_MQ_hd_fixed_size(name, code, str, ctx)
Definition: gnunet_mq_lib.h:566
GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN
Ask the cadet service to create a new channel.
Definition: gnunet_protocols.h:3042
GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK
Confirm payload data end-to-end.
Definition: gnunet_protocols.h:3032
GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA
Payload data (inside an encrypted tunnel).
Definition: gnunet_protocols.h:3027
GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE
Announce connection is still alive (direction sensitive).
Definition: gnunet_protocols.h:3037
GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY
Ask the cadet service to destroy a channel.
Definition: gnunet_protocols.h:3047
GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK
#define GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK
Confirm the creation of a channel.
Definition: gnunet_protocols.h:3052
GNUNET_SCHEDULER_add_now
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1299
GNUNET_MST_create
struct GNUNET_MessageStreamTokenizer * GNUNET_MST_create(GNUNET_MessageTokenizerCallback cb, void *cb_cls)
Create a message stream tokenizer.
Definition: mst.c:86
CadetTunnel
Struct containing all information regarding a tunnel to a peer.
Definition: gnunet-service-cadet_tunnels.c:303
GNUNET_CADET_ChannelAppDataMessage
Message for cadet data traffic.
Definition: cadet_protocol.h:477
GNUNET_CADET_ChannelDataAckMessage
Message to acknowledge end-to-end data.
Definition: cadet_protocol.h:503
GNUNET_CADET_ChannelDestroyMessage
Message to destroy a channel of type GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY.
Definition: cadet_protocol.h:443
GNUNET_CADET_ChannelOpenAckMessage
Message to acknowledge opening a channel of type GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK.
Definition: cadet_protocol.h:414
GNUNET_CADET_ChannelOpenMessage
Message to create a Channel.
Definition: cadet_protocol.h:386
GNUNET_MQ_MessageHandler
Message handler for a specific message type.
Definition: gnunet_mq_lib.h:492
GNUNET_MessageHeader
Header for all communications.
Definition: gnunet_common.h:320

References decrypted_error_cb(), GNUNET_CONTAINER_multihashmap32_create(), GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA, GNUNET_MESSAGE_TYPE_CADET_CHANNEL_APP_DATA_ACK, GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY, GNUNET_MESSAGE_TYPE_CADET_CHANNEL_KEEPALIVE, GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN, GNUNET_MESSAGE_TYPE_CADET_CHANNEL_OPEN_ACK, GNUNET_MQ_handler_end, GNUNET_MQ_hd_fixed_size, GNUNET_MQ_hd_var_size, GNUNET_MQ_queue_for_callbacks(), GNUNET_MST_create(), GNUNET_new, GNUNET_SCHEDULER_add_now(), handle_decrypted(), handlers, INITIAL_KX_RETRY_DELAY, maintain_connections_cb(), new_ephemeral(), and t.

Referenced by GCP_get_tunnel().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_destroy_tunnel_now()

void GCT_destroy_tunnel_now ( struct CadetTunnel t)

Destroys the tunnel t now, without delay.

Used during shutdown.

Parameters
ttunnel to destroy

Definition at line 2305 of file gnunet-service-cadet_tunnels.c.

2306 {
2307  GNUNET_assert (GNUNET_YES == shutting_down);
2308  GNUNET_CONTAINER_multihashmap32_iterate (t->channels,
2309  &destroy_remaining_channels,
2310  t);
2311  GNUNET_assert (0 ==
2312  GCT_count_channels (t));
2313  if (NULL != t->destroy_task)
2314  {
2315  GNUNET_SCHEDULER_cancel (t->destroy_task);
2316  t->destroy_task = NULL;
2317  }
2318  destroy_tunnel (t);
2319 }
shutting_down
int shutting_down
Signal that shutdown is happening: prevent recovery measures.
Definition: gnunet-service-cadet.c:136
GCT_count_channels
unsigned int GCT_count_channels(struct CadetTunnel *t)
Returns the number of channels using a tunnel.
Definition: gnunet-service-cadet_tunnels.c:580
destroy_tunnel
static void destroy_tunnel(void *cls)
This tunnel is no longer used, destroy it.
Definition: gnunet-service-cadet_tunnels.c:2193
destroy_remaining_channels
static int destroy_remaining_channels(void *cls, uint32_t key, void *value)
Destroy remaining channels during shutdown.
Definition: gnunet-service-cadet_tunnels.c:2287
GNUNET_CONTAINER_multihashmap32_iterate
int GNUNET_CONTAINER_multihashmap32_iterate(struct GNUNET_CONTAINER_MultiHashMap32 *map, GNUNET_CONTAINER_MultiHashMapIterator32Callback it, void *it_cls)
Iterate over all entries in the map.
Definition: container_multihashmap32.c:227
GNUNET_assert
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Definition: gnunet_common.h:943
GNUNET_SCHEDULER_cancel
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:975

References destroy_remaining_channels(), destroy_tunnel(), GCT_count_channels(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_iterate(), GNUNET_SCHEDULER_cancel(), GNUNET_YES, shutting_down, and t.

Referenced by destroy_tunnels_now().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_add_inbound_connection()

int GCT_add_inbound_connection ( struct CadetTunnel t,
const struct GNUNET_CADET_ConnectionTunnelIdentifier cid,
struct CadetPeerPath path 
)

Add a connection to the tunnel.

Parameters
ta tunnel
cidconnection identifier to use for the connection
pathpath to use for the connection
Returns
GNUNET_OK on success, GNUNET_SYSERR on failure (duplicate connection)

Definition at line 3190 of file gnunet-service-cadet_tunnels.c.

3194 {
3195  struct CadetTConnection *ct;
3196 
3197  ct = GNUNET_new (struct CadetTConnection);
3198  ct->created = GNUNET_TIME_absolute_get ();
3199  ct->t = t;
3200  ct->cc = GCC_create_inbound (t->destination,
3201  path,
3202  ct,
3203  cid,
3204  &connection_ready_cb,
3205  ct);
3206  if (NULL == ct->cc)
3207  {
3208  LOG (GNUNET_ERROR_TYPE_DEBUG,
3209  "%s refused inbound %s (duplicate)\n",
3210  GCT_2s (t),
3211  GCC_2s (ct->cc));
3212  GNUNET_free (ct);
3213  return GNUNET_SYSERR;
3214  }
3215  /* FIXME: schedule job to kill connection (and path?) if it takes
3216  too long to get ready! (And track performance data on how long
3217  other connections took with the tunnel!)
3218  => Note: to be done within 'connection'-logic! */
3219  GNUNET_CONTAINER_DLL_insert (t->connection_busy_head,
3220  t->connection_busy_tail,
3221  ct);
3222  t->num_busy_connections++;
3223  LOG (GNUNET_ERROR_TYPE_DEBUG,
3224  "%s has new %s\n",
3225  GCT_2s (t),
3226  GCC_2s (ct->cc));
3227  return GNUNET_OK;
3228 }
GCC_2s
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
Definition: gnunet-service-cadet_connection.c:1016
GCC_create_inbound
struct CadetConnection * GCC_create_inbound(struct CadetPeer *destination, struct CadetPeerPath *path, struct CadetTConnection *ct, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, GCC_ReadyCallback ready_cb, void *ready_cb_cls)
Create a connection to destination via path and notify cb whenever we are ready for more data.
Definition: gnunet-service-cadet_connection.c:870
GCT_2s
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
Definition: gnunet-service-cadet_tunnels.c:517
connection_ready_cb
static void connection_ready_cb(void *cls, int is_ready)
A connection is is_ready for transmission.
Definition: gnunet-service-cadet_tunnels.c:2376
LOG
#define LOG(level,...)
Definition: gnunet-service-cadet_tunnels.c:45
GNUNET_CONTAINER_DLL_insert
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
Definition: gnunet_container_lib.h:1797
GNUNET_OK
@ GNUNET_OK
Definition: gnunet_common.h:109
GNUNET_ERROR_TYPE_DEBUG
@ GNUNET_ERROR_TYPE_DEBUG
Definition: gnunet_common.h:444
GNUNET_free
#define GNUNET_free(ptr)
Wrapper around free.
Definition: gnunet_common.h:1412
GNUNET_TIME_absolute_get
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:111
CadetTConnection
Entry in list of connections used by tunnel, with metadata.
Definition: gnunet-service-cadet.h:107
CadetTConnection::cc
struct CadetConnection * cc
Connection handle.
Definition: gnunet-service-cadet.h:121
CadetTConnection::created
struct GNUNET_TIME_Absolute created
Creation time, to keep oldest connection alive.
Definition: gnunet-service-cadet.h:131
CadetTConnection::t
struct CadetTunnel * t
Tunnel this connection belongs to.
Definition: gnunet-service-cadet.h:126

References CadetTConnection::cc, connection_ready_cb(), CadetTConnection::created, GCC_2s(), GCC_create_inbound(), GCT_2s(), GNUNET_CONTAINER_DLL_insert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_new, GNUNET_OK, GNUNET_SYSERR, GNUNET_TIME_absolute_get(), LOG, CadetTConnection::t, and t.

Referenced by handle_connection_create().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_connection_lost()

void GCT_connection_lost ( struct CadetTConnection ct)

We lost a connection, remove it from our list and clean up the connection object itself.

Parameters
ctbinding of connection to tunnel of the connection that was lost.

Definition at line 2146 of file gnunet-service-cadet_tunnels.c.

2147 {
2148  struct CadetTunnel *t = ct->t;
2149 
2150  if (GNUNET_YES == ct->is_ready)
2151  {
2152  GNUNET_CONTAINER_DLL_remove (t->connection_ready_head,
2153  t->connection_ready_tail,
2154  ct);
2155  t->num_ready_connections--;
2156  }
2157  else
2158  {
2159  GNUNET_CONTAINER_DLL_remove (t->connection_busy_head,
2160  t->connection_busy_tail,
2161  ct);
2162  t->num_busy_connections--;
2163  }
2164  GNUNET_free (ct);
2165 }
GNUNET_CONTAINER_DLL_remove
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
Definition: gnunet_container_lib.h:1916
CadetTConnection::is_ready
int is_ready
Is the connection currently ready for transmission?
Definition: gnunet-service-cadet.h:141

References GNUNET_CONTAINER_DLL_remove, GNUNET_free, GNUNET_YES, CadetTConnection::is_ready, CadetTConnection::t, and t.

Referenced by destroy_t_connection(), GCC_create_inbound(), and GCC_destroy_without_core().

Here is the caller graph for this function:

◆ GCT_get_destination()

struct CadetPeer* GCT_get_destination ( struct CadetTunnel t)

Return the peer to which this tunnel goes.

Parameters
ta tunnel
Returns
the destination of the tunnel

Definition at line 573 of file gnunet-service-cadet_tunnels.c.

574 {
575  return t->destination;
576 }

References t.

Referenced by GCCH_2s(), GCCH_bind(), GCCH_channel_incoming_new(), and timeout_closed_cb().

Here is the caller graph for this function:

◆ GCT_consider_path()

void GCT_consider_path ( struct CadetTunnel t,
struct CadetPeerPath p,
unsigned int  off 
)

Consider using the path p for the tunnel t.

The tunnel destination is at offset off in path p.

Parameters
tour tunnel
pa path to our destination
offoffset of the destination on path path

Definition at line 2821 of file gnunet-service-cadet_tunnels.c.

2824 {
2825  LOG (GNUNET_ERROR_TYPE_DEBUG,
2826  "Considering %s for %s (offset %u)\n",
2827  GCPP_2s (p),
2828  GCT_2s (t),
2829  off);
2830  (void) consider_path_cb (t,
2831  p,
2832  off);
2833 }
GCPP_2s
const char * GCPP_2s(struct CadetPeerPath *path)
Convert a path to a human-readable string.
Definition: gnunet-service-cadet_paths.c:735
consider_path_cb
static int consider_path_cb(void *cls, struct CadetPeerPath *path, unsigned int off)
Consider using the path p for the tunnel t.
Definition: gnunet-service-cadet_tunnels.c:2665
p
static struct GNUNET_OS_Process * p
Helper process we started.
Definition: gnunet-uri.c:38

References consider_path_cb(), GCPP_2s(), GCT_2s(), GNUNET_ERROR_TYPE_DEBUG, LOG, p, and t.

Referenced by GCP_path_entry_add(), and GCP_set_mq().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_add_channel()

struct GNUNET_CADET_ChannelTunnelNumber GCT_add_channel ( struct CadetTunnel t,
struct CadetChannel ch 
)

Add a channel to a tunnel.

Parameters
tTunnel.
chChannel
Returns
unique number identifying ch within t

Add a channel to a tunnel.

Otherwise that notification will be done later in notify_tunnel_up_cb().

Parameters
tTunnel.
chChannel
Returns
unique number identifying ch within t

Definition at line 1906 of file gnunet-service-cadet_tunnels.c.

2089 {
2090  struct GNUNET_CADET_ChannelTunnelNumber ctn;
2091 
2092  ctn = get_next_free_ctn (t);
2093  if (NULL != t->destroy_task)
2094  {
2095  GNUNET_SCHEDULER_cancel (t->destroy_task);
2096  t->destroy_task = NULL;
2097  }
2098  GNUNET_assert (GNUNET_YES ==
2099  GNUNET_CONTAINER_multihashmap32_put (t->channels,
2100  ntohl (ctn.cn),
2101  ch,
2102  GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY));
2103  LOG (GNUNET_ERROR_TYPE_DEBUG,
2104  "Adding %s to %s with state %d\n",
2105  GCCH_2s (ch),
2106  GCT_2s (t),
2107  t->estate);
2108  switch (t->estate)
2109  {
2110  case CADET_TUNNEL_KEY_UNINITIALIZED:
2111  /* waiting for connection to start KX */
2112  break;
2113 
2114  case CADET_TUNNEL_KEY_AX_RECV:
2115  case CADET_TUNNEL_KEY_AX_SENT:
2116  case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
2117  /* we're currently waiting for KX to complete */
2118  break;
2119 
2120  case CADET_TUNNEL_KEY_AX_AUTH_SENT:
2121  /* waiting for OTHER peer to send us data,
2122  we might need to prompt more aggressively! */
2123  if (NULL == t->kx_task)
2124  t->kx_task
2125  = GNUNET_SCHEDULER_add_at (t->next_kx_attempt,
2126  &retry_kx,
2127  t);
2128  break;
2129 
2130  case CADET_TUNNEL_KEY_OK:
2131  /* We are ready. Tell the new channel that we are up. */
2132  GCCH_tunnel_up (ch);
2133  break;
2134  }
2135  return ctn;
2136 }
ch
static struct GNUNET_CADET_Channel * ch
Channel handle.
Definition: gnunet-cadet.c:117
GCCH_2s
const char * GCCH_2s(const struct CadetChannel *ch)
Get the static string for identification of the channel.
Definition: gnunet-service-cadet_channel.c:429
GCCH_tunnel_up
void GCCH_tunnel_up(struct CadetChannel *ch)
Function called once and only once after a channel was bound to its tunnel via GCT_add_channel() is r...
Definition: gnunet-service-cadet_channel.c:648
get_next_free_ctn
static struct GNUNET_CADET_ChannelTunnelNumber get_next_free_ctn(struct CadetTunnel *t)
Compute the next free channel tunnel number for this tunnel.
Definition: gnunet-service-cadet_tunnels.c:2048
retry_kx
static void retry_kx(void *cls)
Try to redo the KX or KX_AUTH handshake, if we can.
Definition: gnunet-service-cadet_tunnels.c:1609
GNUNET_CONTAINER_multihashmap32_put
enum GNUNET_GenericReturnValue GNUNET_CONTAINER_multihashmap32_put(struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
Definition: container_multihashmap32.c:450
GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY
@ GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY
There must only be one value per key; storing a value should fail if a value under the same key alrea...
Definition: gnunet_container_lib.h:378
GNUNET_SCHEDULER_add_at
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_at(struct GNUNET_TIME_Absolute at, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run at the specified time.
Definition: scheduler.c:1249
GNUNET_CADET_ChannelTunnelNumber
Number identifying a CADET channel within a tunnel.
Definition: gnunet_cadet_service.h:87

References CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, cleanup_ax(), GCP_get_id(), GCT_2s(), GCT_change_estate(), GNUNET_assert, GNUNET_break, GNUNET_break_op, GNUNET_CADET_KX_FLAG_FORCE_REPLY, GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_hash(), GNUNET_e2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_memcmp, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_at(), GNUNET_STATISTICS_update(), CadetTunnelAxolotl::kx_0, LOG, msg, my_private_key, ret, retry_kx(), CadetTunnelAxolotl::RK, send_kx_auth(), stats, CadetTConnection::t, t, and update_ax_by_kx().

Referenced by GCCH_channel_local_new().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_remove_channel()

void GCT_remove_channel ( struct CadetTunnel t,
struct CadetChannel ch,
struct GNUNET_CADET_ChannelTunnelNumber  ctn 
)

Remove a channel from a tunnel.

Parameters
tTunnel.
chChannel
ctnunique number identifying ch within t

Definition at line 2254 of file gnunet-service-cadet_tunnels.c.

2257 {
2258  LOG (GNUNET_ERROR_TYPE_DEBUG,
2259  "Removing %s from %s\n",
2260  GCCH_2s (ch),
2261  GCT_2s (t));
2262  GNUNET_assert (GNUNET_YES ==
2263  GNUNET_CONTAINER_multihashmap32_remove (t->channels,
2264  ntohl (ctn.cn),
2265  ch));
2266  if ((0 ==
2267  GCT_count_channels (t)) &&
2268  (NULL == t->destroy_task))
2269  {
2270  t->destroy_task
2271  = GNUNET_SCHEDULER_add_delayed (IDLE_DESTROY_DELAY,
2272  &destroy_tunnel,
2273  t);
2274  }
2275 }
IDLE_DESTROY_DELAY
#define IDLE_DESTROY_DELAY
How long do we wait until tearing down an idle tunnel?
Definition: gnunet-service-cadet_tunnels.c:57
GNUNET_CONTAINER_multihashmap32_remove
enum GNUNET_GenericReturnValue GNUNET_CONTAINER_multihashmap32_remove(struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key, const void *value)
Remove the given key-value pair from the map.
Definition: container_multihashmap32.c:281
GNUNET_SCHEDULER_add_delayed
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1272
GNUNET_CADET_ChannelTunnelNumber::cn
uint32_t cn
Which number does this channel have that uniquely identfies it within its tunnel, in network byte ord...
Definition: gnunet_cadet_service.h:97

References ch, GNUNET_CADET_ChannelTunnelNumber::cn, destroy_tunnel(), GCCH_2s(), GCT_2s(), GCT_count_channels(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_remove(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_SCHEDULER_add_delayed(), GNUNET_YES, IDLE_DESTROY_DELAY, LOG, and t.

Referenced by channel_destroy().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_send_channel_destroy()

void GCT_send_channel_destroy ( struct CadetTunnel t,
struct GNUNET_CADET_ChannelTunnelNumber  ctn 
)

Send a DESTROY message via the tunnel.

Parameters
tthe tunnel to transmit over
ctnID of the channel to destroy

Definition at line 2997 of file gnunet-service-cadet_tunnels.c.

2999 {
3000  struct GNUNET_CADET_ChannelDestroyMessage msg;
3001 
3002  LOG (GNUNET_ERROR_TYPE_DEBUG,
3003  "Sending DESTROY message for channel ID %u\n",
3004  ntohl (ctn.cn));
3005  msg.header.size = htons (sizeof(msg));
3006  msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY);
3007  msg.reserved = htonl (0);
3008  msg.ctn = ctn;
3009  GCT_send (t,
3010  &msg.header,
3011  NULL,
3012  NULL,
3013  &ctn);
3014 }
msg
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
GCT_send
struct CadetTunnelQueueEntry * GCT_send(struct CadetTunnel *t, const struct GNUNET_MessageHeader *message, GCT_SendContinuation cont, void *cont_cls, struct GNUNET_CADET_ChannelTunnelNumber *ctn)
Sends an already built message on a tunnel, encrypting it and choosing the best connection if not pro...
Definition: gnunet-service-cadet_tunnels.c:3413
GNUNET_CADET_ChannelDestroyMessage::ctn
struct GNUNET_CADET_ChannelTunnelNumber ctn
ID of the channel.
Definition: cadet_protocol.h:457
GNUNET_MessageHeader::type
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
Definition: gnunet_common.h:330
GNUNET_MessageHeader::size
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format.
Definition: gnunet_common.h:325

References GNUNET_CADET_ChannelTunnelNumber::cn, GNUNET_CADET_ChannelDestroyMessage::ctn, GCT_send(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY, LOG, msg, GNUNET_MessageHeader::size, t, and GNUNET_MessageHeader::type.

Referenced by GCCH_channel_local_destroy(), GCCH_handle_channel_plaintext_data(), GCCH_handle_local_ack(), handle_plaintext_channel_open_ack(), handle_plaintext_data(), and handle_plaintext_data_ack().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_send()

struct CadetTunnelQueueEntry* GCT_send ( struct CadetTunnel t,
const struct GNUNET_MessageHeader message,
GCT_SendContinuation  cont,
void *  cont_cls,
struct GNUNET_CADET_ChannelTunnelNumber ctn 
)

Sends an already built message on a tunnel, encrypting it and choosing the best connection if not provided.

Parameters
messageMessage to send. Function modifies it.
tTunnel on which this message is transmitted.
contContinuation to call once message is really sent.
cont_clsClosure for cont.
Returns
Handle to cancel message.

Definition at line 3413 of file gnunet-service-cadet_tunnels.c.

3418 {
3419  struct CadetTunnelQueueEntry *tq;
3420  uint16_t payload_size;
3421  struct GNUNET_MQ_Envelope *env;
3422  struct GNUNET_CADET_TunnelEncryptedMessage *ax_msg;
3423  struct CadetChannel *ch;
3424 
3425  if (NULL != ctn)
3426  {
3427  ch = lookup_channel (t,
3428  *ctn);
3429  if ((NULL != ch) && GCCH_is_type_to_drop (ch, message))
3430  {
3431  GNUNET_break (0);
3432  return NULL;
3433  }
3434  }
3435 
3436  if (CADET_TUNNEL_KEY_OK != t->estate)
3437  {
3438  GNUNET_break (0);
3439  return NULL;
3440  }
3441  payload_size = ntohs (message->size);
3442  LOG (GNUNET_ERROR_TYPE_DEBUG,
3443  "Encrypting %u bytes for %s\n",
3444  (unsigned int) payload_size,
3445  GCT_2s (t));
3446  env = GNUNET_MQ_msg_extra (ax_msg,
3447  payload_size,
3448  GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED);
3449  t_ax_encrypt (&t->ax,
3450  &ax_msg[1],
3451  message,
3452  payload_size);
3453  GNUNET_STATISTICS_update (stats,
3454  "# encrypted bytes",
3455  payload_size,
3456  GNUNET_NO);
3457  ax_msg->ax_header.Ns = htonl (t->ax.Ns++);
3458  ax_msg->ax_header.PNs = htonl (t->ax.PNs);
3459  /* FIXME: we should do this once, not once per message;
3460  this is a point multiplication, and DHRs does not
3461  change all the time. */
3462  GNUNET_CRYPTO_ecdhe_key_get_public (&t->ax.DHRs,
3463  &ax_msg->ax_header.DHRs);
3464  t_h_encrypt (&t->ax,
3465  ax_msg);
3466  t_hmac (&ax_msg->ax_header,
3467  sizeof(struct GNUNET_CADET_AxHeader) + payload_size,
3468  0,
3469  &t->ax.HKs,
3470  &ax_msg->hmac);
3471 
3472  tq = GNUNET_malloc (sizeof(*tq));
3473  tq->t = t;
3474  tq->env = env;
3475  tq->cid = &ax_msg->cid; /* will initialize 'ax_msg->cid' once we know the connection */
3476  tq->cont = cont;
3477  tq->cont_cls = cont_cls;
3478  GNUNET_CONTAINER_DLL_insert_tail (t->tq_head,
3479  t->tq_tail,
3480  tq);
3481  if (NULL != t->send_task)
3482  GNUNET_SCHEDULER_cancel (t->send_task);
3483  t->send_task
3484  = GNUNET_SCHEDULER_add_now (&trigger_transmissions,
3485  t);
3486  return tq;
3487 }
env
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
stats
struct GNUNET_STATISTICS_Handle * stats
Handle to the statistics service.
Definition: gnunet-service-cadet.c:116
GCCH_is_type_to_drop
int GCCH_is_type_to_drop(struct CadetChannel *ch, const struct GNUNET_MessageHeader *message)
Check if type of message is the one to drop.
Definition: gnunet-service-cadet_channel.c:407
t_hmac
static void t_hmac(const void *plaintext, size_t size, uint32_t iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_ShortHashCode *hmac)
Calculate HMAC.
Definition: gnunet-service-cadet_tunnels.c:680
lookup_channel
struct CadetChannel * lookup_channel(struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn)
Lookup a channel by its ctn.
Definition: gnunet-service-cadet_tunnels.c:594
trigger_transmissions
static void trigger_transmissions(void *cls)
Called when either we have a new connection, or a new message in the queue, or some existing connecti...
Definition: gnunet-service-cadet_tunnels.c:2491
t_h_encrypt
static void t_h_encrypt(struct CadetTunnelAxolotl *ax, struct GNUNET_CADET_TunnelEncryptedMessage *msg)
Encrypt header with the axolotl header key.
Definition: gnunet-service-cadet_tunnels.c:896
t_ax_encrypt
static void t_ax_encrypt(struct CadetTunnelAxolotl *ax, void *dst, const void *src, size_t size)
Encrypt data with the axolotl tunnel key.
Definition: gnunet-service-cadet_tunnels.c:773
GNUNET_CRYPTO_ecdhe_key_get_public
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:214
GNUNET_CONTAINER_DLL_insert_tail
#define GNUNET_CONTAINER_DLL_insert_tail(head, tail, element)
Insert an element at the tail of a DLL.
Definition: gnunet_container_lib.h:1821
GNUNET_break
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur.
Definition: gnunet_common.h:1024
GNUNET_malloc
#define GNUNET_malloc(size)
Wrapper around malloc.
Definition: gnunet_common.h:1352
GNUNET_MQ_msg_extra
#define GNUNET_MQ_msg_extra(mvar, esize, type)
Allocate an envelope, with extra space allocated after the space needed by the message struct.
Definition: gnunet_mq_lib.h:63
GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED
Axolotl encrypted data.
Definition: gnunet_protocols.h:3014
GNUNET_STATISTICS_update
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
Definition: statistics_api.c:1324
CadetChannel
Struct containing all information regarding a channel to a remote client.
Definition: gnunet-service-cadet_channel.c:249
CadetChannel::ctn
struct GNUNET_CADET_ChannelTunnelNumber ctn
Number identifying this channel in its tunnel.
Definition: gnunet-service-cadet_channel.c:344
CadetTunnelQueueEntry
Struct used to save messages in a non-ready tunnel to send once connected.
Definition: gnunet-service-cadet_tunnels.c:260
CadetTunnelQueueEntry::env
struct GNUNET_MQ_Envelope * env
Envelope of message to send follows.
Definition: gnunet-service-cadet_tunnels.c:289
CadetTunnelQueueEntry::cont
GCT_SendContinuation cont
Continuation to call once sent (on the channel layer).
Definition: gnunet-service-cadet_tunnels.c:279
CadetTunnelQueueEntry::cid
struct GNUNET_CADET_ConnectionTunnelIdentifier * cid
Where to put the connection identifier into the payload of the message in env once we have it?
Definition: gnunet-service-cadet_tunnels.c:295
CadetTunnelQueueEntry::cont_cls
void * cont_cls
Closure for cont.
Definition: gnunet-service-cadet_tunnels.c:284
CadetTunnelQueueEntry::t
struct CadetTunnel * t
Tunnel these messages belong in.
Definition: gnunet-service-cadet_tunnels.c:274
GNUNET_CADET_AxHeader
Encrypted axolotl header with numbers that identify which keys in which ratchet are to be used to dec...
Definition: cadet_protocol.h:320
GNUNET_CADET_AxHeader::PNs
uint32_t PNs
Number of messages sent with the previous ratchet key.
Definition: cadet_protocol.h:329
GNUNET_CADET_AxHeader::DHRs
struct GNUNET_CRYPTO_EcdhePublicKey DHRs
Current ratchet key.
Definition: cadet_protocol.h:334
GNUNET_CADET_AxHeader::Ns
uint32_t Ns
Number of messages sent with the current ratchet key.
Definition: cadet_protocol.h:324
GNUNET_CADET_TunnelEncryptedMessage
Axolotl-encrypted tunnel message with application payload.
Definition: cadet_protocol.h:342
GNUNET_CADET_TunnelEncryptedMessage::ax_header
struct GNUNET_CADET_AxHeader ax_header
Axolotl-header that specifies which keys to use in which ratchet to decrypt the body that follows.
Definition: cadet_protocol.h:369
GNUNET_CADET_TunnelEncryptedMessage::cid
struct GNUNET_CADET_ConnectionTunnelIdentifier cid
ID of the connection.
Definition: cadet_protocol.h:356
GNUNET_CADET_TunnelEncryptedMessage::hmac
struct GNUNET_ShortHashCode hmac
MAC of the encrypted message, used to verify message integrity.
Definition: cadet_protocol.h:363
GNUNET_MQ_Envelope
Definition: mq.c:34

References GNUNET_CADET_TunnelEncryptedMessage::ax_header, CADET_TUNNEL_KEY_OK, ch, GNUNET_CADET_TunnelEncryptedMessage::cid, CadetTunnelQueueEntry::cid, CadetTunnelQueueEntry::cont, CadetTunnelQueueEntry::cont_cls, CadetChannel::ctn, GNUNET_CADET_AxHeader::DHRs, env, CadetTunnelQueueEntry::env, GCCH_is_type_to_drop(), GCT_2s(), GNUNET_break, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_malloc, GNUNET_MESSAGE_TYPE_CADET_TUNNEL_ENCRYPTED, GNUNET_MQ_msg_extra, GNUNET_NO, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GNUNET_CADET_TunnelEncryptedMessage::hmac, LOG, lookup_channel(), GNUNET_CADET_AxHeader::Ns, GNUNET_CADET_AxHeader::PNs, GNUNET_MessageHeader::size, stats, CadetTunnelQueueEntry::t, t, t_ax_encrypt(), t_h_encrypt(), t_hmac(), and trigger_transmissions().

Referenced by GCCH_handle_local_data(), GCT_send_channel_destroy(), retry_transmission(), send_channel_data_ack(), send_channel_open(), send_keepalive(), and send_open_ack().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_send_cancel()

void GCT_send_cancel ( struct CadetTunnelQueueEntry q)

Cancel a previously sent message while it's in the queue.

ONLY can be called before the continuation given to the send function is called. Once the continuation is called, the message is no longer in the queue!

Parameters
qHandle to the queue entry to cancel.

Definition at line 3491 of file gnunet-service-cadet_tunnels.c.

3492 {
3493  struct CadetTunnel *t = tq->t;
3494 
3495  GNUNET_CONTAINER_DLL_remove (t->tq_head,
3496  t->tq_tail,
3497  tq);
3498  GNUNET_MQ_discard (tq->env);
3499  GNUNET_free (tq);
3500 }
GNUNET_MQ_discard
void GNUNET_MQ_discard(struct GNUNET_MQ_Envelope *mqm)
Discard the message queue message, free all allocated resources.
Definition: mq.c:285

References CadetTunnelQueueEntry::env, GNUNET_CONTAINER_DLL_remove, GNUNET_free, GNUNET_MQ_discard(), CadetTunnelQueueEntry::t, and t.

Referenced by channel_destroy(), destroy_tunnel(), GCC_destroy(), handle_matching_ack(), send_channel_data_ack(), send_channel_open(), and send_open_ack().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_count_channels()

unsigned int GCT_count_channels ( struct CadetTunnel t)

Returns the number of channels using a tunnel.

Parameters
tTunnel in question.
Returns
Number of channels using the tunnel.

Definition at line 580 of file gnunet-service-cadet_tunnels.c.

581 {
582  return GNUNET_CONTAINER_multihashmap32_size (t->channels);
583 }
GNUNET_CONTAINER_multihashmap32_size
unsigned int GNUNET_CONTAINER_multihashmap32_size(const struct GNUNET_CONTAINER_MultiHashMap32 *map)
Get the number of key-value pairs in the map.
Definition: container_multihashmap32.c:201

References GNUNET_CONTAINER_multihashmap32_size(), and t.

Referenced by connection_ready_cb(), destroy_tunnel(), GCT_destroy_tunnel_now(), GCT_remove_channel(), get_all_tunnels_iterator(), and retry_kx().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_count_any_connections()

unsigned int GCT_count_any_connections ( const struct CadetTunnel t)

Counts the number of connections created for a tunnel, including busy connections.

Parameters
tTunnel to be counted.
Returns
Number of connections created for the tunnel.

Definition at line 603 of file gnunet-service-cadet_tunnels.c.

604 {
605  return t->num_ready_connections + t->num_busy_connections;
606 }

References t.

Referenced by consider_path_cb(), GCT_debug(), get_all_tunnels_iterator(), and maintain_connections_cb().

Here is the caller graph for this function:

◆ GCT_iterate_connections()

void GCT_iterate_connections ( struct CadetTunnel t,
GCT_ConnectionIterator  iter,
void *  iter_cls 
)

Iterate over all connections of a tunnel.

Parameters
tTunnel whose connections to iterate.
iterIterator.
iter_clsClosure for iter.

Definition at line 3511 of file gnunet-service-cadet_tunnels.c.

3514 {
3515  struct CadetTConnection *n;
3516 
3517  for (struct CadetTConnection *ct = t->connection_ready_head;
3518  NULL != ct;
3519  ct = n)
3520  {
3521  n = ct->next;
3522  iter (iter_cls,
3523  ct);
3524  }
3525  for (struct CadetTConnection *ct = t->connection_busy_head;
3526  NULL != ct;
3527  ct = n)
3528  {
3529  n = ct->next;
3530  iter (iter_cls,
3531  ct);
3532  }
3533 }
CadetTConnection::next
struct CadetTConnection * next
Next in DLL.
Definition: gnunet-service-cadet.h:111

References CadetTConnection::next, and t.

Referenced by consider_path_cb(), destroy_tunnel(), and maintain_connections_cb().

Here is the caller graph for this function:

◆ GCT_iterate_channels()

void GCT_iterate_channels ( struct CadetTunnel t,
GCT_ChannelIterator  iter,
void *  iter_cls 
)

Iterate over all channels of a tunnel.

Parameters
tTunnel whose channels to iterate.
iterIterator.
iter_clsClosure for iter.

Definition at line 3583 of file gnunet-service-cadet_tunnels.c.

3586 {
3587  struct ChanIterCls ctx;
3588 
3589  ctx.iter = iter;
3590  ctx.iter_cls = iter_cls;
3591  GNUNET_CONTAINER_multihashmap32_iterate (t->channels,
3592  &iterate_channels_cb,
3593  &ctx);
3594 }
iterate_channels_cb
static int iterate_channels_cb(void *cls, uint32_t key, void *value)
Helper function for GCT_iterate_channels.
Definition: gnunet-service-cadet_tunnels.c:3562
ctx
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
Definition: gnunet-zonewalk.c:84
ChanIterCls
Closure for iterate_channels_cb.
Definition: gnunet-service-cadet_tunnels.c:3540
ChanIterCls::iter_cls
void * iter_cls
Closure for iter.
Definition: gnunet-service-cadet_tunnels.c:3549
ChanIterCls::iter
GCT_ChannelIterator iter
Function to call.
Definition: gnunet-service-cadet_tunnels.c:3544

References ctx, GNUNET_CONTAINER_multihashmap32_iterate(), ChanIterCls::iter, ChanIterCls::iter_cls, iterate_channels_cb(), and t.

Here is the call graph for this function:

◆ GCT_get_estate()

enum CadetTunnelEState GCT_get_estate ( struct CadetTunnel t)

Get the encryption state of a tunnel.

Parameters
tTunnel.
Returns
Tunnel's encryption state.

Definition at line 617 of file gnunet-service-cadet_tunnels.c.

636 {
637  return t->estate;
638 }

References GNUNET_assert, GNUNET_YES, CadetTConnection::is_ready, and t.

Referenced by get_all_tunnels_iterator(), handle_connection_create(), send_create(), and send_keepalive().

Here is the caller graph for this function:

◆ GCT_change_estate()

void GCT_change_estate ( struct CadetTunnel t,
enum CadetTunnelEState  state 
)

Change the tunnel encryption state.

If the encryption state changes to OK, stop the rekey task.

Parameters
tTunnel whose encryption state to change, or NULL.
stateNew encryption state.

Definition at line 1284 of file gnunet-service-cadet_tunnels.c.

1286 {
1287  enum CadetTunnelEState old = t->estate;
1288 
1289  t->estate = state;
1290  LOG (GNUNET_ERROR_TYPE_DEBUG,
1291  "%s estate changed from %s to %s\n",
1292  GCT_2s (t),
1293  estate2s (old),
1294  estate2s (state));
1295 
1296  if ((CADET_TUNNEL_KEY_OK != old) &&
1297  (CADET_TUNNEL_KEY_OK == t->estate))
1298  {
1299  if (NULL != t->kx_task)
1300  {
1301  GNUNET_SCHEDULER_cancel (t->kx_task);
1302  t->kx_task = NULL;
1303  }
1304  /* notify all channels that have been waiting */
1305  GNUNET_CONTAINER_multihashmap32_iterate (t->channels,
1306  &notify_tunnel_up_cb,
1307  t);
1308  if (NULL != t->send_task)
1309  GNUNET_SCHEDULER_cancel (t->send_task);
1310  t->send_task = GNUNET_SCHEDULER_add_now (&trigger_transmissions,
1311  t);
1312  }
1313 }
state
enum State state
current state of profiling
Definition: gnunet-regex-profiler.c:245
notify_tunnel_up_cb
static int notify_tunnel_up_cb(void *cls, uint32_t key, void *value)
Our tunnel became ready for the first time, notify channels that have been waiting.
Definition: gnunet-service-cadet_tunnels.c:1265
estate2s
static const char * estate2s(enum CadetTunnelEState es)
Get string description for tunnel encryption state.
Definition: gnunet-service-cadet_tunnels.c:539
CadetTunnelEState
CadetTunnelEState
All the encryption states a tunnel can be in.
Definition: gnunet-service-cadet_tunnels.h:44

References CADET_TUNNEL_KEY_OK, estate2s(), GCT_2s(), GNUNET_CONTAINER_multihashmap32_iterate(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_cancel(), LOG, notify_tunnel_up_cb(), state, t, and trigger_transmissions().

Referenced by GCT_add_channel(), GCT_handle_encrypted(), GCT_handle_kx(), handle_connection_create(), send_kx(), and send_kx_auth().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_handle_kx()

void GCT_handle_kx ( struct CadetTConnection ct,
const struct GNUNET_CADET_TunnelKeyExchangeMessage msg 
)

Handle KX message that lacks authentication (and which will thus only be considered authenticated after we respond with our own KX_AUTH and finally successfully decrypt the payload).

Parameters
ctconnection/tunnel combo that received encrypted message
msgthe key exchange message

Definition at line 1696 of file gnunet-service-cadet_tunnels.c.

1698 {
1699  struct CadetTunnel *t = ct->t;
1700  int ret;
1701 
1702  GNUNET_STATISTICS_update (stats,
1703  "# KX received",
1704  1,
1705  GNUNET_NO);
1706  if (GNUNET_YES ==
1707  GCT_alice_or_betty (GCP_get_id (t->destination)))
1708  {
1709  /* Betty/Bob is not allowed to send KX! */
1710  GNUNET_break_op (0);
1711  return;
1712  }
1713  LOG (GNUNET_ERROR_TYPE_DEBUG,
1714  "Received KX message from %s with ephemeral %s from %s on connection %s\n",
1715  GCT_2s (t),
1716  GNUNET_e2s (&msg->ephemeral_key),
1717  GNUNET_i2s (GCP_get_id (t->destination)),
1718  GCC_2s (ct->cc));
1719 #if 1
1720  if ((0 ==
1721  memcmp (&t->ax.DHRr,
1722  &msg->ratchet_key,
1723  sizeof(msg->ratchet_key))) &&
1724  (0 ==
1725  memcmp (&t->ax.last_ephemeral,
1726  &msg->ephemeral_key,
1727  sizeof(msg->ephemeral_key))))
1728 
1729  {
1730  GNUNET_STATISTICS_update (stats,
1731  "# Duplicate KX received",
1732  1,
1733  GNUNET_NO);
1734  send_kx_auth (t,
1735  ct,
1736  &t->ax,
1737  GNUNET_NO);
1738  return;
1739  }
1740 #endif
1741  /* We only keep ONE unverified KX around, so if there is an existing one,
1742  clean it up. */
1743  if (NULL != t->unverified_ax)
1744  {
1745  if ((0 ==
1746  memcmp (&t->unverified_ax->DHRr,
1747  &msg->ratchet_key,
1748  sizeof(msg->ratchet_key))) &&
1749  (0 ==
1750  memcmp (&t->unverified_ax->last_ephemeral,
1751  &msg->ephemeral_key,
1752  sizeof(msg->ephemeral_key))))
1753  {
1754  GNUNET_STATISTICS_update (stats,
1755  "# Duplicate unverified KX received",
1756  1,
1757  GNUNET_NO);
1758 #if 1
1759  send_kx_auth (t,
1760  ct,
1761  t->unverified_ax,
1762  GNUNET_NO);
1763  return;
1764 #endif
1765  }
1766  LOG (GNUNET_ERROR_TYPE_DEBUG,
1767  "Dropping old unverified KX state.\n");
1768  GNUNET_STATISTICS_update (stats,
1769  "# Unverified KX dropped for fresh KX",
1770  1,
1771  GNUNET_NO);
1772  GNUNET_break (NULL == t->unverified_ax->skipped_head);
1773  memset (t->unverified_ax,
1774  0,
1775  sizeof(struct CadetTunnelAxolotl));
1776  }
1777  else
1778  {
1779  LOG (GNUNET_ERROR_TYPE_DEBUG,
1780  "Creating fresh unverified KX for %s\n",
1781  GCT_2s (t));
1782  GNUNET_STATISTICS_update (stats,
1783  "# Fresh KX setup",
1784  1,
1785  GNUNET_NO);
1786  t->unverified_ax = GNUNET_new (struct CadetTunnelAxolotl);
1787  }
1788  /* Set as the 'current' RK/DHRr the one we are currently using,
1789  so that the duplicate-detection logic of
1790  #update_ax_by_kx can work. */
1791  t->unverified_ax->RK = t->ax.RK;
1792  t->unverified_ax->DHRr = t->ax.DHRr;
1793  t->unverified_ax->DHRs = t->ax.DHRs;
1794  t->unverified_ax->kx_0 = t->ax.kx_0;
1795  t->unverified_attempts = 0;
1796 
1797  /* Update 'ax' by the new key material */
1798  ret = update_ax_by_kx (t->unverified_ax,
1799  GCP_get_id (t->destination),
1800  &msg->ephemeral_key,
1801  &msg->ratchet_key);
1802  GNUNET_break (GNUNET_SYSERR != ret);
1803  if (GNUNET_OK != ret)
1804  {
1805  GNUNET_STATISTICS_update (stats,
1806  "# Useless KX",
1807  1,
1808  GNUNET_NO);
1809  return; /* duplicate KX, nothing to do */
1810  }
1811  /* move ahead in our state machine */
1812  if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate)
1813  GCT_change_estate (t,
1814  CADET_TUNNEL_KEY_AX_RECV);
1815  else if (CADET_TUNNEL_KEY_AX_SENT == t->estate)
1816  GCT_change_estate (t,
1817  CADET_TUNNEL_KEY_AX_SENT_AND_RECV);
1818 
1819  /* KX is still not done, try again our end. */
1820  if (CADET_TUNNEL_KEY_OK != t->estate)
1821  {
1822  if (NULL != t->kx_task)
1823  GNUNET_SCHEDULER_cancel (t->kx_task);
1824  t->kx_task
1825  = GNUNET_SCHEDULER_add_now (&retry_kx,
1826  t);
1827  }
1828 }
ret
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
GCT_change_estate
void GCT_change_estate(struct CadetTunnel *t, enum CadetTunnelEState state)
Change the tunnel encryption state.
Definition: gnunet-service-cadet_tunnels.c:1284
send_kx_auth
static void send_kx_auth(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
Send a KX_AUTH message.
Definition: gnunet-service-cadet_tunnels.c:1396
update_ax_by_kx
static int update_ax_by_kx(struct CadetTunnelAxolotl *ax, const struct GNUNET_PeerIdentity *pid, const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key)
Update our Axolotl key state based on the KX data we received.
Definition: gnunet-service-cadet_tunnels.c:1500
GCT_alice_or_betty
int GCT_alice_or_betty(const struct GNUNET_PeerIdentity *other)
Am I Alice or Betty (some call her Bob), or talking to myself?
Definition: gnunet-service-cadet_tunnels.c:468
GNUNET_e2s
const char * GNUNET_e2s(const struct GNUNET_CRYPTO_EcdhePublicKey *p)
Convert a public key value to a string (for printing debug messages).
Definition: common_logging.c:1183
CadetTunnelAxolotl
Axolotl data, according to https://github.com/trevp/axolotl/wiki .
Definition: gnunet-service-cadet_tunnels.c:120

References CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, CadetTConnection::cc, GCC_2s(), GCP_get_id(), GCT_2s(), GCT_alice_or_betty(), GCT_change_estate(), GNUNET_break, GNUNET_break_op, GNUNET_e2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_new, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_YES, LOG, msg, ret, retry_kx(), send_kx_auth(), stats, CadetTConnection::t, t, and update_ax_by_kx().

Referenced by GCC_handle_kx().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_handle_kx_auth()

void GCT_handle_kx_auth ( struct CadetTConnection ct,
const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage msg 
)

Handle KX_AUTH message.

Parameters
ctconnection/tunnel combo that received encrypted message
msgthe key exchange message

Definition at line 1906 of file gnunet-service-cadet_tunnels.c.

1908 {
1909  struct CadetTunnel *t = ct->t;
1910  struct CadetTunnelAxolotl ax_tmp;
1911  struct GNUNET_HashCode kx_auth;
1912  int ret;
1913 
1914  GNUNET_STATISTICS_update (stats,
1915  "# KX_AUTH received",
1916  1,
1917  GNUNET_NO);
1918  if ((CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) ||
1919  (CADET_TUNNEL_KEY_AX_RECV == t->estate))
1920  {
1921  /* Confusing, we got a KX_AUTH before we even send our own
1922  KX. This should not happen. We'll send our own KX ASAP anyway,
1923  so let's ignore this here. */
1924  GNUNET_break_op (0);
1925  return;
1926  }
1927  LOG (GNUNET_ERROR_TYPE_DEBUG,
1928  "Handling KX_AUTH message from %s with ephemeral %s\n",
1929  GCT_2s (t),
1930  GNUNET_e2s (&msg->kx.ephemeral_key));
1931  /* We do everything in ax_tmp until we've checked the authentication
1932  so we don't clobber anything we care about by accident. */
1933  ax_tmp = t->ax;
1934 
1935  /* Update 'ax' by the new key material */
1936  ret = update_ax_by_kx (&ax_tmp,
1937  GCP_get_id (t->destination),
1938  &msg->kx.ephemeral_key,
1939  &msg->kx.ratchet_key);
1940  if (GNUNET_OK != ret)
1941  {
1942  if (GNUNET_NO == ret)
1943  GNUNET_STATISTICS_update (stats,
1944  "# redundant KX_AUTH received",
1945  1,
1946  GNUNET_NO);
1947  else
1948  GNUNET_break (0); /* connect to self!? */
1949  return;
1950  }
1951  GNUNET_CRYPTO_hash (&ax_tmp.RK,
1952  sizeof(ax_tmp.RK),
1953  &kx_auth);
1954  if (0 != GNUNET_memcmp (&kx_auth,
1955  &msg->auth))
1956  {
1957  /* This KX_AUTH is not using the latest KX/KX_AUTH data
1958  we transmitted to the sender, refuse it, try KX again. */
1959  GNUNET_STATISTICS_update (stats,
1960  "# KX_AUTH not using our last KX received (auth failure)",
1961  1,
1962  GNUNET_NO);
1963  LOG (GNUNET_ERROR_TYPE_WARNING,
1964  "KX AUTH mismatch!\n");
1965 #if DEBUG_KX
1966  {
1967  struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
1968 
1969  GNUNET_CRYPTO_ecdhe_key_get_public (&ax_tmp.kx_0,
1970  &ephemeral_key);
1971  if (0 != GNUNET_memcmp (&ephemeral_key,
1972  &msg->r_ephemeral_key_XXX))
1973  {
1974  LOG (GNUNET_ERROR_TYPE_WARNING,
1975  "My ephemeral is %s!\n",
1976  GNUNET_e2s (&ephemeral_key));
1977  LOG (GNUNET_ERROR_TYPE_WARNING,
1978  "Response is for ephemeral %s!\n",
1979  GNUNET_e2s (&msg->r_ephemeral_key_XXX));
1980  }
1981  else
1982  {
1983  test_crypto_bug (&ax_tmp.kx_0,
1984  &msg->kx.ephemeral_key_XXX,
1985  my_private_key,
1986  &msg->kx.private_key_XXX);
1987  }
1988  }
1989 #endif
1990  if (NULL == t->kx_task)
1991  t->kx_task
1992  = GNUNET_SCHEDULER_add_at (t->next_kx_attempt,
1993  &retry_kx,
1994  t);
1995  return;
1996  }
1997  /* Yep, we're good. */
1998  t->ax = ax_tmp;
1999  if (NULL != t->unverified_ax)
2000  {
2001  /* We got some "stale" KX before, drop that. */
2002  cleanup_ax (t->unverified_ax);
2003  GNUNET_free (t->unverified_ax);
2004  t->unverified_ax = NULL;
2005  }
2006 
2007  /* move ahead in our state machine */
2008  switch (t->estate)
2009  {
2010  case CADET_TUNNEL_KEY_UNINITIALIZED:
2011  case CADET_TUNNEL_KEY_AX_RECV:
2012  /* Checked above, this is impossible. */
2013  GNUNET_assert (0);
2014  break;
2015 
2016  case CADET_TUNNEL_KEY_AX_SENT: /* This is the normal case */
2017  case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: /* both peers started KX */
2018  case CADET_TUNNEL_KEY_AX_AUTH_SENT: /* both peers now did KX_AUTH */
2019  GCT_change_estate (t,
2020  CADET_TUNNEL_KEY_OK);
2021  break;
2022 
2023  case CADET_TUNNEL_KEY_OK:
2024  /* Did not expect another KX_AUTH, but so what, still acceptable.
2025  Nothing to do here. */
2026  break;
2027  }
2028  if (0 != (GNUNET_CADET_KX_FLAG_FORCE_REPLY & ntohl (msg->kx.flags)))
2029  {
2030  send_kx_auth (t,
2031  NULL,
2032  &t->ax,
2033  GNUNET_NO);
2034  }
2035 }
GNUNET_CADET_KX_FLAG_FORCE_REPLY
@ GNUNET_CADET_KX_FLAG_FORCE_REPLY
The peer should reply with its KX details?
Definition: cadet_protocol.h:228
my_private_key
struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Own private key.
Definition: gnunet-service-cadet.c:131
cleanup_ax
static void cleanup_ax(struct CadetTunnelAxolotl *ax)
Cleanup state used by ax.
Definition: gnunet-service-cadet_tunnels.c:1475
GNUNET_CRYPTO_hash
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
GNUNET_ERROR_TYPE_WARNING
@ GNUNET_ERROR_TYPE_WARNING
Definition: gnunet_common.h:438
GNUNET_CRYPTO_EcdhePublicKey
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
Definition: gnunet_crypto_lib.h:240
GNUNET_HashCode
A 512-bit hashcode.
Definition: gnunet_common.h:284

Referenced by GCC_handle_kx_auth().

Here is the caller graph for this function:

◆ GCT_handle_encrypted()

void GCT_handle_encrypted ( struct CadetTConnection ct,
const struct GNUNET_CADET_TunnelEncryptedMessage msg 
)

Handle encrypted message.

Parameters
ctconnection/tunnel combo that received encrypted message
msgthe encrypted message to decrypt

Definition at line 3238 of file gnunet-service-cadet_tunnels.c.

3240 {
3241  struct CadetTunnel *t = ct->t;
3242  uint16_t size = ntohs (msg->header.size);
3243  char cbuf[size] GNUNET_ALIGN;
3244  ssize_t decrypted_size;
3245 
3246  LOG (GNUNET_ERROR_TYPE_DEBUG,
3247  "%s received %u bytes of encrypted data in state %d\n",
3248  GCT_2s (t),
3249  (unsigned int) size,
3250  t->estate);
3251 
3252  switch (t->estate)
3253  {
3254  case CADET_TUNNEL_KEY_UNINITIALIZED:
3255  case CADET_TUNNEL_KEY_AX_RECV:
3256  /* We did not even SEND our KX, how can the other peer
3257  send us encrypted data? Must have been that we went
3258  down and the other peer still things we are up.
3259  Let's send it KX back. */
3260  GNUNET_STATISTICS_update (stats,
3261  "# received encrypted without any KX",
3262  1,
3263  GNUNET_NO);
3264  if (NULL != t->kx_task)
3265  {
3266  GNUNET_SCHEDULER_cancel (t->kx_task);
3267  t->kx_task = NULL;
3268  }
3269  send_kx (t,
3270  ct,
3271  &t->ax);
3272  return;
3273 
3274  case CADET_TUNNEL_KEY_AX_SENT_AND_RECV:
3275  /* We send KX, and other peer send KX to us at the same time.
3276  Neither KX is AUTH'ed, so let's try KX_AUTH this time. */
3277  GNUNET_STATISTICS_update (stats,
3278  "# received encrypted without KX_AUTH",
3279  1,
3280  GNUNET_NO);
3281  if (NULL != t->kx_task)
3282  {
3283  GNUNET_SCHEDULER_cancel (t->kx_task);
3284  t->kx_task = NULL;
3285  }
3286  send_kx_auth (t,
3287  ct,
3288  &t->ax,
3289  GNUNET_YES);
3290  return;
3291 
3292  case CADET_TUNNEL_KEY_AX_SENT:
3293  /* We did not get the KX of the other peer, but that
3294  might have been lost. Send our KX again immediately. */
3295  GNUNET_STATISTICS_update (stats,
3296  "# received encrypted without KX",
3297  1,
3298  GNUNET_NO);
3299  if (NULL != t->kx_task)
3300  {
3301  GNUNET_SCHEDULER_cancel (t->kx_task);
3302  t->kx_task = NULL;
3303  }
3304  send_kx (t,
3305  ct,
3306  &t->ax);
3307  return;
3308 
3309  case CADET_TUNNEL_KEY_AX_AUTH_SENT:
3310  /* Great, first payload, we might graduate to OK! */
3311  case CADET_TUNNEL_KEY_OK:
3312  /* We are up and running, all good. */
3313  break;
3314  }
3315 
3316  decrypted_size = -1;
3317  if (CADET_TUNNEL_KEY_OK == t->estate)
3318  {
3319  /* We have well-established key material available,
3320  try that. (This is the common case.) */
3321  decrypted_size = t_ax_decrypt_and_validate (&t->ax,
3322  cbuf,
3323  msg,
3324  size);
3325  }
3326 
3327  if ((-1 == decrypted_size) &&
3328  (NULL != t->unverified_ax))
3329  {
3330  /* We have un-authenticated KX material available. We should try
3331  this as a back-up option, in case the sender crashed and
3332  switched keys. */
3333  decrypted_size = t_ax_decrypt_and_validate (t->unverified_ax,
3334  cbuf,
3335  msg,
3336  size);
3337  if (-1 != decrypted_size)
3338  {
3339  /* It worked! Treat this as authentication of the AX data! */
3340  cleanup_ax (&t->ax);
3341  t->ax = *t->unverified_ax;
3342  GNUNET_free (t->unverified_ax);
3343  t->unverified_ax = NULL;
3344  }
3345  if (CADET_TUNNEL_KEY_AX_AUTH_SENT == t->estate)
3346  {
3347  /* First time it worked, move tunnel into production! */
3348  GCT_change_estate (t,
3349  CADET_TUNNEL_KEY_OK);
3350  if (NULL != t->send_task)
3351  GNUNET_SCHEDULER_cancel (t->send_task);
3352  t->send_task = GNUNET_SCHEDULER_add_now (&trigger_transmissions,
3353  t);
3354  }
3355  }
3356  if (NULL != t->unverified_ax)
3357  {
3358  /* We had unverified KX material that was useless; so increment
3359  counter and eventually move to ignore it. Note that we even do
3360  this increment if we successfully decrypted with the old KX
3361  material and thus didn't even both with the new one. This is
3362  the ideal case, as a malicious injection of bogus KX data
3363  basically only causes us to increment a counter a few times. */t->unverified_attempts++;
3364  LOG (GNUNET_ERROR_TYPE_DEBUG,
3365  "Failed to decrypt message with unverified KX data %u times\n",
3366  t->unverified_attempts);
3367  if (t->unverified_attempts > MAX_UNVERIFIED_ATTEMPTS)
3368  {
3369  cleanup_ax (t->unverified_ax);
3370  GNUNET_free (t->unverified_ax);
3371  t->unverified_ax = NULL;
3372  }
3373  }
3374 
3375  if (-1 == decrypted_size)
3376  {
3377  /* Decryption failed for good, complain. */
3378  LOG (GNUNET_ERROR_TYPE_WARNING,
3379  "%s failed to decrypt and validate encrypted data, retrying KX\n",
3380  GCT_2s (t));
3381  GNUNET_STATISTICS_update (stats,
3382  "# unable to decrypt",
3383  1,
3384  GNUNET_NO);
3385  if (NULL != t->kx_task)
3386  {
3387  GNUNET_SCHEDULER_cancel (t->kx_task);
3388  t->kx_task = NULL;
3389  }
3390  send_kx (t,
3391  ct,
3392  &t->ax);
3393  return;
3394  }
3395  GNUNET_STATISTICS_update (stats,
3396  "# decrypted bytes",
3397  decrypted_size,
3398  GNUNET_NO);
3399 
3400  /* The MST will ultimately call #handle_decrypted() on each message. */
3401  t->current_ct = ct;
3402  GNUNET_break_op (GNUNET_OK ==
3403  GNUNET_MST_from_buffer (t->mst,
3404  cbuf,
3405  decrypted_size,
3406  GNUNET_YES,
3407  GNUNET_NO));
3408  t->current_ct = NULL;
3409 }
MAX_UNVERIFIED_ATTEMPTS
#define MAX_UNVERIFIED_ATTEMPTS
How often do we try to decrypt payload with unverified key material? Used to limit CPU increase upon ...
Definition: gnunet-service-cadet_tunnels.c:52
send_kx
static void send_kx(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax)
Send a KX message.
Definition: gnunet-service-cadet_tunnels.c:1325
t_ax_decrypt_and_validate
static ssize_t t_ax_decrypt_and_validate(struct CadetTunnelAxolotl *ax, void *dst, const struct GNUNET_CADET_TunnelEncryptedMessage *src, size_t size)
Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered...
Definition: gnunet-service-cadet_tunnels.c:1150
GNUNET_ALIGN
#define GNUNET_ALIGN
gcc-ism to force alignment; we use this to align char-arrays that may then be cast to 'struct's.
Definition: gnunet_common.h:253
GNUNET_MST_from_buffer
enum GNUNET_GenericReturnValue GNUNET_MST_from_buffer(struct GNUNET_MessageStreamTokenizer *mst, const char *buf, size_t size, int purge, int one_shot)
Add incoming data to the receive buffer and call the callback for all complete messages.
Definition: mst.c:101
size
static unsigned int size
Size of the "table".
Definition: peer.c:68

References CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, cleanup_ax(), GCT_2s(), GCT_change_estate(), GNUNET_ALIGN, GNUNET_break_op, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_MST_from_buffer(), GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GNUNET_YES, LOG, MAX_UNVERIFIED_ATTEMPTS, msg, send_kx(), send_kx_auth(), GNUNET_MessageHeader::size, size, stats, CadetTConnection::t, t, t_ax_decrypt_and_validate(), and trigger_transmissions().

Referenced by GCC_handle_encrypted().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_debug()

void GCT_debug ( const struct CadetTunnel t,
enum GNUNET_ErrorType  level 
)

Log all possible info about the tunnel state.

Parameters
tTunnel to debug.
levelDebug level to use.

Definition at line 3629 of file gnunet-service-cadet_tunnels.c.

3631 {
3632 #if ! defined(GNUNET_CULL_LOGGING)
3633  struct CadetTConnection *iter_c;
3634  int do_log;
3635 
3636  do_log = GNUNET_get_log_call_status (level & (~GNUNET_ERROR_TYPE_BULK),
3637  "cadet-tun",
3638  __FILE__, __FUNCTION__, __LINE__);
3639  if (0 == do_log)
3640  return;
3641 
3642  LOG2 (level,
3643  "TTT TUNNEL TOWARDS %s in estate %s tq_len: %u #cons: %u\n",
3644  GCT_2s (t),
3645  estate2s (t->estate),
3646  t->tq_len,
3647  GCT_count_any_connections (t));
3648  LOG2 (level,
3649  "TTT channels:\n");
3650  GNUNET_CONTAINER_multihashmap32_iterate (t->channels,
3651  &debug_channel,
3652  &level);
3653  LOG2 (level,
3654  "TTT connections:\n");
3655  for (iter_c = t->connection_ready_head; NULL != iter_c; iter_c = iter_c->next)
3656  GCC_debug (iter_c->cc,
3657  level);
3658  for (iter_c = t->connection_busy_head; NULL != iter_c; iter_c = iter_c->next)
3659  GCC_debug (iter_c->cc,
3660  level);
3661 
3662  LOG2 (level,
3663  "TTT TUNNEL END\n");
3664 #endif
3665 }
GCC_debug
void GCC_debug(struct CadetConnection *cc, enum GNUNET_ErrorType level)
Log connection info.
Definition: gnunet-service-cadet_connection.c:1051
debug_channel
static int debug_channel(void *cls, uint32_t key, void *value)
Call GCCH_debug() on a channel.
Definition: gnunet-service-cadet_tunnels.c:3606
GCT_count_any_connections
unsigned int GCT_count_any_connections(const struct CadetTunnel *t)
Counts the number of connections created for a tunnel, including busy connections.
Definition: gnunet-service-cadet_tunnels.c:603
LOG2
#define LOG2(level,...)
Definition: gnunet-service-cadet_tunnels.c:3618
GNUNET_get_log_call_status
int GNUNET_get_log_call_status(int caller_level, const char *comp, const char *file, const char *function, int line)
Decides whether a particular logging call should or should not be allowed to be made.
Definition: common_logging.c:500
GNUNET_ERROR_TYPE_BULK
@ GNUNET_ERROR_TYPE_BULK
Definition: gnunet_common.h:446

References CadetTConnection::cc, debug_channel(), estate2s(), GCC_debug(), GCT_2s(), GCT_count_any_connections(), GNUNET_CONTAINER_multihashmap32_iterate(), GNUNET_ERROR_TYPE_BULK, GNUNET_get_log_call_status(), LOG2, CadetTConnection::next, and t.

Here is the call graph for this function: