GNUnet  0.10.x
Data Structures | Macros | Functions
gnunet-service-cadet_tunnels.c File Reference

Information we track per tunnel. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_statistics_service.h"
#include "gnunet_signatures.h"
#include "cadet_protocol.h"
#include "gnunet-service-cadet_channel.h"
#include "gnunet-service-cadet_connection.h"
#include "gnunet-service-cadet_tunnels.h"
#include "gnunet-service-cadet_peer.h"
#include "gnunet-service-cadet_paths.h"
Include dependency graph for gnunet-service-cadet_tunnels.c:

Go to the source code of this file.

Data Structures

struct  CadetTunnelSkippedKey
 Struct to old keys for skipped messages while advancing the Axolotl ratchet. More...
 
struct  CadetTunnelAxolotl
 Axolotl data, according to https://github.com/trevp/axolotl/wiki . More...
 
struct  CadetTunnelQueueEntry
 Struct used to save messages in a non-ready tunnel to send once connected. More...
 
struct  CadetTunnel
 Struct containing all information regarding a tunnel to a peer. More...
 
struct  EvaluationSummary
 Closure for evaluate_connection. More...
 
struct  ChanIterCls
 Closure for iterate_channels_cb. More...
 

Macros

#define LOG(level, ...)   GNUNET_log_from(level, "cadet-tun", __VA_ARGS__)
 
#define MAX_UNVERIFIED_ATTEMPTS   16
 How often do we try to decrypt payload with unverified key material? Used to limit CPU increase upon receiving bogus KX. More...
 
#define IDLE_DESTROY_DELAY   GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 90)
 How long do we wait until tearing down an idle tunnel? More...
 
#define INITIAL_KX_RETRY_DELAY   GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MILLISECONDS, 250)
 How long do we wait initially before retransmitting the KX? TODO: replace by 2 RTT if/once we have connection-level RTT data! More...
 
#define MAX_SKIPPED_KEYS   64
 Maximum number of skipped keys we keep in memory per tunnel. More...
 
#define MAX_KEY_GAP   256
 Maximum number of keys (and thus ratchet steps) we are willing to skip before we decide this is either a bogus packet or a DoS-attempt. More...
 
#define HIGH_BIT   0x8000000
 
#define LOG2(level, ...)   GNUNET_log_from_nocheck(level, "cadet-tun", __VA_ARGS__)
 

Functions

static int alice_or_betty (const struct GNUNET_PeerIdentity *other)
 Am I Alice or Betty (some call her Bob), or talking to myself? More...
 
static void mark_connection_unready (struct CadetTConnection *ct)
 Connection ct is now unready, clear it's ready flag and move it from the ready DLL to the busy DLL. More...
 
const char * GCT_2s (const struct CadetTunnel *t)
 Get the static string for the peer this tunnel is directed. More...
 
static const char * estate2s (enum CadetTunnelEState es)
 Get string description for tunnel encryption state. More...
 
struct CadetPeerGCT_get_destination (struct CadetTunnel *t)
 Return the peer to which this tunnel goes. More...
 
unsigned int GCT_count_channels (struct CadetTunnel *t)
 Count channels of a tunnel. More...
 
struct CadetChannellookup_channel (struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn)
 Lookup a channel by its ctn. More...
 
unsigned int GCT_count_any_connections (const struct CadetTunnel *t)
 Count all created connections of a tunnel. More...
 
static struct CadetTConnectionget_ready_connection (struct CadetTunnel *t)
 Find first connection that is ready in the list of our connections. More...
 
enum CadetTunnelEState GCT_get_estate (struct CadetTunnel *t)
 Get the encryption state of a tunnel. More...
 
static void trigger_transmissions (void *cls)
 Called when either we have a new connection, or a new message in the queue, or some existing connection has transmission capacity. More...
 
static void new_ephemeral (struct CadetTunnelAxolotl *ax)
 Create a new Axolotl ephemeral (ratchet) key. More...
 
static void t_hmac (const void *plaintext, size_t size, uint32_t iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_ShortHashCode *hmac)
 Calculate HMAC. More...
 
static void t_ax_hmac_hash (const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_HashCode *hash, const void *source, unsigned int len)
 Perform a HMAC. More...
 
static void t_hmac_derive_key (const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_CRYPTO_SymmetricSessionKey *out, const void *source, unsigned int len)
 Derive a symmetric encryption key from an HMAC-HASH. More...
 
static void t_ax_encrypt (struct CadetTunnelAxolotl *ax, void *dst, const void *src, size_t size)
 Encrypt data with the axolotl tunnel key. More...
 
static void t_ax_decrypt (struct CadetTunnelAxolotl *ax, void *dst, const void *src, size_t size)
 Decrypt data with the axolotl tunnel key. More...
 
static void t_h_encrypt (struct CadetTunnelAxolotl *ax, struct GNUNET_CADET_TunnelEncryptedMessage *msg)
 Encrypt header with the axolotl header key. More...
 
static void t_h_decrypt (struct CadetTunnelAxolotl *ax, const struct GNUNET_CADET_TunnelEncryptedMessage *src, struct GNUNET_CADET_TunnelEncryptedMessage *dst)
 Decrypt header with the current axolotl header key. More...
 
static void delete_skipped_key (struct CadetTunnelAxolotl *ax, struct CadetTunnelSkippedKey *key)
 Delete a key from the list of skipped keys. More...
 
static ssize_t try_old_ax_keys (struct CadetTunnelAxolotl *ax, void *dst, const struct GNUNET_CADET_TunnelEncryptedMessage *src, size_t size)
 Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered since it was sent by the remote peer. More...
 
static void store_skipped_key (struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr)
 Delete a key from the list of skipped keys. More...
 
static int store_ax_keys (struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr, uint32_t Np)
 Stage skipped AX keys and calculate the message key. More...
 
static ssize_t t_ax_decrypt_and_validate (struct CadetTunnelAxolotl *ax, void *dst, const struct GNUNET_CADET_TunnelEncryptedMessage *src, size_t size)
 Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered since it was sent by the remote peer. More...
 
static int notify_tunnel_up_cb (void *cls, uint32_t key, void *value)
 Our tunnel became ready for the first time, notify channels that have been waiting. More...
 
void GCT_change_estate (struct CadetTunnel *t, enum CadetTunnelEState state)
 Change the tunnel encryption state. More...
 
static void send_kx (struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax)
 Send a KX message. More...
 
static void send_kx_auth (struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
 Send a KX_AUTH message. More...
 
static void cleanup_ax (struct CadetTunnelAxolotl *ax)
 Cleanup state used by ax. More...
 
static int update_ax_by_kx (struct CadetTunnelAxolotl *ax, const struct GNUNET_PeerIdentity *pid, const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key)
 Update our Axolotl key state based on the KX data we received. More...
 
static void retry_kx (void *cls)
 Try to redo the KX or KX_AUTH handshake, if we can. More...
 
void GCT_handle_kx (struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg)
 Handle KX message that lacks authentication (and which will thus only be considered authenticated after we respond with our own KX_AUTH and finally successfully decrypt payload). More...
 
void GCT_handle_kx_auth (struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg)
 Handle KX_AUTH message. More...
 
static struct GNUNET_CADET_ChannelTunnelNumber get_next_free_ctn (struct CadetTunnel *t)
 Compute the next free channel tunnel number for this tunnel. More...
 
struct GNUNET_CADET_ChannelTunnelNumber GCT_add_channel (struct CadetTunnel *t, struct CadetChannel *ch)
 Add a channel to a tunnel, and notify channel that we are ready for transmission if we are already up. More...
 
void GCT_connection_lost (struct CadetTConnection *ct)
 We lost a connection, remove it from our list and clean up the connection object itself. More...
 
static void destroy_t_connection (void *cls, struct CadetTConnection *ct)
 Clean up connection ct of a tunnel. More...
 
static void destroy_tunnel (void *cls)
 This tunnel is no longer used, destroy it. More...
 
void GCT_remove_channel (struct CadetTunnel *t, struct CadetChannel *ch, struct GNUNET_CADET_ChannelTunnelNumber ctn)
 Remove a channel from a tunnel. More...
 
static int destroy_remaining_channels (void *cls, uint32_t key, void *value)
 Destroy remaining channels during shutdown. More...
 
void GCT_destroy_tunnel_now (struct CadetTunnel *t)
 Destroys the tunnel t now, without delay. More...
 
static void try_send_normal_payload (struct CadetTunnel *t, struct CadetTConnection *ct)
 Send normal payload from queue in t via connection ct. More...
 
static void connection_ready_cb (void *cls, int is_ready)
 A connection is is_ready for transmission. More...
 
static void evaluate_connection (void *cls, struct CadetTConnection *ct)
 Evaluate a connection, updating our summary information in cls about what kinds of connections we have. More...
 
static int consider_path_cb (void *cls, struct CadetPeerPath *path, unsigned int off)
 Consider using the path p for the tunnel t. More...
 
static void maintain_connections_cb (void *cls)
 Function called to maintain the connections underlying our tunnel. More...
 
void GCT_consider_path (struct CadetTunnel *t, struct CadetPeerPath *p, unsigned int off)
 Consider using the path p for the tunnel t. More...
 
static void handle_plaintext_keepalive (void *cls, const struct GNUNET_MessageHeader *msg)
 We got a keepalive. More...
 
static int check_plaintext_data (void *cls, const struct GNUNET_CADET_ChannelAppDataMessage *msg)
 Check that msg is well-formed. More...
 
static void handle_plaintext_data (void *cls, const struct GNUNET_CADET_ChannelAppDataMessage *msg)
 We received payload data for a channel. More...
 
static void handle_plaintext_data_ack (void *cls, const struct GNUNET_CADET_ChannelDataAckMessage *ack)
 We received an acknowledgement for data we sent on a channel. More...
 
static void handle_plaintext_channel_open (void *cls, const struct GNUNET_CADET_ChannelOpenMessage *copen)
 We have received a request to open a channel to a port from another peer. More...
 
void GCT_send_channel_destroy (struct CadetTunnel *t, struct GNUNET_CADET_ChannelTunnelNumber ctn)
 Send a DESTROY message via the tunnel. More...
 
static void handle_plaintext_channel_open_ack (void *cls, const struct GNUNET_CADET_ChannelOpenAckMessage *cm)
 We have received confirmation from the target peer that the given channel could be established (the port is open). More...
 
static void handle_plaintext_channel_destroy (void *cls, const struct GNUNET_CADET_ChannelDestroyMessage *cm)
 We received a message saying that a channel should be destroyed. More...
 
static int handle_decrypted (void *cls, const struct GNUNET_MessageHeader *msg)
 Handles a message we decrypted, by injecting it into our message queue (which will do the dispatching). More...
 
static void decrypted_error_cb (void *cls, enum GNUNET_MQ_Error error)
 Function called if we had an error processing an incoming decrypted message. More...
 
struct CadetTunnelGCT_create_tunnel (struct CadetPeer *destination)
 Create a tunnel to destionation. More...
 
int GCT_add_inbound_connection (struct CadetTunnel *t, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid, struct CadetPeerPath *path)
 Add a connection to the tunnel. More...
 
void GCT_handle_encrypted (struct CadetTConnection *ct, const struct GNUNET_CADET_TunnelEncryptedMessage *msg)
 Handle encrypted message. More...
 
struct CadetTunnelQueueEntryGCT_send (struct CadetTunnel *t, const struct GNUNET_MessageHeader *message, GCT_SendContinuation cont, void *cont_cls)
 Sends an already built message on a tunnel, encrypting it and choosing the best connection if not provided. More...
 
void GCT_send_cancel (struct CadetTunnelQueueEntry *tq)
 Cancel a previously sent message while it's in the queue. More...
 
void GCT_iterate_connections (struct CadetTunnel *t, GCT_ConnectionIterator iter, void *iter_cls)
 Iterate over all connections of a tunnel. More...
 
static int iterate_channels_cb (void *cls, uint32_t key, void *value)
 Helper function for GCT_iterate_channels. More...
 
void GCT_iterate_channels (struct CadetTunnel *t, GCT_ChannelIterator iter, void *iter_cls)
 Iterate over all channels of a tunnel. More...
 
static int debug_channel (void *cls, uint32_t key, void *value)
 Call GCCH_debug() on a channel. More...
 
void GCT_debug (const struct CadetTunnel *t, enum GNUNET_ErrorType level)
 Log all possible info about the tunnel state. More...
 

Detailed Description

Information we track per tunnel.

Author
Bartlomiej Polot
Christian Grothoff

FIXME:

Definition in file gnunet-service-cadet_tunnels.c.

Macro Definition Documentation

◆ LOG

#define LOG (   level,
  ... 
)    GNUNET_log_from(level, "cadet-tun", __VA_ARGS__)

◆ MAX_UNVERIFIED_ATTEMPTS

#define MAX_UNVERIFIED_ATTEMPTS   16

How often do we try to decrypt payload with unverified key material? Used to limit CPU increase upon receiving bogus KX.

Definition at line 52 of file gnunet-service-cadet_tunnels.c.

Referenced by GCT_handle_encrypted().

◆ IDLE_DESTROY_DELAY

#define IDLE_DESTROY_DELAY   GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 90)

How long do we wait until tearing down an idle tunnel?

Definition at line 57 of file gnunet-service-cadet_tunnels.c.

Referenced by connection_ready_cb(), and GCT_remove_channel().

◆ INITIAL_KX_RETRY_DELAY

#define INITIAL_KX_RETRY_DELAY   GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_MILLISECONDS, 250)

How long do we wait initially before retransmitting the KX? TODO: replace by 2 RTT if/once we have connection-level RTT data!

Definition at line 63 of file gnunet-service-cadet_tunnels.c.

Referenced by GCT_create_tunnel().

◆ MAX_SKIPPED_KEYS

#define MAX_SKIPPED_KEYS   64

Maximum number of skipped keys we keep in memory per tunnel.

Definition at line 68 of file gnunet-service-cadet_tunnels.c.

Referenced by store_ax_keys().

◆ MAX_KEY_GAP

#define MAX_KEY_GAP   256

Maximum number of keys (and thus ratchet steps) we are willing to skip before we decide this is either a bogus packet or a DoS-attempt.

Definition at line 74 of file gnunet-service-cadet_tunnels.c.

Referenced by store_ax_keys().

◆ HIGH_BIT

#define HIGH_BIT   0x8000000

Referenced by get_next_free_ctn().

◆ LOG2

#define LOG2 (   level,
  ... 
)    GNUNET_log_from_nocheck(level, "cadet-tun", __VA_ARGS__)

Definition at line 3644 of file gnunet-service-cadet_tunnels.c.

Referenced by GCT_debug().

Function Documentation

◆ alice_or_betty()

static int alice_or_betty ( const struct GNUNET_PeerIdentity other)
static

Am I Alice or Betty (some call her Bob), or talking to myself?

Parameters
otherthe other peer
Returns
GNUNET_YES for Alice, GNUNET_NO for Betty, GNUNET_SYSERR if talking to myself

Definition at line 462 of file gnunet-service-cadet_tunnels.c.

References GNUNET_break_op, GNUNET_memcmp, GNUNET_NO, GNUNET_SYSERR, GNUNET_YES, and my_full_id.

Referenced by GCT_handle_kx(), send_kx(), and update_ax_by_kx().

463 {
464  if (0 > GNUNET_memcmp(&my_full_id,
465  other))
466  return GNUNET_YES;
467  else if (0 < GNUNET_memcmp(&my_full_id,
468  other))
469  return GNUNET_NO;
470  else
471  {
472  GNUNET_break_op(0);
473  return GNUNET_SYSERR;
474  }
475 }
struct GNUNET_PeerIdentity my_full_id
Local peer own ID.
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
#define GNUNET_YES
Definition: gnunet_common.h:77
Here is the caller graph for this function:

◆ mark_connection_unready()

static void mark_connection_unready ( struct CadetTConnection ct)
static

Connection ct is now unready, clear it's ready flag and move it from the ready DLL to the busy DLL.

Parameters
ctconnection to move to unready status

Definition at line 485 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::connection_busy_head, CadetTunnel::connection_busy_tail, CadetTunnel::connection_ready_head, CadetTunnel::connection_ready_tail, GNUNET_assert, GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_DLL_remove, GNUNET_NO, GNUNET_YES, CadetTConnection::is_ready, CadetTunnel::num_busy_connections, CadetTunnel::num_ready_connections, t, and CadetTConnection::t.

Referenced by connection_ready_cb(), send_kx(), send_kx_auth(), and try_send_normal_payload().

486 {
487  struct CadetTunnel *t = ct->t;
488 
492  ct);
495  ct->is_ready = GNUNET_NO;
498  ct);
500 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct CadetTConnection * connection_ready_tail
DLL of ready connections that are actively used to reach the destination peer.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
int is_ready
Is the connection currently ready for transmission?
unsigned int num_ready_connections
Number of connections in the connection_ready_head DLL.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct CadetTConnection * connection_ready_head
DLL of ready connections that are actively used to reach the destination peer.
#define GNUNET_NO
Definition: gnunet_common.h:78
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct CadetTConnection * connection_busy_head
DLL of connections that we maintain that might be used to reach the destination peer.
struct CadetTunnel * t
Tunnel this connection belongs to.
Struct containing all information regarding a tunnel to a peer.
#define GNUNET_YES
Definition: gnunet_common.h:77
unsigned int num_busy_connections
Number of connections in the connection_busy_head DLL.
struct CadetTConnection * connection_busy_tail
DLL of connections that we maintain that might be used to reach the destination peer.
Here is the caller graph for this function:

◆ GCT_2s()

const char* GCT_2s ( const struct CadetTunnel t)

Get the static string for the peer this tunnel is directed.

Parameters
tTunnel.
Returns
Static string the destination peer's ID.

Definition at line 511 of file gnunet-service-cadet_tunnels.c.

References buf, CadetTunnel::destination, GCP_get_id(), GNUNET_i2s(), and GNUNET_snprintf().

Referenced by connection_ready_cb(), consider_path_cb(), destroy_tunnel(), GCC_2s(), GCCH_bind(), GCCH_channel_local_new(), GCCH_debug(), GCP_drop_tunnel(), GCT_add_channel(), GCT_add_inbound_connection(), GCT_change_estate(), GCT_consider_path(), GCT_debug(), GCT_handle_encrypted(), GCT_handle_kx(), GCT_handle_kx_auth(), GCT_remove_channel(), GCT_send(), handle_plaintext_channel_destroy(), handle_plaintext_channel_open(), handle_plaintext_channel_open_ack(), handle_plaintext_keepalive(), maintain_connections_cb(), retry_kx(), send_keepalive(), send_kx(), send_kx_auth(), and try_send_normal_payload().

512 {
513  static char buf[64];
514 
515  if (NULL == t)
516  return "Tunnel(NULL)";
517  GNUNET_snprintf(buf,
518  sizeof(buf),
519  "Tunnel %s",
521  return buf;
522 }
int GNUNET_snprintf(char *buf, size_t size, const char *format,...)
Like snprintf, just aborts if the buffer is of insufficient size.
static char buf[2048]
struct CadetPeer * destination
Destination of the tunnel.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ estate2s()

static const char* estate2s ( enum CadetTunnelEState  es)
static

Get string description for tunnel encryption state.

Parameters
esTunnel state.
Returns
String representation.

Definition at line 533 of file gnunet-service-cadet_tunnels.c.

References buf, CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, and GNUNET_snprintf().

Referenced by connection_ready_cb(), GCT_change_estate(), GCT_debug(), retry_kx(), and send_kx().

534 {
535  static char buf[32];
536 
537  switch (es)
538  {
540  return "CADET_TUNNEL_KEY_UNINITIALIZED";
541 
543  return "CADET_TUNNEL_KEY_AX_RECV";
544 
546  return "CADET_TUNNEL_KEY_AX_SENT";
547 
549  return "CADET_TUNNEL_KEY_AX_SENT_AND_RECV";
550 
552  return "CADET_TUNNEL_KEY_AX_AUTH_SENT";
553 
554  case CADET_TUNNEL_KEY_OK:
555  return "CADET_TUNNEL_KEY_OK";
556 
557  default:
558  GNUNET_snprintf(buf,
559  sizeof(buf),
560  "%u (UNKNOWN STATE)",
561  es);
562  return buf;
563  }
564 }
int GNUNET_snprintf(char *buf, size_t size, const char *format,...)
Like snprintf, just aborts if the buffer is of insufficient size.
KX received and we sent KX_AUTH back, but we got no traffic yet, so we&#39;re waiting for either KX_AUTH ...
KX message sent, waiting for other peer&#39;s KX_AUTH.
static char buf[2048]
Handshake completed: session key available.
KX message sent and received, trying to send back KX_AUTH.
Uninitialized status, we need to send KX.
KX message received, trying to send back KX_AUTH.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_get_destination()

struct CadetPeer* GCT_get_destination ( struct CadetTunnel t)

Return the peer to which this tunnel goes.

Parameters
ta tunnel
Returns
the destination of the tunnel

Definition at line 574 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::destination.

Referenced by GCCH_2s(), GCCH_bind(), GCCH_channel_incoming_new(), get_next_free_ctn(), and timeout_closed_cb().

575 {
576  return t->destination;
577 }
struct CadetPeer * destination
Destination of the tunnel.
Here is the caller graph for this function:

◆ GCT_count_channels()

unsigned int GCT_count_channels ( struct CadetTunnel t)

Count channels of a tunnel.

Return the number of channels using a tunnel.

Parameters
tTunnel on which to count.
Returns
Number of channels.

Definition at line 588 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::channels, and GNUNET_CONTAINER_multihashmap32_size().

Referenced by connection_ready_cb(), destroy_tunnel(), GCT_destroy_tunnel_now(), GCT_remove_channel(), get_all_tunnels_iterator(), and retry_kx().

589 {
591 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
unsigned int GNUNET_CONTAINER_multihashmap32_size(const struct GNUNET_CONTAINER_MultiHashMap32 *map)
Get the number of key-value pairs in the map.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ lookup_channel()

struct CadetChannel* lookup_channel ( struct CadetTunnel t,
struct GNUNET_CADET_ChannelTunnelNumber  ctn 
)

Lookup a channel by its ctn.

Parameters
ttunnel to look in
ctnnumber of channel to find
Returns
NULL if channel does not exist

Definition at line 602 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::channels, GNUNET_CADET_ChannelTunnelNumber::cn, and GNUNET_CONTAINER_multihashmap32_get().

Referenced by handle_plaintext_channel_destroy(), handle_plaintext_channel_open_ack(), handle_plaintext_data(), and handle_plaintext_data_ack().

604 {
606  ntohl(ctn.cn));
607 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
uint32_t cn
Which number does this channel have that uniquely identfies it within its tunnel, in network byte ord...
void * GNUNET_CONTAINER_multihashmap32_get(const struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key)
Given a key find a value in the map matching the key.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_count_any_connections()

unsigned int GCT_count_any_connections ( const struct CadetTunnel t)

Count all created connections of a tunnel.

Return the number of connections available for a tunnel.

Not necessarily ready connections!

Parameters
tTunnel on which to count.
Returns
Number of connections created, either being established or ready.

Definition at line 618 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::num_busy_connections, and CadetTunnel::num_ready_connections.

Referenced by consider_path_cb(), GCT_debug(), get_all_tunnels_iterator(), and maintain_connections_cb().

619 {
621 }
unsigned int num_ready_connections
Number of connections in the connection_ready_head DLL.
unsigned int num_busy_connections
Number of connections in the connection_busy_head DLL.
Here is the caller graph for this function:

◆ get_ready_connection()

static struct CadetTConnection* get_ready_connection ( struct CadetTunnel t)
static

Find first connection that is ready in the list of our connections.

Picks ready connections round-robin.

Parameters
ttunnel to search
Returns
NULL if we have no connection that is ready

Definition at line 632 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::connection_ready_head, GNUNET_assert, GNUNET_YES, and CadetTConnection::is_ready.

Referenced by send_kx(), send_kx_auth(), and trigger_transmissions().

633 {
634  struct CadetTConnection *hd = t->connection_ready_head;
635 
636  GNUNET_assert((NULL == hd) ||
637  (GNUNET_YES == hd->is_ready));
638  return hd;
639 }
int is_ready
Is the connection currently ready for transmission?
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct CadetTConnection * connection_ready_head
DLL of ready connections that are actively used to reach the destination peer.
Entry in list of connections used by tunnel, with metadata.
#define GNUNET_YES
Definition: gnunet_common.h:77
Here is the caller graph for this function:

◆ GCT_get_estate()

enum CadetTunnelEState GCT_get_estate ( struct CadetTunnel t)

Get the encryption state of a tunnel.

Parameters
tTunnel.
Returns
Tunnel's encryption state.

Definition at line 650 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::estate, and trigger_transmissions().

Referenced by get_all_tunnels_iterator(), and send_keepalive().

651 {
652  return t->estate;
653 }
enum CadetTunnelEState estate
State of the tunnel encryption.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ trigger_transmissions()

static void trigger_transmissions ( void *  cls)
static

Called when either we have a new connection, or a new message in the queue, or some existing connection has transmission capacity.

Looks at our message queue and if there is a message, picks a connection to send it on.

Parameters
clsthe struct CadetTunnel to process messages on

Definition at line 2498 of file gnunet-service-cadet_tunnels.c.

References get_ready_connection(), CadetTunnel::send_task, CadetTunnel::tq_head, and try_send_normal_payload().

Referenced by GCT_change_estate(), GCT_get_estate(), GCT_handle_encrypted(), and GCT_send().

2499 {
2500  struct CadetTunnel *t = cls;
2501  struct CadetTConnection *ct;
2502 
2503  t->send_task = NULL;
2504  if (NULL == t->tq_head)
2505  return; /* no messages pending right now */
2506  ct = get_ready_connection(t);
2507  if (NULL == ct)
2508  return; /* no connections ready */
2510  ct);
2511 }
static struct CadetTConnection * get_ready_connection(struct CadetTunnel *t)
Find first connection that is ready in the list of our connections.
static struct GNUNET_SCHEDULER_Task * t
Main task.
Struct containing all information regarding a tunnel to a peer.
struct CadetTunnelQueueEntry * tq_head
Queued messages, to transmit once tunnel gets connected.
Entry in list of connections used by tunnel, with metadata.
struct GNUNET_SCHEDULER_Task * send_task
Task to send messages from queue (if possible).
static void try_send_normal_payload(struct CadetTunnel *t, struct CadetTConnection *ct)
Send normal payload from queue in t via connection ct.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ new_ephemeral()

static void new_ephemeral ( struct CadetTunnelAxolotl ax)
static

Create a new Axolotl ephemeral (ratchet) key.

Parameters
axkey material to update

Definition at line 677 of file gnunet-service-cadet_tunnels.c.

References CadetTunnelAxolotl::DHRs, GNUNET_assert, GNUNET_CRYPTO_ecdhe_key_create2(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_OK, and LOG.

Referenced by GCT_create_tunnel(), and t_ax_encrypt().

678 {
680  "Creating new ephemeral ratchet key (DHRs)\n");
683 }
int GNUNET_CRYPTO_ecdhe_key_create2(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:632
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
#define LOG(level,...)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_hmac()

static void t_hmac ( const void *  plaintext,
size_t  size,
uint32_t  iv,
const struct GNUNET_CRYPTO_SymmetricSessionKey key,
struct GNUNET_ShortHashCode hmac 
)
static

Calculate HMAC.

Parameters
plaintextContent to HMAC.
sizeSize of plaintext.
ivInitialization vector for the message.
keyKey to use.
hmac[out]Destination to store the HMAC.

Definition at line 696 of file gnunet-service-cadet_tunnels.c.

References ctx, GNUNET_CRYPTO_hmac(), GNUNET_CRYPTO_hmac_derive_key(), and GNUNET_memcpy.

Referenced by GCT_send(), t_ax_decrypt_and_validate(), and try_old_ax_keys().

701 {
702  static const char ctx[] = "cadet authentication key";
703  struct GNUNET_CRYPTO_AuthKey auth_key;
704  struct GNUNET_HashCode hash;
705 
707  key,
708  &iv, sizeof(iv),
709  key, sizeof(*key),
710  ctx, sizeof(ctx),
711  NULL);
712  /* Two step: GNUNET_ShortHash is only 256 bits,
713  GNUNET_HashCode is 512, so we truncate. */
714  GNUNET_CRYPTO_hmac(&auth_key,
715  plaintext,
716  size,
717  &hash);
718  GNUNET_memcpy(hmac,
719  &hash,
720  sizeof(*hmac));
721 }
#define GNUNET_memcpy(dst, src, n)
Call memcpy() but check for n being 0 first.
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
Definition: crypto_hash.c:418
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
A 512-bit hashcode.
static unsigned int size
Size of the "table".
Definition: peer.c:66
void GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key, const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len,...)
Derive an authentication key.
Definition: crypto_hash.c:338
type for (message) authentication keys
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_ax_hmac_hash()

static void t_ax_hmac_hash ( const struct GNUNET_CRYPTO_SymmetricSessionKey key,
struct GNUNET_HashCode hash,
const void *  source,
unsigned int  len 
)
static

Perform a HMAC.

Parameters
keyKey to use.
[out]hashResulting HMAC.
sourceSource key material (data to HMAC).
lenLength of source.

Definition at line 733 of file gnunet-service-cadet_tunnels.c.

References ctx, GNUNET_CRYPTO_hmac(), and GNUNET_CRYPTO_hmac_derive_key().

Referenced by t_ax_decrypt_and_validate(), t_ax_encrypt(), and t_hmac_derive_key().

737 {
738  static const char ctx[] = "axolotl HMAC-HASH";
739  struct GNUNET_CRYPTO_AuthKey auth_key;
740 
742  key,
743  ctx, sizeof(ctx),
744  NULL);
745  GNUNET_CRYPTO_hmac(&auth_key,
746  source,
747  len,
748  hash);
749 }
void GNUNET_CRYPTO_hmac(const struct GNUNET_CRYPTO_AuthKey *key, const void *plaintext, size_t plaintext_len, struct GNUNET_HashCode *hmac)
Calculate HMAC of a message (RFC 2104)
Definition: crypto_hash.c:418
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
static GstElement * source
Appsrc instance into which we write data for the pipeline.
void GNUNET_CRYPTO_hmac_derive_key(struct GNUNET_CRYPTO_AuthKey *key, const struct GNUNET_CRYPTO_SymmetricSessionKey *rkey, const void *salt, size_t salt_len,...)
Derive an authentication key.
Definition: crypto_hash.c:338
type for (message) authentication keys
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_hmac_derive_key()

static void t_hmac_derive_key ( const struct GNUNET_CRYPTO_SymmetricSessionKey key,
struct GNUNET_CRYPTO_SymmetricSessionKey out,
const void *  source,
unsigned int  len 
)
static

Derive a symmetric encryption key from an HMAC-HASH.

Parameters
keyKey to use for the HMAC.
[out]outKey to generate.
sourceSource key material (data to HMAC).
lenLength of source.

Definition at line 761 of file gnunet-service-cadet_tunnels.c.

References ctx, GNUNET_CRYPTO_kdf(), and t_ax_hmac_hash().

Referenced by store_skipped_key(), t_ax_decrypt(), and t_ax_encrypt().

765 {
766  static const char ctx[] = "axolotl derive key";
767  struct GNUNET_HashCode h;
768 
769  t_ax_hmac_hash(key,
770  &h,
771  source,
772  len);
773  GNUNET_CRYPTO_kdf(out, sizeof(*out),
774  ctx, sizeof(ctx),
775  &h, sizeof(h),
776  NULL);
777 }
static struct GNUNET_ARM_Handle * h
Connection with ARM.
Definition: gnunet-arm.c:94
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
static void t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_HashCode *hash, const void *source, unsigned int len)
Perform a HMAC.
A 512-bit hashcode.
static GstElement * source
Appsrc instance into which we write data for the pipeline.
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:91
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_ax_encrypt()

static void t_ax_encrypt ( struct CadetTunnelAxolotl ax,
void *  dst,
const void *  src,
size_t  size 
)
static

Encrypt data with the axolotl tunnel key.

Parameters
axkey material to use.
dstDestination with size bytes for the encrypted data.
srcSource of the plaintext. Can overlap with dst, must contain size bytes
sizeSize of the buffers at src and dst

Definition at line 789 of file gnunet-service-cadet_tunnels.c.

References CadetTunnelAxolotl::CKs, ctx, CadetTunnelAxolotl::DHRr, CadetTunnelAxolotl::DHRs, GNUNET_assert, GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_kdf(), GNUNET_CRYPTO_symmetric_derive_iv(), GNUNET_CRYPTO_symmetric_encrypt(), GNUNET_NO, GNUNET_TIME_absolute_add(), GNUNET_TIME_absolute_get(), GNUNET_TIME_absolute_get_remaining(), GNUNET_YES, CadetTunnelAxolotl::HKs, new_ephemeral(), CadetTunnelAxolotl::NHKs, CadetTunnelAxolotl::Ns, CadetTunnelAxolotl::PNs, CadetTunnelAxolotl::ratchet_allowed, CadetTunnelAxolotl::ratchet_counter, CadetTunnelAxolotl::ratchet_expiration, CadetTunnelAxolotl::ratchet_flag, ratchet_time, GNUNET_TIME_Relative::rel_value_us, CadetTunnelAxolotl::RK, t_ax_hmac_hash(), and t_hmac_derive_key().

Referenced by GCT_send().

793 {
796  size_t out_size;
797 
798  ax->ratchet_counter++;
799  if ((GNUNET_YES == ax->ratchet_allowed) &&
800  ((ratchet_messages <= ax->ratchet_counter) ||
802  {
803  ax->ratchet_flag = GNUNET_YES;
804  }
805  if (GNUNET_YES == ax->ratchet_flag)
806  {
807  /* Advance ratchet */
808  struct GNUNET_CRYPTO_SymmetricSessionKey keys[3];
809  struct GNUNET_HashCode dh;
810  struct GNUNET_HashCode hmac;
811  static const char ctx[] = "axolotl ratchet";
812 
813  new_ephemeral(ax);
814  ax->HKs = ax->NHKs;
815 
816  /* RK, NHKs, CKs = KDF( HMAC-HASH(RK, DH(DHRs, DHRr)) ) */
818  &ax->DHRr,
819  &dh);
820  t_ax_hmac_hash(&ax->RK,
821  &hmac,
822  &dh,
823  sizeof(dh));
824  GNUNET_CRYPTO_kdf(keys, sizeof(keys),
825  ctx, sizeof(ctx),
826  &hmac, sizeof(hmac),
827  NULL);
828  ax->RK = keys[0];
829  ax->NHKs = keys[1];
830  ax->CKs = keys[2];
831 
832  ax->PNs = ax->Ns;
833  ax->Ns = 0;
834  ax->ratchet_flag = GNUNET_NO;
836  ax->ratchet_counter = 0;
839  ratchet_time);
840  }
841 
842  t_hmac_derive_key(&ax->CKs,
843  &MK,
844  "0",
845  1);
847  &MK,
848  NULL, 0,
849  NULL);
850 
851  out_size = GNUNET_CRYPTO_symmetric_encrypt(src,
852  size,
853  &MK,
854  &iv,
855  dst);
856  GNUNET_assert(size == out_size);
857  t_hmac_derive_key(&ax->CKs,
858  &ax->CKs,
859  "1",
860  1);
861 }
uint64_t rel_value_us
The actual value.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_TIME_Absolute ratchet_expiration
Time when the current ratchet expires and a new one is triggered (if ratchet_allowed is GNUNET_YES)...
uint32_t PNs
Previous message numbers (# of msgs sent under prev ratchet)
int GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
Definition: crypto_ecc.c:1185
#define GNUNET_NO
Definition: gnunet_common.h:78
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:393
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
static void t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_HashCode *hash, const void *source, unsigned int len)
Perform a HMAC.
struct GNUNET_TIME_Relative ratchet_time
How long until we trigger a ratched advance due to time.
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
static void t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_CRYPTO_SymmetricSessionKey *out, const void *source, unsigned int len)
Derive a symmetric encryption key from an HMAC-HASH.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
A 512-bit hashcode.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
int ratchet_allowed
True (GNUNET_YES) if we have received a message from the other peer that uses the keys from our last ...
static unsigned int size
Size of the "table".
Definition: peer.c:66
struct GNUNET_CRYPTO_SymmetricSessionKey RK
32-byte root key which gets updated by DH ratchet.
struct GNUNET_CRYPTO_EcdhePublicKey DHRr
ECDH Ratchet key (other peer&#39;s public key in the current DH).
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
struct GNUNET_CRYPTO_SymmetricSessionKey HKs
32-byte header key (currently used for sending).
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
#define GNUNET_YES
Definition: gnunet_common.h:77
unsigned int ratchet_counter
Number of messages recieved since our last ratchet advance.
struct GNUNET_CRYPTO_SymmetricSessionKey CKs
32-byte chain keys (used for forward-secrecy) for sending messages.
static void new_ephemeral(struct CadetTunnelAxolotl *ax)
Create a new Axolotl ephemeral (ratchet) key.
int ratchet_flag
True (GNUNET_YES) if we have to send a new ratchet key in next msg.
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:91
struct GNUNET_CRYPTO_SymmetricSessionKey NHKs
32-byte next header key (for sending), used once the ratchet advances.
uint32_t Ns
Message number (reset to 0 with each new ratchet, next message to send).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_ax_decrypt()

static void t_ax_decrypt ( struct CadetTunnelAxolotl ax,
void *  dst,
const void *  src,
size_t  size 
)
static

Decrypt data with the axolotl tunnel key.

Parameters
axkey material to use.
dstDestination for the decrypted data, must contain size bytes.
srcSource of the ciphertext. Can overlap with dst, must contain size bytes.
sizeSize of the src and dst buffers

Definition at line 873 of file gnunet-service-cadet_tunnels.c.

References CadetTunnelAxolotl::CKr, GNUNET_assert, GNUNET_CRYPTO_symmetric_decrypt(), GNUNET_CRYPTO_symmetric_derive_iv(), and t_hmac_derive_key().

Referenced by t_ax_decrypt_and_validate().

877 {
880  size_t out_size;
881 
882  t_hmac_derive_key(&ax->CKr,
883  &MK,
884  "0",
885  1);
887  &MK,
888  NULL, 0,
889  NULL);
890  GNUNET_assert(size >= sizeof(struct GNUNET_MessageHeader));
891  out_size = GNUNET_CRYPTO_symmetric_decrypt(src,
892  size,
893  &MK,
894  &iv,
895  dst);
896  GNUNET_assert(out_size == size);
897  t_hmac_derive_key(&ax->CKr,
898  &ax->CKr,
899  "1",
900  1);
901 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CRYPTO_SymmetricSessionKey CKr
32-byte chain keys (used for forward-secrecy) for receiving messages.
static void t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_CRYPTO_SymmetricSessionKey *out, const void *source, unsigned int len)
Derive a symmetric encryption key from an HMAC-HASH.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
static unsigned int size
Size of the "table".
Definition: peer.c:66
Header for all communications.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_h_encrypt()

static void t_h_encrypt ( struct CadetTunnelAxolotl ax,
struct GNUNET_CADET_TunnelEncryptedMessage msg 
)
static

Encrypt header with the axolotl header key.

Parameters
axkey material to use.

Definition at line 911 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_TunnelEncryptedMessage::ax_header, GNUNET_assert, GNUNET_CRYPTO_symmetric_derive_iv(), GNUNET_CRYPTO_symmetric_encrypt(), and CadetTunnelAxolotl::HKs.

Referenced by GCT_send().

913 {
915  size_t out_size;
916 
918  &ax->HKs,
919  NULL, 0,
920  NULL);
922  sizeof(struct GNUNET_CADET_AxHeader),
923  &ax->HKs,
924  &iv,
925  &msg->ax_header);
926  GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == out_size);
927 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CADET_AxHeader ax_header
Axolotl-header that specifies which keys to use in which ratchet to decrypt the body that follows...
Encrypted axolotl header with numbers that identify which keys in which ratchet are to be used to dec...
ssize_t GNUNET_CRYPTO_symmetric_encrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Encrypt a block using a symmetric sessionkey.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
struct GNUNET_CRYPTO_SymmetricSessionKey HKs
32-byte header key (currently used for sending).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_h_decrypt()

static void t_h_decrypt ( struct CadetTunnelAxolotl ax,
const struct GNUNET_CADET_TunnelEncryptedMessage src,
struct GNUNET_CADET_TunnelEncryptedMessage dst 
)
static

Decrypt header with the current axolotl header key.

Parameters
axkey material to use.
srcMessage whose header to decrypt.
dstWhere to decrypt header to.

Definition at line 938 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_TunnelEncryptedMessage::ax_header, GNUNET_assert, GNUNET_CRYPTO_symmetric_decrypt(), GNUNET_CRYPTO_symmetric_derive_iv(), CadetTunnelAxolotl::HKr, and GNUNET_CADET_AxHeader::Ns.

Referenced by t_ax_decrypt_and_validate().

941 {
943  size_t out_size;
944 
946  &ax->HKr,
947  NULL, 0,
948  NULL);
950  sizeof(struct GNUNET_CADET_AxHeader),
951  &ax->HKr,
952  &iv,
953  &dst->ax_header.Ns);
954  GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == out_size);
955 }
uint32_t Ns
Number of messages sent with the current ratchet key.
struct GNUNET_CRYPTO_SymmetricSessionKey HKr
32-byte header key (currently used for receiving)
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CADET_AxHeader ax_header
Axolotl-header that specifies which keys to use in which ratchet to decrypt the body that follows...
Encrypted axolotl header with numbers that identify which keys in which ratchet are to be used to dec...
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ delete_skipped_key()

static void delete_skipped_key ( struct CadetTunnelAxolotl ax,
struct CadetTunnelSkippedKey key 
)
static

Delete a key from the list of skipped keys.

Parameters
axkey material to delete key from.
keyKey to delete.

Definition at line 965 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CONTAINER_DLL_remove, GNUNET_free, CadetTunnelAxolotl::skipped, CadetTunnelAxolotl::skipped_head, and CadetTunnelAxolotl::skipped_tail.

Referenced by cleanup_ax(), store_ax_keys(), and try_old_ax_keys().

967 {
969  ax->skipped_tail,
970  key);
971  GNUNET_free(key);
972  ax->skipped--;
973 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct CadetTunnelSkippedKey * skipped_tail
Skipped messages&#39; keys DLL, tail.
struct CadetTunnelSkippedKey * skipped_head
A (double linked) list of stored message keys and associated header keys for "skipped" messages...
unsigned int skipped
Number of elements in skipped_head <-> skipped_tail.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the caller graph for this function:

◆ try_old_ax_keys()

static ssize_t try_old_ax_keys ( struct CadetTunnelAxolotl ax,
void *  dst,
const struct GNUNET_CADET_TunnelEncryptedMessage src,
size_t  size 
)
static

Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered since it was sent by the remote peer.

Parameters
axkey material to use.
dstDestination for the plaintext.
srcSource of the message. Can overlap with dst.
sizeSize of the message.
Returns
Size of the decrypted data, -1 if an error was encountered.

Definition at line 987 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_TunnelEncryptedMessage::ax_header, delete_skipped_key(), GNUNET_assert, GNUNET_CRYPTO_symmetric_decrypt(), GNUNET_CRYPTO_symmetric_derive_iv(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_memcmp, CadetTunnelSkippedKey::HK, GNUNET_CADET_TunnelEncryptedMessage::hmac, key, CadetTunnelSkippedKey::Kn, len, LOG, CadetTunnelSkippedKey::MK, N, CadetTunnelSkippedKey::next, GNUNET_CADET_AxHeader::Ns, res, CadetTunnelAxolotl::skipped_head, and t_hmac().

Referenced by t_ax_decrypt_and_validate().

991 {
992  struct CadetTunnelSkippedKey *key;
993  struct GNUNET_ShortHashCode *hmac;
995  struct GNUNET_CADET_TunnelEncryptedMessage plaintext_header;
996  struct GNUNET_CRYPTO_SymmetricSessionKey *valid_HK;
997  size_t esize;
998  size_t res;
999  size_t len;
1000  unsigned int N;
1001 
1003  "Trying skipped keys\n");
1004  hmac = &plaintext_header.hmac;
1005  esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage);
1006 
1007  /* Find a correct Header Key */
1008  valid_HK = NULL;
1009  for (key = ax->skipped_head; NULL != key; key = key->next)
1010  {
1011  t_hmac(&src->ax_header,
1012  sizeof(struct GNUNET_CADET_AxHeader) + esize,
1013  0,
1014  &key->HK,
1015  hmac);
1016  if (0 == GNUNET_memcmp(hmac,
1017  &src->hmac))
1018  {
1019  valid_HK = &key->HK;
1020  break;
1021  }
1022  }
1023  if (NULL == key)
1024  return -1;
1025 
1026  /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */
1028  len = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage);
1029  GNUNET_assert(len >= sizeof(struct GNUNET_MessageHeader));
1030 
1031  /* Decrypt header */
1033  &key->HK,
1034  NULL, 0,
1035  NULL);
1037  sizeof(struct GNUNET_CADET_AxHeader),
1038  &key->HK,
1039  &iv,
1040  &plaintext_header.ax_header.Ns);
1041  GNUNET_assert(sizeof(struct GNUNET_CADET_AxHeader) == res);
1042 
1043  /* Find the correct message key */
1044  N = ntohl(plaintext_header.ax_header.Ns);
1045  while ((NULL != key) &&
1046  (N != key->Kn))
1047  key = key->next;
1048  if ((NULL == key) ||
1049  (0 != GNUNET_memcmp(&key->HK,
1050  valid_HK)))
1051  return -1;
1052 
1053  /* Decrypt payload */
1055  &key->MK,
1056  NULL,
1057  0,
1058  NULL);
1059  res = GNUNET_CRYPTO_symmetric_decrypt(&src[1],
1060  len,
1061  &key->MK,
1062  &iv,
1063  dst);
1064  delete_skipped_key(ax,
1065  key);
1066  return res;
1067 }
Axolotl-encrypted tunnel message with application payload.
Struct to old keys for skipped messages while advancing the Axolotl ratchet.
uint32_t Ns
Number of messages sent with the current ratchet key.
static void t_hmac(const void *plaintext, size_t size, uint32_t iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_ShortHashCode *hmac)
Calculate HMAC.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CADET_AxHeader ax_header
Axolotl-header that specifies which keys to use in which ratchet to decrypt the body that follows...
Encrypted axolotl header with numbers that identify which keys in which ratchet are to be used to dec...
A 256-bit hashcode.
struct GNUNET_CRYPTO_SymmetricSessionKey HK
Header key.
static void delete_skipped_key(struct CadetTunnelAxolotl *ax, struct CadetTunnelSkippedKey *key)
Delete a key from the list of skipped keys.
void GNUNET_CRYPTO_symmetric_derive_iv(struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *skey, const void *salt, size_t salt_len,...)
Derive an IV.
static int res
struct GNUNET_HashCode key
The key used in the DHT.
static unsigned int size
Size of the "table".
Definition: peer.c:66
struct GNUNET_ShortHashCode hmac
MAC of the encrypted message, used to verify message integrity.
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
unsigned int Kn
Key number for a given HK.
#define N
struct CadetTunnelSkippedKey * skipped_head
A (double linked) list of stored message keys and associated header keys for "skipped" messages...
#define LOG(level,...)
Header for all communications.
struct CadetTunnelSkippedKey * next
DLL next.
ssize_t GNUNET_CRYPTO_symmetric_decrypt(const void *block, size_t size, const struct GNUNET_CRYPTO_SymmetricSessionKey *sessionkey, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, void *result)
Decrypt a given block using a symmetric sessionkey.
uint16_t len
length of data (which is always a uint32_t, but presumably this can be used to specify that fewer byt...
struct GNUNET_CRYPTO_SymmetricSessionKey MK
Message key.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ store_skipped_key()

static void store_skipped_key ( struct CadetTunnelAxolotl ax,
const struct GNUNET_CRYPTO_SymmetricSessionKey HKr 
)
static

Delete a key from the list of skipped keys.

Parameters
axkey material to delete from.
HKrHeader Key to use.

Definition at line 1077 of file gnunet-service-cadet_tunnels.c.

References CadetTunnelAxolotl::CKr, GNUNET_CONTAINER_DLL_insert, GNUNET_new, GNUNET_TIME_absolute_get(), CadetTunnelSkippedKey::HK, CadetTunnelAxolotl::HKr, key, CadetTunnelSkippedKey::Kn, CadetTunnelSkippedKey::MK, CadetTunnelAxolotl::Nr, CadetTunnelAxolotl::skipped, CadetTunnelAxolotl::skipped_head, CadetTunnelAxolotl::skipped_tail, t_hmac_derive_key(), and CadetTunnelSkippedKey::timestamp.

Referenced by store_ax_keys().

1079 {
1080  struct CadetTunnelSkippedKey *key;
1081 
1082  key = GNUNET_new(struct CadetTunnelSkippedKey);
1084  key->Kn = ax->Nr;
1085  key->HK = ax->HKr;
1086  t_hmac_derive_key(&ax->CKr,
1087  &key->MK,
1088  "0",
1089  1);
1090  t_hmac_derive_key(&ax->CKr,
1091  &ax->CKr,
1092  "1",
1093  1);
1095  ax->skipped_tail,
1096  key);
1097  ax->skipped++;
1098  ax->Nr++;
1099 }
Struct to old keys for skipped messages while advancing the Axolotl ratchet.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
struct CadetTunnelSkippedKey * skipped_tail
Skipped messages&#39; keys DLL, tail.
struct GNUNET_TIME_Absolute timestamp
When was this key stored (for timeout).
struct GNUNET_CRYPTO_SymmetricSessionKey HKr
32-byte header key (currently used for receiving)
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct GNUNET_CRYPTO_SymmetricSessionKey HK
Header key.
struct GNUNET_CRYPTO_SymmetricSessionKey CKr
32-byte chain keys (used for forward-secrecy) for receiving messages.
static void t_hmac_derive_key(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_CRYPTO_SymmetricSessionKey *out, const void *source, unsigned int len)
Derive a symmetric encryption key from an HMAC-HASH.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct GNUNET_HashCode key
The key used in the DHT.
uint32_t Nr
Message number (reset to 0 with each new ratchet, next message to recv).
unsigned int Kn
Key number for a given HK.
struct CadetTunnelSkippedKey * skipped_head
A (double linked) list of stored message keys and associated header keys for "skipped" messages...
unsigned int skipped
Number of elements in skipped_head <-> skipped_tail.
struct GNUNET_CRYPTO_SymmetricSessionKey MK
Message key.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ store_ax_keys()

static int store_ax_keys ( struct CadetTunnelAxolotl ax,
const struct GNUNET_CRYPTO_SymmetricSessionKey HKr,
uint32_t  Np 
)
static

Stage skipped AX keys and calculate the message key.

Stores each HK and MK for skipped messages.

Parameters
axkey material to use
HKrHeader key.
NpReceived meesage number.
Returns
GNUNET_OK if keys were stored. GNUNET_SYSERR if an error ocurred (Np not expected).

Definition at line 1113 of file gnunet-service-cadet_tunnels.c.

References delete_skipped_key(), GNUNET_break_op, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_OK, GNUNET_SYSERR, LOG, MAX_KEY_GAP, MAX_SKIPPED_KEYS, CadetTunnelAxolotl::Nr, CadetTunnelAxolotl::skipped, CadetTunnelAxolotl::skipped_tail, and store_skipped_key().

Referenced by t_ax_decrypt_and_validate().

1116 {
1117  int gap;
1118 
1119  gap = Np - ax->Nr;
1121  "Storing skipped keys [%u, %u)\n",
1122  ax->Nr,
1123  Np);
1124  if (MAX_KEY_GAP < gap)
1125  {
1126  /* Avoid DoS (forcing peer to do more than #MAX_KEY_GAP HMAC operations) */
1127  /* TODO: start new key exchange on return */
1128  GNUNET_break_op(0);
1130  "Got message %u, expected %u+\n",
1131  Np,
1132  ax->Nr);
1133  return GNUNET_SYSERR;
1134  }
1135  if (0 > gap)
1136  {
1137  /* Delayed message: don't store keys, flag to try old keys. */
1138  return GNUNET_SYSERR;
1139  }
1140 
1141  while (ax->Nr < Np)
1142  store_skipped_key(ax,
1143  HKr);
1144 
1145  while (ax->skipped > MAX_SKIPPED_KEYS)
1146  delete_skipped_key(ax,
1147  ax->skipped_tail);
1148  return GNUNET_OK;
1149 }
struct CadetTunnelSkippedKey * skipped_tail
Skipped messages&#39; keys DLL, tail.
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
static void store_skipped_key(struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr)
Delete a key from the list of skipped keys.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
static void delete_skipped_key(struct CadetTunnelAxolotl *ax, struct CadetTunnelSkippedKey *key)
Delete a key from the list of skipped keys.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
uint32_t Nr
Message number (reset to 0 with each new ratchet, next message to recv).
#define MAX_SKIPPED_KEYS
Maximum number of skipped keys we keep in memory per tunnel.
#define LOG(level,...)
#define MAX_KEY_GAP
Maximum number of keys (and thus ratchet steps) we are willing to skip before we decide this is eithe...
unsigned int skipped
Number of elements in skipped_head <-> skipped_tail.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ t_ax_decrypt_and_validate()

static ssize_t t_ax_decrypt_and_validate ( struct CadetTunnelAxolotl ax,
void *  dst,
const struct GNUNET_CADET_TunnelEncryptedMessage src,
size_t  size 
)
static

Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered since it was sent by the remote peer.

Parameters
axkey material to use
dstDestination for the plaintext.
srcSource of the message. Can overlap with dst.
sizeSize of the message.
Returns
Size of the decrypted data, -1 if an error was encountered.

Definition at line 1163 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_TunnelEncryptedMessage::ax_header, CadetTunnelAxolotl::CKr, ctx, CadetTunnelAxolotl::DHRr, CadetTunnelAxolotl::DHRs, GNUNET_CADET_AxHeader::DHRs, GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_kdf(), GNUNET_memcmp, GNUNET_OK, GNUNET_YES, CadetTunnelAxolotl::HKr, GNUNET_CADET_TunnelEncryptedMessage::hmac, CadetTunnelAxolotl::NHKr, CadetTunnelAxolotl::Nr, GNUNET_CADET_AxHeader::Ns, GNUNET_CADET_AxHeader::PNs, CadetTunnelAxolotl::ratchet_allowed, CadetTunnelAxolotl::RK, store_ax_keys(), t_ax_decrypt(), t_ax_hmac_hash(), t_h_decrypt(), t_hmac(), and try_old_ax_keys().

Referenced by GCT_handle_encrypted().

1167 {
1168  struct GNUNET_ShortHashCode msg_hmac;
1169  struct GNUNET_HashCode hmac;
1170  struct GNUNET_CADET_TunnelEncryptedMessage plaintext_header;
1171  uint32_t Np;
1172  uint32_t PNp;
1173  size_t esize; /* Size of encryped payload */
1174 
1175  esize = size - sizeof(struct GNUNET_CADET_TunnelEncryptedMessage);
1176 
1177  /* Try current HK */
1178  t_hmac(&src->ax_header,
1179  sizeof(struct GNUNET_CADET_AxHeader) + esize,
1180  0, &ax->HKr,
1181  &msg_hmac);
1182  if (0 != GNUNET_memcmp(&msg_hmac,
1183  &src->hmac))
1184  {
1185  static const char ctx[] = "axolotl ratchet";
1186  struct GNUNET_CRYPTO_SymmetricSessionKey keys[3]; /* RKp, NHKp, CKp */
1188  struct GNUNET_HashCode dh;
1189  struct GNUNET_CRYPTO_EcdhePublicKey *DHRp;
1190 
1191  /* Try Next HK */
1192  t_hmac(&src->ax_header,
1193  sizeof(struct GNUNET_CADET_AxHeader) + esize,
1194  0,
1195  &ax->NHKr,
1196  &msg_hmac);
1197  if (0 != GNUNET_memcmp(&msg_hmac,
1198  &src->hmac))
1199  {
1200  /* Try the skipped keys, if that fails, we're out of luck. */
1201  return try_old_ax_keys(ax,
1202  dst,
1203  src,
1204  size);
1205  }
1206  HK = ax->HKr;
1207  ax->HKr = ax->NHKr;
1208  t_h_decrypt(ax,
1209  src,
1210  &plaintext_header);
1211  Np = ntohl(plaintext_header.ax_header.Ns);
1212  PNp = ntohl(plaintext_header.ax_header.PNs);
1213  DHRp = &plaintext_header.ax_header.DHRs;
1214  store_ax_keys(ax,
1215  &HK,
1216  PNp);
1217 
1218  /* RKp, NHKp, CKp = KDF (HMAC-HASH (RK, DH (DHRp, DHRs))) */
1220  DHRp,
1221  &dh);
1222  t_ax_hmac_hash(&ax->RK,
1223  &hmac,
1224  &dh, sizeof(dh));
1225  GNUNET_CRYPTO_kdf(keys, sizeof(keys),
1226  ctx, sizeof(ctx),
1227  &hmac, sizeof(hmac),
1228  NULL);
1229 
1230  /* Commit "purported" keys */
1231  ax->RK = keys[0];
1232  ax->NHKr = keys[1];
1233  ax->CKr = keys[2];
1234  ax->DHRr = *DHRp;
1235  ax->Nr = 0;
1237  }
1238  else
1239  {
1240  t_h_decrypt(ax,
1241  src,
1242  &plaintext_header);
1243  Np = ntohl(plaintext_header.ax_header.Ns);
1244  PNp = ntohl(plaintext_header.ax_header.PNs);
1245  }
1246  if ((Np != ax->Nr) &&
1247  (GNUNET_OK != store_ax_keys(ax,
1248  &ax->HKr,
1249  Np)))
1250  {
1251  /* Try the skipped keys, if that fails, we're out of luck. */
1252  return try_old_ax_keys(ax,
1253  dst,
1254  src,
1255  size);
1256  }
1257 
1258  t_ax_decrypt(ax,
1259  dst,
1260  &src[1],
1261  esize);
1262  ax->Nr = Np + 1;
1263  return esize;
1264 }
Axolotl-encrypted tunnel message with application payload.
static void t_hmac(const void *plaintext, size_t size, uint32_t iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_ShortHashCode *hmac)
Calculate HMAC.
struct GNUNET_CRYPTO_SymmetricSessionKey HKr
32-byte header key (currently used for receiving)
int GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
Definition: crypto_ecc.c:1185
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
struct GNUNET_CRYPTO_SymmetricSessionKey NHKr
32-byte next header key (for receiving).
struct GNUNET_CADET_AxHeader ax_header
Axolotl-header that specifies which keys to use in which ratchet to decrypt the body that follows...
Encrypted axolotl header with numbers that identify which keys in which ratchet are to be used to dec...
static struct GNUNET_DNSSTUB_Context * ctx
Context for DNS resolution.
static int store_ax_keys(struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr, uint32_t Np)
Stage skipped AX keys and calculate the message key.
A 256-bit hashcode.
static void t_ax_hmac_hash(const struct GNUNET_CRYPTO_SymmetricSessionKey *key, struct GNUNET_HashCode *hash, const void *source, unsigned int len)
Perform a HMAC.
struct GNUNET_CRYPTO_SymmetricSessionKey CKr
32-byte chain keys (used for forward-secrecy) for receiving messages.
static ssize_t try_old_ax_keys(struct CadetTunnelAxolotl *ax, void *dst, const struct GNUNET_CADET_TunnelEncryptedMessage *src, size_t size)
Decrypt and verify data with the appropriate tunnel key and verify that the data has not been altered...
A 512-bit hashcode.
int ratchet_allowed
True (GNUNET_YES) if we have received a message from the other peer that uses the keys from our last ...
static unsigned int size
Size of the "table".
Definition: peer.c:66
uint32_t Nr
Message number (reset to 0 with each new ratchet, next message to recv).
struct GNUNET_ShortHashCode hmac
MAC of the encrypted message, used to verify message integrity.
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
struct GNUNET_CRYPTO_SymmetricSessionKey RK
32-byte root key which gets updated by DH ratchet.
struct GNUNET_CRYPTO_EcdhePublicKey DHRr
ECDH Ratchet key (other peer&#39;s public key in the current DH).
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
static void t_h_decrypt(struct CadetTunnelAxolotl *ax, const struct GNUNET_CADET_TunnelEncryptedMessage *src, struct GNUNET_CADET_TunnelEncryptedMessage *dst)
Decrypt header with the current axolotl header key.
#define GNUNET_YES
Definition: gnunet_common.h:77
static void t_ax_decrypt(struct CadetTunnelAxolotl *ax, void *dst, const void *src, size_t size)
Decrypt data with the axolotl tunnel key.
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:91
Here is the call graph for this function:
Here is the caller graph for this function:

◆ notify_tunnel_up_cb()

static int notify_tunnel_up_cb ( void *  cls,
uint32_t  key,
void *  value 
)
static

Our tunnel became ready for the first time, notify channels that have been waiting.

Parameters
clsour tunnel, not used
keyunique ID of the channel, not used
valuethe struct CadetChannel to notify
Returns
GNUNET_OK (continue to iterate)

Definition at line 1277 of file gnunet-service-cadet_tunnels.c.

References ch, GCCH_tunnel_up(), GNUNET_OK, and value.

Referenced by GCT_change_estate().

1280 {
1281  struct CadetChannel *ch = value;
1282 
1283  GCCH_tunnel_up(ch);
1284  return GNUNET_OK;
1285 }
static struct GNUNET_CADET_Channel * ch
Channel handle.
Definition: gnunet-cadet.c:117
void GCCH_tunnel_up(struct CadetChannel *ch)
Function called once and only once after a channel was bound to its tunnel via GCT_add_channel() is r...
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
static char * value
Value of the record to add/remove.
Struct containing all information regarding a channel to a remote client.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_change_estate()

void GCT_change_estate ( struct CadetTunnel t,
enum CadetTunnelEState  state 
)

Change the tunnel encryption state.

If the encryption state changes to OK, stop the rekey task.

Parameters
tTunnel whose encryption state to change, or NULL.
stateNew encryption state.

Definition at line 1296 of file gnunet-service-cadet_tunnels.c.

References CADET_TUNNEL_KEY_OK, CadetTunnel::channels, CadetTunnel::estate, estate2s(), GCT_2s(), GNUNET_CONTAINER_multihashmap32_iterate(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_cancel(), CadetTunnel::kx_task, LOG, notify_tunnel_up_cb(), CadetTunnel::send_task, state, and trigger_transmissions().

Referenced by GCT_handle_encrypted(), GCT_handle_kx(), GCT_handle_kx_auth(), send_kx(), and send_kx_auth().

1298 {
1299  enum CadetTunnelEState old = t->estate;
1300 
1301  t->estate = state;
1303  "%s estate changed from %s to %s\n",
1304  GCT_2s(t),
1305  estate2s(old),
1306  estate2s(state));
1307 
1308  if ((CADET_TUNNEL_KEY_OK != old) &&
1309  (CADET_TUNNEL_KEY_OK == t->estate))
1310  {
1311  if (NULL != t->kx_task)
1312  {
1314  t->kx_task = NULL;
1315  }
1316  /* notify all channels that have been waiting */
1319  t);
1320  if (NULL != t->send_task)
1323  t);
1324  }
1325 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
static const char * estate2s(enum CadetTunnelEState es)
Get string description for tunnel encryption state.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
int GNUNET_CONTAINER_multihashmap32_iterate(struct GNUNET_CONTAINER_MultiHashMap32 *map, GNUNET_CONTAINER_MulitHashMapIterator32Callback it, void *it_cls)
Iterate over all entries in the map.
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
static void trigger_transmissions(void *cls)
Called when either we have a new connection, or a new message in the queue, or some existing connecti...
enum State state
current state of profiling
CadetTunnelEState
All the encryption states a tunnel can be in.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1264
Handshake completed: session key available.
static int notify_tunnel_up_cb(void *cls, uint32_t key, void *value)
Our tunnel became ready for the first time, notify channels that have been waiting.
#define LOG(level,...)
struct GNUNET_SCHEDULER_Task * send_task
Task to send messages from queue (if possible).
enum CadetTunnelEState estate
State of the tunnel encryption.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:956
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_kx()

static void send_kx ( struct CadetTunnel t,
struct CadetTConnection ct,
struct CadetTunnelAxolotl ax 
)
static

Send a KX message.

Parameters
ttunnel on which to send the KX_AUTH
ctTunnel and connection on which to send the KX_AUTH, NULL if we are to find one that is ready.
axaxolotl key context to use

Definition at line 1337 of file gnunet-service-cadet_tunnels.c.

References alice_or_betty(), CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_UNINITIALIZED, CadetTConnection::cc, GNUNET_CADET_TunnelKeyExchangeMessage::cid, GNUNET_CADET_ConnectionTunnelIdentifier::connection_of_tunnel, CadetTunnel::destination, CadetTunnelAxolotl::DHRs, env, GNUNET_CADET_TunnelKeyExchangeMessage::ephemeral_key, CadetTunnel::estate, estate2s(), GNUNET_CADET_TunnelKeyExchangeMessage::flags, GCC_get_id(), GCC_transmit(), GCP_get_id(), GCT_2s(), GCT_change_estate(), get_ready_connection(), GNUNET_CADET_KX_FLAG_FORCE_REPLY, GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_e2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX, GNUNET_MQ_msg, GNUNET_NO, GNUNET_sh2s(), GNUNET_STATISTICS_update(), GNUNET_TIME_absolute_get(), GNUNET_TIME_relative_to_absolute(), GNUNET_TIME_STD_BACKOFF, GNUNET_YES, CadetTConnection::is_ready, CadetTunnelAxolotl::kx_0, CadetTunnel::kx_retry_delay, LOG, mark_connection_unready(), msg, my_private_key, CadetTunnel::next_kx_attempt, GNUNET_CADET_TunnelKeyExchangeMessage::ratchet_key, and stats.

Referenced by connection_ready_cb(), GCT_handle_encrypted(), and retry_kx().

1340 {
1341  struct CadetConnection *cc;
1342  struct GNUNET_MQ_Envelope *env;
1345 
1347  return; /* only Alice may send KX */
1348  if ((NULL == ct) ||
1349  (GNUNET_NO == ct->is_ready))
1350  ct = get_ready_connection(t);
1351  if (NULL == ct)
1352  {
1354  "Wanted to send %s in state %s, but no connection is ready, deferring\n",
1355  GCT_2s(t),
1356  estate2s(t->estate));
1358  return;
1359  }
1360  cc = ct->cc;
1361  env = GNUNET_MQ_msg(msg,
1363  flags = GNUNET_CADET_KX_FLAG_FORCE_REPLY; /* always for KX */
1364  msg->flags = htonl(flags);
1365  msg->cid = *GCC_get_id(cc);
1367  &msg->ephemeral_key);
1368 #if DEBUG_KX
1369  msg->ephemeral_key_XXX = ax->kx_0;
1370  msg->private_key_XXX = *my_private_key;
1371 #endif
1373  "Sending KX message to %s with ephemeral %s on CID %s\n",
1374  GCT_2s(t),
1375  GNUNET_e2s(&msg->ephemeral_key),
1378  &msg->ratchet_key);
1385  else if (CADET_TUNNEL_KEY_AX_RECV == t->estate)
1388  GCC_transmit(cc,
1389  env);
1391  "# KX transmitted",
1392  1,
1393  GNUNET_NO);
1394 }
static struct GNUNET_STATISTICS_Handle * stats
Handle for statistics.
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static const char * estate2s(enum CadetTunnelEState es)
Get string description for tunnel encryption state.
Low-level connection to a destination.
int is_ready
Is the connection currently ready for transmission?
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
static int alice_or_betty(const struct GNUNET_PeerIdentity *other)
Am I Alice or Betty (some call her Bob), or talking to myself?
uint32_t flags
Flags for the key exchange in NBO, based on enum GNUNET_CADET_KX_Flags.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
const struct GNUNET_CADET_ConnectionTunnelIdentifier * GCC_get_id(struct CadetConnection *cc)
Obtain unique ID for the connection.
static void mark_connection_unready(struct CadetTConnection *ct)
Connection ct is now unready, clear it&#39;s ready flag and move it from the ready DLL to the busy DLL...
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
#define GNUNET_NO
Definition: gnunet_common.h:78
KX message sent, waiting for other peer&#39;s KX_AUTH.
static struct CadetTConnection * get_ready_connection(struct CadetTunnel *t)
Find first connection that is ready in the list of our connections.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
GNUNET_CADET_KX_Flags
Flags to be used in GNUNET_CADET_KX.
struct GNUNET_CADET_ConnectionTunnelIdentifier cid
ID of the connection.
struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key
Sender&#39;s next ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct CadetConnection * cc
Connection handle.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:303
struct GNUNET_TIME_Absolute next_kx_attempt
When do we try the next KX?
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
#define GNUNET_TIME_STD_BACKOFF(r)
Perform our standard exponential back-off calculation, starting at 1 ms and then going by a factor of...
struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Own private key.
void GCT_change_estate(struct CadetTunnel *t, enum CadetTunnelEState state)
Change the tunnel encryption state.
void GCC_transmit(struct CadetConnection *cc, struct GNUNET_MQ_Envelope *env)
Transmit message msg via connection cc.
KX message sent and received, trying to send back KX_AUTH.
struct CadetPeer * destination
Destination of the tunnel.
The peer should reply with its KX details?
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
Message for a Key eXchange for a tunnel.
Uninitialized status, we need to send KX.
#define LOG(level,...)
KX message received, trying to send back KX_AUTH.
struct GNUNET_TIME_Relative kx_retry_delay
How long do we wait until we retry the KX?
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Sender&#39;s ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
const char * GNUNET_e2s(const struct GNUNET_CRYPTO_EcdhePublicKey *p)
Convert a public key value to a string (for printing debug messages).
struct GNUNET_ShortHashCode connection_of_tunnel
enum CadetTunnelEState estate
State of the tunnel encryption.
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX
Axolotl key exchange.
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
struct GNUNET_CRYPTO_EcdhePrivateKey kx_0
ECDH for key exchange (A0 / B0).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_kx_auth()

static void send_kx_auth ( struct CadetTunnel t,
struct CadetTConnection ct,
struct CadetTunnelAxolotl ax,
int  force_reply 
)
static

Send a KX_AUTH message.

Parameters
ttunnel on which to send the KX_AUTH
ctTunnel and connection on which to send the KX_AUTH, NULL if we are to find one that is ready.
axaxolotl key context to use
force_replyForce the other peer to reply with a KX_AUTH message (set if we would like to transmit right now, but cannot)

Definition at line 1408 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_TunnelKeyExchangeAuthMessage::auth, CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_OK, CadetTConnection::cc, GNUNET_CADET_TunnelKeyExchangeMessage::cid, GNUNET_CADET_ConnectionTunnelIdentifier::connection_of_tunnel, CadetTunnelAxolotl::DHRs, env, GNUNET_CADET_TunnelKeyExchangeMessage::ephemeral_key, CadetTunnel::estate, GNUNET_CADET_TunnelKeyExchangeMessage::flags, GCC_get_id(), GCC_transmit(), GCT_2s(), GCT_change_estate(), get_ready_connection(), GNUNET_CADET_KX_FLAG_FORCE_REPLY, GNUNET_CADET_KX_FLAG_NONE, GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_hash(), GNUNET_e2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH, GNUNET_MQ_msg, GNUNET_NO, GNUNET_sh2s(), GNUNET_STATISTICS_update(), GNUNET_TIME_absolute_get(), GNUNET_TIME_relative_to_absolute(), GNUNET_TIME_STD_BACKOFF, GNUNET_YES, CadetTConnection::is_ready, GNUNET_CADET_TunnelKeyExchangeAuthMessage::kx, CadetTunnelAxolotl::kx_0, CadetTunnel::kx_auth_requested, CadetTunnel::kx_retry_delay, CadetTunnelAxolotl::last_ephemeral, LOG, mark_connection_unready(), msg, my_private_key, CadetTunnel::next_kx_attempt, GNUNET_CADET_TunnelKeyExchangeMessage::ratchet_key, CadetTunnelAxolotl::RK, and stats.

Referenced by connection_ready_cb(), GCT_handle_encrypted(), GCT_handle_kx(), GCT_handle_kx_auth(), and retry_kx().

1412 {
1413  struct CadetConnection *cc;
1414  struct GNUNET_MQ_Envelope *env;
1416  enum GNUNET_CADET_KX_Flags flags;
1417 
1418  if ((NULL == ct) ||
1419  (GNUNET_NO == ct->is_ready))
1420  ct = get_ready_connection(t);
1421  if (NULL == ct)
1422  {
1424  "Wanted to send KX_AUTH on %s, but no connection is ready, deferring\n",
1425  GCT_2s(t));
1427  t->kx_auth_requested = GNUNET_YES; /* queue KX_AUTH independent of estate */
1428  return;
1429  }
1430  t->kx_auth_requested = GNUNET_NO; /* clear flag */
1431  cc = ct->cc;
1432  env = GNUNET_MQ_msg(msg,
1434  flags = GNUNET_CADET_KX_FLAG_NONE;
1435  if (GNUNET_YES == force_reply)
1437  msg->kx.flags = htonl(flags);
1438  msg->kx.cid = *GCC_get_id(cc);
1440  &msg->kx.ephemeral_key);
1442  &msg->kx.ratchet_key);
1443 #if DEBUG_KX
1444  msg->kx.ephemeral_key_XXX = ax->kx_0;
1445  msg->kx.private_key_XXX = *my_private_key;
1446  msg->r_ephemeral_key_XXX = ax->last_ephemeral;
1447 #endif
1449  "Sending KX_AUTH message to %s with ephemeral %s on CID %s\n",
1450  GCT_2s(t),
1451  GNUNET_e2s(&msg->kx.ephemeral_key),
1453 
1454  /* Compute authenticator (this is the main difference to #send_kx()) */
1455  GNUNET_CRYPTO_hash(&ax->RK,
1456  sizeof(ax->RK),
1457  &msg->auth);
1458  /* Compute when to be triggered again; actual job will
1459  be scheduled via #connection_ready_cb() */
1460  t->kx_retry_delay
1462  t->next_kx_attempt
1464 
1465  /* Send via cc, mark it as unready */
1467 
1468  /* Update state machine, unless we are already OK */
1469  if (CADET_TUNNEL_KEY_OK != t->estate)
1472  GCC_transmit(cc,
1473  env);
1475  "# KX_AUTH transmitted",
1476  1,
1477  GNUNET_NO);
1478 }
static struct GNUNET_STATISTICS_Handle * stats
Handle for statistics.
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
Low-level connection to a destination.
int is_ready
Is the connection currently ready for transmission?
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
struct GNUNET_CADET_TunnelKeyExchangeMessage kx
Message header with key material.
uint32_t flags
Flags for the key exchange in NBO, based on enum GNUNET_CADET_KX_Flags.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
const struct GNUNET_CADET_ConnectionTunnelIdentifier * GCC_get_id(struct CadetConnection *cc)
Obtain unique ID for the connection.
static void mark_connection_unready(struct CadetTConnection *ct)
Connection ct is now unready, clear it&#39;s ready flag and move it from the ready DLL to the busy DLL...
KX received and we sent KX_AUTH back, but we got no traffic yet, so we&#39;re waiting for either KX_AUTH ...
#define GNUNET_MQ_msg(mvar, type)
Allocate a GNUNET_MQ_Envelope.
Definition: gnunet_mq_lib.h:67
int kx_auth_requested
Force triggering KX_AUTH independent of estate.
#define GNUNET_NO
Definition: gnunet_common.h:78
Should the peer reply with its KX details?
static struct CadetTConnection * get_ready_connection(struct CadetTunnel *t)
Find first connection that is ready in the list of our connections.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
GNUNET_CADET_KX_Flags
Flags to be used in GNUNET_CADET_KX.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:44
Message for a Key eXchange for a tunnel, with authentication.
struct GNUNET_CRYPTO_EcdhePublicKey last_ephemeral
Last ephemeral public key received from the other peer, for duplicate detection.
struct GNUNET_CADET_ConnectionTunnelIdentifier cid
ID of the connection.
struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key
Sender&#39;s next ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct CadetConnection * cc
Connection handle.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:303
struct GNUNET_TIME_Absolute next_kx_attempt
When do we try the next KX?
struct GNUNET_MQ_Envelope * env
Definition: 005.c:1
#define GNUNET_TIME_STD_BACKOFF(r)
Perform our standard exponential back-off calculation, starting at 1 ms and then going by a factor of...
Handshake completed: session key available.
struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Own private key.
void GCT_change_estate(struct CadetTunnel *t, enum CadetTunnelEState state)
Change the tunnel encryption state.
struct GNUNET_CRYPTO_SymmetricSessionKey RK
32-byte root key which gets updated by DH ratchet.
void GCC_transmit(struct CadetConnection *cc, struct GNUNET_MQ_Envelope *env)
Transmit message msg via connection cc.
The peer should reply with its KX details?
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
struct GNUNET_HashCode auth
KDF-proof that sender could compute the 3-DH, used in lieu of a signature or payload data...
#define LOG(level,...)
#define GNUNET_MESSAGE_TYPE_CADET_TUNNEL_KX_AUTH
Axolotl key exchange response with authentication.
struct GNUNET_TIME_Relative kx_retry_delay
How long do we wait until we retry the KX?
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Sender&#39;s ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
const char * GNUNET_e2s(const struct GNUNET_CRYPTO_EcdhePublicKey *p)
Convert a public key value to a string (for printing debug messages).
struct GNUNET_ShortHashCode connection_of_tunnel
enum CadetTunnelEState estate
State of the tunnel encryption.
struct GNUNET_CRYPTO_EcdhePrivateKey kx_0
ECDH for key exchange (A0 / B0).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ cleanup_ax()

static void cleanup_ax ( struct CadetTunnelAxolotl ax)
static

Cleanup state used by ax.

Parameters
axstate to free, but not memory of ax itself

Definition at line 1487 of file gnunet-service-cadet_tunnels.c.

References delete_skipped_key(), CadetTunnelAxolotl::DHRs, GNUNET_assert, GNUNET_CRYPTO_ecdhe_key_clear(), CadetTunnelAxolotl::kx_0, CadetTunnelAxolotl::skipped, and CadetTunnelAxolotl::skipped_head.

Referenced by destroy_tunnel(), GCT_handle_encrypted(), and GCT_handle_kx_auth().

1488 {
1489  while (NULL != ax->skipped_head)
1490  delete_skipped_key(ax,
1491  ax->skipped_head);
1492  GNUNET_assert(0 == ax->skipped);
1495 }
void GNUNET_CRYPTO_ecdhe_key_clear(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Clear memory that was used to store a private key.
Definition: crypto_ecc.c:572
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static void delete_skipped_key(struct CadetTunnelAxolotl *ax, struct CadetTunnelSkippedKey *key)
Delete a key from the list of skipped keys.
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
struct CadetTunnelSkippedKey * skipped_head
A (double linked) list of stored message keys and associated header keys for "skipped" messages...
unsigned int skipped
Number of elements in skipped_head <-> skipped_tail.
struct GNUNET_CRYPTO_EcdhePrivateKey kx_0
ECDH for key exchange (A0 / B0).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ update_ax_by_kx()

static int update_ax_by_kx ( struct CadetTunnelAxolotl ax,
const struct GNUNET_PeerIdentity pid,
const struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key,
const struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key 
)
static

Update our Axolotl key state based on the KX data we received.

Computes the new chain keys, and root keys, etc, and also checks wether this is a replay of the current chain.

Parameters

Definition at line 1512 of file gnunet-service-cadet_tunnels.c.

References alice_or_betty(), CadetTunnelAxolotl::CKr, CadetTunnelAxolotl::CKs, CadetTunnelAxolotl::DHRr, GNUNET_break_op, GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_eddsa_ecdh(), GNUNET_CRYPTO_kdf(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_memcmp, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_TIME_absolute_add(), GNUNET_TIME_absolute_get(), GNUNET_YES, CadetTunnelAxolotl::HKr, CadetTunnelAxolotl::HKs, CadetTunnelAxolotl::kx_0, CadetTunnelAxolotl::last_ephemeral, LOG, my_private_key, CadetTunnelAxolotl::NHKr, CadetTunnelAxolotl::NHKs, GNUNET_PeerIdentity::public_key, CadetTunnelAxolotl::ratchet_expiration, CadetTunnelAxolotl::ratchet_flag, ratchet_time, CadetTunnelAxolotl::RK, and stats.

Referenced by GCT_handle_kx(), and GCT_handle_kx_auth().

1516 {
1517  struct GNUNET_HashCode key_material[3];
1518  struct GNUNET_CRYPTO_SymmetricSessionKey keys[5];
1519  const char salt[] = "CADET Axolotl salt";
1520  int am_I_alice;
1521 
1522  if (GNUNET_SYSERR == (am_I_alice = alice_or_betty(pid)))
1523  {
1524  GNUNET_break_op(0);
1525  return GNUNET_SYSERR;
1526  }
1527  if (0 == GNUNET_memcmp(&ax->DHRr,
1528  ratchet_key))
1529  {
1531  "# Ratchet key already known",
1532  1,
1533  GNUNET_NO);
1535  "Ratchet key already known. Ignoring KX.\n");
1536  return GNUNET_NO;
1537  }
1538 
1539  ax->DHRr = *ratchet_key;
1540  ax->last_ephemeral = *ephemeral_key;
1541  /* ECDH A B0 */
1542  if (GNUNET_YES == am_I_alice)
1543  {
1545  ephemeral_key, /* B0 */
1546  &key_material[0]);
1547  }
1548  else
1549  {
1550  GNUNET_CRYPTO_ecdh_eddsa(&ax->kx_0, /* b0 */
1551  &pid->public_key, /* A */
1552  &key_material[0]);
1553  }
1554  /* ECDH A0 B */
1555  if (GNUNET_YES == am_I_alice)
1556  {
1557  GNUNET_CRYPTO_ecdh_eddsa(&ax->kx_0, /* a0 */
1558  &pid->public_key, /* B */
1559  &key_material[1]);
1560  }
1561  else
1562  {
1564  ephemeral_key, /* A0 */
1565  &key_material[1]);
1566  }
1567 
1568  /* ECDH A0 B0 */
1569  GNUNET_CRYPTO_ecc_ecdh(&ax->kx_0, /* a0 or b0 */
1570  ephemeral_key, /* B0 or A0 */
1571  &key_material[2]);
1572  /* KDF */
1573  GNUNET_CRYPTO_kdf(keys, sizeof(keys),
1574  salt, sizeof(salt),
1575  &key_material, sizeof(key_material),
1576  NULL);
1577 
1578  if (0 == memcmp(&ax->RK,
1579  &keys[0],
1580  sizeof(ax->RK)))
1581  {
1583  "Root key already known. Ignoring KX.\n");
1585  "# Root key already known",
1586  1,
1587  GNUNET_NO);
1588  return GNUNET_NO;
1589  }
1590 
1591  ax->RK = keys[0];
1592  if (GNUNET_YES == am_I_alice)
1593  {
1594  ax->HKr = keys[1];
1595  ax->NHKs = keys[2];
1596  ax->NHKr = keys[3];
1597  ax->CKr = keys[4];
1598  ax->ratchet_flag = GNUNET_YES;
1599  }
1600  else
1601  {
1602  ax->HKs = keys[1];
1603  ax->NHKr = keys[2];
1604  ax->NHKs = keys[3];
1605  ax->CKs = keys[4];
1606  ax->ratchet_flag = GNUNET_NO;
1607  ax->ratchet_expiration
1609  ratchet_time);
1610  }
1611  return GNUNET_OK;
1612 }
static struct GNUNET_STATISTICS_Handle * stats
Handle for statistics.
struct GNUNET_CRYPTO_SymmetricSessionKey HKr
32-byte header key (currently used for receiving)
static int alice_or_betty(const struct GNUNET_PeerIdentity *other)
Am I Alice or Betty (some call her Bob), or talking to myself?
struct GNUNET_TIME_Absolute ratchet_expiration
Time when the current ratchet expires and a new one is triggered (if ratchet_allowed is GNUNET_YES)...
int GNUNET_CRYPTO_ecc_ecdh(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a public and a private ECC key.
Definition: crypto_ecc.c:1185
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
struct GNUNET_CRYPTO_SymmetricSessionKey NHKr
32-byte next header key (for receiving).
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_add(struct GNUNET_TIME_Absolute start, struct GNUNET_TIME_Relative duration)
Add a given relative duration to the given start time.
Definition: time.c:393
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_CRYPTO_SymmetricSessionKey CKr
32-byte chain keys (used for forward-secrecy) for receiving messages.
struct GNUNET_TIME_Relative ratchet_time
How long until we trigger a ratched advance due to time.
int GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:1505
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
struct GNUNET_CRYPTO_EcdhePublicKey last_ephemeral
Last ephemeral public key received from the other peer, for duplicate detection.
A 512-bit hashcode.
int GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:1615
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Own private key.
struct GNUNET_CRYPTO_SymmetricSessionKey RK
32-byte root key which gets updated by DH ratchet.
struct GNUNET_CRYPTO_EcdhePublicKey DHRr
ECDH Ratchet key (other peer&#39;s public key in the current DH).
struct GNUNET_CRYPTO_SymmetricSessionKey HKs
32-byte header key (currently used for sending).
#define LOG(level,...)
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_CRYPTO_SymmetricSessionKey CKs
32-byte chain keys (used for forward-secrecy) for sending messages.
int ratchet_flag
True (GNUNET_YES) if we have to send a new ratchet key in next msg.
int GNUNET_CRYPTO_kdf(void *result, size_t out_len, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_kdf.c:91
struct GNUNET_CRYPTO_SymmetricSessionKey NHKs
32-byte next header key (for sending), used once the ratchet advances.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_CRYPTO_EcdhePrivateKey kx_0
ECDH for key exchange (A0 / B0).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ retry_kx()

static void retry_kx ( void *  cls)
static

Try to redo the KX or KX_AUTH handshake, if we can.

Parameters
clsthe struct CadetTunnel to do KX for.

Definition at line 1621 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::ax, CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, CadetTunnel::estate, estate2s(), GCT_2s(), GCT_count_channels(), GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_NO, GNUNET_YES, CadetTunnel::kx_task, LOG, send_kx(), send_kx_auth(), t, and CadetTunnel::unverified_ax.

Referenced by connection_ready_cb(), GCT_add_channel(), GCT_handle_kx(), and GCT_handle_kx_auth().

1622 {
1623  struct CadetTunnel *t = cls;
1624  struct CadetTunnelAxolotl *ax;
1625 
1626  t->kx_task = NULL;
1628  "Trying to make KX progress on %s in state %s\n",
1629  GCT_2s(t),
1630  estate2s(t->estate));
1631  switch (t->estate)
1632  {
1633  case CADET_TUNNEL_KEY_UNINITIALIZED: /* first attempt */
1634  case CADET_TUNNEL_KEY_AX_SENT: /* trying again */
1635  send_kx(t,
1636  NULL,
1637  &t->ax);
1638  break;
1639 
1642  /* We are responding, so only require reply
1643  if WE have a channel waiting. */
1644  if (NULL != t->unverified_ax)
1645  {
1646  /* Send AX_AUTH so we might get this one verified */
1647  ax = t->unverified_ax;
1648  }
1649  else
1650  {
1651  /* How can this be? */
1652  GNUNET_break(0);
1653  ax = &t->ax;
1654  }
1655  send_kx_auth(t,
1656  NULL,
1657  ax,
1658  (0 == GCT_count_channels(t))
1659  ? GNUNET_NO
1660  : GNUNET_YES);
1661  break;
1662 
1664  /* We are responding, so only require reply
1665  if WE have a channel waiting. */
1666  if (NULL != t->unverified_ax)
1667  {
1668  /* Send AX_AUTH so we might get this one verified */
1669  ax = t->unverified_ax;
1670  }
1671  else
1672  {
1673  /* How can this be? */
1674  GNUNET_break(0);
1675  ax = &t->ax;
1676  }
1677  send_kx_auth(t,
1678  NULL,
1679  ax,
1680  (0 == GCT_count_channels(t))
1681  ? GNUNET_NO
1682  : GNUNET_YES);
1683  break;
1684 
1685  case CADET_TUNNEL_KEY_OK:
1686  /* Must have been the *other* peer asking us to
1687  respond with a KX_AUTH. */
1688  if (NULL != t->unverified_ax)
1689  {
1690  /* Sending AX_AUTH in response to AX so we might get this one verified */
1691  ax = t->unverified_ax;
1692  }
1693  else
1694  {
1695  /* Sending AX_AUTH in response to AX_AUTH */
1696  ax = &t->ax;
1697  }
1698  send_kx_auth(t,
1699  NULL,
1700  ax,
1701  GNUNET_NO);
1702  break;
1703  }
1704 }
struct CadetTunnelAxolotl ax
Axolotl info.
static const char * estate2s(enum CadetTunnelEState es)
Get string description for tunnel encryption state.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
KX received and we sent KX_AUTH back, but we got no traffic yet, so we&#39;re waiting for either KX_AUTH ...
static void send_kx(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax)
Send a KX message.
#define GNUNET_NO
Definition: gnunet_common.h:78
KX message sent, waiting for other peer&#39;s KX_AUTH.
static struct GNUNET_SCHEDULER_Task * t
Main task.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
struct CadetTunnelAxolotl * unverified_ax
Unverified Axolotl info, used only if we got a fresh KX (not a KX_AUTH) while our end of the tunnel w...
Struct containing all information regarding a tunnel to a peer.
Handshake completed: session key available.
KX message sent and received, trying to send back KX_AUTH.
Axolotl data, according to https://github.com/trevp/axolotl/wiki .
static void send_kx_auth(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
Send a KX_AUTH message.
unsigned int GCT_count_channels(struct CadetTunnel *t)
Count channels of a tunnel.
Uninitialized status, we need to send KX.
#define LOG(level,...)
KX message received, trying to send back KX_AUTH.
#define GNUNET_YES
Definition: gnunet_common.h:77
enum CadetTunnelEState estate
State of the tunnel encryption.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_handle_kx()

void GCT_handle_kx ( struct CadetTConnection ct,
const struct GNUNET_CADET_TunnelKeyExchangeMessage msg 
)

Handle KX message that lacks authentication (and which will thus only be considered authenticated after we respond with our own KX_AUTH and finally successfully decrypt payload).

Handle KX message.

Parameters
ctconnection/tunnel combo that received encrypted message
msgthe key exchange message

Definition at line 1716 of file gnunet-service-cadet_tunnels.c.

References alice_or_betty(), CadetTunnel::ax, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, CadetTConnection::cc, CadetTunnel::destination, CadetTunnelAxolotl::DHRr, CadetTunnelAxolotl::DHRs, GNUNET_CADET_TunnelKeyExchangeMessage::ephemeral_key, CadetTunnel::estate, GCC_2s(), GCP_get_id(), GCT_2s(), GCT_change_estate(), GNUNET_assert, GNUNET_break, GNUNET_break_op, GNUNET_CRYPTO_ecc_ecdh(), GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_eddsa_ecdh(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_e2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s(), GNUNET_memcmp, GNUNET_new, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_YES, CadetTunnelAxolotl::kx_0, CadetTunnel::kx_task, CadetTunnelAxolotl::last_ephemeral, LOG, GNUNET_CADET_TunnelKeyExchangeMessage::ratchet_key, ret, retry_kx(), CadetTunnelAxolotl::RK, send_kx_auth(), CadetTunnelAxolotl::skipped_head, stats, t, CadetTConnection::t, CadetTunnel::unverified_attempts, CadetTunnel::unverified_ax, and update_ax_by_kx().

Referenced by GCC_handle_kx().

1718 {
1719  struct CadetTunnel *t = ct->t;
1720  int ret;
1721 
1723  "# KX received",
1724  1,
1725  GNUNET_NO);
1726  if (GNUNET_YES ==
1728  {
1729  /* Betty/Bob is not allowed to send KX! */
1730  GNUNET_break_op(0);
1731  return;
1732  }
1734  "Received KX message from %s with ephemeral %s from %s on connection %s\n",
1735  GCT_2s(t),
1736  GNUNET_e2s(&msg->ephemeral_key),
1738  GCC_2s(ct->cc));
1739 #if 1
1740  if ((0 ==
1741  memcmp(&t->ax.DHRr,
1742  &msg->ratchet_key,
1743  sizeof(msg->ratchet_key))) &&
1744  (0 ==
1745  memcmp(&t->ax.last_ephemeral,
1746  &msg->ephemeral_key,
1747  sizeof(msg->ephemeral_key))))
1748 
1749  {
1751  "# Duplicate KX received",
1752  1,
1753  GNUNET_NO);
1754  send_kx_auth(t,
1755  ct,
1756  &t->ax,
1757  GNUNET_NO);
1758  return;
1759  }
1760 #endif
1761  /* We only keep ONE unverified KX around, so if there is an existing one,
1762  clean it up. */
1763  if (NULL != t->unverified_ax)
1764  {
1765  if ((0 ==
1766  memcmp(&t->unverified_ax->DHRr,
1767  &msg->ratchet_key,
1768  sizeof(msg->ratchet_key))) &&
1769  (0 ==
1770  memcmp(&t->unverified_ax->last_ephemeral,
1771  &msg->ephemeral_key,
1772  sizeof(msg->ephemeral_key))))
1773  {
1775  "# Duplicate unverified KX received",
1776  1,
1777  GNUNET_NO);
1778 #if 1
1779  send_kx_auth(t,
1780  ct,
1781  t->unverified_ax,
1782  GNUNET_NO);
1783  return;
1784 #endif
1785  }
1787  "Dropping old unverified KX state.\n");
1789  "# Unverified KX dropped for fresh KX",
1790  1,
1791  GNUNET_NO);
1793  memset(t->unverified_ax,
1794  0,
1795  sizeof(struct CadetTunnelAxolotl));
1796  }
1797  else
1798  {
1800  "Creating fresh unverified KX for %s\n",
1801  GCT_2s(t));
1803  "# Fresh KX setup",
1804  1,
1805  GNUNET_NO);
1807  }
1808  /* Set as the 'current' RK/DHRr the one we are currently using,
1809  so that the duplicate-detection logic of
1810  #update_ax_by_kx can work. */
1811  t->unverified_ax->RK = t->ax.RK;
1812  t->unverified_ax->DHRr = t->ax.DHRr;
1813  t->unverified_ax->DHRs = t->ax.DHRs;
1814  t->unverified_ax->kx_0 = t->ax.kx_0;
1815  t->unverified_attempts = 0;
1816 
1817  /* Update 'ax' by the new key material */
1818  ret = update_ax_by_kx(t->unverified_ax,
1819  GCP_get_id(t->destination),
1820  &msg->ephemeral_key,
1821  &msg->ratchet_key);
1822  GNUNET_break(GNUNET_SYSERR != ret);
1823  if (GNUNET_OK != ret)
1824  {
1826  "# Useless KX",
1827  1,
1828  GNUNET_NO);
1829  return; /* duplicate KX, nothing to do */
1830  }
1831  /* move ahead in our state machine */
1835  else if (CADET_TUNNEL_KEY_AX_SENT == t->estate)
1838 
1839  /* KX is still not done, try again our end. */
1840  if (CADET_TUNNEL_KEY_OK != t->estate)
1841  {
1842  if (NULL != t->kx_task)
1844  t->kx_task
1846  t);
1847  }
1848 }
struct CadetTunnelAxolotl ax
Axolotl info.
static struct GNUNET_STATISTICS_Handle * stats
Handle for statistics.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
static int alice_or_betty(const struct GNUNET_PeerIdentity *other)
Am I Alice or Betty (some call her Bob), or talking to myself?
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
#define GNUNET_new(type)
Allocate a struct or union of the given type.
KX message sent, waiting for other peer&#39;s KX_AUTH.
static struct GNUNET_SCHEDULER_Task * t
Main task.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static int ret
Final status code.
Definition: gnunet-arm.c:89
static int update_ax_by_kx(struct CadetTunnelAxolotl *ax, const struct GNUNET_PeerIdentity *pid, const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key)
Update our Axolotl key state based on the KX data we received.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
struct CadetTunnel * t
Tunnel this connection belongs to.
struct CadetTunnelAxolotl * unverified_ax
Unverified Axolotl info, used only if we got a fresh KX (not a KX_AUTH) while our end of the tunnel w...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
struct GNUNET_CRYPTO_EcdhePublicKey last_ephemeral
Last ephemeral public key received from the other peer, for duplicate detection.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1264
unsigned int unverified_attempts
How often have we tried and failed to decrypt a message using the unverified KX material from unverif...
struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key
Sender&#39;s next ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
struct CadetConnection * cc
Connection handle.
Struct containing all information regarding a tunnel to a peer.
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
Handshake completed: session key available.
void GCT_change_estate(struct CadetTunnel *t, enum CadetTunnelEState state)
Change the tunnel encryption state.
struct GNUNET_CRYPTO_SymmetricSessionKey RK
32-byte root key which gets updated by DH ratchet.
struct GNUNET_CRYPTO_EcdhePublicKey DHRr
ECDH Ratchet key (other peer&#39;s public key in the current DH).
KX message sent and received, trying to send back KX_AUTH.
struct CadetPeer * destination
Destination of the tunnel.
struct GNUNET_CRYPTO_EcdhePrivateKey DHRs
ECDH Ratchet key (our private key in the current DH).
Axolotl data, according to https://github.com/trevp/axolotl/wiki .
struct CadetTunnelSkippedKey * skipped_head
A (double linked) list of stored message keys and associated header keys for "skipped" messages...
static void send_kx_auth(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
Send a KX_AUTH message.
static void retry_kx(void *cls)
Try to redo the KX or KX_AUTH handshake, if we can.
Uninitialized status, we need to send KX.
#define LOG(level,...)
KX message received, trying to send back KX_AUTH.
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Sender&#39;s ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
const char * GNUNET_e2s(const struct GNUNET_CRYPTO_EcdhePublicKey *p)
Convert a public key value to a string (for printing debug messages).
enum CadetTunnelEState estate
State of the tunnel encryption.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
struct GNUNET_CRYPTO_EcdhePrivateKey kx_0
ECDH for key exchange (A0 / B0).
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:956
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_handle_kx_auth()

void GCT_handle_kx_auth ( struct CadetTConnection ct,
const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage msg 
)

Handle KX_AUTH message.

Parameters
ctconnection/tunnel combo that received encrypted message
msgthe key exchange message

Definition at line 1925 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_TunnelKeyExchangeAuthMessage::auth, CadetTunnel::ax, CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, cleanup_ax(), CadetTunnel::destination, GNUNET_CADET_TunnelKeyExchangeMessage::ephemeral_key, CadetTunnel::estate, GNUNET_CADET_TunnelKeyExchangeMessage::flags, GCP_get_id(), GCT_2s(), GCT_change_estate(), GNUNET_assert, GNUNET_break, GNUNET_break_op, GNUNET_CADET_KX_FLAG_FORCE_REPLY, GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_hash(), GNUNET_e2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_memcmp, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_at(), GNUNET_STATISTICS_update(), GNUNET_CADET_TunnelKeyExchangeAuthMessage::kx, CadetTunnelAxolotl::kx_0, CadetTunnel::kx_task, LOG, my_private_key, CadetTunnel::next_kx_attempt, GNUNET_CADET_TunnelKeyExchangeMessage::ratchet_key, ret, retry_kx(), CadetTunnelAxolotl::RK, send_kx_auth(), stats, t, CadetTConnection::t, CadetTunnel::unverified_ax, and update_ax_by_kx().

Referenced by GCC_handle_kx_auth().

1927 {
1928  struct CadetTunnel *t = ct->t;
1929  struct CadetTunnelAxolotl ax_tmp;
1930  struct GNUNET_HashCode kx_auth;
1931  int ret;
1932 
1934  "# KX_AUTH received",
1935  1,
1936  GNUNET_NO);
1937  if ((CADET_TUNNEL_KEY_UNINITIALIZED == t->estate) ||
1939  {
1940  /* Confusing, we got a KX_AUTH before we even send our own
1941  KX. This should not happen. We'll send our own KX ASAP anyway,
1942  so let's ignore this here. */
1943  GNUNET_break_op(0);
1944  return;
1945  }
1947  "Handling KX_AUTH message from %s with ephemeral %s\n",
1948  GCT_2s(t),
1949  GNUNET_e2s(&msg->kx.ephemeral_key));
1950  /* We do everything in ax_tmp until we've checked the authentication
1951  so we don't clobber anything we care about by accident. */
1952  ax_tmp = t->ax;
1953 
1954  /* Update 'ax' by the new key material */
1955  ret = update_ax_by_kx(&ax_tmp,
1956  GCP_get_id(t->destination),
1957  &msg->kx.ephemeral_key,
1958  &msg->kx.ratchet_key);
1959  if (GNUNET_OK != ret)
1960  {
1961  if (GNUNET_NO == ret)
1963  "# redundant KX_AUTH received",
1964  1,
1965  GNUNET_NO);
1966  else
1967  GNUNET_break(0); /* connect to self!? */
1968  return;
1969  }
1970  GNUNET_CRYPTO_hash(&ax_tmp.RK,
1971  sizeof(ax_tmp.RK),
1972  &kx_auth);
1973  if (0 != GNUNET_memcmp(&kx_auth,
1974  &msg->auth))
1975  {
1976  /* This KX_AUTH is not using the latest KX/KX_AUTH data
1977  we transmitted to the sender, refuse it, try KX again. */
1979  "# KX_AUTH not using our last KX received (auth failure)",
1980  1,
1981  GNUNET_NO);
1983  "KX AUTH mismatch!\n");
1984 #if DEBUG_KX
1985  {
1986  struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
1987 
1989  &ephemeral_key);
1990  if (0 != GNUNET_memcmp(&ephemeral_key,
1991  &msg->r_ephemeral_key_XXX))
1992  {
1994  "My ephemeral is %s!\n",
1995  GNUNET_e2s(&ephemeral_key));
1997  "Response is for ephemeral %s!\n",
1998  GNUNET_e2s(&msg->r_ephemeral_key_XXX));
1999  }
2000  else
2001  {
2002  test_crypto_bug(&ax_tmp.kx_0,
2003  &msg->kx.ephemeral_key_XXX,
2005  &msg->kx.private_key_XXX);
2006  }
2007  }
2008 #endif
2009  if (NULL == t->kx_task)
2010  t->kx_task
2012  &retry_kx,
2013  t);
2014  return;
2015  }
2016  /* Yep, we're good. */
2017  t->ax = ax_tmp;
2018  if (NULL != t->unverified_ax)
2019  {
2020  /* We got some "stale" KX before, drop that. */
2023  t->unverified_ax = NULL;
2024  }
2025 
2026  /* move ahead in our state machine */
2027  switch (t->estate)
2028  {
2031  /* Checked above, this is impossible. */
2032  GNUNET_assert(0);
2033  break;
2034 
2035  case CADET_TUNNEL_KEY_AX_SENT: /* This is the normal case */
2036  case CADET_TUNNEL_KEY_AX_SENT_AND_RECV: /* both peers started KX */
2037  case CADET_TUNNEL_KEY_AX_AUTH_SENT: /* both peers now did KX_AUTH */
2040  break;
2041 
2042  case CADET_TUNNEL_KEY_OK:
2043  /* Did not expect another KX_AUTH, but so what, still acceptable.
2044  Nothing to do here. */
2045  break;
2046  }
2047  if (0 != (GNUNET_CADET_KX_FLAG_FORCE_REPLY & ntohl(msg->kx.flags)))
2048  {
2049  send_kx_auth(t,
2050  NULL,
2051  &t->ax,
2052  GNUNET_NO);
2053  }
2054 }
struct CadetTunnelAxolotl ax
Axolotl info.
static struct GNUNET_STATISTICS_Handle * stats
Handle for statistics.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
struct GNUNET_CADET_TunnelKeyExchangeMessage kx
Message header with key material.
uint32_t flags
Flags for the key exchange in NBO, based on enum GNUNET_CADET_KX_Flags.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
KX received and we sent KX_AUTH back, but we got no traffic yet, so we&#39;re waiting for either KX_AUTH ...
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
KX message sent, waiting for other peer&#39;s KX_AUTH.
static struct GNUNET_SCHEDULER_Task * t
Main task.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static int ret
Final status code.
Definition: gnunet-arm.c:89
static int update_ax_by_kx(struct CadetTunnelAxolotl *ax, const struct GNUNET_PeerIdentity *pid, const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key, const struct GNUNET_CRYPTO_EcdhePublicKey *ratchet_key)
Update our Axolotl key state based on the KX data we received.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
struct CadetTunnel * t
Tunnel this connection belongs to.
struct CadetTunnelAxolotl * unverified_ax
Unverified Axolotl info, used only if we got a fresh KX (not a KX_AUTH) while our end of the tunnel w...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:44
A 512-bit hashcode.
struct GNUNET_CRYPTO_EcdhePublicKey ratchet_key
Sender&#39;s next ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
Struct containing all information regarding a tunnel to a peer.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:303
struct GNUNET_TIME_Absolute next_kx_attempt
When do we try the next KX?
Handshake completed: session key available.
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Own private key.
void GCT_change_estate(struct CadetTunnel *t, enum CadetTunnelEState state)
Change the tunnel encryption state.
KX message sent and received, trying to send back KX_AUTH.
struct CadetPeer * destination
Destination of the tunnel.
The peer should reply with its KX details?
Axolotl data, according to https://github.com/trevp/axolotl/wiki .
struct GNUNET_HashCode auth
KDF-proof that sender could compute the 3-DH, used in lieu of a signature or payload data...
static void send_kx_auth(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
Send a KX_AUTH message.
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
static void retry_kx(void *cls)
Try to redo the KX or KX_AUTH handshake, if we can.
static void cleanup_ax(struct CadetTunnelAxolotl *ax)
Cleanup state used by ax.
Uninitialized status, we need to send KX.
#define LOG(level,...)
KX message received, trying to send back KX_AUTH.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key
Sender&#39;s ephemeral public ECC key encoded in a format suitable for network transmission, as created using &#39;gcry_sexp_sprint&#39;.
const char * GNUNET_e2s(const struct GNUNET_CRYPTO_EcdhePublicKey *p)
Convert a public key value to a string (for printing debug messages).
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_at(struct GNUNET_TIME_Absolute at, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run at the specified time.
Definition: scheduler.c:1214
enum CadetTunnelEState estate
State of the tunnel encryption.
#define GNUNET_free(ptr)
Wrapper around free.
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_next_free_ctn()

static struct GNUNET_CADET_ChannelTunnelNumber get_next_free_ctn ( struct CadetTunnel t)
static

Compute the next free channel tunnel number for this tunnel.

Parameters
tthe tunnel
Returns
unused number that can uniquely identify a channel in the tunnel

Definition at line 2068 of file gnunet-service-cadet_tunnels.c.

References GNUNET_CADET_ChannelTunnelNumber::cn, GCP_get_id(), GCT_get_destination(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_get(), GNUNET_memcmp, HIGH_BIT, my_full_id, ret, and t.

Referenced by GCT_add_channel().

2069 {
2070 #define HIGH_BIT 0x8000000
2072  uint32_t ctn;
2073  int cmp;
2074  uint32_t highbit;
2075 
2076  cmp = GNUNET_memcmp(&my_full_id,
2078  if (0 < cmp)
2079  highbit = HIGH_BIT;
2080  else if (0 > cmp)
2081  highbit = 0;
2082  else
2083  GNUNET_assert(0); // loopback must never go here!
2084  ctn = ntohl(t->next_ctn.cn);
2085  while (NULL !=
2087  ctn | highbit))
2088  {
2089  ctn = ((ctn + 1) & (~HIGH_BIT));
2090  }
2091  t->next_ctn.cn = htonl((ctn + 1) & (~HIGH_BIT));
2092  ret.cn = htonl(ctn | highbit);
2093  return ret;
2094 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
uint32_t cn
Which number does this channel have that uniquely identfies it within its tunnel, in network byte ord...
struct CadetPeer * GCT_get_destination(struct CadetTunnel *t)
Return the peer to which this tunnel goes.
struct GNUNET_PeerIdentity my_full_id
Local peer own ID.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_CADET_ChannelTunnelNumber next_ctn
Channel ID for the next created channel in this tunnel.
static int ret
Final status code.
Definition: gnunet-arm.c:89
void * GNUNET_CONTAINER_multihashmap32_get(const struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key)
Given a key find a value in the map matching the key.
#define GNUNET_memcmp(a, b)
Compare memory in a and b, where both must be of the same pointer type.
#define HIGH_BIT
Number identifying a CADET channel within a tunnel.
const struct GNUNET_PeerIdentity * GCP_get_id(struct CadetPeer *cp)
Obtain the peer identity for a struct CadetPeer.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_add_channel()

struct GNUNET_CADET_ChannelTunnelNumber GCT_add_channel ( struct CadetTunnel t,
struct CadetChannel ch 
)

Add a channel to a tunnel, and notify channel that we are ready for transmission if we are already up.

Add a channel to a tunnel.

Otherwise that notification will be done later in notify_tunnel_up_cb().

Parameters
tTunnel.
chChannel
Returns
unique number identifying ch within t

Definition at line 2107 of file gnunet-service-cadet_tunnels.c.

References CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, ch, GCCH_2s(), GCCH_tunnel_up(), GCT_2s(), get_next_free_ctn(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_put(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY, GNUNET_ERROR_TYPE_DEBUG, GNUNET_SCHEDULER_add_at(), GNUNET_SCHEDULER_cancel(), GNUNET_YES, LOG, and retry_kx().

Referenced by GCCH_channel_local_new().

2109 {
2111 
2112  ctn = get_next_free_ctn(t);
2113  if (NULL != t->destroy_task)
2114  {
2116  t->destroy_task = NULL;
2117  }
2120  ntohl(ctn.cn),
2121  ch,
2124  "Adding %s to %s\n",
2125  GCCH_2s(ch),
2126  GCT_2s(t));
2127  switch (t->estate)
2128  {
2130  /* waiting for connection to start KX */
2131  break;
2132 
2136  /* we're currently waiting for KX to complete */
2137  break;
2138 
2140  /* waiting for OTHER peer to send us data,
2141  we might need to prompt more aggressively! */
2142  if (NULL == t->kx_task)
2143  t->kx_task
2145  &retry_kx,
2146  t);
2147  break;
2148 
2149  case CADET_TUNNEL_KEY_OK:
2150  /* We are ready. Tell the new channel that we are up. */
2151  GCCH_tunnel_up(ch);
2152  break;
2153  }
2154  return ctn;
2155 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
void GCCH_tunnel_up(struct CadetChannel *ch)
Function called once and only once after a channel was bound to its tunnel via GCT_add_channel() is r...
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
KX received and we sent KX_AUTH back, but we got no traffic yet, so we&#39;re waiting for either KX_AUTH ...
KX message sent, waiting for other peer&#39;s KX_AUTH.
struct GNUNET_SCHEDULER_Task * destroy_task
Task scheduled if there are no more channels using the tunnel.
int GNUNET_CONTAINER_multihashmap32_put(struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
There must only be one value per key; storing a value should fail if a value under the same key alrea...
struct GNUNET_TIME_Absolute next_kx_attempt
When do we try the next KX?
Handshake completed: session key available.
const char * GCCH_2s(const struct CadetChannel *ch)
Get the static string for identification of the channel.
KX message sent and received, trying to send back KX_AUTH.
Number identifying a CADET channel within a tunnel.
static void retry_kx(void *cls)
Try to redo the KX or KX_AUTH handshake, if we can.
Uninitialized status, we need to send KX.
#define LOG(level,...)
KX message received, trying to send back KX_AUTH.
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_at(struct GNUNET_TIME_Absolute at, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run at the specified time.
Definition: scheduler.c:1214
enum CadetTunnelEState estate
State of the tunnel encryption.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:956
static struct GNUNET_CADET_ChannelTunnelNumber get_next_free_ctn(struct CadetTunnel *t)
Compute the next free channel tunnel number for this tunnel.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_connection_lost()

void GCT_connection_lost ( struct CadetTConnection ct)

We lost a connection, remove it from our list and clean up the connection object itself.

Parameters
ctbinding of connection to tunnel of the connection that was lost.

Definition at line 2165 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::connection_busy_head, CadetTunnel::connection_busy_tail, CadetTunnel::connection_ready_head, CadetTunnel::connection_ready_tail, GNUNET_CONTAINER_DLL_remove, GNUNET_free, GNUNET_YES, CadetTConnection::is_ready, CadetTunnel::num_busy_connections, CadetTunnel::num_ready_connections, and CadetTConnection::t.

Referenced by destroy_t_connection(), GCC_create_inbound(), and GCC_destroy_without_core().

2166 {
2167  struct CadetTunnel *t = ct->t;
2168 
2169  if (GNUNET_YES == ct->is_ready)
2170  {
2173  ct);
2174  t->num_ready_connections--;
2175  }
2176  else
2177  {
2180  ct);
2181  t->num_busy_connections--;
2182  }
2183  GNUNET_free(ct);
2184 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct CadetTConnection * connection_ready_tail
DLL of ready connections that are actively used to reach the destination peer.
int is_ready
Is the connection currently ready for transmission?
unsigned int num_ready_connections
Number of connections in the connection_ready_head DLL.
struct CadetTConnection * connection_ready_head
DLL of ready connections that are actively used to reach the destination peer.
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct CadetTConnection * connection_busy_head
DLL of connections that we maintain that might be used to reach the destination peer.
struct CadetTunnel * t
Tunnel this connection belongs to.
Struct containing all information regarding a tunnel to a peer.
#define GNUNET_YES
Definition: gnunet_common.h:77
unsigned int num_busy_connections
Number of connections in the connection_busy_head DLL.
struct CadetTConnection * connection_busy_tail
DLL of connections that we maintain that might be used to reach the destination peer.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the caller graph for this function:

◆ destroy_t_connection()

static void destroy_t_connection ( void *  cls,
struct CadetTConnection ct 
)
static

Clean up connection ct of a tunnel.

Parameters
clsthe struct CadetTunnel
ctconnection to clean up

Definition at line 2194 of file gnunet-service-cadet_tunnels.c.

References CadetTConnection::cc, GCC_destroy_without_tunnel(), GCT_connection_lost(), GNUNET_assert, and CadetTConnection::t.

Referenced by destroy_tunnel(), and maintain_connections_cb().

2196 {
2197  struct CadetTunnel *t = cls;
2198  struct CadetConnection *cc = ct->cc;
2199 
2200  GNUNET_assert(ct->t == t);
2201  GCT_connection_lost(ct);
2203 }
void GCT_connection_lost(struct CadetTConnection *ct)
We lost a connection, remove it from our list and clean up the connection object itself.
Low-level connection to a destination.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct CadetTunnel * t
Tunnel this connection belongs to.
void GCC_destroy_without_tunnel(struct CadetConnection *cc)
Destroy a connection, called if the tunnel association with the connection was already broken...
struct CadetConnection * cc
Connection handle.
Struct containing all information regarding a tunnel to a peer.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ destroy_tunnel()

static void destroy_tunnel ( void *  cls)
static

This tunnel is no longer used, destroy it.

Parameters
clsthe idle tunnel

Definition at line 2212 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::ax, CadetTunnel::channels, cleanup_ax(), CadetTunnel::connection_busy_head, CadetTunnel::connection_ready_head, CadetTunnelQueueEntry::cont, CadetTunnelQueueEntry::cont_cls, CadetTunnel::destination, destroy_t_connection(), CadetTunnel::destroy_task, GCP_drop_tunnel(), GCT_2s(), GCT_count_channels(), GCT_iterate_connections(), GCT_send_cancel(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_destroy(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_MQ_destroy(), GNUNET_MST_destroy(), GNUNET_SCHEDULER_cancel(), CadetTunnel::kx_task, LOG, CadetTunnel::maintain_connections_task, CadetTunnel::mq, CadetTunnel::mst, CadetTunnel::send_task, CadetTunnel::tq_head, and CadetTunnel::unverified_ax.

Referenced by connection_ready_cb(), GCT_destroy_tunnel_now(), and GCT_remove_channel().

2213 {
2214  struct CadetTunnel *t = cls;
2215  struct CadetTunnelQueueEntry *tq;
2216 
2217  t->destroy_task = NULL;
2219  "Destroying idle %s\n",
2220  GCT_2s(t));
2224  t);
2226  GNUNET_assert(NULL == t->connection_busy_head);
2227  while (NULL != (tq = t->tq_head))
2228  {
2229  if (NULL != tq->cont)
2230  tq->cont(tq->cont_cls,
2231  NULL);
2232  GCT_send_cancel(tq);
2233  }
2235  t);
2237  if (NULL != t->maintain_connections_task)
2238  {
2240  t->maintain_connections_task = NULL;
2241  }
2242  if (NULL != t->send_task)
2243  {
2245  t->send_task = NULL;
2246  }
2247  if (NULL != t->kx_task)
2248  {
2250  t->kx_task = NULL;
2251  }
2252  GNUNET_MST_destroy(t->mst);
2253  GNUNET_MQ_destroy(t->mq);
2254  if (NULL != t->unverified_ax)
2255  {
2258  }
2259  cleanup_ax(&t->ax);
2260  GNUNET_assert(NULL == t->destroy_task);
2261  GNUNET_free(t);
2262 }
struct CadetTunnelAxolotl ax
Axolotl info.
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
struct GNUNET_MQ_Handle * mq
Dispatcher for decrypted messages only (do NOT use for sending!).
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
void GCT_send_cancel(struct CadetTunnelQueueEntry *tq)
Cancel a previously sent message while it&#39;s in the queue.
struct CadetTConnection * connection_ready_head
DLL of ready connections that are actively used to reach the destination peer.
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct GNUNET_SCHEDULER_Task * destroy_task
Task scheduled if there are no more channels using the tunnel.
struct CadetTConnection * connection_busy_head
DLL of connections that we maintain that might be used to reach the destination peer.
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
struct CadetTunnelAxolotl * unverified_ax
Unverified Axolotl info, used only if we got a fresh KX (not a KX_AUTH) while our end of the tunnel w...
void GNUNET_MST_destroy(struct GNUNET_MessageStreamTokenizer *mst)
Destroys a tokenizer.
Definition: mst.c:410
struct GNUNET_MessageStreamTokenizer * mst
Tokenizer for decrypted messages.
void GNUNET_CONTAINER_multihashmap32_destroy(struct GNUNET_CONTAINER_MultiHashMap32 *map)
Destroy a 32-bit key hash map.
Struct containing all information regarding a tunnel to a peer.
Struct used to save messages in a non-ready tunnel to send once connected.
struct CadetTunnelQueueEntry * tq_head
Queued messages, to transmit once tunnel gets connected.
void * cont_cls
Closure for cont.
void GCP_drop_tunnel(struct CadetPeer *cp, struct CadetTunnel *t)
The tunnel to the given peer no longer exists, remove it from our data structures, and possibly clean up the peer itself.
struct CadetPeer * destination
Destination of the tunnel.
unsigned int GCT_count_channels(struct CadetTunnel *t)
Count channels of a tunnel.
struct GNUNET_SCHEDULER_Task * maintain_connections_task
Task to trim connections if too many are present.
void GCT_iterate_connections(struct CadetTunnel *t, GCT_ConnectionIterator iter, void *iter_cls)
Iterate over all connections of a tunnel.
static void destroy_t_connection(void *cls, struct CadetTConnection *ct)
Clean up connection ct of a tunnel.
static void cleanup_ax(struct CadetTunnelAxolotl *ax)
Cleanup state used by ax.
#define LOG(level,...)
struct GNUNET_SCHEDULER_Task * send_task
Task to send messages from queue (if possible).
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:821
GCT_SendContinuation cont
Continuation to call once sent (on the channel layer).
#define GNUNET_free(ptr)
Wrapper around free.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:956
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_remove_channel()

void GCT_remove_channel ( struct CadetTunnel t,
struct CadetChannel ch,
struct GNUNET_CADET_ChannelTunnelNumber  ctn 
)

Remove a channel from a tunnel.

Parameters
tTunnel.
chChannel
ctnunique number identifying ch within t

Definition at line 2273 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::channels, GNUNET_CADET_ChannelTunnelNumber::cn, CadetTunnel::destroy_task, destroy_tunnel(), GCCH_2s(), GCT_2s(), GCT_count_channels(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_remove(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_SCHEDULER_add_delayed(), GNUNET_YES, IDLE_DESTROY_DELAY, and LOG.

Referenced by channel_destroy().

2276 {
2278  "Removing %s from %s\n",
2279  GCCH_2s(ch),
2280  GCT_2s(t));
2283  ntohl(ctn.cn),
2284  ch));
2285  if ((0 ==
2286  GCT_count_channels(t)) &&
2287  (NULL == t->destroy_task))
2288  {
2289  t->destroy_task
2291  &destroy_tunnel,
2292  t);
2293  }
2294 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
uint32_t cn
Which number does this channel have that uniquely identfies it within its tunnel, in network byte ord...
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_SCHEDULER_Task * destroy_task
Task scheduled if there are no more channels using the tunnel.
static void destroy_tunnel(void *cls)
This tunnel is no longer used, destroy it.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1237
int GNUNET_CONTAINER_multihashmap32_remove(struct GNUNET_CONTAINER_MultiHashMap32 *map, uint32_t key, const void *value)
Remove the given key-value pair from the map.
const char * GCCH_2s(const struct CadetChannel *ch)
Get the static string for identification of the channel.
unsigned int GCT_count_channels(struct CadetTunnel *t)
Count channels of a tunnel.
#define LOG(level,...)
#define GNUNET_YES
Definition: gnunet_common.h:77
#define IDLE_DESTROY_DELAY
How long do we wait until tearing down an idle tunnel?
Here is the call graph for this function:
Here is the caller graph for this function:

◆ destroy_remaining_channels()

static int destroy_remaining_channels ( void *  cls,
uint32_t  key,
void *  value 
)
static

Destroy remaining channels during shutdown.

Parameters
clsthe struct CadetTunnel of the channel
keykey of the channel
valuethe struct CadetChannel
Returns
GNUNET_OK (continue to iterate)

Definition at line 2306 of file gnunet-service-cadet_tunnels.c.

References ch, GCCH_handle_remote_destroy(), GNUNET_OK, and value.

Referenced by GCT_destroy_tunnel_now().

2309 {
2310  struct CadetChannel *ch = value;
2311 
2313  NULL);
2314  return GNUNET_OK;
2315 }
void GCCH_handle_remote_destroy(struct CadetChannel *ch, const struct GNUNET_CADET_ConnectionTunnelIdentifier *cti)
Destroy channel, based on the other peer closing the connection.
static struct GNUNET_CADET_Channel * ch
Channel handle.
Definition: gnunet-cadet.c:117
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
static char * value
Value of the record to add/remove.
Struct containing all information regarding a channel to a remote client.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_destroy_tunnel_now()

void GCT_destroy_tunnel_now ( struct CadetTunnel t)

Destroys the tunnel t now, without delay.

Used during shutdown.

Parameters
ttunnel to destroy

Definition at line 2324 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::channels, destroy_remaining_channels(), CadetTunnel::destroy_task, destroy_tunnel(), GCT_count_channels(), GNUNET_assert, GNUNET_CONTAINER_multihashmap32_iterate(), GNUNET_SCHEDULER_cancel(), GNUNET_YES, and shutting_down.

Referenced by destroy_tunnels_now().

2325 {
2329  t);
2330  GNUNET_assert(0 ==
2331  GCT_count_channels(t));
2332  if (NULL != t->destroy_task)
2333  {
2335  t->destroy_task = NULL;
2336  }
2337  destroy_tunnel(t);
2338 }
struct GNUNET_CONTAINER_MultiHashMap32 * channels
Channels inside this tunnel.
int GNUNET_CONTAINER_multihashmap32_iterate(struct GNUNET_CONTAINER_MultiHashMap32 *map, GNUNET_CONTAINER_MulitHashMapIterator32Callback it, void *it_cls)
Iterate over all entries in the map.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct GNUNET_SCHEDULER_Task * destroy_task
Task scheduled if there are no more channels using the tunnel.
static void destroy_tunnel(void *cls)
This tunnel is no longer used, destroy it.
static int destroy_remaining_channels(void *cls, uint32_t key, void *value)
Destroy remaining channels during shutdown.
int shutting_down
Signal that shutdown is happening: prevent recovery measures.
unsigned int GCT_count_channels(struct CadetTunnel *t)
Count channels of a tunnel.
#define GNUNET_YES
Definition: gnunet_common.h:77
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:956
Here is the call graph for this function:
Here is the caller graph for this function:

◆ try_send_normal_payload()

static void try_send_normal_payload ( struct CadetTunnel t,
struct CadetTConnection ct 
)
static

Send normal payload from queue in t via connection ct.

Does nothing if our payload queue is empty.

Parameters
ttunnel to send data from
ctconnection to use for transmission (is ready)

Definition at line 2349 of file gnunet-service-cadet_tunnels.c.

References CadetTConnection::cc, CadetTunnelQueueEntry::cid, CadetTunnelQueueEntry::cont, CadetTunnelQueueEntry::cont_cls, CadetTunnelQueueEntry::env, GCC_2s(), GCC_get_id(), GCC_transmit(), GCT_2s(), GNUNET_assert, GNUNET_CONTAINER_DLL_remove, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_YES, CadetTConnection::is_ready, LOG, mark_connection_unready(), CadetTunnelQueueEntry::t, CadetTunnel::tq_head, and CadetTunnel::tq_tail.

Referenced by connection_ready_cb(), and trigger_transmissions().

2351 {
2352  struct CadetTunnelQueueEntry *tq;
2353 
2355  tq = t->tq_head;
2356  if (NULL == tq)
2357  {
2358  /* no messages pending right now */
2360  "Not sending payload of %s on ready %s (nothing pending)\n",
2361  GCT_2s(t),
2362  GCC_2s(ct->cc));
2363  return;
2364  }
2365  /* ready to send message 'tq' on tunnel 'ct' */
2366  GNUNET_assert(t == tq->t);
2368  t->tq_tail,
2369  tq);
2370  if (NULL != tq->cid)
2371  *tq->cid = *GCC_get_id(ct->cc);
2374  "Sending payload of %s on %s\n",
2375  GCT_2s(t),
2376  GCC_2s(ct->cc));
2377  GCC_transmit(ct->cc,
2378  tq->env);
2379  if (NULL != tq->cont)
2380  tq->cont(tq->cont_cls,
2381  GCC_get_id(ct->cc));
2382  GNUNET_free(tq);
2383 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
int is_ready
Is the connection currently ready for transmission?
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
const struct GNUNET_CADET_ConnectionTunnelIdentifier * GCC_get_id(struct CadetConnection *cc)
Obtain unique ID for the connection.
static void mark_connection_unready(struct CadetTConnection *ct)
Connection ct is now unready, clear it&#39;s ready flag and move it from the ready DLL to the busy DLL...
struct CadetTunnelQueueEntry * tq_tail
Queued messages, to transmit once tunnel gets connected.
struct CadetConnection * cc
Connection handle.
Struct used to save messages in a non-ready tunnel to send once connected.
struct CadetTunnelQueueEntry * tq_head
Queued messages, to transmit once tunnel gets connected.
struct CadetTunnel * t
Tunnel these messages belong in.
void * cont_cls
Closure for cont.
struct GNUNET_MQ_Envelope * env
Envelope of message to send follows.
void GCC_transmit(struct CadetConnection *cc, struct GNUNET_MQ_Envelope *env)
Transmit message msg via connection cc.
#define LOG(level,...)
#define GNUNET_YES
Definition: gnunet_common.h:77
GCT_SendContinuation cont
Continuation to call once sent (on the channel layer).
#define GNUNET_free(ptr)
Wrapper around free.
struct GNUNET_CADET_ConnectionTunnelIdentifier * cid
Where to put the connection identifier into the payload of the message in env once we have it...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ connection_ready_cb()

static void connection_ready_cb ( void *  cls,
int  is_ready 
)
static

A connection is is_ready for transmission.

Looks at our message queue and if there is a message, sends it out via the connection.

Parameters
clsthe struct CadetTConnection that is is_ready
is_readyGNUNET_YES if connection are now ready, GNUNET_NO if connection are no longer ready

Definition at line 2395 of file gnunet-service-cadet_tunnels.c.

References CadetTunnel::ax, CADET_TUNNEL_KEY_AX_AUTH_SENT, CADET_TUNNEL_KEY_AX_RECV, CADET_TUNNEL_KEY_AX_SENT, CADET_TUNNEL_KEY_AX_SENT_AND_RECV, CADET_TUNNEL_KEY_OK, CADET_TUNNEL_KEY_UNINITIALIZED, CadetTConnection::cc, CadetTunnel::connection_busy_head, CadetTunnel::connection_busy_tail, CadetTunnel::connection_ready_head, CadetTunnel::connection_ready_tail, CadetTunnel::destroy_task, destroy_tunnel(), CadetTunnel::estate, estate2s(), GCC_2s(), GCT_2s(), GCT_count_channels(), GNUNET_assert, GNUNET_CONTAINER_DLL_insert_tail, GNUNET_CONTAINER_DLL_remove, GNUNET_ERROR_TYPE_DEBUG, GNUNET_NO, GNUNET_SCHEDULER_add_at(), GNUNET_SCHEDULER_add_delayed(), GNUNET_SCHEDULER_cancel(), GNUNET_TIME_absolute_get_remaining(), GNUNET_YES, IDLE_DESTROY_DELAY, CadetTConnection::is_ready, CadetTunnel::kx_auth_requested, CadetTunnel::kx_task, LOG, mark_connection_unready(), CadetTunnel::next_kx_attempt, CadetTunnel::num_busy_connections, CadetTunnel::num_ready_connections, GNUNET_TIME_Relative::rel_value_us, retry_kx(), send_kx(), send_kx_auth(), CadetTConnection::t, and try_send_normal_payload().

Referenced by consider_path_cb(), and GCT_add_inbound_connection().

2397 {
2398  struct CadetTConnection *ct = cls;
2399  struct CadetTunnel *t = ct->t;
2400 
2401  if (GNUNET_NO == is_ready)
2402  {
2404  "%s no longer ready for %s\n",
2405  GCC_2s(ct->cc),
2406  GCT_2s(t));
2408  return;
2409  }
2413  ct);
2415  t->num_busy_connections--;
2416  ct->is_ready = GNUNET_YES;
2419  ct);
2420  t->num_ready_connections++;
2421 
2423  "%s now ready for %s in state %s\n",
2424  GCC_2s(ct->cc),
2425  GCT_2s(t),
2426  estate2s(t->estate));
2427  switch (t->estate)
2428  {
2430  /* Do not begin KX if WE have no channels waiting! */
2432  return; /* wait for timeout before retrying */
2433  /* We are uninitialized, just transmit immediately,
2434  without undue delay. */
2435  if (NULL != t->kx_task)
2436  {
2438  t->kx_task = NULL;
2439  }
2440  send_kx(t,
2441  ct,
2442  &t->ax);
2443  if ((0 ==
2444  GCT_count_channels(t)) &&
2445  (NULL == t->destroy_task))
2446  {
2447  t->destroy_task
2449  &destroy_tunnel,
2450  t);
2451  }
2452  break;
2453 
2458  /* we're currently waiting for KX to complete, schedule job */
2459  if (NULL == t->kx_task)
2460  t->kx_task
2462  &retry_kx,
2463  t);
2464  break;
2465 
2466  case CADET_TUNNEL_KEY_OK:
2467  if (GNUNET_YES == t->kx_auth_requested)
2468  {
2470  return; /* wait for timeout */
2471  if (NULL != t->kx_task)
2472  {
2474  t->kx_task = NULL;
2475  }
2476  send_kx_auth(t,
2477  ct,
2478  &t->ax,
2479  GNUNET_NO);
2480  return;
2481  }
2483  ct);
2484  break;
2485  }
2486 }
struct CadetTunnelAxolotl ax
Axolotl info.
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct CadetTConnection * connection_ready_tail
DLL of ready connections that are actively used to reach the destination peer.
static const char * estate2s(enum CadetTunnelEState es)
Get string description for tunnel encryption state.
uint64_t rel_value_us
The actual value.
int is_ready
Is the connection currently ready for transmission?
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
unsigned int num_ready_connections
Number of connections in the connection_ready_head DLL.
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static void mark_connection_unready(struct CadetTConnection *ct)
Connection ct is now unready, clear it&#39;s ready flag and move it from the ready DLL to the busy DLL...
KX received and we sent KX_AUTH back, but we got no traffic yet, so we&#39;re waiting for either KX_AUTH ...
struct CadetTConnection * connection_ready_head
DLL of ready connections that are actively used to reach the destination peer.
int kx_auth_requested
Force triggering KX_AUTH independent of estate.
static void send_kx(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax)
Send a KX message.
#define GNUNET_NO
Definition: gnunet_common.h:78
KX message sent, waiting for other peer&#39;s KX_AUTH.
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct GNUNET_SCHEDULER_Task * destroy_task
Task scheduled if there are no more channels using the tunnel.
struct CadetTConnection * connection_busy_head
DLL of connections that we maintain that might be used to reach the destination peer.
struct GNUNET_SCHEDULER_Task * kx_task
Task to trigger KX.
static void destroy_tunnel(void *cls)
This tunnel is no longer used, destroy it.
struct CadetTunnel * t
Tunnel this connection belongs to.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1237
struct CadetConnection * cc
Connection handle.
Struct containing all information regarding a tunnel to a peer.
struct GNUNET_TIME_Absolute next_kx_attempt
When do we try the next KX?
#define GNUNET_CONTAINER_DLL_insert_tail(head, tail, element)
Insert an element at the tail of a DLL.
Handshake completed: session key available.
Entry in list of connections used by tunnel, with metadata.
KX message sent and received, trying to send back KX_AUTH.
static void send_kx_auth(struct CadetTunnel *t, struct CadetTConnection *ct, struct CadetTunnelAxolotl *ax, int force_reply)
Send a KX_AUTH message.
unsigned int GCT_count_channels(struct CadetTunnel *t)
Count channels of a tunnel.
static void retry_kx(void *cls)
Try to redo the KX or KX_AUTH handshake, if we can.
Uninitialized status, we need to send KX.
#define LOG(level,...)
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
KX message received, trying to send back KX_AUTH.
#define GNUNET_YES
Definition: gnunet_common.h:77
unsigned int num_busy_connections
Number of connections in the connection_busy_head DLL.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_at(struct GNUNET_TIME_Absolute at, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run at the specified time.
Definition: scheduler.c:1214
struct CadetTConnection * connection_busy_tail
DLL of connections that we maintain that might be used to reach the destination peer.
enum CadetTunnelEState estate
State of the tunnel encryption.
static void try_send_normal_payload(struct CadetTunnel *t, struct CadetTConnection *ct)
Send normal payload from queue in t via connection ct.
#define IDLE_DESTROY_DELAY
How long do we wait until tearing down an idle tunnel?
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:956
Here is the call graph for this function:
Here is the caller graph for this function:

◆ evaluate_connection()

static void evaluate_connection ( void *  cls,
struct CadetTConnection ct 
)
static

Evaluate a connection, updating our summary information in cls about what kinds of connections we have.

Parameters
clsthe struct EvaluationSummary * to update
cta connection to include in the summary

Definition at line 2570 of file gnunet-service-cadet_tunnels.c.

References CadetConnectionMetrics::age, CadetTConnection::cc, EvaluationSummary::duplicate, GCC_2s(), GCC_get_metrics(), GCC_get_path(), GCPP_2s(), GCPP_get_desirability(), GCPP_get_length(), GCPP_get_peer_at_offset(), GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_MAX, GNUNET_MIN, GNUNET_NO, GNUNET_TIME_absolute_get_duration(), GNUNET_YES, CadetConnectionMetrics::last_use, LOG, EvaluationSummary::max_desire, EvaluationSummary::max_length, EvaluationSummary::min_desire, EvaluationSummary::min_length, CadetConnectionMetrics::num_acked_transmissions, CadetConnectionMetrics::num_successes, EvaluationSummary::path, GNUNET_TIME_Relative::rel_value_us, EvaluationSummary::worst, and EvaluationSummary::worst_score.

Referenced by consider_path_cb(), and maintain_connections_cb().

2572 {
2573  struct EvaluationSummary *es = cls;
2574  struct CadetConnection *cc = ct->cc;
2575  unsigned int ct_length;
2576  struct CadetPeerPath *ps;
2577  const struct CadetConnectionMetrics *metrics;
2578  GNUNET_CONTAINER_HeapCostType ct_desirability;
2579  struct GNUNET_TIME_Relative uptime;
2580  struct GNUNET_TIME_Relative last_use;
2581  double score;
2582  double success_rate;
2583 
2584  ps = GCC_get_path(cc,
2585  &ct_length);
2587  "Evaluating path %s of existing %s\n",
2588  GCPP_2s(ps),
2589  GCC_2s(cc));
2590  if (ps == es->path)
2591  {
2593  "Ignoring duplicate path %s.\n",
2594  GCPP_2s(es->path));
2595  es->duplicate = GNUNET_YES;
2596  return;
2597  }
2598  if (NULL != es->path)
2599  {
2600  int duplicate = GNUNET_YES;
2601 
2602  for (unsigned int i = 0; i < ct_length; i++)
2603  {
2605  if (GCPP_get_peer_at_offset(es->path,
2606  i) !=
2608  i))
2609  {
2610  duplicate = GNUNET_NO;
2611  break;
2612  }
2613  }
2614  if (GNUNET_YES == duplicate)
2615  {
2617  "Ignoring overlapping path %s.\n",
2618  GCPP_2s(es->path));
2619  es->duplicate = GNUNET_YES;
2620  return;
2621  }
2622  else
2623  {
2625  "Known path %s differs from proposed path\n",
2626  GCPP_2s(ps));
2627  }
2628  }
2629 
2630  ct_desirability = GCPP_get_desirability(ps);
2631  metrics = GCC_get_metrics(cc);
2632  uptime = GNUNET_TIME_absolute_get_duration(metrics->age);
2633  last_use = GNUNET_TIME_absolute_get_duration(metrics->last_use);
2634  /* We add 1.0 here to avoid division by zero. */
2635  success_rate = (metrics->num_acked_transmissions + 1.0) / (metrics->num_successes + 1.0);
2636  score
2637  = ct_desirability
2638  + 100.0 / (1.0 + ct_length) /* longer paths = better */
2639  + sqrt(uptime.rel_value_us / 60000000LL) /* larger uptime = better */
2640  - last_use.rel_value_us / 1000L; /* longer idle = worse */
2641  score *= success_rate; /* weigh overall by success rate */
2642 
2643  if ((NULL == es->worst) ||
2644  (score < es->worst_score))
2645  {
2646  es->worst = ct;
2647  es->worst_score = score;
2648  }
2649  es->min_length = GNUNET_MIN(es->min_length,
2650  ct_length);
2651  es->max_length = GNUNET_MAX(es->max_length,
2652  ct_length);
2653  es->min_desire = GNUNET_MIN(es->min_desire,
2654  ct_desirability);
2655  es->max_desire = GNUNET_MAX(es->max_desire,
2656  ct_desirability);
2657 }
Closure for evaluate_connection.
const struct CadetConnectionMetrics * GCC_get_metrics(struct CadetConnection *cc)
Obtain performance metrics from cc.
struct CadetPeerPath * path
Path we are comparing against for evaluate_connection, can be NULL.
Low-level connection to a destination.
int duplicate
Set to GNUNET_YES if we have a connection over path already.
unsigned int max_length
Maximum length of any of our connections, 0 if we have none.
unsigned long long num_successes
Number of packets that were sent via this connection did actually receive an ACK? (Note: ACKs may be ...
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
struct GNUNET_TIME_Absolute last_use
When was this connection last used? (by us sending or receiving a PAYLOAD message on it) ...
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GNUNET_NO
Definition: gnunet_common.h:78
const char * GCPP_2s(struct CadetPeerPath *path)
Convert a path to a human-readable string.
Performance metrics for a connection.
double worst_score
Numeric score of worst, only set if worst is non-NULL.
GNUNET_CONTAINER_HeapCostType min_desire
Minimum desirability of any of our connections, UINT64_MAX if we have none.
#define GNUNET_MAX(a, b)
Definition: gnunet_common.h:82
#define GNUNET_MIN(a, b)
Definition: gnunet_common.h:80
struct CadetConnection * cc
Connection handle.
uint64_t GNUNET_CONTAINER_HeapCostType
Cost by which elements in a heap can be ordered.
GNUNET_CONTAINER_HeapCostType GCPP_get_desirability(const struct CadetPeerPath *path)
Return how much we like keeping the path.
struct CadetPeerPath * GCC_get_path(struct CadetConnection *cc, unsigned int *off)
Obtain the path used by this connection.
GNUNET_CONTAINER_HeapCostType max_desire
Maximum desirability of any of our connections, 0 if we have none.
unsigned int min_length
Minimum length of any of our connections, UINT_MAX if we have none.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_duration(struct GNUNET_TIME_Absolute whence)
Get the duration of an operation as the difference of the current time and the given start time "henc...
Definition: time.c:373
unsigned long long num_acked_transmissions
How many packets that ought to generate an ACK did we send via this connection?
struct CadetPeer * GCPP_get_peer_at_offset(struct CadetPeerPath *path, unsigned int off)
Obtain the peer at offset off in path.
#define LOG(level,...)
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_TIME_Absolute age
When was this connection first established? (by us sending or receiving the CREATE_ACK for the first ...
Information regarding a possible path to reach a peer.
unsigned int GCPP_get_length(struct CadetPeerPath *path)
Return the length of the path.
Time for relative time used by GNUnet, in microseconds.
struct CadetTConnection * worst
Connection deemed the "worst" so far encountered by evaluate_connection, NULL if we did not yet encou...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ consider_path_cb()

static int consider_path_cb ( void *  cls,
struct CadetPeerPath path,
unsigned int  off 
)
static

Consider using the path p for the tunnel t.

The tunnel destination is at offset off in path p.

Parameters
clsour tunnel
patha path to our destination
offoffset of the destination on path path
Returns
GNUNET_YES (should keep iterating)

Definition at line 2670 of file gnunet-service-cadet_tunnels.c.

References CadetTConnection::cc, CadetTunnel::connection_busy_head, CadetTunnel::connection_busy_tail, connection_ready_cb(), CadetTConnection::created, DESIRED_CONNECTIONS_PER_TUNNEL, CadetTunnel::destination, EvaluationSummary::duplicate, evaluate_connection(), GCC_2s(), GCC_create(), GCP_2s(), GCPP_2s(), GCPP_get_desirability(), GCPP_get_length(), GCPP_get_peer_at_offset(), GCT_2s(), GCT_count_any_connections(), GCT_iterate_connections(), GNUNET_assert, GNUNET_CONTAINER_DLL_insert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_new, GNUNET_NO, GNUNET_TIME_absolute_get(), GNUNET_YES, LOG, EvaluationSummary::max_desire, EvaluationSummary::max_length, EvaluationSummary::min_desire, EvaluationSummary::min_length, CadetTunnel::num_busy_connections, EvaluationSummary::path, t, CadetTConnection::t, and EvaluationSummary::worst.

Referenced by GCT_consider_path(), and maintain_connections_cb().

2673 {
2674  struct CadetTunnel *t = cls;
2675  struct EvaluationSummary es;
2676  struct CadetTConnection *ct;
2677 
2678  GNUNET_assert(off < GCPP_get_length(path));
2680  off) == t->destination);
2681  es.min_length = UINT_MAX;
2682  es.max_length = 0;
2683  es.max_desire = 0;
2684  es.min_desire = UINT64_MAX;
2685  es.path = path;
2686  es.duplicate = GNUNET_NO;
2687  es.worst = NULL;
2688 
2689  /* Compute evaluation summary over existing connections. */
2691  "Evaluating proposed path %s for target %s\n",
2692  GCPP_2s(path),
2693  GCT_2s(t));
2694  /* FIXME: suspect this does not ACTUALLY iterate
2695  over all existing paths, otherwise dup detection
2696  should work!!! */
2699  &es);
2700  if (GNUNET_YES == es.duplicate)
2701  return GNUNET_YES;
2702 
2703  /* FIXME: not sure we should really just count
2704  'num_connections' here, as they may all have
2705  consistently failed to connect. */
2706 
2707  /* We iterate by increasing path length; if we have enough paths and
2708  this one is more than twice as long than what we are currently
2709  using, then ignore all of these super-long ones! */
2711  (es.min_length * 2 < off) &&
2712  (es.max_length < off))
2713  {
2715  "Ignoring paths of length %u, they are way too long.\n",
2716  es.min_length * 2);
2717  return GNUNET_NO;
2718  }
2719  /* If we have enough paths and this one looks no better, ignore it. */
2721  (es.min_length < GCPP_get_length(path)) &&
2722  (es.min_desire > GCPP_get_desirability(path)) &&
2723  (es.max_length < off))
2724  {
2726  "Ignoring path (%u/%llu) to %s, got something better already.\n",
2727  GCPP_get_length(path),
2728  (unsigned long long)GCPP_get_desirability(path),
2729  GCP_2s(t->destination));
2730  return GNUNET_YES;
2731  }
2732 
2733  /* Path is interesting (better by some metric, or we don't have
2734  enough paths yet). */
2735  ct = GNUNET_new(struct CadetTConnection);
2737  ct->t = t;
2738  ct->cc = GCC_create(t->destination,
2739  path,
2740  off,
2741  ct,
2743  ct);
2744 
2745  /* FIXME: schedule job to kill connection (and path?) if it takes
2746  too long to get ready! (And track performance data on how long
2747  other connections took with the tunnel!)
2748  => Note: to be done within 'connection'-logic! */
2751  ct);
2752  t->num_busy_connections++;
2754  "Found interesting path %s for %s, created %s\n",
2755  GCPP_2s(path),
2756  GCT_2s(t),
2757  GCC_2s(ct->cc));
2758  return GNUNET_YES;
2759 }
Closure for evaluate_connection.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
#define DESIRED_CONNECTIONS_PER_TUNNEL
How many connections would we like to have per tunnel?
const char * GCC_2s(const struct CadetConnection *cc)
Get a (static) string for a connection.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
unsigned int GCT_count_any_connections(const struct CadetTunnel *t)
Count all created connections of a tunnel.
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct CadetConnection * GCC_create(struct CadetPeer *destination, struct CadetPeerPath *path, unsigned int off, struct CadetTConnection *ct, GCC_ReadyCallback ready_cb, void *ready_cb_cls)
Create a connection to destination via path and notify cb whenever we are ready for more data...
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct CadetTConnection * connection_busy_head
DLL of connections that we maintain that might be used to reach the destination peer.
const char * GCP_2s(const struct CadetPeer *cp)
Get the static string for a peer ID.
struct CadetTunnel * t
Tunnel this connection belongs to.
const char * GCPP_2s(struct CadetPeerPath *path)
Convert a path to a human-readable string.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get(void)
Get the current time.
Definition: time.c:118
struct CadetConnection * cc
Connection handle.
Struct containing all information regarding a tunnel to a peer.
GNUNET_CONTAINER_HeapCostType GCPP_get_desirability(const struct CadetPeerPath *path)
Return how much we like keeping the path.
static void evaluate_connection(void *cls, struct CadetTConnection *ct)
Evaluate a connection, updating our summary information in cls about what kinds of connections we hav...
Entry in list of connections used by tunnel, with metadata.
struct CadetPeer * destination
Destination of the tunnel.
static void connection_ready_cb(void *cls, int is_ready)
A connection is is_ready for transmission.
struct GNUNET_TIME_Absolute created
Creation time, to keep oldest connection alive.
struct CadetPeer * GCPP_get_peer_at_offset(struct CadetPeerPath *path, unsigned int off)
Obtain the peer at offset off in path.
void GCT_iterate_connections(struct CadetTunnel *t, GCT_ConnectionIterator iter, void *iter_cls)
Iterate over all connections of a tunnel.
#define LOG(level,...)
#define GNUNET_YES
Definition: gnunet_common.h:77
unsigned int num_busy_connections
Number of connections in the connection_busy_head DLL.
struct CadetTConnection * connection_busy_tail
DLL of connections that we maintain that might be used to reach the destination peer.
unsigned int GCPP_get_length(struct CadetPeerPath *path)
Return the length of the path.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ maintain_connections_cb()

static void maintain_connections_cb ( void *  cls)
static

Function called to maintain the connections underlying our tunnel.

Tries to maintain (incl. tear down) connections for the tunnel, and if there is a significant change, may trigger transmissions.

Basically, needs to check if there are connections that perform badly, and if so eventually kill them and trigger a replacement. The strategy is to open one more connection than DESIRED_CONNECTIONS_PER_TUNNEL, and then periodically kick out the least-performing one, and then inquire for new ones.

Parameters
clsthe struct CadetTunnel

Definition at line 2776 of file gnunet-service-cadet_tunnels.c.

References consider_path_cb(), DESIRED_CONNECTIONS_PER_TUNNEL, CadetTunnel::destination, destroy_t_connection(), EvaluationSummary::duplicate, evaluate_connection(), GCP_iterate_paths(), GCT_2s(), GCT_count_any_connections(), GCT_iterate_connections(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_NO, GNUNET_SCHEDULER_add_delayed(), GNUNET_TIME_UNIT_MINUTES, LOG, CadetTunnel::maintain_connections_task, EvaluationSummary::max_desire, EvaluationSummary::max_length, EvaluationSummary::min_desire, EvaluationSummary::min_length, EvaluationSummary::path, and EvaluationSummary::worst.

Referenced by GCT_create_tunnel().

2777 {
2778  struct CadetTunnel *t = cls;
2779  struct GNUNET_TIME_Relative delay;
2780  struct EvaluationSummary es;
2781 
2782  t->maintain_connections_task = NULL;
2784  "Performing connection maintenance for %s.\n",
2785  GCT_2s(t));
2786 
2787  es.min_length = UINT_MAX;
2788  es.max_length = 0;
2789  es.max_desire = 0;
2790  es.min_desire = UINT64_MAX;
2791  es.path = NULL;
2792  es.worst = NULL;
2793  es.duplicate = GNUNET_NO;
2796  &es);
2797  if ((NULL != es.worst) &&
2799  {
2800  /* Clear out worst-performing connection 'es.worst'. */
2802  es.worst);
2803  }
2804 
2805  /* Consider additional paths */
2806  (void)GCP_iterate_paths(t->destination,
2808  t);
2809 
2810  /* FIXME: calculate when to try again based on how well we are doing;
2811  in particular, if we have to few connections, we might be able
2812  to do without this (as PATHS should tell us whenever a new path
2813  is available instantly; however, need to make sure this job is
2814  restarted after that happens).
2815  Furthermore, if the paths we do know are in a reasonably narrow
2816  quality band and are plentyful, we might also consider us stabilized
2817  and then reduce the frequency accordingly. */
2822  t);
2823 }
Closure for evaluate_connection.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
#define DESIRED_CONNECTIONS_PER_TUNNEL
How many connections would we like to have per tunnel?
#define GNUNET_TIME_UNIT_MINUTES
One minute.
unsigned int GCT_count_any_connections(const struct CadetTunnel *t)
Count all created connections of a tunnel.
#define GNUNET_NO
Definition: gnunet_common.h:78
unsigned int GCP_iterate_paths(struct CadetPeer *cp, GCP_PathIterator callback, void *callback_cls)
Iterate over the paths to a peer.
static struct GNUNET_SCHEDULER_Task * t
Main task.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1237
static int consider_path_cb(void *cls, struct CadetPeerPath *path, unsigned int off)
Consider using the path p for the tunnel t.
Struct containing all information regarding a tunnel to a peer.
static struct GNUNET_TIME_Relative delay
When should dkg communication start?
static void evaluate_connection(void *cls, struct CadetTConnection *ct)
Evaluate a connection, updating our summary information in cls about what kinds of connections we hav...
static void maintain_connections_cb(void *cls)
Function called to maintain the connections underlying our tunnel.
struct CadetPeer * destination
Destination of the tunnel.
struct GNUNET_SCHEDULER_Task * maintain_connections_task
Task to trim connections if too many are present.
void GCT_iterate_connections(struct CadetTunnel *t, GCT_ConnectionIterator iter, void *iter_cls)
Iterate over all connections of a tunnel.
static void destroy_t_connection(void *cls, struct CadetTConnection *ct)
Clean up connection ct of a tunnel.
#define LOG(level,...)
Time for relative time used by GNUnet, in microseconds.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ GCT_consider_path()

void GCT_consider_path ( struct CadetTunnel t,
struct CadetPeerPath p,
unsigned int  off 
)

Consider using the path p for the tunnel t.

The tunnel destination is at offset off in path p.

Parameters
clsour tunnel
patha path to our destination
offoffset of the destination on path path

Definition at line 2835 of file gnunet-service-cadet_tunnels.c.

References consider_path_cb(), GCPP_2s(), GCT_2s(), GNUNET_ERROR_TYPE_DEBUG, and LOG.

Referenced by GCP_path_entry_add(), and GCP_set_mq().

2838 {
2840  "Considering %s for %s (offset %u)\n",
2841  GCPP_2s(p),
2842  GCT_2s(t),
2843  off);
2844  (void)consider_path_cb(t,
2845  p,
2846  off);
2847 }
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
const char * GCPP_2s(struct CadetPeerPath *path)
Convert a path to a human-readable string.
static int consider_path_cb(void *cls, struct CadetPeerPath *path, unsigned int off)
Consider using the path p for the tunnel t.
#define LOG(level,...)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_plaintext_keepalive()

static void handle_plaintext_keepalive ( void *  cls,
const struct GNUNET_MessageHeader msg 
)
static

We got a keepalive.

Track in statistics.

Parameters
clsthe struct CadetTunnel for which we decrypted the message
msgthe message we received on the tunnel

Definition at line 2857 of file gnunet-service-cadet_tunnels.c.

References GCT_2s(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_NO, GNUNET_STATISTICS_update(), LOG, and stats.

2859 {
2860  struct CadetTunnel *t = cls;
2861 
2863  "Received KEEPALIVE on %s\n",
2864  GCT_2s(t));
2866  "# keepalives received",
2867  1,
2868  GNUNET_NO);
2869 }
static struct GNUNET_STATISTICS_Handle * stats
Handle for statistics.
const char * GCT_2s(const struct CadetTunnel *t)
Get the static string for the peer this tunnel is directed.
#define GNUNET_NO
Definition: gnunet_common.h:78
static struct GNUNET_SCHEDULER_Task * t
Main task.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
Struct containing all information regarding a tunnel to a peer.