GNUnet  0.11.x
Data Structures | Macros | Functions | Variables
gnunet-communicator-udp.c File Reference

Transport plugin using UDP. More...

#include "platform.h"
#include "gnunet_util_lib.h"
#include "gnunet_protocols.h"
#include "gnunet_signatures.h"
#include "gnunet_constants.h"
#include "gnunet_nt_lib.h"
#include "gnunet_nat_service.h"
#include "gnunet_statistics_service.h"
#include "gnunet_transport_application_service.h"
#include "gnunet_transport_communication_service.h"
Include dependency graph for gnunet-communicator-udp.c:

Go to the source code of this file.

Data Structures

struct  UdpHandshakeSignature
 Signature we use to verify that the ephemeral key was really chosen by the specified sender. More...
 
struct  InitialKX
 "Plaintext" header at beginning of KX message. More...
 
struct  UDPConfirmation
 Encrypted continuation of UDP initial handshake, followed by message header with payload. More...
 
struct  UDPAck
 UDP key acknowledgement. More...
 
struct  UdpBroadcastSignature
 Signature we use to verify that the broadcast was really made by the peer that claims to have made it. More...
 
struct  UDPBroadcast
 Broadcast by peer in LAN announcing its presence. More...
 
struct  UDPBox
 UDP message box. More...
 
struct  UDPRekey
 UDP message box. More...
 
struct  KeyCacheEntry
 Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct UDPBox. More...
 
struct  SharedSecret
 Shared secret we generated for a particular sender or receiver. More...
 
struct  SenderAddress
 Information we track per sender address we have recently been in contact with (we decrypt messages from the sender). More...
 
struct  ReceiverAddress
 Information we track per receiving address we have recently been in contact with (encryption to receiver). More...
 
struct  BroadcastInterface
 Interface we broadcast our presence on. More...
 
struct  SearchContext
 Context information to be used while searching for operation contexts. More...
 

Macros

#define DEFAULT_REKEY_TIME_INTERVAL   GNUNET_TIME_UNIT_DAYS
 How often do we rekey based on time (at least) More...
 
#define PROTO_QUEUE_TIMEOUT   GNUNET_TIME_UNIT_MINUTES
 How long do we wait until we must have received the initial KX? More...
 
#define BROADCAST_FREQUENCY   GNUNET_TIME_UNIT_MINUTES
 How often do we broadcast our presence on the LAN? More...
 
#define INTERFACE_SCAN_FREQUENCY   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
 How often do we scan for changes to our network interfaces? More...
 
#define ADDRESS_VALIDITY_PERIOD   GNUNET_TIME_UNIT_HOURS
 How long do we believe our addresses to remain up (before the other peer should revalidate). More...
 
#define WORKING_QUEUE_INTERVALL   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)
 
#define AES_KEY_SIZE   (256 / 8)
 AES key size. More...
 
#define AES_IV_SIZE   (96 / 8)
 AES (GCM) IV size. More...
 
#define GCM_TAG_SIZE   (128 / 8)
 Size of the GCM tag. More...
 
#define GENERATE_AT_ONCE   2
 
#define KCN_THRESHOLD   92
 If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET. More...
 
#define KCN_TARGET   128
 How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD so we do not generate just one ACK at the time. More...
 
#define MAX_SQN_DELTA   160
 What is the maximum delta between KCN sequence numbers that we allow. More...
 
#define MAX_SECRETS   128000
 How many shared master secrets do we keep around at most per sender? Should be large enough so that we generally have a chance of sending an ACK before the sender already rotated out the master secret. More...
 
#define REKEY_MAX_BYTES   (1024LLU * 1024 * 1024 * 4LLU)
 How often do we rekey based on number of bytes transmitted? (additionally randomized). More...
 
#define COMMUNICATOR_ADDRESS_PREFIX   "udp"
 Address prefix used by the communicator. More...
 
#define COMMUNICATOR_CONFIG_SECTION   "communicator-udp"
 Configuration section used by the communicator. More...
 

Functions

static void bi_destroy (struct BroadcastInterface *bi)
 An interface went away, stop broadcasting on it. More...
 
static void receiver_destroy (struct ReceiverAddress *receiver)
 Destroys a receiving state due to timeout or shutdown. More...
 
static void kce_destroy (struct KeyCacheEntry *kce)
 Free memory used by key cache entry. More...
 
static void get_kid (const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
 Compute kid. More...
 
static void kce_generate (struct SharedSecret *ss, uint32_t seq)
 Setup key cache entry for sequence number seq and shared secret ss. More...
 
static int secret_destroy (struct SharedSecret *ss, int withoutKce)
 Destroy ss and associated key cache entries. More...
 
static void sender_destroy (struct SenderAddress *sender)
 Functions with this signature are called whenever we need to close a sender's state due to timeout. More...
 
static void get_iv_key (const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
 Compute key and iv. More...
 
static void reschedule_sender_timeout (struct SenderAddress *sender)
 Increment sender timeout due to activity. More...
 
static void reschedule_receiver_timeout (struct ReceiverAddress *receiver)
 Increment receiver timeout due to activity. More...
 
static void check_timeouts (void *cls)
 Task run to check #receiver_heap and #sender_heap for timeouts. More...
 
static void calculate_cmac (struct SharedSecret *ss)
 Calcualte cmac from master in ss. More...
 
static void pass_plaintext_to_core (struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
 We received plaintext_len bytes of plaintext from a sender. More...
 
static void setup_cipher (const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
 Setup cipher based on shared secret msec and serial number serial. More...
 
static int try_decrypt (const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
 Try to decrypt buf using shared secret ss and key/iv derived using serial. More...
 
static struct SharedSecretsetup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
 Setup shared secret for decryption. More...
 
static struct SharedSecretsetup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver, int add_to_receiver)
 Setup shared secret for encryption. More...
 
static void setup_receiver_mq (struct ReceiverAddress *receiver)
 Setup the MQ for the receiver. More...
 
static void destroy_all_secrets (struct SharedSecret *ss, int withoutKce)
 Destroying all secrets. More...
 
static void add_acks (struct SharedSecret *ss, int acks_to_add, int remove_from_receiver)
 
static void add_acks_rekey (struct ReceiverAddress *receiver)
 
static int handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
 We received an ACK for pid. More...
 
static void try_handle_plaintext (struct SenderAddress *sender, const void *buf, size_t buf_size)
 Test if we have received a valid message in plaintext. More...
 
static void kce_generate_cb (void *cls)
 
static void kce_generate_rekey_cb (void *cls)
 
static void consider_ss_ack (struct SharedSecret *ss, int initial)
 We established a shared secret with a sender. More...
 
static void decrypt_box (const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
 We received a box with matching kce. More...
 
static void decrypt_rekey (const struct UDPRekey *rekey, size_t rekey_len, struct KeyCacheEntry *kce, struct SenderAddress *sender)
 We received a rekey with matching kce. More...
 
static int find_sender_by_address (void *cls, const struct GNUNET_PeerIdentity *key, void *value)
 Find existing struct SenderAddress by matching addresses. More...
 
static struct SenderAddresssetup_sender (const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
 Create sender address for target. More...
 
static int verify_confirmation (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
 Check signature from uc against ephemeral. More...
 
static char * sockaddr_to_udpaddr_string (const struct sockaddr *address, socklen_t address_len)
 Converts address to the address string format used by this communicator in HELLOs. More...
 
static void sock_read (void *cls)
 Socket read task. More...
 
static struct sockaddr * udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
 Convert UDP bind specification to a struct sockaddr * More...
 
static void do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
 Pad dgram by pad_size using out_cipher. More...
 
static void mq_send_kx (struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
 Signature of functions implementing the sending functionality of a message queue. More...
 
static void check_for_rekeying (struct ReceiverAddress *receiver, struct UDPBox *box)
 
static void send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss)
 
static void mq_send_d (struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
 Signature of functions implementing the sending functionality of a message queue. More...
 
static void mq_destroy_d (struct GNUNET_MQ_Handle *mq, void *impl_state)
 Signature of functions implementing the destruction of a message queue. More...
 
static void mq_destroy_kx (struct GNUNET_MQ_Handle *mq, void *impl_state)
 Signature of functions implementing the destruction of a message queue. More...
 
static void mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
 Implementation function that cancels the currently sent message. More...
 
static void mq_error (void *cls, enum GNUNET_MQ_Error error)
 Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue. More...
 
static int mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
 Function called by the transport service to initialize a message queue given address information about another peer. More...
 
static int get_receiver_delete_it (void *cls, const struct GNUNET_PeerIdentity *target, void *value)
 Iterator over all receivers to clean up. More...
 
static int get_sender_delete_it (void *cls, const struct GNUNET_PeerIdentity *target, void *value)
 Iterator over all senders to clean up. More...
 
static void do_shutdown (void *cls)
 Shutdown the UNIX communicator. More...
 
static void enc_notify_cb (void *cls, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg)
 Function called when the transport service has received a backchannel message for this communicator (!) via a different return path. More...
 
static void nat_address_cb (void *cls, void **app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr *addr, socklen_t addrlen)
 Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of 'valid' addresses changes. More...
 
static void ifc_broadcast (void *cls)
 Broadcast our presence on one of our interfaces. More...
 
static int iface_proc (void *cls, const char *name, int isDefault, const struct sockaddr *addr, const struct sockaddr *broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
 Callback function invoked for each interface found. More...
 
static void do_broadcast (void *cls)
 Scan interfaces to broadcast our presence on the LAN. More...
 
static void run (void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
 Setup communicator and launch network interactions. More...
 
int main (int argc, char *const *argv)
 The main function for the UNIX communicator. More...
 

Variables

static struct GNUNET_TIME_Relative rekey_interval
 The rekey interval. More...
 
struct SharedSecretss_finished
 Shared secret we finished the last kce working queue for. More...
 
static struct GNUNET_CONTAINER_MultiShortmapkey_cache
 Cache of pre-generated key IDs. More...
 
static struct GNUNET_SCHEDULER_Taskread_task
 ID of read task. More...
 
static struct GNUNET_SCHEDULER_Tasktimeout_task
 ID of timeout task. More...
 
static struct GNUNET_SCHEDULER_Taskkce_task
 ID of kce working queue task. More...
 
static struct GNUNET_SCHEDULER_Taskkce_task_rekey
 ID of kce rekey working queue task. More...
 
static int kce_task_finished = GNUNET_NO
 Is the kce_task finished? More...
 
static struct GNUNET_SCHEDULER_Taskbroadcast_task
 ID of master broadcast task. More...
 
static struct GNUNET_STATISTICS_Handlestats
 For logging statistics. More...
 
static struct GNUNET_TRANSPORT_CommunicatorHandlech
 Our environment. More...
 
static struct GNUNET_CONTAINER_MultiPeerMapreceivers
 Receivers (map from peer identity to struct ReceiverAddress) More...
 
static struct GNUNET_CONTAINER_MultiPeerMapsenders
 Senders (map from peer identity to struct SenderAddress) More...
 
static struct GNUNET_CONTAINER_Heapsenders_heap
 Expiration heap for senders (contains struct SenderAddress) More...
 
static struct GNUNET_CONTAINER_Heapreceivers_heap
 Expiration heap for receivers (contains struct ReceiverAddress) More...
 
static struct BroadcastInterfacebi_head
 Broadcast interface tasks. More...
 
static struct BroadcastInterfacebi_tail
 Broadcast interface tasks. More...
 
static struct GNUNET_NETWORK_Handleudp_sock
 Our socket. More...
 
static int have_v6_socket
 GNUNET_YES if udp_sock supports IPv6. More...
 
static struct GNUNET_PeerIdentity my_identity
 Our public key. More...
 
static struct GNUNET_CRYPTO_EddsaPrivateKeymy_private_key
 Our private key. More...
 
static const struct GNUNET_CONFIGURATION_Handlecfg
 Our configuration. More...
 
static struct GNUNET_TRANSPORT_ApplicationHandleah
 Our handle to report addresses for validation to TRANSPORT. More...
 
static struct GNUNET_NT_InterfaceScanneris
 Network scanner to determine network types. More...
 
static struct GNUNET_NAT_Handlenat
 Connection to NAT service. More...
 
static uint16_t my_port
 Port number to which we are actually bound. More...
 

Detailed Description

Transport plugin using UDP.

Author
Christian Grothoff

TODO:

Definition in file gnunet-communicator-udp.c.

Macro Definition Documentation

◆ DEFAULT_REKEY_TIME_INTERVAL

#define DEFAULT_REKEY_TIME_INTERVAL   GNUNET_TIME_UNIT_DAYS

How often do we rekey based on time (at least)

Definition at line 54 of file gnunet-communicator-udp.c.

Referenced by run().

◆ PROTO_QUEUE_TIMEOUT

#define PROTO_QUEUE_TIMEOUT   GNUNET_TIME_UNIT_MINUTES

How long do we wait until we must have received the initial KX?

Definition at line 59 of file gnunet-communicator-udp.c.

◆ BROADCAST_FREQUENCY

#define BROADCAST_FREQUENCY   GNUNET_TIME_UNIT_MINUTES

How often do we broadcast our presence on the LAN?

Definition at line 64 of file gnunet-communicator-udp.c.

Referenced by ifc_broadcast().

◆ INTERFACE_SCAN_FREQUENCY

#define INTERFACE_SCAN_FREQUENCY   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)

How often do we scan for changes to our network interfaces?

Definition at line 69 of file gnunet-communicator-udp.c.

Referenced by do_broadcast(), and ifc_broadcast().

◆ ADDRESS_VALIDITY_PERIOD

#define ADDRESS_VALIDITY_PERIOD   GNUNET_TIME_UNIT_HOURS

How long do we believe our addresses to remain up (before the other peer should revalidate).

Definition at line 76 of file gnunet-communicator-udp.c.

Referenced by pass_plaintext_to_core().

◆ WORKING_QUEUE_INTERVALL

#define WORKING_QUEUE_INTERVALL   GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)

◆ AES_KEY_SIZE

#define AES_KEY_SIZE   (256 / 8)

AES key size.

Definition at line 84 of file gnunet-communicator-udp.c.

Referenced by setup_cipher().

◆ AES_IV_SIZE

#define AES_IV_SIZE   (96 / 8)

AES (GCM) IV size.

Definition at line 89 of file gnunet-communicator-udp.c.

Referenced by get_iv_key(), and setup_cipher().

◆ GCM_TAG_SIZE

#define GCM_TAG_SIZE   (128 / 8)

Size of the GCM tag.

Definition at line 94 of file gnunet-communicator-udp.c.

◆ GENERATE_AT_ONCE

#define GENERATE_AT_ONCE   2

Definition at line 96 of file gnunet-communicator-udp.c.

Referenced by kce_generate_cb(), and kce_generate_rekey_cb().

◆ KCN_THRESHOLD

#define KCN_THRESHOLD   92

If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET.

Should be large enough that we don't generate ACKs all the time and still have enough time for the ACK to arrive before the sender runs out. So really this should ideally be based on the RTT.

Definition at line 107 of file gnunet-communicator-udp.c.

Referenced by consider_ss_ack().

◆ KCN_TARGET

#define KCN_TARGET   128

How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD so we do not generate just one ACK at the time.

Definition at line 115 of file gnunet-communicator-udp.c.

Referenced by kce_generate_cb().

◆ MAX_SQN_DELTA

#define MAX_SQN_DELTA   160

What is the maximum delta between KCN sequence numbers that we allow.

Used to expire 'ancient' KCNs that likely were dropped by the network. Must be larger than KCN_TARGET (otherwise we generate new KCNs all the time), but not too large (otherwise packet loss may cause sender to fall back to KX needlessly when sender runs out of ACK'ed KCNs due to losses).

Definition at line 126 of file gnunet-communicator-udp.c.

Referenced by consider_ss_ack().

◆ MAX_SECRETS

#define MAX_SECRETS   128000

How many shared master secrets do we keep around at most per sender? Should be large enough so that we generally have a chance of sending an ACK before the sender already rotated out the master secret.

Generally values around KCN_TARGET make sense. Might make sense to adapt to RTT if we had a good measurement...

Definition at line 137 of file gnunet-communicator-udp.c.

Referenced by consider_ss_ack(), and mq_send_kx().

◆ REKEY_MAX_BYTES

#define REKEY_MAX_BYTES   (1024LLU * 1024 * 1024 * 4LLU)

How often do we rekey based on number of bytes transmitted? (additionally randomized).

Definition at line 143 of file gnunet-communicator-udp.c.

Referenced by check_for_rekeying().

◆ COMMUNICATOR_ADDRESS_PREFIX

#define COMMUNICATOR_ADDRESS_PREFIX   "udp"

Address prefix used by the communicator.

Definition at line 149 of file gnunet-communicator-udp.c.

Referenced by consider_ss_ack(), mq_init(), nat_address_cb(), run(), and sockaddr_to_udpaddr_string().

◆ COMMUNICATOR_CONFIG_SECTION

#define COMMUNICATOR_CONFIG_SECTION   "communicator-udp"

Configuration section used by the communicator.

Definition at line 154 of file gnunet-communicator-udp.c.

Referenced by run(), and udp_address_to_sockaddr().

Function Documentation

◆ bi_destroy()

static void bi_destroy ( struct BroadcastInterface bi)
static

An interface went away, stop broadcasting on it.

Parameters
bientity to close down

Definition at line 894 of file gnunet-communicator-udp.c.

References BroadcastInterface::ba, BroadcastInterface::broadcast_task, GNUNET_CONTAINER_DLL_remove, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_log_strerror, GNUNET_NETWORK_socket_setsockopt(), GNUNET_OK, GNUNET_SCHEDULER_cancel(), BroadcastInterface::mcreq, and BroadcastInterface::sa.

Referenced by do_broadcast(), and do_shutdown().

895 {
896  if (AF_INET6 == bi->sa->sa_family)
897  {
898  /* Leave the multicast group */
900  IPPROTO_IPV6,
901  IPV6_LEAVE_GROUP,
902  &bi->mcreq,
903  sizeof(bi->mcreq)))
904  {
906  }
907  }
910  GNUNET_free (bi->sa);
911  GNUNET_free (bi->ba);
912  GNUNET_free (bi);
913 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
int GNUNET_NETWORK_socket_setsockopt(struct GNUNET_NETWORK_Handle *fd, int level, int option_name, const void *option_value, socklen_t option_len)
Set socket option.
Definition: network.c:883
static struct BroadcastInterface * bi_tail
Broadcast interface tasks.
static struct BroadcastInterface * bi_head
Broadcast interface tasks.
struct sockaddr * ba
Broadcast address to use on the interface.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level 'level' that indicates a failure of the command 'cmd' with the mess...
struct sockaddr * sa
Sender's address of the interface.
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
struct ipv6_mreq mcreq
If this is an IPv6 interface, this is the request we use to join/leave the group. ...
struct GNUNET_SCHEDULER_Task * broadcast_task
Task for this broadcast interface.
#define GNUNET_free(ptr)
Wrapper around free.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:972
Here is the call graph for this function:
Here is the caller graph for this function:

◆ receiver_destroy()

static void receiver_destroy ( struct ReceiverAddress receiver)
static

Destroys a receiving state due to timeout or shutdown.

Parameters
receiverentity to close down

Definition at line 922 of file gnunet-communicator-udp.c.

References ReceiverAddress::address, ReceiverAddress::d_qh, ReceiverAddress::foreign_addr, GNUNET_assert, GNUNET_CONTAINER_heap_remove_node(), GNUNET_CONTAINER_multipeermap_remove(), GNUNET_CONTAINER_multipeermap_size(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_i2s(), GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_set(), GNUNET_TRANSPORT_communicator_mq_del(), GNUNET_YES, ReceiverAddress::hn, ReceiverAddress::kx_mq, ReceiverAddress::kx_qh, ReceiverAddress::receiver_destroy_called, and ReceiverAddress::target.

Referenced by check_timeouts(), get_receiver_delete_it(), mq_destroy_d(), mq_destroy_kx(), mq_error(), mq_send_d(), and mq_send_kx().

923 {
924 
926 
928  "Disconnecting receiver for peer `%s'\n",
929  GNUNET_i2s (&receiver->target));
930  /*if (NULL != (mq = receiver->kx_mq))
931  {
932  receiver->kx_mq = NULL;
933  GNUNET_MQ_destroy (mq);
934  }*/
935  if (NULL != receiver->kx_qh)
936  {
938  receiver->kx_qh = NULL;
939  receiver->kx_mq = NULL;
940  }
941  /*if (NULL != (mq = receiver->d_mq))
942  {
943  receiver->d_mq = NULL;
944  GNUNET_MQ_destroy (mq);
945  }*/
946  if (NULL != receiver->d_qh)
947  {
949  receiver->d_qh = NULL;
950  }
953  &receiver->target,
954  receiver));
955  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
957  "# receivers active",
959  GNUNET_NO);
960  GNUNET_free (receiver->address);
961  GNUNET_free (receiver->foreign_addr);
962  GNUNET_free (receiver);
963 }
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct sockaddr * address
Address of the other peer.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
void GNUNET_TRANSPORT_communicator_mq_del(struct GNUNET_TRANSPORT_QueueHandle *qh)
Notify transport service that an MQ became unavailable due to a disconnect or timeout.
struct GNUNET_TRANSPORT_QueueHandle * d_qh
handle for default queue with the ch.
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
struct GNUNET_MQ_Handle * kx_mq
KX message queue we are providing for the ch.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
int receiver_destroy_called
receiver_destroy already called on receiver.
#define GNUNET_log(kind,...)
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
struct GNUNET_PeerIdentity target
To whom are we talking to.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
struct GNUNET_TRANSPORT_QueueHandle * kx_qh
handle for KX queue with the ch.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kce_destroy()

static void kce_destroy ( struct KeyCacheEntry kce)
static

Free memory used by key cache entry.

Parameters
kcethe key cache entry

Definition at line 972 of file gnunet-communicator-udp.c.

References SenderAddress::acks_available, SharedSecret::active_kce_count, GNUNET_assert, GNUNET_CONTAINER_DLL_remove, GNUNET_CONTAINER_multishortmap_remove(), GNUNET_free, GNUNET_YES, SharedSecret::kce_head, SharedSecret::kce_tail, KeyCacheEntry::kid, SharedSecret::sender, and KeyCacheEntry::ss.

Referenced by consider_ss_ack(), decrypt_box(), decrypt_rekey(), and secret_destroy().

973 {
974  struct SharedSecret *ss = kce->ss;
975 
976  ss->active_kce_count--;
977  ss->sender->acks_available--;
980  &kce->kid,
981  kce));
982  GNUNET_free (kce);
983 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
int GNUNET_CONTAINER_multishortmap_remove(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, const void *value)
Remove the given key-value pair from the map.
struct SharedSecret * ss
Corresponding shared secret.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
Shared secret we generated for a particular sender or receiver.
unsigned int active_kce_count
Number of active KCN entries.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_kid()

static void get_kid ( const struct GNUNET_HashCode msec,
uint32_t  serial,
struct GNUNET_ShortHashCode kid 
)
static

Compute kid.

Parameters
msecmaster secret for HMAC calculation
serialnumber for the smac calculation
kid[out]where to write the key ID

Definition at line 994 of file gnunet-communicator-udp.c.

References GNUNET_CRYPTO_hkdf().

Referenced by kce_generate(), mq_send_d(), and send_UDPRekey().

997 {
998  uint32_t sid = htonl (serial);
999 
1000  GNUNET_CRYPTO_hkdf (kid,
1001  sizeof(*kid),
1002  GCRY_MD_SHA512,
1003  GCRY_MD_SHA256,
1004  &sid,
1005  sizeof(sid),
1006  msec,
1007  sizeof(*msec),
1008  "UDP-KID",
1009  strlen ("UDP-KID"),
1010  NULL,
1011  0);
1012 }
int GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:320
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kce_generate()

static void kce_generate ( struct SharedSecret ss,
uint32_t  seq 
)
static

Setup key cache entry for sequence number seq and shared secret ss.

Parameters
ssshared secret
seqsequence number for the key cache entry

Definition at line 1022 of file gnunet-communicator-udp.c.

References SenderAddress::acks_available, SharedSecret::active_kce_count, get_kid(), GNUNET_assert, GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE, GNUNET_CONTAINER_multishortmap_put(), GNUNET_CONTAINER_multishortmap_size(), GNUNET_new, GNUNET_NO, GNUNET_STATISTICS_set(), SharedSecret::kce_head, SharedSecret::kce_tail, KeyCacheEntry::kid, SharedSecret::master, SharedSecret::sender, KeyCacheEntry::sequence_number, and KeyCacheEntry::ss.

Referenced by consider_ss_ack(), kce_generate_cb(), and kce_generate_rekey_cb().

1023 {
1024  struct KeyCacheEntry *kce;
1025 
1026  GNUNET_assert (0 < seq);
1027  kce = GNUNET_new (struct KeyCacheEntry);
1028  kce->ss = ss;
1029  kce->sequence_number = seq;
1030  get_kid (&ss->master, seq, &kce->kid);
1032  ss->active_kce_count++;
1033  ss->sender->acks_available++;
1035  key_cache,
1036  &kce->kid,
1037  kce,
1040  "# KIDs active",
1042  GNUNET_NO);
1043 }
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
struct SharedSecret * ss
Corresponding shared secret.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
uint32_t sequence_number
Sequence number used to derive this entry from master key.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
struct GNUNET_HashCode master
Master shared secret.
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
int GNUNET_CONTAINER_multishortmap_put(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
unsigned int active_kce_count
Number of active KCN entries.
Allow multiple values with the same key.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ secret_destroy()

static int secret_destroy ( struct SharedSecret ss,
int  withoutKce 
)
static

Destroy ss and associated key cache entries.

Parameters
ssshared secret to destroy
withoutKceIf GNUNET_YES shared secrets with kce will not be destroyed.

Definition at line 1053 of file gnunet-communicator-udp.c.

References ReceiverAddress::acks_available, GNUNET_CONTAINER_DLL_remove, GNUNET_CONTAINER_multishortmap_size(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_set(), GNUNET_STATISTICS_update(), GNUNET_YES, kce_destroy(), SharedSecret::kce_head, SenderAddress::num_secrets, ReceiverAddress::num_secrets, SharedSecret::receiver, UdpHandshakeSignature::receiver, SharedSecret::sender, UdpHandshakeSignature::sender, SharedSecret::sequence_allowed, SharedSecret::sequence_used, SenderAddress::ss_head, ReceiverAddress::ss_head, SenderAddress::ss_tail, and ReceiverAddress::ss_tail.

Referenced by destroy_all_secrets().

1054 {
1055  struct SenderAddress *sender;
1056  struct ReceiverAddress *receiver;
1057  struct KeyCacheEntry *kce;
1058 
1060  "secret destroy %u %u\n",
1061  withoutKce,
1062  ss->sequence_allowed);
1063 
1064  if (withoutKce && (ss->sequence_allowed > 0))
1065  return GNUNET_NO;
1066 
1067  if (NULL != (sender = ss->sender))
1068  {
1069  GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
1070  sender->num_secrets--;
1071  }
1072  if (NULL != (receiver = ss->receiver))
1073  {
1074  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1075  receiver->num_secrets--;
1076  // Uncomment this for alternativ 1 of backchannel functionality
1077  receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
1078  // Until here for alternativ 1
1079  }
1080  while (NULL != (kce = ss->kce_head))
1081  kce_destroy (kce);
1082  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
1084  "# KIDs active",
1086  GNUNET_NO);
1087  GNUNET_free (ss);
1088  return GNUNET_YES;
1089 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
unsigned int num_secrets
Length of the DLL at ss_head.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
Information we track per receiving address we have recently been in contact with (encryption to recei...
unsigned int num_secrets
Length of the DLL at ss_head.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
#define GNUNET_log(kind,...)
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
#define GNUNET_free(ptr)
Wrapper around free.
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ sender_destroy()

static void sender_destroy ( struct SenderAddress sender)
static

Functions with this signature are called whenever we need to close a sender's state due to timeout.

Parameters
senderentity to close down

Definition at line 1099 of file gnunet-communicator-udp.c.

References SenderAddress::address, GNUNET_assert, GNUNET_CONTAINER_heap_remove_node(), GNUNET_CONTAINER_multipeermap_remove(), GNUNET_CONTAINER_multipeermap_size(), GNUNET_free, GNUNET_NO, GNUNET_STATISTICS_set(), GNUNET_YES, SenderAddress::hn, SenderAddress::sender_destroy_called, and SenderAddress::target.

Referenced by check_timeouts(), and get_sender_delete_it().

1100 {
1102  GNUNET_assert (
1103  GNUNET_YES ==
1105  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
1107  "# senders active",
1109  GNUNET_NO);
1110  GNUNET_free (sender->address);
1111  GNUNET_free (sender);
1112 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
int sender_destroy_called
sender_destroy already called on sender.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
struct GNUNET_PeerIdentity target
To whom are we talking to.
struct sockaddr * address
Address of the other peer.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_iv_key()

static void get_iv_key ( const struct GNUNET_HashCode msec,
uint32_t  serial,
char  key[(256/8)],
char  iv[(96/8)] 
)
static

Compute key and iv.

Parameters
msecmaster secret for calculation
serialnumber for the smac calculation
key[out]where to write the decrption key
iv[out]where to write the IV

Definition at line 1124 of file gnunet-communicator-udp.c.

References AES_IV_SIZE, GNUNET_CRYPTO_hkdf(), key, and res.

Referenced by setup_cipher().

1128 {
1129  uint32_t sid = htonl (serial);
1130  char res[AES_KEY_SIZE + AES_IV_SIZE];
1131 
1132  GNUNET_CRYPTO_hkdf (res,
1133  sizeof(res),
1134  GCRY_MD_SHA512,
1135  GCRY_MD_SHA256,
1136  &sid,
1137  sizeof(sid),
1138  msec,
1139  sizeof(*msec),
1140  "UDP-IV-KEY",
1141  strlen ("UDP-IV-KEY"),
1142  NULL,
1143  0);
1144  memcpy (key, res, AES_KEY_SIZE);
1145  memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
1146 }
int GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:320
#define AES_IV_SIZE
AES (GCM) IV size.
static int res
struct GNUNET_HashCode key
The key used in the DHT.
#define AES_KEY_SIZE
AES key size.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ reschedule_sender_timeout()

static void reschedule_sender_timeout ( struct SenderAddress sender)
static

Increment sender timeout due to activity.

Parameters
senderaddress for which the timeout should be rescheduled

Definition at line 1155 of file gnunet-communicator-udp.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_update_cost(), GNUNET_TIME_relative_to_absolute(), SenderAddress::hn, and SenderAddress::timeout.

Referenced by setup_sender().

1156 {
1157  sender->timeout =
1160 }
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
uint64_t abs_value_us
The actual value.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ reschedule_receiver_timeout()

static void reschedule_receiver_timeout ( struct ReceiverAddress receiver)
static

Increment receiver timeout due to activity.

Parameters
receiveraddress for which the timeout should be rescheduled

Definition at line 1169 of file gnunet-communicator-udp.c.

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_update_cost(), GNUNET_TIME_relative_to_absolute(), ReceiverAddress::hn, and ReceiverAddress::timeout.

Referenced by mq_send_d(), and mq_send_kx().

1170 {
1171  receiver->timeout =
1174  receiver->timeout.abs_value_us);
1175 }
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
uint64_t abs_value_us
The actual value.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_timeouts()

static void check_timeouts ( void *  cls)
static

Task run to check #receiver_heap and #sender_heap for timeouts.

Parameters
clsunused, NULL

Definition at line 1184 of file gnunet-communicator-udp.c.

References GNUNET_CONTAINER_heap_peek(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_SCHEDULER_add_delayed(), GNUNET_TIME_absolute_get_remaining(), GNUNET_TIME_relative_min(), GNUNET_TIME_UNIT_FOREVER_REL, GNUNET_YES, UdpHandshakeSignature::receiver, receiver_destroy(), ReceiverAddress::receiver_destroy_called, GNUNET_TIME_Relative::rel_value_us, UdpHandshakeSignature::sender, sender_destroy(), SenderAddress::sender_destroy_called, SenderAddress::timeout, and ReceiverAddress::timeout.

Referenced by mq_init(), and setup_sender().

1185 {
1186  struct GNUNET_TIME_Relative st;
1187  struct GNUNET_TIME_Relative rt;
1188  struct GNUNET_TIME_Relative delay;
1189  struct ReceiverAddress *receiver;
1190  struct SenderAddress *sender;
1191 
1192  (void) cls;
1193  timeout_task = NULL;
1195  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1196  {
1197  if (GNUNET_YES != receiver->receiver_destroy_called)
1198  {
1200  if (0 != rt.rel_value_us)
1201  break;
1203  "Receiver timed out\n");
1204  receiver_destroy (receiver);
1205  }
1206  }
1208  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1209  {
1210  if (GNUNET_YES != sender->sender_destroy_called)
1211  {
1213  if (0 != st.rel_value_us)
1214  break;
1215  sender_destroy (sender);
1216  }
1217  }
1219  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1221 }
uint64_t rel_value_us
The actual value.
int sender_destroy_called
sender_destroy already called on sender.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
void * GNUNET_CONTAINER_heap_peek(const struct GNUNET_CONTAINER_Heap *heap)
Get element stored at the root of heap.
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
int receiver_destroy_called
receiver_destroy already called on receiver.
Information we track per receiving address we have recently been in contact with (encryption to recei...
struct GNUNET_TIME_Relative GNUNET_TIME_relative_min(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the minimum of two relative time values.
Definition: time.c:272
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
static struct GNUNET_TIME_Relative delay
When should dkg communication start?
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
static struct GNUNET_SCHEDULER_Task * st
The shutdown task.
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Time for relative time used by GNUnet, in microseconds.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ calculate_cmac()

static void calculate_cmac ( struct SharedSecret ss)
static

Calcualte cmac from master in ss.

Parameters
ss[in,out]data structure to complete

Definition at line 1230 of file gnunet-communicator-udp.c.

References SharedSecret::cmac, GNUNET_CRYPTO_hkdf(), and SharedSecret::master.

Referenced by decrypt_rekey(), setup_shared_secret_enc(), and sock_read().

1231 {
1232  GNUNET_CRYPTO_hkdf (&ss->cmac,
1233  sizeof(ss->cmac),
1234  GCRY_MD_SHA512,
1235  GCRY_MD_SHA256,
1236  "CMAC",
1237  strlen ("CMAC"),
1238  &ss->master,
1239  sizeof(ss->master),
1240  "UDP-CMAC",
1241  strlen ("UDP-CMAC"),
1242  NULL,
1243  0);
1244 }
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
int GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:320
struct GNUNET_HashCode master
Master shared secret.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ pass_plaintext_to_core()

static void pass_plaintext_to_core ( struct SenderAddress sender,
const void *  plaintext,
size_t  plaintext_len 
)
static

We received plaintext_len bytes of plaintext from a sender.

Pass it on to CORE.

Parameters
queuethe queue that received the plaintext
plaintextthe plaintext that was received
plaintext_lennumber of bytes of plaintext received

Definition at line 1256 of file gnunet-communicator-udp.c.

References ADDRESS_VALIDITY_PERIOD, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_TRANSPORT_communicator_receive(), GNUNET_MessageHeader::size, and SenderAddress::target.

Referenced by try_handle_plaintext().

1259 {
1260  const struct GNUNET_MessageHeader *hdr = plaintext;
1261  const char *pos = plaintext;
1262 
1263  while (ntohs (hdr->size) < plaintext_len)
1264  {
1266  "# bytes given to core",
1267  ntohs (hdr->size),
1268  GNUNET_NO);
1270  "Giving %u bytes to TNG\n", ntohs (hdr->size));
1273  &sender->target,
1274  hdr,
1276  NULL /* no flow control possible */
1277  ,
1278  NULL));
1279  /* move on to next message, if any */
1280  plaintext_len -= ntohs (hdr->size);
1281  if (plaintext_len < sizeof(*hdr))
1282  break;
1283  pos += ntohs (hdr->size);
1284  hdr = (const struct GNUNET_MessageHeader *) pos;
1285  // TODO for now..., we do not actually sen >1msg or have a way of telling
1286  // if we are done
1287  break;
1288  }
1290  "# bytes padding discarded",
1291  plaintext_len,
1292  GNUNET_NO);
1293 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_PeerIdentity target
To whom are we talking to.
int GNUNET_TRANSPORT_communicator_receive(struct GNUNET_TRANSPORT_CommunicatorHandle *handle, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, struct GNUNET_TIME_Relative expected_addr_validity, GNUNET_TRANSPORT_MessageCompletedCallback cb, void *cb_cls)
Notify transport service that the communicator has received a message.
#define ADDRESS_VALIDITY_PERIOD
How long do we believe our addresses to remain up (before the other peer should revalidate).
#define GNUNET_log(kind,...)
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
Header for all communications.
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_cipher()

static void setup_cipher ( const struct GNUNET_HashCode msec,
uint32_t  serial,
gcry_cipher_hd_t *  cipher 
)
static

Setup cipher based on shared secret msec and serial number serial.

Parameters
msecmaster shared secret
serialserial number of cipher to set up
cipher[out]cipher to initialize

Definition at line 1305 of file gnunet-communicator-udp.c.

References AES_IV_SIZE, AES_KEY_SIZE, get_iv_key(), GNUNET_assert, and key.

Referenced by mq_send_d(), mq_send_kx(), send_UDPRekey(), and try_decrypt().

1308 {
1309  char key[AES_KEY_SIZE];
1310  char iv[AES_IV_SIZE];
1311  int rc;
1312 
1313  GNUNET_assert (0 ==
1314  gcry_cipher_open (cipher,
1315  GCRY_CIPHER_AES256 /* low level: go for speed */,
1316  GCRY_CIPHER_MODE_GCM,
1317  0 /* flags */));
1318  get_iv_key (msec, serial, key, iv);
1319  rc = gcry_cipher_setkey (*cipher, key, sizeof(key));
1320  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1321  rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1322  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1323 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define AES_IV_SIZE
AES (GCM) IV size.
struct GNUNET_HashCode key
The key used in the DHT.
#define AES_KEY_SIZE
AES key size.
static void get_iv_key(const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
Compute key and iv.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ try_decrypt()

static int try_decrypt ( const struct SharedSecret ss,
const char  tag[(128/8)],
uint32_t  serial,
const char *  in_buf,
size_t  in_buf_size,
char *  out_buf 
)
static

Try to decrypt buf using shared secret ss and key/iv derived using serial.

Parameters
ssshared secret
tagGCM authentication tag
serialserial number to use
in_bufinput buffer to decrypt
in_buf_sizenumber of bytes in in_buf and available in out_buf
out_bufwhere to write the result
Returns
GNUNET_OK on success

Definition at line 1339 of file gnunet-communicator-udp.c.

References GNUNET_assert, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_SYSERR, SharedSecret::master, and setup_cipher().

Referenced by decrypt_box(), decrypt_rekey(), and sock_read().

1345 {
1346  gcry_cipher_hd_t cipher;
1347 
1348  setup_cipher (&ss->master, serial, &cipher);
1349  GNUNET_assert (
1350  0 ==
1351  gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1352  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1353  {
1354  gcry_cipher_close (cipher);
1356  "# AEAD authentication failures",
1357  1,
1358  GNUNET_NO);
1359  return GNUNET_SYSERR;
1360  }
1361  gcry_cipher_close (cipher);
1362  return GNUNET_OK;
1363 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
#define GCM_TAG_SIZE
Size of the GCM tag.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct GNUNET_HashCode master
Master shared secret.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_shared_secret_dec()

static struct SharedSecret* setup_shared_secret_dec ( const struct GNUNET_CRYPTO_EcdhePublicKey ephemeral)
static

Setup shared secret for decryption.

Parameters
ephemeralephemeral key we received from the other peer
Returns
new shared secret

Definition at line 1373 of file gnunet-communicator-udp.c.

References GNUNET_CRYPTO_eddsa_ecdh(), GNUNET_new, and SharedSecret::master.

Referenced by sock_read().

1374 {
1375  struct SharedSecret *ss;
1376 
1377  ss = GNUNET_new (struct SharedSecret);
1378  GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1379  return ss;
1380 }
#define GNUNET_new(type)
Allocate a struct or union of the given type.
int GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:1024
struct GNUNET_HashCode master
Master shared secret.
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
Shared secret we generated for a particular sender or receiver.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_shared_secret_enc()

static struct SharedSecret* setup_shared_secret_enc ( const struct GNUNET_CRYPTO_EcdhePrivateKey ephemeral,
struct ReceiverAddress receiver,
int  add_to_receiver 
)
static

Setup shared secret for encryption.

Parameters
ephemeralephemeral key we are sending to the other peer
receiver[in,out]queue to initialize encryption key for
Returns
new shared secret

Definition at line 1391 of file gnunet-communicator-udp.c.

References calculate_cmac(), GNUNET_CONTAINER_DLL_insert, GNUNET_CRYPTO_ecdh_eddsa(), GNUNET_new, GNUNET_NO, GNUNET_STATISTICS_update(), SharedSecret::master, ReceiverAddress::num_secrets, GNUNET_PeerIdentity::public_key, SharedSecret::receiver, UdpHandshakeSignature::receiver, setup_receiver_mq(), ReceiverAddress::ss_head, ReceiverAddress::ss_tail, and ReceiverAddress::target.

Referenced by mq_send_kx(), and send_UDPRekey().

1393 {
1394  struct SharedSecret *ss;
1395 
1396  ss = GNUNET_new (struct SharedSecret);
1397  GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1398  &receiver->target.public_key,
1399  &ss->master);
1400  calculate_cmac (ss);
1401  ss->receiver = receiver;
1402  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1403  receiver->num_secrets++;
1404  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1405  return ss;
1406 }
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
unsigned int num_secrets
Length of the DLL at ss_head.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
struct GNUNET_HashCode master
Master shared secret.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
int GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:1084
Shared secret we generated for a particular sender or receiver.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
struct GNUNET_PeerIdentity target
To whom are we talking to.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ setup_receiver_mq()

static void setup_receiver_mq ( struct ReceiverAddress receiver)
static

Setup the MQ for the receiver.

If a queue exists, the existing one is destroyed. Then the MTU is recalculated and a fresh queue is initialized.

Parameters
receiverreceiver to setup MQ for

Definition at line 2920 of file gnunet-communicator-udp.c.

References ReceiverAddress::address, ReceiverAddress::d_mq, ReceiverAddress::d_mtu, ReceiverAddress::d_qh, ReceiverAddress::foreign_addr, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_MQ_queue_for_callbacks(), GNUNET_TRANSPORT_communicator_mq_add(), GNUNET_TRANSPORT_CS_OUTBOUND, GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED, ReceiverAddress::kx_mq, ReceiverAddress::kx_mtu, ReceiverAddress::kx_qh, mq_cancel(), mq_destroy_d(), mq_destroy_kx(), mq_error(), mq_send_d(), mq_send_kx(), ReceiverAddress::nt, and ReceiverAddress::target.

Referenced by mq_init(), and setup_shared_secret_enc().

2921 {
2922  size_t base_mtu;
2923 
2924  /*if (NULL != receiver->kx_qh)
2925  {
2926  GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh);
2927  receiver->kx_qh = NULL;
2928  }
2929  if (NULL != receiver->d_qh)
2930  {
2931  GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh);
2932  receiver->d_qh = NULL;
2933  }*/
2934  // GNUNET_assert (NULL == receiver->mq);
2935  switch (receiver->address->sa_family)
2936  {
2937  case AF_INET:
2938  base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
2939  - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
2940  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2941  break;
2942 
2943  case AF_INET6:
2944  base_mtu = 1280 /* Minimum MTU required by IPv6 */
2945  - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
2946  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2947  break;
2948 
2949  default:
2950  GNUNET_assert (0);
2951  break;
2952  }
2953  /* MTU based on full KX messages */
2954  receiver->kx_mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
2955  - sizeof(struct UDPConfirmation); /* 104 */
2956  /* MTU based on BOXed messages */
2957  receiver->d_mtu = base_mtu - sizeof(struct UDPBox);
2958 
2960  "Setting up MQs and QHs\n");
2961  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
2962  1404 (IPv4 + Box) bytes, depending on circumstances... */
2963  if (NULL == receiver->kx_mq)
2965  &mq_destroy_kx,
2966  &mq_cancel,
2967  receiver,
2968  NULL,
2969  &mq_error,
2970  receiver);
2971  if (NULL == receiver->d_mq)
2973  &mq_destroy_d,
2974  &mq_cancel,
2975  receiver,
2976  NULL,
2977  &mq_error,
2978  receiver);
2979 
2980  receiver->kx_qh =
2982  &receiver->target,
2983  receiver->foreign_addr,
2984  receiver->kx_mtu,
2986  0, /* Priority */
2987  receiver->nt,
2989  receiver->kx_mq);
2990  receiver->d_qh =
2992  &receiver->target,
2993  receiver->foreign_addr,
2994  receiver->d_mtu,
2995  0, /* Initialize with 0 acks */
2996  1, /* Priority */
2997  receiver->nt,
2999  receiver->d_mq);
3000 
3001 }
static void mq_send_d(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
static void mq_destroy_d(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct sockaddr * address
Address of the other peer.
UDP packet header.
Standard IPv4 header.
Encrypted continuation of UDP initial handshake, followed by message header with payload.
"Plaintext" header at beginning of KX message.
struct GNUNET_TRANSPORT_QueueHandle * d_qh
handle for default queue with the ch.
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:565
enum GNUNET_NetworkType nt
Which network type does this queue use?
struct GNUNET_MQ_Handle * kx_mq
KX message queue we are providing for the ch.
size_t kx_mtu
MTU we allowed transport for this receiver&#39;s KX queue.
UDP message box.
static void mq_destroy_kx(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
static void mq_cancel(struct GNUNET_MQ_Handle *mq, void *impl_state)
Implementation function that cancels the currently sent message.
size_t d_mtu
MTU we allowed transport for this receiver&#39;s default queue.
struct GNUNET_TRANSPORT_QueueHandle * GNUNET_TRANSPORT_communicator_mq_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *peer, const char *address, uint32_t mtu, uint64_t q_len, uint32_t priority, enum GNUNET_NetworkType nt, enum GNUNET_TRANSPORT_ConnectionStatus cs, struct GNUNET_MQ_Handle *mq)
Notify transport service that a MQ became available due to an "inbound" connection or because the com...
Standard IPv6 header.
#define GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED
Queue length.
this is an outbound connection (transport initiated)
#define GNUNET_log(kind,...)
static void mq_error(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
struct GNUNET_PeerIdentity target
To whom are we talking to.
static void mq_send_kx(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
struct GNUNET_TRANSPORT_QueueHandle * kx_qh
handle for KX queue with the ch.
struct GNUNET_MQ_Handle * d_mq
Default message queue we are providing for the ch.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ destroy_all_secrets()

static void destroy_all_secrets ( struct SharedSecret ss,
int  withoutKce 
)
static

Destroying all secrets.

Depending on parameter we keep those secrets having a kce.

Parameters
ssThe secret we will not destroy.
withoutKceIf GNUNET_YES shared secrets with kce will not be destroyed.

Definition at line 1426 of file gnunet-communicator-udp.c.

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_log, GNUNET_NO, SharedSecret::next, SharedSecret::receiver, UdpHandshakeSignature::receiver, secret_destroy(), SharedSecret::sender, UdpHandshakeSignature::sender, SenderAddress::ss_head, and ReceiverAddress::ss_head.

Referenced by add_acks(), consider_ss_ack(), and mq_send_kx().

1427 {
1428  struct SenderAddress *sender;
1429  struct ReceiverAddress *receiver;
1430  struct SharedSecret *ss_to_destroy;
1431  struct SharedSecret *ss_start;
1432  struct SharedSecret *pos;
1433  int at_least_one_destroyed = GNUNET_NO;
1434 
1436  "Starting destroy all.\n");
1437 
1438  if (NULL != (sender = ss->sender))
1439  {
1440  ss_start = sender->ss_head;
1441  }
1442  else if (NULL != (receiver = ss->receiver))
1443  {
1444  ss_start = receiver->ss_head;
1445  }
1446  else
1447  {
1449  "Shared secret has no sender or receiver!\n");
1450  return;
1451  }
1452 
1453  pos = ss_start;
1454  while ( NULL != pos)
1455  {
1456  ss_to_destroy = pos;
1457  pos = pos->next;
1458 
1459  if (ss != ss_to_destroy)
1460  at_least_one_destroyed = secret_destroy (ss_to_destroy, withoutKce);
1461  }
1462 
1463  if ((ss != ss_start) && ! at_least_one_destroyed)
1464  {
1465  destroy_all_secrets (ss_start, GNUNET_NO);
1466  }
1467 
1469  "Finished destroy all.\n");
1470 }
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
Shared secret we generated for a particular sender or receiver.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
static int secret_destroy(struct SharedSecret *ss, int withoutKce)
Destroy ss and associated key cache entries.
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
#define GNUNET_log(kind,...)
static void destroy_all_secrets(struct SharedSecret *ss, int withoutKce)
Destroying all secrets.
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_acks()

static void add_acks ( struct SharedSecret ss,
int  acks_to_add,
int  remove_from_receiver 
)
static

Definition at line 1473 of file gnunet-communicator-udp.c.

References ReceiverAddress::d_qh, destroy_all_secrets(), GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_DLL_remove, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_TRANSPORT_communicator_mq_update(), GNUNET_YES, SharedSecret::receiver, ReceiverAddress::ss_head, and ReceiverAddress::ss_tail.

Referenced by add_acks_rekey(), and handle_ack().

1474 {
1475 
1476  struct ReceiverAddress *receiver = ss->receiver;
1477 
1478  if (NULL == ss)
1480  "secret NULL!\n");
1481 
1482  if (NULL == receiver)
1484  "Receiver NULL!\n");
1485  if (NULL == receiver->d_qh)
1487  "Queue NULL!\n");
1488 
1490  "Tell transport we have %u more acks!\n",
1491  acks_to_add);
1493  receiver->d_qh,
1494  acks_to_add,
1495  1);
1496  // Until here for alternativ 1
1497 
1498  /* move ss to head to avoid discarding it anytime soon! */
1499  if (remove_from_receiver)
1500  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1501  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1503 
1504 
1505  // Uncomment this for alternativ 2 of backchannel functionality
1506  /*if (receiver->acks_available != ack->acks_available)
1507  {
1508  receiver->acks_available = ack->acks_available;
1509  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1510  "Tell transport we have different number of acks!\n");
1511  GNUNET_TRANSPORT_communicator_mq_update (ch,
1512  receiver->d_qh,
1513  receiver->acks_available,
1514  1);
1515  }*/
1516  // Until here for alternativ 2
1517 }
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
struct GNUNET_TRANSPORT_QueueHandle * d_qh
handle for default queue with the ch.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
Information we track per receiving address we have recently been in contact with (encryption to recei...
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
#define GNUNET_log(kind,...)
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
static void destroy_all_secrets(struct SharedSecret *ss, int withoutKce)
Destroying all secrets.
void GNUNET_TRANSPORT_communicator_mq_update(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_TRANSPORT_QueueHandle *u_qh, uint64_t q_len, uint32_t priority)
Notify transport service that an MQ was updated.
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ add_acks_rekey()

static void add_acks_rekey ( struct ReceiverAddress receiver)
static

Definition at line 1520 of file gnunet-communicator-udp.c.

References ReceiverAddress::acks_available, add_acks(), GNUNET_NO, SharedSecret::sequence_allowed, and ReceiverAddress::ss_rekey.

Referenced by handle_ack(), and mq_send_d().

1521 {
1522  add_acks (receiver->ss_rekey, receiver->ss_rekey->sequence_allowed - 3,
1523  GNUNET_NO);
1524  receiver->acks_available = receiver->ss_rekey->sequence_allowed;
1525  receiver->ss_rekey = NULL;
1526 }
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
static void add_acks(struct SharedSecret *ss, int acks_to_add, int remove_from_receiver)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ handle_ack()

static int handle_ack ( void *  cls,
const struct GNUNET_PeerIdentity pid,
void *  value 
)
static

We received an ACK for pid.

Check if it is for the receiver in value and if so, handle it and return GNUNET_NO. Otherwise, return GNUNET_YES.

Parameters
clsa const struct UDPAck
pidpeer the ACK is from
valuea struct ReceiverAddress
Returns
GNUNET_YES to continue to iterate

Definition at line 1539 of file gnunet-communicator-udp.c.

References UDPAck::acks_available, ReceiverAddress::acks_available, add_acks(), add_acks_rekey(), UDPAck::cmac, SharedSecret::cmac, GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_log, GNUNET_NO, GNUNET_YES, SharedSecret::master, SharedSecret::next, ReceiverAddress::number_rekeying_kce, ReceiverAddress::rekeying, SharedSecret::sequence_allowed, UDPAck::sequence_max, ReceiverAddress::ss_head, ReceiverAddress::ss_rekey, and value.

Referenced by enc_notify_cb(), and try_handle_plaintext().

1540 {
1541  const struct UDPAck *ack = cls;
1542  struct ReceiverAddress *receiver = value;
1543  int acks_to_add;
1544  uint32_t allowed;
1545 
1547  "in handle ack\n");
1548 
1549  if (NULL != receiver->ss_rekey)
1551  "Received secret with cmac %s \n",
1552  GNUNET_h2s (&receiver->ss_rekey->cmac));
1553 
1554  if ((NULL != receiver->ss_rekey) && (0 == memcmp (&ack->cmac,
1555  &receiver->ss_rekey->cmac,
1556  sizeof(struct
1557  GNUNET_HashCode))) )
1558  {
1559  allowed = ntohl (ack->sequence_max);
1560 
1561  if (allowed > receiver->ss_rekey->sequence_allowed)
1562  {
1564  "%u > %u (%u %u) for rekey secrect %s\n", allowed,
1565  receiver->ss_rekey->sequence_allowed,
1566  receiver->acks_available,
1567  ack->acks_available,
1568  GNUNET_h2s (&receiver->ss_rekey->master));
1569 
1570  receiver->ss_rekey->sequence_allowed = allowed;
1571 
1572  if (GNUNET_NO == receiver->rekeying)
1573  add_acks_rekey (receiver);
1574 
1575  return GNUNET_NO;
1576  }
1577  }
1578 
1579  (void) pid;
1580  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1581  {
1582  if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1583  {
1584 
1586  "Found matching mac\n");
1587 
1588  allowed = ntohl (ack->sequence_max);
1589 
1590  if (allowed > ss->sequence_allowed)
1591  {
1593  "%u > %u (%u %u) for secrect %s\n", allowed,
1594  ss->sequence_allowed,
1595  receiver->acks_available,
1596  ack->acks_available,
1597  GNUNET_h2s (&ss->master));
1598  // Uncomment this for alternativ 1 of backchannel functionality
1599  acks_to_add = (allowed - ss->sequence_allowed);
1600  if ((GNUNET_NO == receiver->rekeying) &&
1601  (receiver->number_rekeying_kce <
1602  3) )
1603  {
1604  acks_to_add -= (3 - receiver->number_rekeying_kce);
1605  receiver->number_rekeying_kce = 3;
1606  }
1607  receiver->acks_available += (allowed - ss->sequence_allowed);
1608  ss->sequence_allowed = allowed;
1609 
1610  add_acks (ss, acks_to_add, GNUNET_YES);
1611  }
1612  return GNUNET_NO;
1613  }
1614  }
1615  return GNUNET_YES;
1616 }
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
static char * value
Value of the record to add/remove.
struct GNUNET_HashCode master
Master shared secret.
static void add_acks_rekey(struct ReceiverAddress *receiver)
A 512-bit hashcode.
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
struct GNUNET_HashCode cmac
CMAC of the base key being acknowledged.
Shared secret we generated for a particular sender or receiver.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
uint32_t sequence_max
Sequence acknowledgement limit.
#define GNUNET_log(kind,...)
UDP key acknowledgement.
int number_rekeying_kce
Numer of kce we retain for sending the rekeying shared secret.
uint32_t acks_available
Sequence acknowledgement limit.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
static void add_acks(struct SharedSecret *ss, int acks_to_add, int remove_from_receiver)
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ try_handle_plaintext()

static void try_handle_plaintext ( struct SenderAddress sender,
const void *  buf,
size_t  buf_size 
)
static

Test if we have received a valid message in plaintext.

If so, handle it.

Parameters
senderpeer to process inbound plaintext for
bufbuffer we received
buf_sizenumber of bytes in buf

Definition at line 1628 of file gnunet-communicator-udp.c.

References GNUNET_CONTAINER_multipeermap_get_multiple(), GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD, handle_ack(), pass_plaintext_to_core(), GNUNET_MessageHeader::size, SenderAddress::target, type, and GNUNET_MessageHeader::type.

Referenced by decrypt_box(), and sock_read().

1631 {
1632  const struct GNUNET_MessageHeader *hdr =
1633  (const struct GNUNET_MessageHeader *) buf;
1634  const struct UDPAck *ack = (const struct UDPAck *) buf;
1635  uint16_t type;
1636 
1637  if (sizeof(*hdr) > buf_size)
1638  return; /* not even a header */
1639  if (ntohs (hdr->size) > buf_size)
1640  return; /* not even a header */
1641  type = ntohs (hdr->type);
1642  switch (type)
1643  {
1645  /* lookup master secret by 'cmac', then update sequence_max */
1647  &sender->target,
1648  &handle_ack,
1649  (void *) ack);
1650  /* There could be more messages after the ACK, handle those as well */
1651  buf += ntohs (hdr->size);
1652  buf_size -= ntohs (hdr->size);
1653  pass_plaintext_to_core (sender, buf, buf_size);
1654  break;
1655 
1657  /* skip padding */
1658  break;
1659 
1660  default:
1661  pass_plaintext_to_core (sender, buf, buf_size);
1662  }
1663 }
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
static int handle_ack(void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
We received an ACK for pid.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
struct GNUNET_PeerIdentity target
To whom are we talking to.
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
static void pass_plaintext_to_core(struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
We received plaintext_len bytes of plaintext from a sender.
static char buf[2048]
UDP key acknowledgement.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Header for all communications.
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kce_generate_cb()

static void kce_generate_cb ( void *  cls)
static

Definition at line 1668 of file gnunet-communicator-udp.c.

References SenderAddress::acks_available, GENERATE_AT_ONCE, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_SCHEDULER_add_delayed(), GNUNET_YES, kce_generate(), kce_task_finished, KCN_TARGET, SharedSecret::sender, SharedSecret::sequence_allowed, and WORKING_QUEUE_INTERVALL.

Referenced by consider_ss_ack(), and kce_generate_rekey_cb().

1669 {
1670  struct SharedSecret *ss = cls;
1671  kce_task = NULL;
1672 
1673  if (ss->sender->acks_available < KCN_TARGET)
1674  {
1675 
1677  "Precomputing keys\n");
1678 
1679  for (int i = 0; i < GENERATE_AT_ONCE; i++)
1680  kce_generate (ss, ++ss->sequence_allowed);
1681 
1684  ss);
1685  }
1686  else
1687  {
1689  "We have enough keys.\n");
1690  ss_finished = ss;
1692  }
1693 
1694 
1695 }
#define KCN_TARGET
How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD s...
static struct GNUNET_SCHEDULER_Task * kce_task
ID of kce working queue task.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
#define WORKING_QUEUE_INTERVALL
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
#define GENERATE_AT_ONCE
static void kce_generate_cb(void *cls)
Shared secret we generated for a particular sender or receiver.
struct SharedSecret * ss_finished
Shared secret we finished the last kce working queue for.
#define GNUNET_log(kind,...)
static int kce_task_finished
Is the kce_task finished?
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ kce_generate_rekey_cb()

static void kce_generate_rekey_cb ( void *  cls)
static

Definition at line 1698 of file gnunet-communicator-udp.c.

References GENERATE_AT_ONCE, GNUNET_SCHEDULER_add_delayed(), kce_generate(), kce_generate_cb(), SharedSecret::sequence_allowed, and WORKING_QUEUE_INTERVALL.

Referenced by consider_ss_ack().

1699 {
1700  struct SharedSecret *ss = cls;
1701  kce_task_rekey = NULL;
1702 
1703  if (NULL == kce_task)
1704  {
1705  for (int i = 0; i < GENERATE_AT_ONCE; i++)
1706  kce_generate (ss, ++ss->sequence_allowed);
1707 
1710  ss);
1711  kce_task_rekey = NULL;
1712  }
1713  else
1714  {
1717  ss);
1718  }
1719 }
static struct GNUNET_SCHEDULER_Task * kce_task_rekey
ID of kce rekey working queue task.
static struct GNUNET_SCHEDULER_Task * kce_task
ID of kce working queue task.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
#define WORKING_QUEUE_INTERVALL
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
static void kce_generate_rekey_cb(void *cls)
#define GENERATE_AT_ONCE
static void kce_generate_cb(void *cls)
Shared secret we generated for a particular sender or receiver.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ consider_ss_ack()

static void consider_ss_ack ( struct SharedSecret ss,
int  initial 
)
static

We established a shared secret with a sender.

We should try to send the sender an struct UDPAck at the next opportunity to allow the sender to use ss longer (assuming we did not yet already recently).

Parameters
ssshared secret to generate ACKs for
intialThe SharedSecret came with initial KX.

Definition at line 1732 of file gnunet-communicator-udp.c.

References UDPAck::acks_available, SenderAddress::acks_available, UDPAck::cmac, SharedSecret::cmac, COMMUNICATOR_ADDRESS_PREFIX, destroy_all_secrets(), GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s_full(), GNUNET_log, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK, GNUNET_NO, GNUNET_SCHEDULER_add_delayed(), GNUNET_TRANSPORT_communicator_notify(), GNUNET_YES, UDPAck::header, kce_destroy(), kce_generate(), kce_generate_cb(), kce_generate_rekey_cb(), SharedSecret::kce_head, SharedSecret::kce_tail, kce_task_finished, KCN_THRESHOLD, MAX_SECRETS, MAX_SQN_DELTA, SenderAddress::num_secrets, SenderAddress::rekeying, SharedSecret::sender, SharedSecret::sequence_allowed, UDPAck::sequence_max, KeyCacheEntry::sequence_number, GNUNET_MessageHeader::size, SenderAddress::target, GNUNET_MessageHeader::type, and WORKING_QUEUE_INTERVALL.

Referenced by decrypt_box(), decrypt_rekey(), and sock_read().

1733 {
1734  GNUNET_assert (NULL != ss->sender);
1736  "Considering SS UDPAck %s\n",
1737  GNUNET_i2s_full (&ss->sender->target));
1738 
1740  "We have %u acks available.\n",
1741  ss->sender->acks_available);
1742  /* drop ancient KeyCacheEntries */
1743  while ((NULL != ss->kce_head) &&
1744  (MAX_SQN_DELTA <
1746  kce_destroy (ss->kce_tail);
1747 
1748 
1749  if (GNUNET_NO == initial)
1750  kce_generate (ss, ++ss->sequence_allowed);
1751 
1752  /*if (0 == ss->sender->acks_available)
1753  {
1754  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1755  "Generating keys\n");
1756  while (ss->active_kce_count < KCN_TARGET)
1757  kce_generate (ss, ++ss->sequence_allowed);
1758  }*/
1759 
1760  if (((NULL != kce_task) && kce_task_finished) || (GNUNET_NO == initial))
1761  {
1762  struct UDPAck ack;
1763 
1765  ack.header.size = htons (sizeof(ack));
1766  ack.sequence_max = htonl (ss_finished->sequence_allowed);
1767  ack.acks_available = ss->sender->acks_available;
1768  ack.cmac = ss_finished->cmac;
1770  "Notifying transport of UDPAck %s with intial %u\n",
1772  initial);
1776  &ack.header);
1778  kce_task = NULL;
1780  }
1781  else if ((NULL == kce_task) && ((KCN_THRESHOLD > ss->sender->acks_available)||
1782  (GNUNET_YES == ss->sender->rekeying) ||
1783  (ss->sender->num_secrets > MAX_SECRETS) ))
1784  {
1785 
1786  // kce_generate (ss, ++ss->sequence_allowed);
1787  // kce_generate (ss, ++ss->sequence_allowed);
1790  ss);
1791 
1792  }
1793  else if ((NULL == kce_task_rekey) && (GNUNET_YES ==
1794  ss->sender->rekeying) )
1795  {
1798  ss);
1799  }
1800 }
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
static struct GNUNET_SCHEDULER_Task * kce_task_rekey
ID of kce rekey working queue task.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
static struct GNUNET_SCHEDULER_Task * kce_task
ID of kce working queue task.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
#define WORKING_QUEUE_INTERVALL
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
uint32_t sequence_number
Sequence number used to derive this entry from master key.
struct GNUNET_PeerIdentity target
To whom are we talking to.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
static void kce_generate_rekey_cb(void *cls)
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
static void kce_generate_cb(void *cls)
unsigned int num_secrets
Length of the DLL at ss_head.
#define KCN_THRESHOLD
If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET...
struct SharedSecret * ss_finished
Shared secret we finished the last kce working queue for.
void GNUNET_TRANSPORT_communicator_notify(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *pid, const char *comm, const struct GNUNET_MessageHeader *header)
The communicator asks the transport service to route a message via a different path to another commun...
#define GNUNET_log(kind,...)
UDP key acknowledgement.
#define MAX_SQN_DELTA
What is the maximum delta between KCN sequence numbers that we allow.
static int kce_task_finished
Is the kce_task finished?
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
static void destroy_all_secrets(struct SharedSecret *ss, int withoutKce)
Destroying all secrets.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ decrypt_box()

static void decrypt_box ( const struct UDPBox box,
size_t  box_len,
struct KeyCacheEntry kce 
)
static

We received a box with matching kce.

Decrypt and process it.

Parameters
boxthe data we received
box_lennumber of bytes in box
kcekey index to decrypt box

Definition at line 1811 of file gnunet-communicator-udp.c.

References consider_ss_ack(), UDPBox::gcm_tag, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_sh2s(), GNUNET_STATISTICS_update(), GNUNET_YES, kce_destroy(), SenderAddress::rekeying, SharedSecret::sender, KeyCacheEntry::sequence_number, KeyCacheEntry::ss, try_decrypt(), and try_handle_plaintext().

Referenced by sock_read().

1814 {
1815  struct SharedSecret *ss = kce->ss;
1816  char out_buf[box_len - sizeof(*box)];
1817 
1818  GNUNET_assert (NULL != ss->sender);
1819  if (GNUNET_OK != try_decrypt (ss,
1820  box->gcm_tag,
1821  kce->sequence_number,
1822  (const char *) &box[1],
1823  sizeof(out_buf),
1824  out_buf))
1825  {
1827  "# Decryption failures with valid KCE",
1828  1,
1829  GNUNET_NO);
1830  kce_destroy (kce);
1831  return;
1832  }
1833  kce_destroy (kce);
1835  "# bytes decrypted with BOX",
1836  sizeof(out_buf),
1837  GNUNET_NO);
1839  "decrypted UDPBox with kid %s\n",
1840  GNUNET_sh2s (&box->kid));
1841  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1842  if ((GNUNET_NO == box->rekeying) && (GNUNET_YES == ss->sender->rekeying))
1843  {
1844  ss->sender->rekeying = GNUNET_NO;
1845  // destroy_all_secrets (ss, GNUNET_NO);
1847  "Receiver stopped rekeying.\n");
1848  }
1849  else if (GNUNET_NO == box->rekeying)
1851  else{
1852  ss->sender->rekeying = GNUNET_YES;
1854  "Receiver started rekeying.\n");
1855  }
1856 }
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
static void consider_ss_ack(struct SharedSecret *ss, int initial)
We established a shared secret with a sender.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct SharedSecret * ss
Corresponding shared secret.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
uint32_t sequence_number
Sequence number used to derive this entry from master key.
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
Shared secret we generated for a particular sender or receiver.
#define GNUNET_log(kind,...)
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ decrypt_rekey()

static void decrypt_rekey ( const struct UDPRekey rekey,
size_t  rekey_len,
struct KeyCacheEntry kce,
struct SenderAddress sender 
)
static

We received a rekey with matching kce.

Decrypt and process it.

Parameters
rekeythe data we received
rekey_lennumber of bytes in rekey
kcekey index to decrypt rekey

Definition at line 1866 of file gnunet-communicator-udp.c.

References SenderAddress::acks_available, calculate_cmac(), SharedSecret::cmac, consider_ss_ack(), UDPRekey::gcm_tag, GNUNET_assert, GNUNET_CONTAINER_DLL_insert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_log, GNUNET_new, GNUNET_NO, GNUNET_OK, GNUNET_sh2s(), GNUNET_STATISTICS_update(), GNUNET_YES, kce_destroy(), SharedSecret::master, SenderAddress::num_secrets, SharedSecret::sender, UdpHandshakeSignature::sender, SharedSecret::sequence_allowed, KeyCacheEntry::sequence_number, KeyCacheEntry::ss, SenderAddress::ss_head, SenderAddress::ss_tail, and try_decrypt().

Referenced by sock_read().

1870 {
1871  struct SharedSecret *ss = kce->ss;
1872  struct SharedSecret *ss_rekey;
1873  char out_buf[rekey_len - sizeof(*rekey)];
1874  struct GNUNET_HashCode *master;
1875 
1876 
1878  "decrypt_rekey.\n");
1879 
1880  GNUNET_assert (NULL != ss->sender);
1881  if (GNUNET_OK != try_decrypt (ss,
1882  rekey->gcm_tag,
1883  kce->sequence_number,
1884  (const char *) &rekey[1],
1885  sizeof(out_buf),
1886  out_buf))
1887  {
1889  "# Decryption failures with valid KCE",
1890  1,
1891  GNUNET_NO);
1893  "Decryption with kid %s failed\n",
1894  GNUNET_sh2s (&rekey->kid));
1895  kce_destroy (kce);
1896  return;
1897  }
1898  kce_destroy (kce);
1900  "# bytes decrypted with Rekey",
1901  sizeof(out_buf),
1902  GNUNET_NO);
1904  "decrypted UDPRekey with kid %s\n",
1905  GNUNET_sh2s (&rekey->kid));
1906  /*cmac = (struct GNUNET_HashCode *) out_buf;
1907  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1908  "Received secret with cmac %s \n",
1909  GNUNET_h2s (&cmac));*/
1910  // ss_rekey = (struct SharedSecret *) out_buf;
1911  master = (struct GNUNET_HashCode *) out_buf;
1912  ss_rekey = GNUNET_new (struct SharedSecret);
1913  ss_rekey->master = *master;
1914  calculate_cmac (ss_rekey);
1915  ss_rekey->sender = sender;
1916  // ss_rekey->sequence_used = 0;
1917  // ss_rekey->sequence_allowed = 0;
1918  /* ss_rekey->active_kce_count = 0; */
1919  /* ss_rekey->prev = NULL; */
1920  /* ss_rekey->next = NULL; */
1921  /* GNUNET_assert (ss_rekey->prev == NULL && sender->ss_head != ss_rekey); */
1922  /* GNUNET_assert (ss_rekey->next == NULL && sender->ss_tail != ss_rekey); */
1923  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey);
1924  sender->num_secrets++;
1926  "Received secret with cmac %s\n",
1927  GNUNET_h2s (&(ss_rekey->cmac)));
1929  "Received secret with master %s.\n",
1930  GNUNET_h2s (&(ss_rekey->master)));
1932  "We have %u sequence_allowed.\n",
1933  ss_rekey->sequence_allowed);
1935  "We have a sender %p\n",
1936  ss_rekey->sender);
1938  "We have %u acks available.\n",
1939  ss_rekey->sender->acks_available);
1940  consider_ss_ack (ss_rekey, GNUNET_YES);
1941 
1942 }
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
static void consider_ss_ack(struct SharedSecret *ss, int initial)
We established a shared secret with a sender.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
struct SharedSecret * ss
Corresponding shared secret.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
uint32_t sequence_number
Sequence number used to derive this entry from master key.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
struct GNUNET_HashCode master
Master shared secret.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
A 512-bit hashcode.
Shared secret we generated for a particular sender or receiver.
unsigned int num_secrets
Length of the DLL at ss_head.
#define GNUNET_log(kind,...)
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ find_sender_by_address()

static int find_sender_by_address ( void *  cls,
const struct GNUNET_PeerIdentity key,
void *  value 
)
static

Find existing struct SenderAddress by matching addresses.

Parameters
clsa struct SearchContext
keyignored, must match already
valuea struct SenderAddress
Returns
GNUNET_YES if not found (continue to search), GNUNET_NO if found

Definition at line 1975 of file gnunet-communicator-udp.c.

References SenderAddress::address, SearchContext::address, SenderAddress::address_len, SearchContext::address_len, GNUNET_NO, GNUNET_YES, sc, SearchContext::sender, UdpHandshakeSignature::sender, and value.

Referenced by setup_sender().

1978 {
1979  struct SearchContext *sc = cls;
1980  struct SenderAddress *sender = value;
1981 
1982  if ((sender->address_len == sc->address_len) &&
1983  (0 == memcmp (sender->address, sc->address, sender->address_len)))
1984  {
1985  sc->sender = sender;
1986  return GNUNET_NO; /* stop iterating! */
1987  }
1988  return GNUNET_YES;
1989 }
socklen_t address_len
Number of bytes in address.
socklen_t address_len
Length of the address.
static char * value
Value of the record to add/remove.
struct sockaddr * address
Address of the other peer.
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
struct SenderAddress * sender
Return value to set if we found a match.
const struct sockaddr * address
Address we are looking for.
Here is the caller graph for this function:

◆ setup_sender()

static struct SenderAddress* setup_sender ( const struct GNUNET_PeerIdentity target,
const struct sockaddr *  address,
socklen_t  address_len 
)
static

Create sender address for target.

Note that we might already have one, so a fresh one is only allocated if one does not yet exist for address.

Parameters
targetpeer to generate address for
addresstarget address
address_lennumber of bytes in address
Returns
data structure to keep track of key material for decrypting data from target

Definition at line 2004 of file gnunet-communicator-udp.c.

References GNUNET_TIME_Absolute::abs_value_us, address, SenderAddress::address, SearchContext::address, SenderAddress::address_len, SearchContext::address_len, check_timeouts(), find_sender_by_address(), GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_insert(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE, GNUNET_CONTAINER_multipeermap_get_multiple(), GNUNET_CONTAINER_multipeermap_put(), GNUNET_CONTAINER_multipeermap_size(), GNUNET_memdup, GNUNET_new, GNUNET_NO, GNUNET_NT_scanner_get_type(), GNUNET_SCHEDULER_add_now(), GNUNET_STATISTICS_set(), GNUNET_TIME_relative_to_absolute(), SenderAddress::hn, SenderAddress::nt, reschedule_sender_timeout(), SearchContext::sender, UdpHandshakeSignature::sender, SenderAddress::target, and SenderAddress::timeout.

Referenced by sock_read().

2007 {
2008  struct SenderAddress *sender;
2009  struct SearchContext sc = { .address = address,
2010  .address_len = address_len,
2011  .sender = NULL };
2012 
2014  target,
2016  &sc);
2017  if (NULL != sc.sender)
2018  {
2020  return sc.sender;
2021  }
2022  sender = GNUNET_new (struct SenderAddress);
2023  sender->target = *target;
2025  sender->address_len = address_len;
2027  senders,
2028  &sender->target,
2029  sender,
2032  "# senders active",
2034  GNUNET_NO);
2035  sender->timeout =
2038  sender,
2039  sender->timeout.abs_value_us);
2041  if (NULL == timeout_task)
2043  return sender;
2044 }
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WANT.
Definition: nt.c:314
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
socklen_t address_len
Number of bytes in address.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
socklen_t address_len
Length of the address.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
uint64_t abs_value_us
The actual value.
static void reschedule_sender_timeout(struct SenderAddress *sender)
Increment sender timeout due to activity.
struct GNUNET_PeerIdentity target
To whom are we talking to.
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1296
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
struct sockaddr * address
Address of the other peer.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
static int find_sender_by_address(void *cls, const struct GNUNET_PeerIdentity *key, void *value)
Find existing struct SenderAddress by matching addresses.
struct SenderAddress * sender
Return value to set if we found a match.
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
static char * address
GNS address for this phone.
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
enum GNUNET_NetworkType nt
Which network type does this queue use?
Here is the call graph for this function:
Here is the caller graph for this function:

◆ verify_confirmation()

static int verify_confirmation ( const struct GNUNET_CRYPTO_EcdhePublicKey ephemeral,
const struct UDPConfirmation uc 
)
static

Check signature from uc against ephemeral.

Parameters
ephermalkey that is signed
ucsignature of claimant
Returns
GNUNET_OK if signature is valid

Definition at line 2055 of file gnunet-communicator-udp.c.

References UdpHandshakeSignature::ephemeral, GNUNET_CRYPTO_eddsa_verify, GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE, UDPConfirmation::monotonic_time, UdpHandshakeSignature::monotonic_time, my_identity, GNUNET_PeerIdentity::public_key, GNUNET_CRYPTO_EccSignaturePurpose::purpose, UdpHandshakeSignature::purpose, UdpHandshakeSignature::receiver, UDPConfirmation::sender, UdpHandshakeSignature::sender, UDPConfirmation::sender_sig, and GNUNET_CRYPTO_EccSignaturePurpose::size.

Referenced by sock_read().

2057 {
2058  struct UdpHandshakeSignature uhs;
2059 
2061  uhs.purpose.size = htonl (sizeof(uhs));
2062  uhs.sender = uc->sender;
2063  uhs.receiver = my_identity;
2064  uhs.ephemeral = *ephemeral;
2065  uhs.monotonic_time = uc->monotonic_time;
2068  &uhs,
2069  &uc->sender_sig,
2070  &uc->sender.public_key);
2071 }
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
static struct GNUNET_PeerIdentity my_identity
Our public key.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
#define GNUNET_CRYPTO_eddsa_verify(purp, ps, sig, pub)
Verify EdDSA signature.
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key used by the sender.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
Here is the caller graph for this function:

◆ sockaddr_to_udpaddr_string()

static char* sockaddr_to_udpaddr_string ( const struct sockaddr *  address,
socklen_t  address_len 
)
static

Converts address to the address string format used by this communicator in HELLOs.

Parameters
addressthe address to convert, must be AF_INET or AF_INET6.
address_lennumber of bytes in address
Returns
string representation of address

Definition at line 2083 of file gnunet-communicator-udp.c.

References COMMUNICATOR_ADDRESS_PREFIX, GNUNET_a2s(), GNUNET_asprintf(), GNUNET_assert, and ret.

Referenced by mq_init(), and sock_read().

2085 {
2086  char *ret;
2087 
2088  switch (address->sa_family)
2089  {
2090  case AF_INET:
2091  GNUNET_asprintf (&ret,
2092  "%s-%s",
2094  GNUNET_a2s (address, address_len));
2095  break;
2096 
2097  case AF_INET6:
2098  GNUNET_asprintf (&ret,
2099  "%s-%s",
2101  GNUNET_a2s (address, address_len));
2102  break;
2103 
2104  default:
2105  GNUNET_assert (0);
2106  }
2107  return ret;
2108 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
int int GNUNET_asprintf(char **buf, const char *format,...) __attribute__((format(printf
Like asprintf, just portable.
static char * address
GNS address for this phone.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ sock_read()

static void sock_read ( void *  cls)
static

Socket read task.

Parameters
clsNULL

Definition at line 2117 of file gnunet-communicator-udp.c.

References buf, calculate_cmac(), consider_ss_ack(), decrypt_box(), decrypt_rekey(), do_decrypt(), InitialKX::ephemeral, InitialKX::gcm_tag, GNUNET_break_op, GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_multishortmap_get(), GNUNET_CRYPTO_eddsa_verify, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_log_strerror, GNUNET_NETWORK_socket_recvfrom(), GNUNET_NO, GNUNET_NT_scanner_get_type(), GNUNET_OK, GNUNET_SCHEDULER_add_read_net(), GNUNET_sh2s(), GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST, GNUNET_STATISTICS_update(), GNUNET_TIME_UNIT_FOREVER_REL, GNUNET_TRANSPORT_application_validate(), GNUNET_YES, UdpBroadcastSignature::h_address, UDPBox::kid, UDPRekey::kid, nt, SenderAddress::num_secrets, GNUNET_PeerIdentity::public_key, GNUNET_CRYPTO_EccSignaturePurpose::purpose, UdpBroadcastSignature::purpose, InitialKX::rekeying, UDPBox::rekeying, SenderAddress::rekeying, UDPConfirmation::sender, UdpBroadcastSignature::sender, UDPRekey::sender, SharedSecret::sender, UdpHandshakeSignature::sender, setup_sender(), setup_shared_secret_dec(), GNUNET_CRYPTO_EccSignaturePurpose::size, sockaddr_to_udpaddr_string(), KeyCacheEntry::ss, SenderAddress::ss_head, SenderAddress::ss_tail, try_decrypt(), try_handle_plaintext(), uc, and verify_confirmation().

Referenced by run().

2118 {
2119  struct sockaddr_storage sa;
2120  socklen_t salen = sizeof(sa);
2121  char buf[UINT16_MAX];
2122  ssize_t rcvd;
2123 
2124  (void) cls;
2126  udp_sock,
2127  &sock_read,
2128  NULL);
2130  buf,
2131  sizeof(buf),
2132  (struct sockaddr *) &sa,
2133  &salen);
2134  if (-1 == rcvd)
2135  {
2137  return;
2138  }
2140  "Read %lu bytes\n", rcvd);
2141 
2142  if (rcvd > sizeof(struct UDPRekey))
2143  {
2144  const struct UDPRekey *rekey;
2145  const struct UDPBox *box;
2146  struct KeyCacheEntry *kce;
2147  struct SenderAddress *sender;
2148  int do_decrypt = GNUNET_NO;
2149 
2150  rekey = (const struct UDPRekey *) buf;
2151  box = (const struct UDPBox *) buf;
2153 
2154  if ((GNUNET_YES == box->rekeying)||(GNUNET_NO == box->rekeying))
2156  "UDPRekey has rekeying %u\n",
2157  box->rekeying);
2158  else
2159  do_decrypt = GNUNET_YES;
2160  if ((GNUNET_YES == do_decrypt)&& (NULL != kce) && (GNUNET_YES ==
2161  kce->ss->sender->rekeying))
2162  {
2164  "UDPRekey with kid %s\n",
2165  GNUNET_sh2s (&rekey->kid));
2166  sender = setup_sender (&rekey->sender, (const struct sockaddr *) &sa,
2167  salen);
2168  decrypt_rekey (rekey, (size_t) rcvd, kce, sender);
2169  return;
2170  }
2171  }
2172 
2173  /* first, see if it is a UDPBox */
2174  if (rcvd > sizeof(struct UDPBox))
2175  {
2176  const struct UDPBox *box;
2177  struct KeyCacheEntry *kce;
2178 
2179  box = (const struct UDPBox *) buf;
2181  if (NULL != kce)
2182  {
2183  decrypt_box (box, (size_t) rcvd, kce);
2184  return;
2185  }
2186  }
2187 
2188  /* next, check if it is a broadcast */
2189  if (sizeof(struct UDPBroadcast) == rcvd)
2190  {
2191  const struct UDPBroadcast *ub;
2192  struct UdpBroadcastSignature uhs;
2193 
2194  ub = (const struct UDPBroadcast *) buf;
2195  uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST);
2196  uhs.purpose.size = htonl (sizeof(uhs));
2197  uhs.sender = ub->sender;
2198  GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
2199  if (GNUNET_OK ==
2201  &uhs,
2202  &ub->sender_sig,
2203  &ub->sender.public_key))
2204  {
2205  char *addr_s;
2206  enum GNUNET_NetworkType nt;
2207 
2208  addr_s =
2209  sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
2210  GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
2211  /* use our own mechanism to determine network type */
2212  nt =
2213  GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
2214  GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s);
2215  GNUNET_free (addr_s);
2216  return;
2217  }
2218  /* continue with KX, mostly for statistics... */
2219  }
2220 
2221 
2222  /* finally, test if it is a KX */
2223  if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
2224  {
2226  "# messages dropped (no kid, too small for KX)",
2227  1,
2228  GNUNET_NO);
2229  return;
2230  }
2232  "Got KX\n");
2233  {
2234  const struct InitialKX *kx;
2235  struct SharedSecret *ss;
2236  char pbuf[rcvd - sizeof(struct InitialKX)];
2237  const struct UDPConfirmation *uc;
2238  struct SenderAddress *sender;
2239 
2240  kx = (const struct InitialKX *) buf;
2241  ss = setup_shared_secret_dec (&kx->ephemeral);
2243  "Before DEC\n");
2244 
2245  if (GNUNET_OK != try_decrypt (ss,
2246  kx->gcm_tag,
2247  0,
2248  &buf[sizeof(*kx)],
2249  sizeof(pbuf),
2250  pbuf))
2251  {
2253  "Unable to decrypt tag, dropping...\n");
2254  GNUNET_free (ss);
2256  stats,
2257  "# messages dropped (no kid, AEAD decryption failed)",
2258  1,
2259  GNUNET_NO);
2260  return;
2261  }
2263  "Before VERIFY\n");
2264 
2265  uc = (const struct UDPConfirmation *) pbuf;
2266  if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
2267  {
2268  GNUNET_break_op (0);
2269  GNUNET_free (ss);
2271  "# messages dropped (sender signature invalid)",
2272  1,
2273  GNUNET_NO);
2274  return;
2275  }
2277  "Before SETUP_SENDER\n");
2278 
2279  calculate_cmac (ss);
2280  sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
2281  ss->sender = sender;
2282  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
2283  sender->num_secrets++;
2284  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
2286  "# messages decrypted without BOX",
2287  1,
2288  GNUNET_NO);
2289  try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
2290  if ((GNUNET_NO == kx->rekeying) && (GNUNET_YES == ss->sender->rekeying))
2291  {
2292  ss->sender->rekeying = GNUNET_NO;
2293  // destroy_all_secrets (ss, GNUNET_NO);
2295  "Receiver stopped rekeying.\n");
2296  }
2297  else if (GNUNET_NO == kx->rekeying)
2299  else{
2300  ss->sender->rekeying = GNUNET_YES;
2302  "Receiver started rekeying.\n");
2303  }
2304  /*if (sender->num_secrets > MAX_SECRETS)
2305  secret_destroy (sender->ss_tail);*/
2306  }
2307 }
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WANT.
Definition: nt.c:314
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
static struct GNUNET_TRANSPORT_ApplicationHandle * ah
Our handle to report addresses for validation to TRANSPORT.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
Broadcast by peer in LAN announcing its presence.
static struct SenderAddress * setup_sender(const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
Create sender address for target.
static void consider_ss_ack(struct SharedSecret *ss, int initial)
We established a shared secret with a sender.
char gcm_tag[(128/8)]
HMAC for the following encrypted message, using GCM.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
static struct SharedSecret * setup_shared_secret_dec(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
Setup shared secret for decryption.
void GNUNET_TRANSPORT_application_validate(struct GNUNET_TRANSPORT_ApplicationHandle *ch, const struct GNUNET_PeerIdentity *peer, enum GNUNET_NetworkType nt, const char *addr)
An application (or a communicator) has received a HELLO (or other address data of another peer) and w...
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key for KX.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
static struct GNUNET_FS_UnindexContext * uc
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
struct SharedSecret * ss
Corresponding shared secret.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
Encrypted continuation of UDP initial handshake, followed by message header with payload.
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_CRYPTO_eddsa_verify(purp, ps, sig, pub)
Verify EdDSA signature.
int rekeying
A flag indicating, if the sender is doing rekeying.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
GNUNET_NetworkType
Types of networks (with separate quotas) we support.
Definition: gnunet_nt_lib.h:35
"Plaintext" header at beginning of KX message.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
static int do_decrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Decrypt size bytes from in and write the result to out.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
static int verify_confirmation(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
Check signature from uc against ephemeral.
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
Signature used by UDP broadcasts.
static char buf[2048]
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
UDP message box.
UDP message box.
static void sock_read(void *cls)
Socket read task.
static struct GNUNET_NAT_AUTO_Test * nt
Handle to a NAT test operation.
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
Shared secret we generated for a particular sender or receiver.
unsigned int num_secrets
Length of the DLL at ss_head.
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void decrypt_box(const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
We received a box with matching kce.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
int rekeying
A flag indicating, if the sender is doing rekeying.
void * GNUNET_CONTAINER_multishortmap_get(const struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key)
Given a key find a value in the map matching the key.
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
Signature we use to verify that the broadcast was really made by the peer that claims to have made it...
#define GNUNET_log(kind,...)
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
static struct GNUNET_SCHEDULER_Task * read_task
ID of read task.
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_read_net(struct GNUNET_TIME_Relative delay, struct GNUNET_NETWORK_Handle *rfd, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay or when the specified file descriptor is ready f...
Definition: scheduler.c:1517
static void decrypt_rekey(const struct UDPRekey *rekey, size_t rekey_len, struct KeyCacheEntry *kce, struct SenderAddress *sender)
We received a rekey with matching kce.
ssize_t GNUNET_NETWORK_socket_recvfrom(const struct GNUNET_NETWORK_Handle *desc, void *buffer, size_t length, struct sockaddr *src_addr, socklen_t *addrlen)
Read data from a socket (always non-blocking).
Definition: network.c:754
#define GNUNET_free(ptr)
Wrapper around free.
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ udp_address_to_sockaddr()

static struct sockaddr* udp_address_to_sockaddr ( const char *  bindto,
socklen_t *  sock_len 
)
static

Convert UDP bind specification to a struct sockaddr *

Parameters
bindtobind specification to convert
[out]sock_lenset to the length of the address
Returns
converted bindto specification

Definition at line 2318 of file gnunet-communicator-udp.c.

References COMMUNICATOR_CONFIG_SECTION, dummy, GNUNET_CONFIGURATION_get_value_yesno(), GNUNET_ERROR_TYPE_ERROR, GNUNET_free, GNUNET_log, GNUNET_malloc, GNUNET_memdup, GNUNET_NETWORK_test_pf(), GNUNET_NO, GNUNET_strdup, GNUNET_YES, port, and start.

Referenced by mq_init(), and run().

2319 {
2320  struct sockaddr *in;
2321  unsigned int port;
2322  char dummy[2];
2323  char *colon;
2324  char *cp;
2325 
2326  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
2327  {
2328  /* interpreting value as just a PORT number */
2329  if (port > UINT16_MAX)
2330  {
2332  "BINDTO specification `%s' invalid: value too large for port\n",
2333  bindto);
2334  return NULL;
2335  }
2336  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
2337  (GNUNET_YES ==
2340  "DISABLE_V6")))
2341  {
2342  struct sockaddr_in *i4;
2343 
2344  i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
2345  i4->sin_family = AF_INET;
2346  i4->sin_port = htons ((uint16_t) port);
2347  *sock_len = sizeof(struct sockaddr_in);
2348  in = (struct sockaddr *) i4;
2349  }
2350  else
2351  {
2352  struct sockaddr_in6 *i6;
2353 
2354  i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
2355  i6->sin6_family = AF_INET6;
2356  i6->sin6_port = htons ((uint16_t) port);
2357  *sock_len = sizeof(struct sockaddr_in6);
2358  in = (struct sockaddr *) i6;
2359  }
2360  return in;
2361  }
2362  cp = GNUNET_strdup (bindto);
2363  colon = strrchr (cp, ':');
2364  if (NULL != colon)
2365  {
2366  /* interpet value after colon as port */
2367  *colon = '\0';
2368  colon++;
2369  if (1 == sscanf (colon, "%u%1s", &port, dummy))
2370  {
2371  /* interpreting value as just a PORT number */
2372  if (port > UINT16_MAX)
2373  {
2375  "BINDTO specification `%s' invalid: value too large for port\n",
2376  bindto);
2377  GNUNET_free (cp);
2378  return NULL;
2379  }
2380  }
2381  else
2382  {
2383  GNUNET_log (
2385  "BINDTO specification `%s' invalid: last ':' not followed by number\n",
2386  bindto);
2387  GNUNET_free (cp);
2388  return NULL;
2389  }
2390  }
2391  else
2392  {
2393  /* interpret missing port as 0, aka pick any free one */
2394  port = 0;
2395  }
2396  {
2397  /* try IPv4 */
2398  struct sockaddr_in v4;
2399  if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
2400  {
2401  v4.sin_family = AF_INET;
2402  v4.sin_port = htons ((uint16_t) port);
2403 #if HAVE_SOCKADDR_IN_SIN_LEN
2404  v4.sin_len = sizeof(struct sockaddr_in);
2405 #endif
2406  in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
2407  *sock_len = sizeof(struct sockaddr_in);
2408  GNUNET_free (cp);
2409  return in;
2410  }
2411  }
2412  {
2413  /* try IPv6 */
2414  struct sockaddr_in6 v6;
2415  const char *start;
2416 
2417  start = cp;
2418  if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
2419  {
2420  start++; /* skip over '[' */
2421  cp[strlen (cp) - 1] = '\0'; /* eat ']' */
2422  }
2423  if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
2424  {
2425  v6.sin6_family = AF_INET6;
2426  v6.sin6_port = htons ((uint16_t) port);
2427 #if HAVE_SOCKADDR_IN_SIN_LEN
2428  v6.sin6_len = sizeof(sizeof(struct sockaddr_in6));
2429 #endif
2430  in = GNUNET_memdup (&v6, sizeof(v6));
2431  *sock_len = sizeof(v6);
2432  GNUNET_free (cp);
2433  return in;
2434  }
2435  }
2436  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
2437  GNUNET_free (cp);
2438  return NULL;
2439 }
#define COMMUNICATOR_CONFIG_SECTION
Configuration section used by the communicator.
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:39
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
static struct in_addr dummy
Target "dummy" address of the packet we pretend to respond to.
static uint16_t port
Port number.
Definition: gnunet-bcd.c:82
#define GNUNET_log(kind,...)
int GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
#define GNUNET_malloc(size)
Wrapper around malloc.
int GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:85
#define GNUNET_free(ptr)
Wrapper around free.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ do_pad()

static void do_pad ( gcry_cipher_hd_t  out_cipher,
char *  dgram,
size_t  pad_size 
)
static

Pad dgram by pad_size using out_cipher.

Parameters
out_ciphercipher to use
dgramdatagram to pad
pad_sizenumber of bytes of padding to append

Definition at line 2450 of file gnunet-communicator-udp.c.

References GNUNET_assert, GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block(), GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD, and GNUNET_MessageHeader::size.

Referenced by mq_send_d(), mq_send_kx(), and send_UDPRekey().

2451 {
2452  char pad[pad_size];
2453 
2455  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
2456  {
2457  struct GNUNET_MessageHeader hdr =
2458  { .size = htons (sizeof(pad)),
2459  .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
2460 
2461  memcpy (pad, &hdr, sizeof(hdr));
2462  }
2463  GNUNET_assert (
2464  0 ==
2465  gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
2466 }
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
Header for all communications.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mq_send_kx()

static void mq_send_kx ( struct GNUNET_MQ_Handle mq,
const struct GNUNET_MessageHeader msg,
void *  impl_state 
)
static

Signature of functions implementing the sending functionality of a message queue.

Parameters
mqthe message queue
msgthe message to send
impl_stateour struct ReceiverAddress

Definition at line 2478 of file gnunet-communicator-udp.c.

References ReceiverAddress::address, ReceiverAddress::address_len, destroy_all_secrets(), do_pad(), InitialKX::ephemeral, UdpHandshakeSignature::ephemeral, InitialKX::gcm_tag, GNUNET_a2s(), GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_CRYPTO_ecdhe_key_get_public(), GNUNET_CRYPTO_eddsa_sign, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_log, GNUNET_log_strerror, GNUNET_MQ_impl_send_continue(), GNUNET_NETWORK_socket_sendto(), GNUNET_NO, GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE, GNUNET_TIME_absolute_get_monotonic(), GNUNET_TIME_absolute_hton(), GNUNET_YES, ReceiverAddress::kx_mq, ReceiverAddress::kx_mtu, SharedSecret::master, MAX_SECRETS, UDPConfirmation::monotonic_time, UdpHandshakeSignature::monotonic_time, my_identity, ReceiverAddress::num_secrets, GNUNET_CRYPTO_EccSignaturePurpose::purpose, UdpHandshakeSignature::purpose, UdpHandshakeSignature::receiver, receiver_destroy(), ReceiverAddress::receiver_destroy_called, InitialKX::rekeying, ReceiverAddress::rekeying, reschedule_receiver_timeout(), UDPConfirmation::sender, UdpHandshakeSignature::sender, UDPConfirmation::sender_sig, setup_cipher(), setup_shared_secret_enc(), GNUNET_CRYPTO_EccSignaturePurpose::size, GNUNET_MessageHeader::size, ReceiverAddress::target, and uc.

Referenced by setup_receiver_mq().

2481 {
2482  struct ReceiverAddress *receiver = impl_state;
2483  uint16_t msize = ntohs (msg->size);
2484  struct UdpHandshakeSignature uhs;
2485  struct UDPConfirmation uc;
2486  struct InitialKX kx;
2487  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2488  char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)];
2489  size_t dpos;
2490  gcry_cipher_hd_t out_cipher;
2491  struct SharedSecret *ss;
2492 
2493  GNUNET_assert (mq == receiver->kx_mq);
2494  if (msize > receiver->kx_mtu)
2495  {
2496  GNUNET_break (0);
2497  if (GNUNET_YES != receiver->receiver_destroy_called)
2498  receiver_destroy (receiver);
2499  return;
2500  }
2501  reschedule_receiver_timeout (receiver);
2502 
2503  /* setup key material */
2505 
2506  ss = setup_shared_secret_enc (&epriv, receiver, GNUNET_YES);
2507 
2508  if (receiver->num_secrets > MAX_SECRETS)
2509  {
2511  }
2512 
2513  setup_cipher (&ss->master, 0, &out_cipher);
2514  /* compute 'uc' */
2515  uc.sender = my_identity;
2516  uc.monotonic_time =
2518  uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE);
2519  uhs.purpose.size = htonl (sizeof(uhs));
2520  uhs.sender = my_identity;
2521  uhs.receiver = receiver->target;
2522  GNUNET_CRYPTO_ecdhe_key_get_public (&epriv, &uhs.ephemeral);
2523  uhs.monotonic_time = uc.monotonic_time;
2525  &uhs,
2526  &uc.sender_sig);
2527  /* Leave space for kx */
2528  dpos = sizeof(kx);
2529  /* Append encrypted uc to dgram */
2530  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
2531  &dgram[dpos],
2532  sizeof(uc),
2533  &uc,
2534  sizeof(uc)));
2535  dpos += sizeof(uc);
2536  /* Append encrypted payload to dgram */
2537  GNUNET_assert (
2538  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2539  dpos += msize;
2540  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2541  /* Datagram starts with kx */
2542  kx.ephemeral = uhs.ephemeral;
2543  GNUNET_assert (
2544  0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
2545  gcry_cipher_close (out_cipher);
2546  if (GNUNET_NO == receiver->rekeying)
2547  kx.rekeying = GNUNET_NO;
2548  else
2549  kx.rekeying = GNUNET_YES;
2550  memcpy (dgram, &kx, sizeof(kx));
2552  dgram,
2553  sizeof(dgram),
2554  receiver->address,
2555  receiver->address_len))
2558  "Sending KX to %s\n", GNUNET_a2s (receiver->address,
2559  receiver->address_len));
2561 }
#define GNUNET_CRYPTO_eddsa_sign(priv, ps, sig)
EdDSA sign a given block.
static struct GNUNET_PeerIdentity my_identity
Our public key.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
struct sockaddr * address
Address of the other peer.
static struct GNUNET_FS_UnindexContext * uc
unsigned int num_secrets
Length of the DLL at ss_head.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
Encrypted continuation of UDP initial handshake, followed by message header with payload.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
"Plaintext" header at beginning of KX message.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:508
struct GNUNET_HashCode master
Master shared secret.
struct GNUNET_MQ_Handle * kx_mq
KX message queue we are providing for the ch.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
size_t kx_mtu
MTU we allowed transport for this receiver&#39;s KX queue.
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:850
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
int receiver_destroy_called
receiver_destroy already called on receiver.
Information we track per receiving address we have recently been in contact with (encryption to recei...
Private ECC key encoded for transmission.
Shared secret we generated for a particular sender or receiver.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:215
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver, int add_to_receiver)
Setup shared secret for encryption.
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get_monotonic(const struct GNUNET_CONFIGURATION_Handle *cfg)
Obtain the current time and make sure it is monotonically increasing.
Definition: time.c:807
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
socklen_t address_len
Length of the address.
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
struct GNUNET_PeerIdentity target
To whom are we talking to.
static void destroy_all_secrets(struct SharedSecret *ss, int withoutKce)
Destroying all secrets.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:499
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ check_for_rekeying()

static void check_for_rekeying ( struct ReceiverAddress receiver,
struct UDPBox box 
)
static

Definition at line 2564 of file gnunet-communicator-udp.c.

References GNUNET_TIME_Absolute::abs_value_us, ReceiverAddress::acks_available, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_sh2s(), GNUNET_TIME_absolute_get_remaining(), GNUNET_TIME_relative_to_absolute(), GNUNET_YES, UDPBox::kid, ReceiverAddress::rekey_acks_available, rekey_interval, REKEY_MAX_BYTES, ReceiverAddress::rekey_send_bytes, ReceiverAddress::rekey_timeout, UDPBox::rekeying, ReceiverAddress::rekeying, GNUNET_TIME_Relative::rel_value_us, and ReceiverAddress::ss_rekey.

Referenced by mq_send_d().

2565 {
2566 
2567  struct GNUNET_TIME_Relative rt;
2568 
2570  "Timeout is %lu\n.",
2571  receiver->rekey_timeout.abs_value_us);
2572 
2573  if (0 == receiver->rekey_timeout.abs_value_us)
2574  {
2576  rekey_interval);
2577  }
2578  else
2579  {
2582  "Relative time is %lu and timeout is %lu\n.",
2583  rt.rel_value_us,
2584  receiver->rekey_timeout.abs_value_us);
2585 
2586  if ((0 == rt.rel_value_us)||(receiver->rekey_send_bytes >
2587  REKEY_MAX_BYTES) )
2588  {
2590  "Bytes send %lu greater than %llu max bytes\n.",
2591  receiver->rekey_send_bytes,
2592  REKEY_MAX_BYTES);
2594  "Relative time is %lu and timeout is %lu\n.",
2595  rt.rel_value_us,
2596  receiver->rekey_timeout.abs_value_us);
2597 
2598  receiver->rekey_timeout.abs_value_us = 0;
2599  receiver->rekey_send_bytes = 0;
2600  receiver->ss_rekey = NULL;
2601  // destroy_all_secrets (ss, GNUNET_NO);
2602  receiver->rekeying = GNUNET_YES;
2603  receiver->rekey_acks_available = receiver->acks_available;
2604  box->rekeying = GNUNET_YES;
2606  "Sender started rekeying.\n");
2607  if (GNUNET_YES == box->rekeying)
2609  "Sending rekeying with kid %s\n",
2610  GNUNET_sh2s (&box->kid));
2611  }
2612  }
2613 }
struct GNUNET_TIME_Absolute rekey_timeout
Timeout for this receiver address.
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
uint64_t abs_value_us
The actual value.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static struct GNUNET_TIME_Relative rekey_interval
The rekey interval.
uint64_t rekey_send_bytes
Send bytes for this receiver address.
unsigned int rekey_acks_available
Acks available when we started rekeying.
#define REKEY_MAX_BYTES
How often do we rekey based on number of bytes transmitted? (additionally randomized).
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
int rekeying
A flag indicating, if the sender is doing rekeying.
#define GNUNET_log(kind,...)
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
Time for relative time used by GNUnet, in microseconds.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ send_UDPRekey()

static void send_UDPRekey ( struct ReceiverAddress receiver,
struct SharedSecret ss 
)
static

Definition at line 2616 of file gnunet-communicator-udp.c.

References do_pad(), UDPRekey::gcm_tag, get_kid(), GNUNET_a2s(), GNUNET_assert, GNUNET_CRYPTO_ecdhe_key_create(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_h2s(), GNUNET_log, GNUNET_log_strerror, GNUNET_NETWORK_socket_sendto(), GNUNET_NO, GNUNET_sh2s(), UDPRekey::kid, SharedSecret::master, my_identity, SharedSecret::prev, UDPRekey::sender, SharedSecret::sequence_allowed, SharedSecret::sequence_used, setup_cipher(), and setup_shared_secret_enc().

Referenced by mq_send_d().

2617 {
2618  uint8_t is_ss_rekey_sequence_allowed_zero = GNUNET_NO;
2619  uint8_t is_acks_available_below = GNUNET_NO;
2620  uint8_t send_rekey = GNUNET_NO;
2621  uint16_t not_below;
2622  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2623  struct UDPRekey *rekey;
2624  size_t dpos;
2625 
2626  char rekey_dgram[sizeof(struct UDPRekey) + receiver->d_mtu];
2627 
2628  if (NULL != receiver->ss_rekey)
2629  {
2630  not_below = (receiver->rekey_acks_available
2631  - (receiver->rekey_acks_available % 3)) / 3;
2632  is_ss_rekey_sequence_allowed_zero = (0 ==
2633  receiver->ss_rekey->sequence_allowed);
2634  is_acks_available_below = (receiver->acks_available > not_below);
2635  send_rekey = (0 == (receiver->acks_available - not_below) % not_below) &&
2636  is_acks_available_below && is_ss_rekey_sequence_allowed_zero;
2637  }
2638  else if (NULL == receiver->ss_rekey)
2639  {
2640  /* setup key material */
2642  receiver->ss_rekey = setup_shared_secret_enc (&epriv, receiver,
2643  GNUNET_NO);
2645  "Setup secret with cmac %s\n",
2646  GNUNET_h2s (&(receiver->ss_rekey->cmac)));
2648  "Setup secret with master %s.\n",
2649  GNUNET_h2s (&(receiver->ss_rekey->master)));
2650  }
2651 
2652  if (send_rekey)
2653  {
2654  GNUNET_assert (0 != receiver->number_rekeying_kce);
2655  gcry_cipher_hd_t rekey_out_cipher;
2656 
2657  while (NULL != ss && ss->sequence_used >= ss->sequence_allowed)
2658  {
2659  ss = ss->prev;
2660  }
2661 
2662  if (NULL != ss)
2663  {
2664  rekey = (struct UDPRekey *) rekey_dgram;
2665  rekey->sender = my_identity;
2666  ss->sequence_used++;
2667  get_kid (&ss->master, ss->sequence_used, &rekey->kid);
2668  receiver->number_rekeying_kce--;
2669  setup_cipher (&ss->master, ss->sequence_used, &rekey_out_cipher);
2670  /* Append encrypted payload to dgram */
2671  dpos = sizeof(struct UDPRekey);
2672 
2673  GNUNET_assert (
2674  0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos],
2675  sizeof(receiver->ss_rekey->master),
2676  &(receiver->ss_rekey->master),
2677  sizeof(receiver->ss_rekey->master)));
2678  dpos += sizeof(receiver->ss_rekey->master);
2679  /* GNUNET_assert ( */
2680  /* 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], */
2681  /* /\*sizeof(receiver->ss_rekey->cmac), */
2682  /* &(receiver->ss_rekey->cmac), */
2683  /* sizeof(receiver->ss_rekey->cmac))); */
2684  /* dpos += sizeof(receiver->ss_rekey->cmac);*\/ */
2685  /* sizeof(receiver->ss_rekey), */
2686  /* receiver->ss_rekey, */
2687  /* sizeof(receiver->ss_rekey))); */
2688  /* dpos += sizeof(receiver->ss_rekey); */
2689  do_pad (rekey_out_cipher, &rekey_dgram[dpos], sizeof(rekey_dgram)
2690  - dpos);
2691  GNUNET_assert (0 == gcry_cipher_gettag (rekey_out_cipher,
2692  rekey->gcm_tag,
2693  sizeof(rekey->gcm_tag)));
2694  gcry_cipher_close (rekey_out_cipher);
2695 
2697  "Sending rekey with kid %s and master %s\n",
2698  GNUNET_sh2s (&rekey->kid),
2699  GNUNET_h2s (&(receiver->ss_rekey->master)));
2701  "Sending rekey with cmac %s\n",
2702  GNUNET_h2s (&(receiver->ss_rekey->cmac)));
2703 
2705  rekey_dgram,
2706  sizeof(rekey_dgram),
2707  receiver->address,
2708  receiver->address_len))
2710 
2712  "Sending UDPRekey to %s\n", GNUNET_a2s (receiver->address,
2713  receiver->
2714  address_len));
2715  }
2716  }
2717 }
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
static struct GNUNET_PeerIdentity my_identity
Our public key.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
struct sockaddr * address
Address of the other peer.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:508
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
struct GNUNET_HashCode master
Master shared secret.
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:850
unsigned int rekey_acks_available
Acks available when we started rekeying.
UDP message box.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
Private ECC key encoded for transmission.
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver, int add_to_receiver)
Setup shared secret for encryption.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
struct SharedSecret * prev
Kept in a DLL.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
socklen_t address_len
Length of the address.
#define GNUNET_log(kind,...)
struct GNUNET_ShortHashCode kid
Key and IV identification code.
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
int number_rekeying_kce
Numer of kce we retain for sending the rekeying shared secret.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mq_send_d()

static void mq_send_d ( struct GNUNET_MQ_Handle mq,
const struct GNUNET_MessageHeader msg,
void *  impl_state 
)
static

Signature of functions implementing the sending functionality of a message queue.

Parameters
mqthe message queue
msgthe message to send
impl_stateour struct ReceiverAddress

Definition at line 2729 of file gnunet-communicator-udp.c.

References ReceiverAddress::acks_available, add_acks_rekey(), check_for_rekeying(), ReceiverAddress::d_mq, ReceiverAddress::d_mtu, do_pad(), UDPBox::gcm_tag, get_kid(), GNUNET_a2s(), GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_h2s(), GNUNET_log, GNUNET_log_strerror, GNUNET_MQ_impl_send_continue(), GNUNET_NETWORK_socket_sendto(), GNUNET_NO, GNUNET_YES, UDPBox::kid, SharedSecret::prev, receiver_destroy(), ReceiverAddress::receiver_destroy_called, UDPBox::rekeying, reschedule_receiver_timeout(), send_UDPRekey(), setup_cipher(), GNUNET_MessageHeader::size, and ReceiverAddress::ss_tail.

Referenced by setup_receiver_mq().

2732 {
2733  struct ReceiverAddress *receiver = impl_state;
2734  uint16_t msize = ntohs (msg->size);
2735 
2736  GNUNET_assert (mq == receiver->d_mq);
2737  if ((msize > receiver->d_mtu) ||
2738  (0 == receiver->acks_available))
2739  {
2740  GNUNET_break (0);
2741  if (GNUNET_YES != receiver->receiver_destroy_called)
2742  receiver_destroy (receiver);
2743  return;
2744  }
2745  reschedule_receiver_timeout (receiver);
2746 
2747  /* begin "BOX" encryption method, scan for ACKs from tail! */
2748  for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
2749  {
2750  if (0 < ss->sequence_used)
2752  "Trying to send UDPBox with shared secrect %s sequence_used %u and ss->sequence_allowed %u\n",
2753  GNUNET_h2s (&ss->master),
2754  ss->sequence_used,
2755  ss->sequence_allowed);
2756  // Uncomment this for alternativ 1 of backchannel functionality
2757  if (ss->sequence_used >= ss->sequence_allowed)
2758  // Until here for alternativ 1
2759  // Uncomment this for alternativ 2 of backchannel functionality
2760  // if (0 == ss->sequence_allowed)
2761  // Until here for alternativ 2
2762  {
2763  continue;
2764  }
2765  char dgram[sizeof(struct UDPBox) + receiver->d_mtu];
2766  struct UDPBox *box;
2767  gcry_cipher_hd_t out_cipher;
2768  size_t dpos;
2769 
2770  box = (struct UDPBox *) dgram;
2771  ss->sequence_used++;
2772  get_kid (&ss->master, ss->sequence_used, &box->kid);
2773  setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
2774  /* Append encrypted payload to dgram */
2775  dpos = sizeof(struct UDPBox);
2776  GNUNET_assert (
2777  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2778  dpos += msize;
2779  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2780  GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
2781  box->gcm_tag,
2782  sizeof(box->gcm_tag)));
2783  gcry_cipher_close (out_cipher);
2784 
2785  receiver->rekey_send_bytes += sizeof(struct UDPBox) + receiver->d_mtu;
2786 
2787  if (GNUNET_NO == receiver->rekeying)
2788  box->rekeying = GNUNET_NO;
2789  else
2790  box->rekeying = GNUNET_YES;
2791 
2792  check_for_rekeying (receiver, box);
2793 
2795  dgram,
2796  sizeof(dgram),
2797  receiver->address,
2798  receiver->address_len))
2801  "Sending UDPBox to %s\n", GNUNET_a2s (receiver->address,
2802  receiver->address_len));
2804  receiver->acks_available--;
2805  if (0 == receiver->acks_available)
2806  {
2807  /* We have no more ACKs */
2809  "No more acks\n");
2810  if (GNUNET_YES == receiver->rekeying)
2811  {
2812  receiver->rekeying = GNUNET_NO;
2813 
2814  if ((NULL != receiver->ss_rekey) && (0 <
2815  receiver->ss_rekey->
2816  sequence_allowed) )
2817  add_acks_rekey (receiver);
2818  }
2819  }
2820  else if ((GNUNET_YES == receiver->rekeying) )
2821  {
2822  send_UDPRekey (receiver, ss);
2823  }
2824 
2825  return;
2826  }
2827 }
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
static void send_UDPRekey(struct ReceiverAddress *receiver, struct SharedSecret *ss)
struct sockaddr * address
Address of the other peer.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
uint64_t rekey_send_bytes
Send bytes for this receiver address.
static void add_acks_rekey(struct ReceiverAddress *receiver)
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:850
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
UDP message box.
int receiver_destroy_called
receiver_destroy already called on receiver.
Information we track per receiving address we have recently been in contact with (encryption to recei...
size_t d_mtu
MTU we allowed transport for this receiver&#39;s default queue.
Shared secret we generated for a particular sender or receiver.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
struct SharedSecret * prev
Kept in a DLL.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
int rekeying
A flag indicating, if the sender is doing rekeying.
socklen_t address_len
Length of the address.
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
static void check_for_rekeying(struct ReceiverAddress *receiver, struct UDPBox *box)
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:499
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
struct GNUNET_MQ_Handle * d_mq
Default message queue we are providing for the ch.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mq_destroy_d()

static void mq_destroy_d ( struct GNUNET_MQ_Handle mq,
void *  impl_state 
)
static

Signature of functions implementing the destruction of a message queue.

Implementations must not free mq, but should take care of impl_state.

Parameters
mqthe message queue to destroy
impl_stateour struct ReceiverAddress

Definition at line 2839 of file gnunet-communicator-udp.c.

References ReceiverAddress::d_mq, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_YES, receiver_destroy(), and ReceiverAddress::receiver_destroy_called.

Referenced by setup_receiver_mq().

2840 {
2841  struct ReceiverAddress *receiver = impl_state;
2843  "Default MQ destroyed\n");
2844  if (mq == receiver->d_mq)
2845  {
2846  receiver->d_mq = NULL;
2847  if (GNUNET_YES != receiver->receiver_destroy_called)
2848  receiver_destroy (receiver);
2849  }
2850 }
int receiver_destroy_called
receiver_destroy already called on receiver.
Information we track per receiving address we have recently been in contact with (encryption to recei...
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
struct GNUNET_MQ_Handle * d_mq
Default message queue we are providing for the ch.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mq_destroy_kx()

static void mq_destroy_kx ( struct GNUNET_MQ_Handle mq,
void *  impl_state 
)
static

Signature of functions implementing the destruction of a message queue.

Implementations must not free mq, but should take care of impl_state.

Parameters
mqthe message queue to destroy
impl_stateour struct ReceiverAddress

Definition at line 2862 of file gnunet-communicator-udp.c.

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_YES, ReceiverAddress::kx_mq, receiver_destroy(), and ReceiverAddress::receiver_destroy_called.

Referenced by setup_receiver_mq().

2863 {
2864  struct ReceiverAddress *receiver = impl_state;
2866  "KX MQ destroyed\n");
2867  if (mq == receiver->kx_mq)
2868  {
2869  receiver->kx_mq = NULL;
2870  if (GNUNET_YES != receiver->receiver_destroy_called)
2871  receiver_destroy (receiver);
2872  }
2873 }
struct GNUNET_MQ_Handle * kx_mq
KX message queue we are providing for the ch.
int receiver_destroy_called
receiver_destroy already called on receiver.
Information we track per receiving address we have recently been in contact with (encryption to recei...
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mq_cancel()

static void mq_cancel ( struct GNUNET_MQ_Handle mq,
void *  impl_state 
)
static

Implementation function that cancels the currently sent message.

Parameters
mqmessage queue
impl_stateour struct RecvierAddress

Definition at line 2883 of file gnunet-communicator-udp.c.

References GNUNET_assert.

Referenced by setup_receiver_mq().

2884 {
2885  /* Cancellation is impossible with UDP; bail */
2886  GNUNET_assert (0);
2887 }
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Here is the caller graph for this function:

◆ mq_error()

static void mq_error ( void *  cls,
enum GNUNET_MQ_Error  error 
)
static

Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue.

Not every message queue implementation supports an error handler.

Parameters
clsour struct ReceiverAddress
errorerror code

Definition at line 2900 of file gnunet-communicator-udp.c.

References GNUNET_ERROR_TYPE_ERROR, GNUNET_i2s(), GNUNET_log, receiver_destroy(), and ReceiverAddress::target.

Referenced by setup_receiver_mq().

2901 {
2902  struct ReceiverAddress *receiver = cls;
2903 
2905  "MQ error in queue to %s: %d\n",
2906  GNUNET_i2s (&receiver->target),
2907  (int) error);
2908  receiver_destroy (receiver);
2909 }
Information we track per receiving address we have recently been in contact with (encryption to recei...
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
struct GNUNET_PeerIdentity target
To whom are we talking to.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
Here is the call graph for this function:
Here is the caller graph for this function:

◆ mq_init()

static int mq_init ( void *  cls,
const struct GNUNET_PeerIdentity peer,
const char *  address 
)
static

Function called by the transport service to initialize a message queue given address information about another peer.

If and when the communication channel is established, the communicator must call GNUNET_TRANSPORT_communicator_mq_add() to notify the service that the channel is now up. It is the responsibility of the communicator to manage sane retries and timeouts for any peer/address combination provided by the transport service. Timeouts and retries do not need to be signalled to the transport service.

Parameters
clsclosure
peeridentity of the other peer
addresswhere to send the message, human-readable communicator-specific format, 0-terminated, UTF-8
Returns
GNUNET_OK on success, GNUNET_SYSERR if the provided address is invalid

Definition at line 3023 of file gnunet-communicator-udp.c.

References GNUNET_TIME_Absolute::abs_value_us, ReceiverAddress::address, ReceiverAddress::address_len, check_timeouts(), COMMUNICATOR_ADDRESS_PREFIX, ReceiverAddress::foreign_addr, GNUNET_break_op, GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_insert(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE, GNUNET_CONTAINER_multipeermap_put(), GNUNET_CONTAINER_multipeermap_size(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s_full(), GNUNET_log, GNUNET_new, GNUNET_NO, GNUNET_NT_scanner_get_type(), GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_STATISTICS_set(), GNUNET_SYSERR, GNUNET_TIME_relative_to_absolute(), ReceiverAddress::hn, ReceiverAddress::nt, peer, UdpHandshakeSignature::receiver, setup_receiver_mq(), sockaddr_to_udpaddr_string(), ReceiverAddress::target, ReceiverAddress::timeout, and udp_address_to_sockaddr().

Referenced by run().

3024 {
3025  struct ReceiverAddress *receiver;
3026  const char *path;
3027  struct sockaddr *in;
3028  socklen_t in_len;
3029 
3030  if (0 != strncmp (address,
3032  strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
3033  {
3034  GNUNET_break_op (0);
3035  return GNUNET_SYSERR;
3036  }
3037  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
3038  in = udp_address_to_sockaddr (path, &in_len);
3039 
3040  receiver = GNUNET_new (struct ReceiverAddress);
3041  receiver->address = in;
3042  receiver->address_len = in_len;
3043  receiver->target = *peer;
3044  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
3046  receivers,
3047  &receiver->target,
3048  receiver,
3051  "Added %s to receivers\n",
3052  GNUNET_i2s_full (&receiver->target));
3053  receiver->timeout =
3056  receiver,
3057  receiver->timeout.abs_value_us);
3059  "# receivers active",
3061  GNUNET_NO);
3062  receiver->foreign_addr =
3063  sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
3064  setup_receiver_mq (receiver);
3065  if (NULL == timeout_task)
3067  return GNUNET_OK;
3068 }
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WANT.
Definition: nt.c:314
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
static struct sockaddr * udp_address_to_sockaddr(const char *bindto, socklen_t *sock_len)
Convert UDP bind specification to a struct sockaddr *
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
struct sockaddr * address
Address of the other peer.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_new(type)
Allocate a struct or union of the given type.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
uint64_t abs_value_us
The actual value.
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
enum GNUNET_NetworkType nt
Which network type does this queue use?
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1296
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
static void setup_receiver_mq(struct ReceiverAddress *receiver)
Setup the MQ for the receiver.
Information we track per receiving address we have recently been in contact with (encryption to recei...
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
socklen_t address_len
Length of the address.
#define GNUNET_log(kind,...)
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
struct GNUNET_PeerIdentity target
To whom are we talking to.
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
static char * address
GNS address for this phone.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_receiver_delete_it()

static int get_receiver_delete_it ( void *  cls,
const struct GNUNET_PeerIdentity target,
void *  value 
)
static

Iterator over all receivers to clean up.

Parameters
clsNULL
targetunused
valuethe queue to destroy
Returns
GNUNET_OK to continue to iterate

Definition at line 3080 of file gnunet-communicator-udp.c.

References GNUNET_OK, receiver_destroy(), and value.

Referenced by do_shutdown().

3083 {
3084  struct ReceiverAddress *receiver = value;
3085 
3086  (void) cls;
3087  (void) target;
3088  receiver_destroy (receiver);
3089  return GNUNET_OK;
3090 }
static char * value
Value of the record to add/remove.
Information we track per receiving address we have recently been in contact with (encryption to recei...
void receiver(void *cls, const void *buf, size_t available, const struct sockaddr *addr, socklen_t addrlen, int errCode)
Callback to read from the SOCKS5 proxy.
Definition: socks.c:329
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
Here is the call graph for this function:
Here is the caller graph for this function:

◆ get_sender_delete_it()

static int get_sender_delete_it ( void *  cls,
const struct GNUNET_PeerIdentity target,
void *  value 
)
static

Iterator over all senders to clean up.

Parameters
clsNULL
targetunused
valuethe queue to destroy
Returns
GNUNET_OK to continue to iterate

Definition at line 3102 of file gnunet-communicator-udp.c.

References GNUNET_OK, sender_destroy(), and value.

Referenced by do_shutdown().

3105 {
3106  struct SenderAddress *sender = value;
3107 
3108  (void) cls;
3109  (void) target;
3110  sender_destroy (sender);
3111  return GNUNET_OK;
3112 }
static char * value
Value of the record to add/remove.
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Here is the call graph for this function:
Here is the caller graph for this function:

◆ do_shutdown()

static void do_shutdown ( void *  cls)
static

Shutdown the UNIX communicator.

Parameters
clsNULL (always)

Definition at line 3121 of file gnunet-communicator-udp.c.

References bi_destroy(), get_receiver_delete_it(), get_sender_delete_it(), GNUNET_break, GNUNET_CONTAINER_heap_destroy(), GNUNET_CONTAINER_multipeermap_destroy(), GNUNET_CONTAINER_multipeermap_iterate(), GNUNET_CONTAINER_multishortmap_destroy(), GNUNET_free, GNUNET_NAT_unregister(), GNUNET_NETWORK_socket_close(), GNUNET_NO, GNUNET_NT_scanner_done(), GNUNET_OK, GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_destroy(), GNUNET_TRANSPORT_application_done(), and GNUNET_TRANSPORT_communicator_disconnect().

Referenced by run().

3122 {
3123  if (NULL != nat)
3124  {
3126  nat = NULL;
3127  }
3128  while (NULL != bi_head)
3129  bi_destroy (bi_head);
3130  if (NULL != broadcast_task)
3131  {
3133  broadcast_task = NULL;
3134  }
3135  if (NULL != kce_task_rekey)
3136  {
3138  kce_task_rekey = NULL;
3139  }
3140  if (NULL != kce_task)
3141  {
3143  kce_task = NULL;
3144  }
3145  if (NULL != timeout_task)
3146  {
3148  timeout_task = NULL;
3149  }
3150  if (NULL != read_task)
3151  {
3153  read_task = NULL;
3154  }
3155  if (NULL != udp_sock)
3156  {