Transport plugin using UDP. More...

#include "platform.h"
#include "gnunet_common.h"
#include "gnunet_util_lib.h"
#include "gnunet_protocols.h"
#include "gnunet_signatures.h"
#include "gnunet_constants.h"
#include "gnunet_pils_service.h"
#include "gnunet_nat_service.h"
#include "gnunet_statistics_service.h"
#include "gnunet_transport_application_service.h"
#include "gnunet_transport_communication_service.h"

Include dependency graph for gnunet-communicator-udp.c:

Data Structures
struct	UdpHandshakeSignature
	Signature we use to verify that the ephemeral key was really chosen by the specified sender. More...

struct	InitialKX
	"Plaintext" header at beginning of KX message. More...

struct	UDPConfirmation
	Encrypted continuation of UDP initial handshake, followed by message header with payload. More...

struct	UDPAck
	UDP key acknowledgement. More...

struct	UdpBroadcastSignature
	Signature we use to verify that the broadcast was really made by the peer that claims to have made it. More...

struct	UDPBroadcast
	Broadcast by peer in LAN announcing its presence. More...

struct	UDPBox
	UDP message box. More...

struct	UDPRekey
	Plaintext of a rekey payload in a UDPBox. More...

struct	KeyCacheEntry
	Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a `struct UDPBox`. More...

struct	SharedSecret
	Shared secret we generated for a particular sender or receiver. More...

struct	SenderAddress
	Information we track per sender address we have recently been in contact with (we decrypt messages from the sender). More...

struct	ReceiverAddress
	Information we track per receiving address we have recently been in contact with (encryption to receiver). More...

struct	BroadcastInterface
	Interface we broadcast our presence on. More...

struct	SearchContext
	Closure for #find_sender_by_address() More...

struct	AckInfo

Macros
#define	LOG(kind, ...) GNUNET_log_from (kind, "communicator-udp", __VA_ARGS__)

#define	DEFAULT_REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
	How often do we rekey based on time (at least) More...

#define	PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
	How long do we wait until we must have received the initial KX? More...

#define	BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
	How often do we broadcast our presence on the LAN? More...

#define	INTERFACE_SCAN_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
	How often do we scan for changes to our network interfaces? More...

#define	ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
	How long do we believe our addresses to remain up (before the other peer should revalidate). More...

#define	WORKING_QUEUE_INTERVALL GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)

#define	AES_KEY_SIZE (256 / 8)
	AES key size. More...

#define	AES_IV_SIZE (96 / 8)
	AES (GCM) IV size. More...

#define	GCM_TAG_SIZE (128 / 8)
	Size of the GCM tag. More...

#define	GENERATE_AT_ONCE 64

#define	KCN_THRESHOLD 96
	If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET. More...

#define	KCN_TARGET 128
	How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD so we do not generate just one ACK at the time. More...

#define	MAX_SQN_DELTA 160
	What is the maximum delta between KCN sequence numbers that we allow. More...

#define	MAX_SECRETS 256
	How many shared master secrets do we keep around at most per sender? Should be large enough so that we generally have a chance of sending an ACK before the sender already rotated out the master secret. More...

#define	DEFAULT_REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
	Default value for how often we do rekey based on number of bytes transmitted? (additionally randomized). More...

#define	COMMUNICATOR_ADDRESS_PREFIX "udp"
	Address prefix used by the communicator. More...

#define	COMMUNICATOR_CONFIG_SECTION "communicator-udp"
	Configuration section used by the communicator. More...

Functions
static void	eddsa_priv_to_hpke_key (struct GNUNET_CRYPTO_EddsaPrivateKey edpk, struct GNUNET_CRYPTO_EcdhePrivateKey pk)

static void	eddsa_pub_to_hpke_key (struct GNUNET_CRYPTO_EddsaPublicKey edpk, struct GNUNET_CRYPTO_EcdhePublicKey pk)

static void	bi_destroy (struct BroadcastInterface *bi)
	An interface went away, stop broadcasting on it. More...

static int	secret_destroy (struct SharedSecret *ss)
	Destroy ss and associated key cache entries. More...

static void	receiver_destroy (struct ReceiverAddress *receiver)
	Destroys a receiving state due to timeout or shutdown. More...

static void	kce_destroy (struct KeyCacheEntry *kce)
	Free memory used by key cache entry. More...

static void	get_kid (const struct GNUNET_ShortHashCode msec, uint32_t serial, struct GNUNET_ShortHashCode kid)
	Compute kid. More...

static void	kce_generate (struct SharedSecret *ss, uint32_t seq)
	Setup key cache entry for sequence number seq and shared secret ss. More...

static void	sender_destroy (struct SenderAddress *sender)
	Functions with this signature are called whenever we need to close a sender's state due to timeout. More...

static void	get_iv_key (const struct GNUNET_ShortHashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
	Compute key and iv. More...

static void	reschedule_sender_timeout (struct SenderAddress *sender)
	Increment sender timeout due to activity. More...

static void	reschedule_receiver_timeout (struct ReceiverAddress *receiver)
	Increment receiver timeout due to activity. More...

static void	check_timeouts (void *cls)
	Task run to check #receiver_heap and #sender_heap for timeouts. More...

static void	calculate_cmac (struct SharedSecret *ss)
	Calculate cmac from master in ss. More...

static void	pass_plaintext_to_core (struct SenderAddress sender, const void plaintext, size_t plaintext_len)
	We received plaintext_len bytes of plaintext from a sender. More...

static void	setup_cipher (const struct GNUNET_ShortHashCode msec, uint32_t serial, gcry_cipher_hd_t cipher)
	Setup cipher based on shared secret msec and serial number serial. More...

static int	try_decrypt (const struct SharedSecret ss, const uint8_t tag, uint32_t serial, const char in_buf, size_t in_buf_size, char out_buf)
	Try to decrypt buf using shared secret ss and key/iv derived using serial. More...

static struct SharedSecret *	setup_shared_secret_dec (const struct GNUNET_CRYPTO_HpkeEncapsulation *ephemeral)
	Setup shared secret for decryption. More...

static struct SharedSecret *	setup_initial_shared_secret_dec (const struct GNUNET_CRYPTO_HpkeEncapsulation *c)
	Setup shared secret for decryption for initial handshake. More...

static struct SharedSecret *	setup_shared_secret_ephemeral (struct GNUNET_CRYPTO_HpkeEncapsulation ephemeral, struct ReceiverAddress receiver)
	Setup new shared secret for encryption using KEM. More...

static struct SharedSecret *	setup_initial_shared_secret_ephemeral (struct GNUNET_CRYPTO_HpkeEncapsulation c, struct ReceiverAddress receiver)
	Setup new shared secret for encryption using KEM for initial handshake. More...

static void	setup_receiver_mq (struct ReceiverAddress *receiver)
	Setup the MQ for the receiver. More...

static unsigned int	purge_secrets (struct SharedSecret *ss_list_tail)
	Best effort try to purge some secrets. More...

static void	add_acks (struct SharedSecret *ss, int acks_to_add)

static int	handle_ack (void cls, const struct GNUNET_HashCode key, void *value)
	We received an ACK for pid. More...

static void	consider_ss_ack (struct SharedSecret *ss)
	We established a shared secret with a sender. More...

static void	kce_generate_cb (void *cls)

static void	try_handle_plaintext (struct SenderAddress sender, const void buf, size_t buf_size)
	Test if we have received a valid message in plaintext. More...

static void	decrypt_box (const struct UDPBox box, size_t box_len, struct KeyCacheEntry kce)
	We received a box with matching kce. More...

static struct SenderAddress *	setup_sender (const struct GNUNET_PeerIdentity target, const struct sockaddr address, socklen_t address_len)
	Create sender address for target. More...

static int	verify_confirmation (const struct GNUNET_CRYPTO_HpkeEncapsulation enc, const struct UDPConfirmation uc)
	Check signature from uc against ephemeral. More...

static char *	sockaddr_to_udpaddr_string (const struct sockaddr *address, socklen_t address_len)
	Converts address to the address string format used by this communicator in HELLOs. More...

static struct GNUNET_NETWORK_Handle *	get_socket (struct ReceiverAddress *receiver)

static struct sockaddr *	udp_address_to_sockaddr (const char bindto, sa_family_t family, socklen_t sock_len)
	Convert UDP bind specification to a `struct sockaddr *` More...

static void	sock_read (void *cls)
	Socket read task. More...

static enum GNUNET_GenericReturnValue	create_receiver (const struct GNUNET_PeerIdentity peer, const char address, struct GNUNET_NETWORK_Handle *udp_sock)

static void	do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
	Pad dgram by pad_size using out_cipher. More...

static void	send_msg_with_kx (const struct GNUNET_MessageHeader msg, struct ReceiverAddress receiver, struct GNUNET_MQ_Handle *mq)

static void	mq_send_kx (struct GNUNET_MQ_Handle mq, const struct GNUNET_MessageHeader msg, void *impl_state)
	Signature of functions implementing the sending functionality of a message queue. More...

static void	create_rekey (struct ReceiverAddress receiver, struct SharedSecret ss, struct UDPRekey *rekey)

static void	mq_send_d (struct GNUNET_MQ_Handle mq, const struct GNUNET_MessageHeader msg, void *impl_state)
	Signature of functions implementing the sending functionality of a message queue. More...

static void	mq_destroy_d (struct GNUNET_MQ_Handle mq, void impl_state)
	Signature of functions implementing the destruction of a message queue. More...

static void	mq_destroy_kx (struct GNUNET_MQ_Handle mq, void impl_state)
	Signature of functions implementing the destruction of a message queue. More...

static void	mq_cancel (struct GNUNET_MQ_Handle mq, void impl_state)
	Implementation function that cancels the currently sent message. More...

static void	mq_error (void *cls, enum GNUNET_MQ_Error error)
	Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue. More...

static int	mq_init (void cls, const struct GNUNET_PeerIdentity peer, const char *address)
	Function called by the transport service to initialize a message queue given address information about another peer. More...

static int	get_receiver_delete_it (void cls, const struct GNUNET_HashCode target, void *value)
	Iterator over all receivers to clean up. More...

static int	get_sender_delete_it (void cls, const struct GNUNET_HashCode target, void *value)
	Iterator over all senders to clean up. More...

static void	do_shutdown (void *cls)
	Shutdown the UNIX communicator. More...

static int	handle_ack_by_sender (void cls, const struct GNUNET_HashCode key, void *value)

static void	enc_notify_cb (void cls, const struct GNUNET_PeerIdentity sender, const struct GNUNET_MessageHeader *msg)
	Function called when the transport service has received a backchannel message for this communicator (!) via a different return path. More...

static void	nat_address_cb (void cls, void app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr addr, socklen_t addrlen)
	Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of 'valid' addresses changes. More...

static void	ifc_broadcast (void *cls)
	Broadcast our presence on one of our interfaces. More...

static int	iface_proc (void cls, const char name, int isDefault, const struct sockaddr addr, const struct sockaddr broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
	Callback function invoked for each interface found. More...

static void	do_broadcast (void *cls)
	Scan interfaces to broadcast our presence on the LAN. More...

static void	try_connection_reversal (void cls, const struct sockaddr addr, socklen_t addrlen)

static void	udp_socket_notify (struct GNUNET_UdpSocketInfo *sock_info)

static void	start_burst (const char addr, struct GNUNET_TIME_Relative rtt, struct GNUNET_PeerIdentity pid)

static struct GNUNET_NETWORK_Handle *	create_udp_socket (const char bindto, sa_family_t family, struct sockaddr out, socklen_t out_len)

static void	shutdown_run (struct sockaddr *addrs[2])

static enum GNUNET_GenericReturnValue	load_ikm ()
	FIXME: We could alternatively ask PILS for de/encaps, but at a high cost wrt async RPC calls... More...

void	pid_change_cb (void cls, const struct GNUNET_HELLO_Parser parser, const struct GNUNET_HashCode *addr_hash)

static void	run (void cls, char const args, const char cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)

Variables
static unsigned char	ikm [256/8]
	The initial key material for the peer. More...

static struct GNUNET_PILS_Handle *	pils
	For PILS. More...

static struct GNUNET_TIME_Relative	rekey_interval
	The rekey interval. More...

static unsigned long long	rekey_max_bytes
	How often we do rekey based on number of bytes transmitted. More...

static struct GNUNET_CONTAINER_MultiShortmap *	key_cache
	Cache of pre-generated key IDs. More...

static struct GNUNET_SCHEDULER_Task *	read_v4_task
	ID of read IPv4 task. More...

static struct GNUNET_SCHEDULER_Task *	read_v6_task
	ID of read IPv6 task. More...

static struct GNUNET_SCHEDULER_Task *	timeout_task
	ID of timeout task. More...

static struct GNUNET_SCHEDULER_Task *	broadcast_task
	ID of master broadcast task. More...

static struct GNUNET_STATISTICS_Handle *	stats
	For logging statistics. More...

static struct GNUNET_TRANSPORT_CommunicatorHandle *	ch
	Our environment. More...

static struct GNUNET_CONTAINER_MultiHashMap *	receivers
	Receivers (map from peer identity to `struct ReceiverAddress`) More...

static struct GNUNET_CONTAINER_MultiHashMap *	senders
	Senders (map from peer identity to `struct SenderAddress`) More...

static struct GNUNET_CONTAINER_Heap *	senders_heap
	Expiration heap for senders (contains `struct SenderAddress`) More...

static struct GNUNET_CONTAINER_Heap *	receivers_heap
	Expiration heap for receivers (contains `struct ReceiverAddress`) More...

static struct BroadcastInterface *	bi_head
	Broadcast interface tasks. More...

static struct BroadcastInterface *	bi_tail
	Broadcast interface tasks. More...

static struct GNUNET_NETWORK_Handle *	default_v4_sock
	Our IPv4 socket. More...

static struct GNUNET_NETWORK_Handle *	default_v6_sock
	Our IPv6 socket. More...

static struct GNUNET_PeerIdentity	my_identity
	Our public key. More...

static struct GNUNET_CRYPTO_EddsaPrivateKey *	my_private_key
	Our private key. More...

static struct GNUNET_CRYPTO_EcdhePrivateKey	my_x25519_private_key
	Our private key for HPKE. More...

static const struct GNUNET_CONFIGURATION_Handle *	cfg
	Our configuration. More...

static struct GNUNET_TRANSPORT_ApplicationHandle *	ah
	Our handle to report addresses for validation to TRANSPORT. More...

static struct GNUNET_NT_InterfaceScanner *	is
	Network scanner to determine network types. More...

static struct GNUNET_NAT_Handle *	nat
	Connection to NAT service. More...

static uint16_t	my_port
	Port number to which we are actually bound. More...

char *	my_ipv4
	Our ipv4 address. More...

static int	disable_v6
	IPv6 disabled or not. More...

static struct GNUNET_SCHEDULER_Task *	burst_task

Detailed Description

Transport plugin using UDP.

Author: Christian Grothoff

TODO:

consider imposing transmission limits in the absence of ACKs; or: maybe this should be done at TNG service level? (at least the receiver might want to enforce limits on KX/DH operations per sender in here) (#5552)
overall, we should look more into flow control support (either in backchannel, or general solution in TNG service)
handle addresses discovered from broadcasts (#5551) (think: what was the story again on address validation? where is the API for that!?!)
support DNS names in BINDTO option (#5528)
support NAT connection reversal method (#5529)
support other UDP-specific NAT traversal methods (#)

Definition in file gnunet-communicator-udp.c.

Macro Definition Documentation

◆ LOG

#define LOG	(	kind,
		...
	)	GNUNET_log_from (kind, "communicator-udp", __VA_ARGS__)

Definition at line 53 of file gnunet-communicator-udp.c.

◆ DEFAULT_REKEY_TIME_INTERVAL

#define DEFAULT_REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS

How often do we rekey based on time (at least)

Definition at line 58 of file gnunet-communicator-udp.c.

◆ PROTO_QUEUE_TIMEOUT

#define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES

How long do we wait until we must have received the initial KX?

Definition at line 63 of file gnunet-communicator-udp.c.

◆ BROADCAST_FREQUENCY

#define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES

How often do we broadcast our presence on the LAN?

Definition at line 68 of file gnunet-communicator-udp.c.

◆ INTERFACE_SCAN_FREQUENCY

#define INTERFACE_SCAN_FREQUENCY GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)

How often do we scan for changes to our network interfaces?

Definition at line 73 of file gnunet-communicator-udp.c.

◆ ADDRESS_VALIDITY_PERIOD

#define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS

How long do we believe our addresses to remain up (before the other peer should revalidate).

Definition at line 80 of file gnunet-communicator-udp.c.

◆ WORKING_QUEUE_INTERVALL

#define WORKING_QUEUE_INTERVALL GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)

Definition at line 82 of file gnunet-communicator-udp.c.

◆ AES_KEY_SIZE

#define AES_KEY_SIZE (256 / 8)

AES key size.

Definition at line 88 of file gnunet-communicator-udp.c.

◆ AES_IV_SIZE

#define AES_IV_SIZE (96 / 8)

AES (GCM) IV size.

Definition at line 93 of file gnunet-communicator-udp.c.

◆ GCM_TAG_SIZE

#define GCM_TAG_SIZE (128 / 8)

Size of the GCM tag.

Definition at line 98 of file gnunet-communicator-udp.c.

◆ GENERATE_AT_ONCE

#define GENERATE_AT_ONCE 64

Definition at line 100 of file gnunet-communicator-udp.c.

◆ KCN_THRESHOLD

#define KCN_THRESHOLD 96

If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET.

Should be large enough that we don't generate ACKs all the time and still have enough time for the ACK to arrive before the sender runs out. So really this should ideally be based on the RTT.

Definition at line 111 of file gnunet-communicator-udp.c.

◆ KCN_TARGET

#define KCN_TARGET 128

How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD so we do not generate just one ACK at the time.

Definition at line 119 of file gnunet-communicator-udp.c.

◆ MAX_SQN_DELTA

#define MAX_SQN_DELTA 160

What is the maximum delta between KCN sequence numbers that we allow.

Used to expire 'ancient' KCNs that likely were dropped by the network. Must be larger than KCN_TARGET (otherwise we generate new KCNs all the time), but not too large (otherwise packet loss may cause sender to fall back to KX needlessly when sender runs out of ACK'ed KCNs due to losses).

Definition at line 130 of file gnunet-communicator-udp.c.

◆ MAX_SECRETS

#define MAX_SECRETS 256

How many shared master secrets do we keep around at most per sender? Should be large enough so that we generally have a chance of sending an ACK before the sender already rotated out the master secret.

Generally values around KCN_TARGET make sense. Might make sense to adapt to RTT if we had a good measurement...

Definition at line 141 of file gnunet-communicator-udp.c.

◆ DEFAULT_REKEY_MAX_BYTES

#define DEFAULT_REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)

Default value for how often we do rekey based on number of bytes transmitted? (additionally randomized).

Definition at line 147 of file gnunet-communicator-udp.c.

◆ COMMUNICATOR_ADDRESS_PREFIX

#define COMMUNICATOR_ADDRESS_PREFIX "udp"

Address prefix used by the communicator.

Definition at line 153 of file gnunet-communicator-udp.c.

◆ COMMUNICATOR_CONFIG_SECTION

#define COMMUNICATOR_CONFIG_SECTION "communicator-udp"

Configuration section used by the communicator.

Definition at line 158 of file gnunet-communicator-udp.c.

Function Documentation

◆ eddsa_priv_to_hpke_key()

static void eddsa_priv_to_hpke_key	(	struct GNUNET_CRYPTO_EddsaPrivateKey *	edpk,
		struct GNUNET_CRYPTO_EcdhePrivateKey *	pk
	)

static

Definition at line 907 of file gnunet-communicator-udp.c.

{
  struct GNUNET_CRYPTO_PrivateKey key;
  key.type = htonl (GNUNET_PUBLIC_KEY_TYPE_EDDSA);
  key.eddsa_key = *edpk;
  GNUNET_CRYPTO_hpke_sk_to_x25519 (&key, pk);
}

References GNUNET_CRYPTO_hpke_sk_to_x25519(), GNUNET_PUBLIC_KEY_TYPE_EDDSA, key, and pk.

Referenced by pid_change_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ eddsa_pub_to_hpke_key()

static void eddsa_pub_to_hpke_key	(	struct GNUNET_CRYPTO_EddsaPublicKey *	edpk,
		struct GNUNET_CRYPTO_EcdhePublicKey *	pk
	)

static

Definition at line 918 of file gnunet-communicator-udp.c.

{
  struct GNUNET_CRYPTO_PublicKey key;
  key.type = htonl (GNUNET_PUBLIC_KEY_TYPE_EDDSA);
  key.eddsa_key = *edpk;
  GNUNET_CRYPTO_hpke_pk_to_x25519 (&key, pk);
}

References GNUNET_CRYPTO_hpke_pk_to_x25519(), GNUNET_PUBLIC_KEY_TYPE_EDDSA, key, and pk.

Referenced by create_receiver().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ bi_destroy()

static void bi_destroy ( struct BroadcastInterface * bi )

static

An interface went away, stop broadcasting on it.

Parameters

bi	entity to close down

Definition at line 934 of file gnunet-communicator-udp.c.

{
  if (AF_INET6 == bi->sa->sa_family)
  {
    /* Leave the multicast group */
    if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (default_v6_sock,
                                                       IPPROTO_IPV6,
                                                       IPV6_LEAVE_GROUP,
                                                       &bi->mcreq,
                                                       sizeof(bi->mcreq)))
    {
      GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
    }
  }
  GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
  GNUNET_SCHEDULER_cancel (bi->broadcast_task);
  GNUNET_free (bi->sa);
  GNUNET_free (bi->ba);
  GNUNET_free (bi);
}

References BroadcastInterface::ba, bi_head, bi_tail, BroadcastInterface::broadcast_task, default_v6_sock, GNUNET_CONTAINER_DLL_remove, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_log_strerror, GNUNET_NETWORK_socket_setsockopt(), GNUNET_OK, GNUNET_SCHEDULER_cancel(), BroadcastInterface::mcreq, and BroadcastInterface::sa.

Referenced by do_broadcast(), and do_shutdown().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ secret_destroy()

static int secret_destroy ( struct SharedSecret * ss )

static

Destroy ss and associated key cache entries.

Parameters

ss	shared secret to destroy
withoutKce	If GNUNET_YES shared secrets with kce will not be destroyed.

Definition at line 1099 of file gnunet-communicator-udp.c.

{
  struct SenderAddress *sender;
  struct ReceiverAddress *receiver;
  struct KeyCacheEntry *kce;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "secret %s destroy %u\n",
              GNUNET_sh2s (&ss->master),
              ss->sequence_allowed);
  if (NULL != (sender = ss->sender))
  {
    GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
    sender->num_secrets--;
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "%u sender->num_secrets %u allowed %u used, %u available\n",
                sender->num_secrets, ss->sequence_allowed, ss->sequence_used,
                sender->acks_available);
    sender->acks_available -= (ss->sequence_allowed - ss->sequence_used);
    if (NULL != ss->sender->kce_task)
    {
      GNUNET_SCHEDULER_cancel (ss->sender->kce_task);
      ss->sender->kce_task = NULL;
    }
  }
  if (NULL != (receiver = ss->receiver))
  {
    GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
    receiver->num_secrets--;
    receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "%u receiver->num_secrets\n",
                receiver->num_secrets);
  }
  while (NULL != (kce = ss->kce_head))
    kce_destroy (kce);
  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
  GNUNET_STATISTICS_set (stats,
                         "# KIDs active",
                         GNUNET_CONTAINER_multishortmap_size (key_cache),
                         GNUNET_NO);
  GNUNET_free (ss);
  return GNUNET_YES;
}

References SenderAddress::acks_available, GNUNET_CONTAINER_DLL_remove, GNUNET_CONTAINER_multishortmap_size(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_NO, GNUNET_SCHEDULER_cancel(), GNUNET_sh2s(), GNUNET_STATISTICS_set(), GNUNET_STATISTICS_update(), GNUNET_YES, kce_destroy(), SharedSecret::kce_head, SenderAddress::kce_task, key_cache, SharedSecret::master, SenderAddress::num_secrets, receiver(), SharedSecret::receiver, SharedSecret::sender, SharedSecret::sequence_allowed, SharedSecret::sequence_used, KeyCacheEntry::ss, SenderAddress::ss_head, SenderAddress::ss_tail, and stats.

Referenced by decrypt_box(), mq_send_d(), purge_secrets(), receiver_destroy(), send_msg_with_kx(), sender_destroy(), sock_read(), and try_handle_plaintext().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ receiver_destroy()

static void receiver_destroy ( struct ReceiverAddress * receiver )

static

Destroys a receiving state due to timeout or shutdown.

Parameters

receiver entity to close down

Definition at line 965 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss;
  receiver->receiver_destroy_called = GNUNET_YES;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Disconnecting receiver for peer `%s'\n",
              GNUNET_i2s (&receiver->target));
  if (NULL != receiver->kx_qh)
  {
    GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh);
    receiver->kx_qh = NULL;
    receiver->kx_mq = NULL;
  }
  if (NULL != receiver->d_qh)
  {
    GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh);
    receiver->d_qh = NULL;
  }
  else if (NULL != receiver->d_mq)
  {
    GNUNET_MQ_destroy (receiver->d_mq);
    receiver->d_mq = NULL;
  }
  if (NULL != receiver->udp_sock)
  {
    GNUNET_break (GNUNET_OK ==
                  GNUNET_NETWORK_socket_close (receiver->udp_sock));
    receiver->udp_sock = NULL;
  }
  GNUNET_assert (GNUNET_YES ==
                 GNUNET_CONTAINER_multihashmap_remove (receivers,
                                                       &receiver->key,
                                                       receiver));
  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
  GNUNET_STATISTICS_set (stats,
                         "# receivers active",
                         GNUNET_CONTAINER_multihashmap_size (receivers),
                         GNUNET_NO);
  while (NULL != (ss = receiver->ss_head))
  {
    secret_destroy (ss);
  }
  GNUNET_free (receiver->address);
  GNUNET_free (receiver->foreign_addr);
  GNUNET_free (receiver);
}

References GNUNET_assert, GNUNET_break, GNUNET_CONTAINER_heap_remove_node(), GNUNET_CONTAINER_multihashmap_remove(), GNUNET_CONTAINER_multihashmap_size(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_i2s(), GNUNET_log, GNUNET_MQ_destroy(), GNUNET_NETWORK_socket_close(), GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_set(), GNUNET_TRANSPORT_communicator_mq_del(), GNUNET_YES, receiver(), receivers, secret_destroy(), and stats.

Referenced by check_timeouts(), get_receiver_delete_it(), mq_destroy_d(), mq_destroy_kx(), mq_error(), mq_send_d(), and send_msg_with_kx().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ kce_destroy()

static void kce_destroy ( struct KeyCacheEntry * kce )

static

Free memory used by key cache entry.

Parameters

kce	the key cache entry

Definition at line 1020 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss = kce->ss;
 
  ss->active_kce_count--;
  GNUNET_CONTAINER_DLL_remove (ss->kce_head, ss->kce_tail, kce);
  GNUNET_assert (GNUNET_YES == GNUNET_CONTAINER_multishortmap_remove (key_cache,
                                                                      &kce->kid,
                                                                      kce));
  GNUNET_free (kce);
}

References SharedSecret::active_kce_count, GNUNET_assert, GNUNET_CONTAINER_DLL_remove, GNUNET_CONTAINER_multishortmap_remove(), GNUNET_free, GNUNET_YES, SharedSecret::kce_head, SharedSecret::kce_tail, key_cache, KeyCacheEntry::kid, and KeyCacheEntry::ss.

Referenced by consider_ss_ack(), decrypt_box(), and secret_destroy().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ get_kid()

static void get_kid	(	const struct GNUNET_ShortHashCode *	msec,
		uint32_t	serial,
		struct GNUNET_ShortHashCode *	kid
	)

static

Compute kid.

Parameters

	msec	master secret for HMAC calculation
	serial	number for the smac calculation
[out]	kid	where to write the key ID

Definition at line 1041 of file gnunet-communicator-udp.c.

{
  uint32_t sid = htonl (serial);
  struct GNUNET_ShortHashCode prk;
  GNUNET_CRYPTO_hkdf_extract (&prk,
                              &sid, sizeof (sid),
                              msec, sizeof (*msec));
 
  GNUNET_CRYPTO_hkdf_expand (kid,
                             sizeof(*kid),
                             &prk,
                             "gnunet-communicator-udp-kid",
                             strlen ("gnunet-communicator-udp-kid"),
                             NULL,
                             0);
}

References GNUNET_CRYPTO_hkdf_expand(), and GNUNET_CRYPTO_hkdf_extract().

Referenced by kce_generate(), and mq_send_d().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ kce_generate()

static void kce_generate	(	struct SharedSecret *	ss,
		uint32_t	seq
	)

static

Setup key cache entry for sequence number seq and shared secret ss.

Parameters

ss	shared secret
seq	sequence number for the key cache entry

Definition at line 1068 of file gnunet-communicator-udp.c.

{
  struct KeyCacheEntry *kce;
 
  GNUNET_assert (0 < seq);
  kce = GNUNET_new (struct KeyCacheEntry);
  kce->ss = ss;
  kce->sequence_number = seq;
  get_kid (&ss->master, seq, &kce->kid);
  GNUNET_CONTAINER_DLL_insert (ss->kce_head, ss->kce_tail, kce);
  ss->active_kce_count++;
  ss->sender->acks_available++;
  (void) GNUNET_CONTAINER_multishortmap_put (
    key_cache,
    &kce->kid,
    kce,
    GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
  GNUNET_STATISTICS_set (stats,
                         "# KIDs active",
                         GNUNET_CONTAINER_multishortmap_size (key_cache),
                         GNUNET_NO);
}

References SenderAddress::acks_available, SharedSecret::active_kce_count, get_kid(), GNUNET_assert, GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE, GNUNET_CONTAINER_multishortmap_put(), GNUNET_CONTAINER_multishortmap_size(), GNUNET_new, GNUNET_NO, GNUNET_STATISTICS_set(), SharedSecret::kce_head, SharedSecret::kce_tail, key_cache, KeyCacheEntry::kid, SharedSecret::master, SharedSecret::sender, KeyCacheEntry::sequence_number, KeyCacheEntry::ss, and stats.

Referenced by kce_generate_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ sender_destroy()

static void sender_destroy ( struct SenderAddress * sender )

static

Functions with this signature are called whenever we need to close a sender's state due to timeout.

Parameters

sender entity to close down

Definition at line 1152 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss;
  sender->sender_destroy_called = GNUNET_YES;
  GNUNET_assert (
    GNUNET_YES ==
    GNUNET_CONTAINER_multihashmap_remove (senders, &sender->key, sender));
  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
  GNUNET_STATISTICS_set (stats,
                         "# senders active",
                         GNUNET_CONTAINER_multihashmap_size (senders),
                         GNUNET_NO);
  while (NULL != (ss = sender->ss_head))
  {
    secret_destroy (ss);
  }
  GNUNET_free (sender->address);
  GNUNET_free (sender);
}

References SenderAddress::address, GNUNET_assert, GNUNET_CONTAINER_heap_remove_node(), GNUNET_CONTAINER_multihashmap_remove(), GNUNET_CONTAINER_multihashmap_size(), GNUNET_free, GNUNET_NO, GNUNET_STATISTICS_set(), GNUNET_YES, SenderAddress::hn, SenderAddress::key, secret_destroy(), SharedSecret::sender, SenderAddress::sender_destroy_called, senders, SenderAddress::ss_head, and stats.

Referenced by check_timeouts(), and get_sender_delete_it().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ get_iv_key()

static void get_iv_key	(	const struct GNUNET_ShortHashCode *	msec,
		uint32_t	serial,
		char	key[(256/8)],
		char	iv[(96/8)]
	)

static

Compute key and iv.

Parameters

	msec	master secret for calculation
	serial	number for the smac calculation
[out]	key	where to write the decryption key
[out]	iv	where to write the IV

Definition at line 1182 of file gnunet-communicator-udp.c.

{
  uint32_t sid = htonl (serial);
 
  GNUNET_CRYPTO_hkdf_expand (key,
                             AES_KEY_SIZE,
                             msec,
                             "gnunet-communicator-udp-key",
                             strlen ("gnunet-communicator-udp-key"),
                             &sid, sizeof (sid),
                             NULL,
                             0);
  GNUNET_CRYPTO_hkdf_expand (iv,
                             AES_IV_SIZE,
                             msec,
                             "gnunet-communicator-udp-iv",
                             strlen ("gnunet-communicator-udp-iv"),
                             &sid, sizeof (sid),
                             NULL,
                             0);
}

References AES_IV_SIZE, AES_KEY_SIZE, GNUNET_CRYPTO_hkdf_expand(), and key.

Referenced by setup_cipher().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ reschedule_sender_timeout()

static void reschedule_sender_timeout ( struct SenderAddress * sender )

static

Increment sender timeout due to activity.

Parameters

sender address for which the timeout should be rescheduled

Definition at line 1214 of file gnunet-communicator-udp.c.

{
  sender->timeout =
    GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
  GNUNET_CONTAINER_heap_update_cost (sender->hn, sender->timeout.abs_value_us);
}

References GNUNET_TIME_Absolute::abs_value_us, GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_update_cost(), GNUNET_TIME_relative_to_absolute(), SenderAddress::hn, SharedSecret::sender, and SenderAddress::timeout.

Referenced by setup_sender().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ reschedule_receiver_timeout()

static void reschedule_receiver_timeout ( struct ReceiverAddress * receiver )

static

Increment receiver timeout due to activity.

Parameters

receiver address for which the timeout should be rescheduled

Definition at line 1228 of file gnunet-communicator-udp.c.

{
  receiver->timeout =
    GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
  GNUNET_CONTAINER_heap_update_cost (receiver->hn,
                                     receiver->timeout.abs_value_us);
}

References GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_update_cost(), GNUNET_TIME_relative_to_absolute(), and receiver().

Referenced by mq_send_d(), and send_msg_with_kx().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ check_timeouts()

static void check_timeouts ( void * cls )

static

Task run to check #receiver_heap and #sender_heap for timeouts.

Parameters

cls	unused, NULL

Definition at line 1243 of file gnunet-communicator-udp.c.

{
  struct GNUNET_TIME_Relative st;
  struct GNUNET_TIME_Relative rt;
  struct GNUNET_TIME_Relative delay;
  struct ReceiverAddress *receiver;
  struct SenderAddress *sender;
 
  (void) cls;
  timeout_task = NULL;
  rt = GNUNET_TIME_UNIT_FOREVER_REL;
  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
  {
    rt = GNUNET_TIME_absolute_get_remaining (receiver->timeout);
    if (0 != rt.rel_value_us)
      break;
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Receiver timed out\n");
    receiver_destroy (receiver);
  }
  st = GNUNET_TIME_UNIT_FOREVER_REL;
  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
  {
    if (GNUNET_YES != sender->sender_destroy_called)
    {
      st = GNUNET_TIME_absolute_get_remaining (sender->timeout);
      if (0 != st.rel_value_us)
        break;
      sender_destroy (sender);
    }
  }
  delay = GNUNET_TIME_relative_min (rt, st);
  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
    timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
}

References check_timeouts(), GNUNET_CONTAINER_heap_peek(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_SCHEDULER_add_delayed(), GNUNET_TIME_absolute_get_remaining(), GNUNET_TIME_relative_min(), GNUNET_TIME_UNIT_FOREVER_REL, GNUNET_YES, receiver(), receiver_destroy(), receivers_heap, GNUNET_TIME_Relative::rel_value_us, sender_destroy(), SenderAddress::sender_destroy_called, senders_heap, st, SenderAddress::timeout, and timeout_task.

Referenced by check_timeouts(), create_receiver(), and setup_sender().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ calculate_cmac()

static void calculate_cmac ( struct SharedSecret * ss )

static

Calculate cmac from master in ss.

Parameters

[in,out] ss data structure to complete

Definition at line 1286 of file gnunet-communicator-udp.c.

{
  GNUNET_CRYPTO_hkdf_expand (&ss->cmac,
                             sizeof(ss->cmac),
                             &ss->master,
                             "gnunet-communicator-udp-cmac",
                             strlen ("gnunet-communicator-udp-cmac"),
                             NULL,
                             0);
}

References SharedSecret::cmac, GNUNET_CRYPTO_hkdf_expand(), and SharedSecret::master.

Referenced by setup_initial_shared_secret_dec(), setup_initial_shared_secret_ephemeral(), setup_shared_secret_dec(), setup_shared_secret_ephemeral(), and sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ pass_plaintext_to_core()

static void pass_plaintext_to_core	(	struct SenderAddress *	sender,
		const void *	plaintext,
		size_t	plaintext_len
	)

static

We received plaintext_len bytes of plaintext from a sender.

Pass it on to CORE.

Parameters

queue	the queue that received the plaintext
plaintext	the plaintext that was received
plaintext_len	number of bytes of plaintext received

Definition at line 1307 of file gnunet-communicator-udp.c.

{
  const struct GNUNET_MessageHeader *hdr = plaintext;
  const char *pos = plaintext;
 
  while (ntohs (hdr->size) <= plaintext_len)
  {
    GNUNET_STATISTICS_update (stats,
                              "# bytes given to core",
                              ntohs (hdr->size),
                              GNUNET_NO);
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Giving %u bytes to TNG\n", ntohs (hdr->size));
    GNUNET_assert (GNUNET_SYSERR !=
                   GNUNET_TRANSPORT_communicator_receive (ch,
                                                          &sender->target,
                                                          hdr,
                                                          ADDRESS_VALIDITY_PERIOD,
                                                          NULL /* no flow control possible */
                                                          ,
                                                          NULL));
    /* move on to next message, if any */
    plaintext_len -= ntohs (hdr->size);
    if (plaintext_len < sizeof(*hdr))
      break;
    pos += ntohs (hdr->size);
    hdr = (const struct GNUNET_MessageHeader *) pos;
    // TODO for now..., we do not actually sen >1msg or have a way of telling
    // if we are done
    break;
  }
  GNUNET_STATISTICS_update (stats,
                            "# bytes padding discarded",
                            plaintext_len,
                            GNUNET_NO);
}

References ADDRESS_VALIDITY_PERIOD, ch, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_NO, GNUNET_STATISTICS_update(), GNUNET_SYSERR, GNUNET_TRANSPORT_communicator_receive(), GNUNET_MessageHeader::size, stats, and SenderAddress::target.

Referenced by try_handle_plaintext().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_cipher()

static void setup_cipher	(	const struct GNUNET_ShortHashCode *	msec,
		uint32_t	serial,
		gcry_cipher_hd_t *	cipher
	)

static

Setup cipher based on shared secret msec and serial number serial.

Parameters

msec	master shared secret
serial	serial number of cipher to set up
cipher[out]	cipher to initialize

Definition at line 1356 of file gnunet-communicator-udp.c.

{
  char key[AES_KEY_SIZE];
  char iv[AES_IV_SIZE];
  int rc;
 
  GNUNET_assert (0 ==
                 gcry_cipher_open (cipher,
                                   GCRY_CIPHER_AES256 /* low level: go for speed */
                                   ,
                                   GCRY_CIPHER_MODE_GCM,
                                   0 /* flags */));
  get_iv_key (msec, serial, key, iv);
  rc = gcry_cipher_setkey (*cipher, key, sizeof(key));
  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
  rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv));
  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
}

References AES_IV_SIZE, AES_KEY_SIZE, get_iv_key(), GNUNET_assert, and key.

Referenced by mq_send_d(), send_msg_with_kx(), and try_decrypt().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ try_decrypt()

static int try_decrypt	(	const struct SharedSecret *	ss,
		const uint8_t *	tag,
		uint32_t	serial,
		const char *	in_buf,
		size_t	in_buf_size,
		char *	out_buf
	)

static

Try to decrypt buf using shared secret ss and key/iv derived using serial.

Parameters

ss	shared secret
tag	GCM authentication tag
serial	serial number to use
in_buf	input buffer to decrypt
in_buf_size	number of bytes in in_buf and available in out_buf
out_buf	where to write the result

Returns: GNUNET_OK on success

Definition at line 1391 of file gnunet-communicator-udp.c.

{
  gcry_cipher_hd_t cipher;
 
  setup_cipher (&ss->master, serial, &cipher);
  GNUNET_assert (
    0 ==
    gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
  {
    gcry_cipher_close (cipher);
    GNUNET_STATISTICS_update (stats,
                              "# AEAD authentication failures",
                              1,
                              GNUNET_NO);
    return GNUNET_SYSERR;
  }
  gcry_cipher_close (cipher);
  return GNUNET_OK;
}

References GCM_TAG_SIZE, GNUNET_assert, GNUNET_NO, GNUNET_OK, GNUNET_STATISTICS_update(), GNUNET_SYSERR, SharedSecret::master, setup_cipher(), and stats.

Referenced by decrypt_box(), and sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_shared_secret_dec()

static struct SharedSecret * setup_shared_secret_dec ( const struct GNUNET_CRYPTO_HpkeEncapsulation * ephemeral )

static

Setup shared secret for decryption.

Parameters

ephemeral ephemeral key we received from the other peer

Returns: new shared secret

Definition at line 1425 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss;
 
  ss = GNUNET_new (struct SharedSecret);
  GNUNET_CRYPTO_eddsa_kem_decaps (my_private_key, ephemeral, &ss->master);
  calculate_cmac (ss);
  return ss;
}

References calculate_cmac(), GNUNET_CRYPTO_eddsa_kem_decaps(), GNUNET_new, SharedSecret::master, and my_private_key.

Referenced by try_handle_plaintext().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_initial_shared_secret_dec()

static struct SharedSecret * setup_initial_shared_secret_dec ( const struct GNUNET_CRYPTO_HpkeEncapsulation * c )

static

Setup shared secret for decryption for initial handshake.

Parameters

representative of ephemeral key we received from the other peer

Returns: new shared secret

Definition at line 1444 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss;
 
  ss = GNUNET_new (struct SharedSecret);
  GNUNET_CRYPTO_hpke_elligator_kem_decaps (&my_x25519_private_key, c,
                                           &ss->master);
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "New receiver SS master: %s\n", GNUNET_sh2s (&ss->master));
  calculate_cmac (ss);
  return ss;
}

References calculate_cmac(), GNUNET_CRYPTO_hpke_elligator_kem_decaps(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_new, GNUNET_sh2s(), SharedSecret::master, and my_x25519_private_key.

Referenced by sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_shared_secret_ephemeral()

static struct SharedSecret * setup_shared_secret_ephemeral	(	struct GNUNET_CRYPTO_HpkeEncapsulation *	ephemeral,
		struct ReceiverAddress *	receiver
	)

static

Setup new shared secret for encryption using KEM.

Parameters

[out]	ephemeral	ephemeral key to be sent to other peer (encapsulated key from KEM)
[in,out]	receiver	queue to initialize encryption key for

Returns: new shared secret

Definition at line 1467 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss;
 
  ss = GNUNET_new (struct SharedSecret);
  GNUNET_CRYPTO_eddsa_kem_encaps (&receiver->target.public_key, ephemeral,
                                  &ss->master);
  calculate_cmac (ss);
  ss->receiver = receiver;
  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
  receiver->num_secrets++;
  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
  return ss;
}

References calculate_cmac(), GNUNET_CONTAINER_DLL_insert, GNUNET_CRYPTO_eddsa_kem_encaps(), GNUNET_new, GNUNET_NO, GNUNET_STATISTICS_update(), SharedSecret::master, receiver(), SharedSecret::receiver, and stats.

Referenced by create_rekey().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_initial_shared_secret_ephemeral()

static struct SharedSecret * setup_initial_shared_secret_ephemeral	(	struct GNUNET_CRYPTO_HpkeEncapsulation *	c,
		struct ReceiverAddress *	receiver
	)

static

Setup new shared secret for encryption using KEM for initial handshake.

Parameters

[out]	representative	of ephemeral key to be sent to other peer (encapsulated key from KEM)
[in,out]	receiver	queue to initialize encryption key for

Returns: new shared secret

Definition at line 1493 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss;
 
  ss = GNUNET_new (struct SharedSecret);
  GNUNET_CRYPTO_hpke_elligator_kem_encaps (&receiver->target_hpke_key,
                                           c, &ss->master);
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "New sender SS master: %s\n", GNUNET_sh2s (&ss->master));
  calculate_cmac (ss);
  ss->receiver = receiver;
  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
  receiver->num_secrets++;
  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
  return ss;
}

References calculate_cmac(), GNUNET_CONTAINER_DLL_insert, GNUNET_CRYPTO_hpke_elligator_kem_encaps(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_new, GNUNET_NO, GNUNET_sh2s(), GNUNET_STATISTICS_update(), SharedSecret::master, receiver(), SharedSecret::receiver, and stats.

Referenced by send_msg_with_kx().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_receiver_mq()

static void setup_receiver_mq ( struct ReceiverAddress * receiver )

static

Setup the MQ for the receiver.

If a queue exists, the existing one is destroyed. Then the MTU is recalculated and a fresh queue is initialized.

Parameters

receiver receiver to setup MQ for

Definition at line 3013 of file gnunet-communicator-udp.c.

{
  size_t base_mtu;
 
  switch (receiver->address->sa_family)
  {
  case AF_INET:
    base_mtu = 1480     /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
               - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
               - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
    break;
 
  case AF_INET6:
    base_mtu = 1280     /* Minimum MTU required by IPv6 */
               - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
               - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
    break;
 
  default:
    GNUNET_assert (0);
    break;
  }
  /* MTU based on full KX messages */
  receiver->kx_mtu = base_mtu - sizeof(struct InitialKX)   /* 48 */
                     - sizeof(struct UDPConfirmation); /* 104 */
  /* MTU based on BOXed messages */
  receiver->d_mtu = base_mtu - sizeof(struct UDPBox);
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Setting up MQs and QHs\n");
  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
     1404 (IPv4 + Box) bytes, depending on circumstances... */
  if (NULL == receiver->kx_mq)
    receiver->kx_mq = GNUNET_MQ_queue_for_callbacks (&mq_send_kx,
                                                     &mq_destroy_kx,
                                                     &mq_cancel,
                                                     receiver,
                                                     NULL,
                                                     &mq_error,
                                                     receiver);
  if (NULL == receiver->d_mq)
    receiver->d_mq = GNUNET_MQ_queue_for_callbacks (&mq_send_d,
                                                    &mq_destroy_d,
                                                    &mq_cancel,
                                                    receiver,
                                                    NULL,
                                                    &mq_error,
                                                    receiver);
 
  receiver->kx_qh =
    GNUNET_TRANSPORT_communicator_mq_add (ch,
                                          &receiver->target,
                                          receiver->foreign_addr,
                                          receiver->kx_mtu,
                                          GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED,
                                          0, /* Priority */
                                          receiver->nt,
                                          GNUNET_TRANSPORT_CS_OUTBOUND,
                                          receiver->kx_mq);
}

References ch, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_MQ_queue_for_callbacks(), GNUNET_TRANSPORT_communicator_mq_add(), GNUNET_TRANSPORT_CS_OUTBOUND, GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED, mq_cancel(), mq_destroy_d(), mq_destroy_kx(), mq_error(), mq_send_d(), mq_send_kx(), and receiver().

Referenced by create_receiver().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ purge_secrets()

static unsigned int purge_secrets ( struct SharedSecret * ss_list_tail )

static

Best effort try to purge some secrets.

Ideally those, not ACKed.

Parameters

ss_list_tail the oldest secret in the list of interest.

Returns: number of deleted secrets.

Definition at line 1532 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *pos;
  struct SharedSecret *ss_to_purge;
  unsigned int deleted = 0;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Purging secrets.\n");
  pos = ss_list_tail;
  while (NULL != pos)
  {
    ss_to_purge = pos;
    pos = pos->prev;
 
    // FIXME we may also want to purge old unacked.
    if (rekey_max_bytes <= ss_to_purge->bytes_sent)
    {
      secret_destroy (ss_to_purge);
      deleted++;
    }
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Finished purging all, deleted %u.\n", deleted);
  return deleted;
}

References SharedSecret::bytes_sent, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, SharedSecret::prev, and secret_destroy().

Referenced by mq_send_d(), send_msg_with_kx(), sock_read(), and try_handle_plaintext().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ add_acks()

static void add_acks	(	struct SharedSecret *	ss,
		int	acks_to_add
	)

static

Definition at line 1560 of file gnunet-communicator-udp.c.

{
 
  struct ReceiverAddress *receiver = ss->receiver;
 
  GNUNET_assert (NULL != ss);
  GNUNET_assert (NULL != receiver);
 
  if (NULL == receiver->d_qh)
  {
    receiver->d_qh =
      GNUNET_TRANSPORT_communicator_mq_add (ch,
                                            &receiver->target,
                                            receiver->foreign_addr,
                                            receiver->d_mtu,
                                            acks_to_add,
                                            1, /* Priority */
                                            receiver->nt,
                                            GNUNET_TRANSPORT_CS_OUTBOUND,
                                            receiver->d_mq);
  }
  else
  {
    GNUNET_TRANSPORT_communicator_mq_update (ch,
                                             receiver->d_qh,
                                             acks_to_add,
                                             1);
  }
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Tell transport we have %u more acks!\n",
              acks_to_add);
 
  // Until here for alternative 1
 
  /* move ss to head to avoid discarding it anytime soon! */
 
  // GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
  // GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
}

References ch, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_TRANSPORT_communicator_mq_add(), GNUNET_TRANSPORT_communicator_mq_update(), GNUNET_TRANSPORT_CS_OUTBOUND, receiver(), and SharedSecret::receiver.

Referenced by handle_ack().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ handle_ack()

static int handle_ack	(	void *	cls,
		const struct GNUNET_HashCode *	key,
		void *	value
	)

static

We received an ACK for pid.

Check if it is for the receiver in value and if so, handle it and return GNUNET_NO. Otherwise, return GNUNET_YES.

Parameters

cls	a `const struct UDPAck`
pid	peer the ACK is from
value	a `struct ReceiverAddress`

Returns: GNUNET_YES to continue to iterate

Definition at line 1613 of file gnunet-communicator-udp.c.

{
  const struct UDPAck *ack = cls;
  struct ReceiverAddress *receiver = value;
  uint32_t acks_to_add;
  uint32_t allowed;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "in handle ack with cmac %s\n",
              GNUNET_h2s (&ack->cmac));
 
  (void) key;
  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
  {
    if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
    {
 
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Found matching cmac\n");
 
      allowed = ntohl (ack->sequence_ack);
 
      if (allowed <= ss->sequence_allowed)
      {
        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                    "Ignoring ack, not giving us increased window\n.");
        return GNUNET_NO;
      }
      acks_to_add = (allowed - ss->sequence_allowed);
      GNUNET_assert (0 != acks_to_add);
      receiver->acks_available += (allowed - ss->sequence_allowed);
      ss->sequence_allowed = allowed;
      add_acks (ss, acks_to_add);
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "New sequence allows until %u (+%u). Acks available to us: %u. For secret %s\n",
                  allowed,
                  acks_to_add,
                  receiver->acks_available,
                  GNUNET_sh2s (&ss->master));
      return GNUNET_NO;
    }
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Matching cmac not found for ack!\n");
  return GNUNET_YES;
}

References add_acks(), UDPAck::cmac, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_log, GNUNET_NO, GNUNET_sh2s(), GNUNET_YES, key, receiver(), UDPAck::sequence_ack, and value.

Referenced by handle_ack_by_sender(), and try_handle_plaintext().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ consider_ss_ack()

static void consider_ss_ack ( struct SharedSecret * ss )

static

We established a shared secret with a sender.

We should try to send the sender an struct UDPAck at the next opportunity to allow the sender to use ss longer (assuming we did not yet already recently).

Parameters

ss	shared secret to generate ACKs for

Definition at line 1670 of file gnunet-communicator-udp.c.

{
  struct UDPAck ack;
  GNUNET_assert (NULL != ss->sender);
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Considering SS UDPAck %s\n",
              GNUNET_i2s_full (&ss->sender->target));
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Sender has %u acks available.\n",
              ss->sender->acks_available);
  /* drop ancient KeyCacheEntries */
  while ((NULL != ss->kce_head) &&
         (MAX_SQN_DELTA <
          ss->kce_head->sequence_number - ss->kce_tail->sequence_number))
    kce_destroy (ss->kce_tail);
 
 
  ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK);
  ack.header.size = htons (sizeof(ack));
  ack.sequence_ack = htonl (ss->sequence_allowed);
  ack.cmac = ss->cmac;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Notifying transport with UDPAck %s, sequence %u and master %s\n",
              GNUNET_i2s_full (&ss->sender->target),
              ss->sequence_allowed,
              GNUNET_sh2s (&(ss->master)));
  GNUNET_TRANSPORT_communicator_notify (ch,
                                        &ss->sender->target,
                                        COMMUNICATOR_ADDRESS_PREFIX,
                                        &ack.header);
}

References SenderAddress::acks_available, ch, UDPAck::cmac, SharedSecret::cmac, COMMUNICATOR_ADDRESS_PREFIX, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s_full(), GNUNET_log, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK, GNUNET_sh2s(), GNUNET_TRANSPORT_communicator_notify(), UDPAck::header, kce_destroy(), SharedSecret::kce_head, SharedSecret::kce_tail, SharedSecret::master, MAX_SQN_DELTA, SharedSecret::sender, UDPAck::sequence_ack, SharedSecret::sequence_allowed, KeyCacheEntry::sequence_number, GNUNET_MessageHeader::size, SenderAddress::target, and GNUNET_MessageHeader::type.

Referenced by kce_generate_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ kce_generate_cb()

static void kce_generate_cb ( void * cls )

static

As long as we loose over 30% of max acks in reschedule, We keep generating acks for this ss.

Definition at line 1705 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss = cls;
  ss->sender->kce_task = NULL;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Precomputing %u keys for master %s\n",
              GENERATE_AT_ONCE,
              GNUNET_sh2s (&ss->master));
  if ((ss->override_available_acks != GNUNET_YES) &&
      (KCN_TARGET < ss->sender->acks_available))
    return;
  for (int i = 0; i < GENERATE_AT_ONCE; i++)
    kce_generate (ss, ++ss->sequence_allowed);
 
  if (KCN_TARGET > ss->sender->acks_available)
  {
    ss->sender->kce_task = GNUNET_SCHEDULER_add_delayed (
      WORKING_QUEUE_INTERVALL,
      kce_generate_cb,
      ss);
    return;
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "We have enough keys (ACKs: %u).\n", ss->sender->acks_available);
  ss->sender->kce_task_finished = GNUNET_YES;
  ss->override_available_acks = GNUNET_NO;
  if (ss->sender->kce_send_ack_on_finish == GNUNET_YES)
    consider_ss_ack (ss);
}

References SenderAddress::acks_available, consider_ss_ack(), GENERATE_AT_ONCE, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_NO, GNUNET_SCHEDULER_add_delayed(), GNUNET_sh2s(), GNUNET_YES, kce_generate(), kce_generate_cb(), SenderAddress::kce_send_ack_on_finish, SenderAddress::kce_task, SenderAddress::kce_task_finished, KCN_TARGET, SharedSecret::master, SharedSecret::override_available_acks, SharedSecret::sender, SharedSecret::sequence_allowed, and WORKING_QUEUE_INTERVALL.

Referenced by decrypt_box(), kce_generate_cb(), sock_read(), and try_handle_plaintext().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ try_handle_plaintext()

static void try_handle_plaintext	(	struct SenderAddress *	sender,
		const void *	buf,
		size_t	buf_size
	)

static

Test if we have received a valid message in plaintext.

If so, handle it.

Parameters

sender	peer to process inbound plaintext for
buf	buffer we received
buf_size	number of bytes in buf

Definition at line 1750 of file gnunet-communicator-udp.c.

{
  const struct GNUNET_MessageHeader *hdr;
  const struct UDPAck *ack;
  const struct UDPRekey *rekey;
  struct SharedSecret *ss_rekey;
  const char *buf_pos = buf;
  size_t bytes_remaining = buf_size;
  uint16_t type;
 
  hdr = (struct GNUNET_MessageHeader*) buf_pos;
  if (sizeof(*hdr) > bytes_remaining)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Plaintext too short, dropping...\n");
    return; /* no data left */
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "try_handle_plaintext of size %llu (%u %lu) and type %u\n",
              (unsigned long long) bytes_remaining,
              ntohs (hdr->size),
              sizeof(*hdr),
              ntohs (hdr->type));
  if (ntohs (hdr->size) > bytes_remaining)
    return; /* buffer too short for indicated message length */
  type = ntohs (hdr->type);
  switch (type)
  {
  case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY:
    rekey = (struct UDPRekey*) buf_pos;
    ss_rekey = setup_shared_secret_dec (&rekey->ephemeral);
    ss_rekey->sender = sender;
    GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey);
    sender->num_secrets++;
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Received rekey secret with cmac %s\n",
                GNUNET_h2s (&(ss_rekey->cmac)));
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Received secret with master %s.\n",
                GNUNET_sh2s (&(ss_rekey->master)));
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "We have %u sequence_allowed.\n",
                ss_rekey->sequence_allowed);
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "We have a sender %p\n",
                ss_rekey->sender);
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "We have %u acks available.\n",
                ss_rekey->sender->acks_available);
    GNUNET_STATISTICS_update (stats,
                              "# rekeying successful",
                              1,
                              GNUNET_NO);
    ss_rekey->sender->kce_send_ack_on_finish = GNUNET_YES;
    ss_rekey->override_available_acks = GNUNET_YES;
    // FIXME
    kce_generate_cb (ss_rekey);
    /* ss_rekey->sender->kce_task = GNUNET_SCHEDULER_add_delayed (
      WORKING_QUEUE_INTERVALL,
      kce_generate_cb,
      ss_rekey);*/
    // FIXME: Theoretically, this could be an Ack
    buf_pos += ntohs (hdr->size);
    bytes_remaining -= ntohs (hdr->size);
    pass_plaintext_to_core (sender, buf_pos, bytes_remaining);
    if (0 == purge_secrets (sender->ss_tail))
    {
      // No secret purged. Delete oldest.
      if (sender->num_secrets > MAX_SECRETS)
      {
        secret_destroy (sender->ss_tail);
      }
    }
    break;
  case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK:
    /* lookup master secret by 'cmac', then update sequence_max */
    ack = (struct UDPAck*) buf_pos;
    GNUNET_CONTAINER_multihashmap_get_multiple (receivers,
                                                &sender->key,
                                                &handle_ack,
                                                (void *) ack);
    /* There could be more messages after the ACK, handle those as well */
    buf_pos += ntohs (hdr->size);
    bytes_remaining -= ntohs (hdr->size);
    pass_plaintext_to_core (sender, buf_pos, bytes_remaining);
    break;
 
  case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD:
    /* skip padding */
    break;
 
  default:
    pass_plaintext_to_core (sender, buf_pos, bytes_remaining);
  }
  return;
}

References SenderAddress::acks_available, SharedSecret::cmac, UDPRekey::ephemeral, GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_multihashmap_get_multiple(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_log, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY, GNUNET_NO, GNUNET_sh2s(), GNUNET_STATISTICS_update(), GNUNET_YES, handle_ack(), kce_generate_cb(), SenderAddress::kce_send_ack_on_finish, SenderAddress::key, SharedSecret::master, MAX_SECRETS, SenderAddress::num_secrets, SharedSecret::override_available_acks, pass_plaintext_to_core(), purge_secrets(), receivers, secret_destroy(), SharedSecret::sender, SharedSecret::sequence_allowed, setup_shared_secret_dec(), GNUNET_MessageHeader::size, SenderAddress::ss_head, SenderAddress::ss_tail, stats, type, and GNUNET_MessageHeader::type.

Referenced by decrypt_box(), and sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ decrypt_box()

static void decrypt_box	(	const struct UDPBox *	box,
		size_t	box_len,
		struct KeyCacheEntry *	kce
	)

static

We received a box with matching kce.

Decrypt and process it.

Parameters

box	the data we received
box_len	number of bytes in box
kce	key index to decrypt box

Definition at line 1857 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss = kce->ss;
  struct SharedSecret *ss_c = ss->sender->ss_tail;
  struct SharedSecret *ss_tmp;
  int ss_destroyed = 0;
  char out_buf[box_len - sizeof(*box)];
 
  GNUNET_assert (NULL != ss->sender);
  if (GNUNET_OK != try_decrypt (ss,
                                box->gcm_tag,
                                kce->sequence_number,
                                (const char *) &box[1],
                                sizeof(out_buf),
                                out_buf))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Failed decryption.\n");
    GNUNET_STATISTICS_update (stats,
                              "# Decryption failures with valid KCE",
                              1,
                              GNUNET_NO);
    kce_destroy (kce);
    ss->sender->acks_available--;
    return;
  }
  kce_destroy (kce);
  kce = NULL;
  ss->bytes_sent += box_len;
  ss->sender->acks_available--;
  ss->sequence_used++;
  GNUNET_STATISTICS_update (stats,
                            "# bytes decrypted with BOX",
                            sizeof(out_buf),
                            GNUNET_NO);
  GNUNET_STATISTICS_update (stats,
                            "# messages decrypted with BOX",
                            1,
                            GNUNET_NO);
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "decrypted UDPBox with kid %s\n",
              GNUNET_sh2s (&box->kid));
  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
 
  while (NULL != ss_c)
  {
    if (ss_c->bytes_sent >= rekey_max_bytes)
    {
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Removing SS because rekey bytes reached.\n");
      ss_tmp = ss_c->prev;
      if (ss == ss_c)
        ss_destroyed = 1;
      secret_destroy (ss_c);
      ss_c = ss_tmp;
      continue;
    }
    ss_c = ss_c->prev;
  }
  if (1 == ss_destroyed)
    return;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Sender has %u ack left.\n",
              ss->sender->acks_available);
  if ((KCN_THRESHOLD > ss->sender->acks_available) &&
      (NULL == ss->sender->kce_task) &&
      (GNUNET_YES == ss->sender->kce_task_finished))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Sender has %u ack left which is under threshold.\n",
                ss->sender->acks_available);
    ss->sender->kce_send_ack_on_finish = GNUNET_YES;
    ss->sender->kce_task = GNUNET_SCHEDULER_add_now (
      kce_generate_cb,
      ss);
  }
}

References SenderAddress::acks_available, SharedSecret::bytes_sent, UDPBox::gcm_tag, GNUNET_assert, GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_NO, GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_sh2s(), GNUNET_STATISTICS_update(), GNUNET_YES, kce_destroy(), kce_generate_cb(), SenderAddress::kce_send_ack_on_finish, SenderAddress::kce_task, SenderAddress::kce_task_finished, KCN_THRESHOLD, UDPBox::kid, SharedSecret::prev, rekey_max_bytes, secret_destroy(), SharedSecret::sender, KeyCacheEntry::sequence_number, SharedSecret::sequence_used, KeyCacheEntry::ss, SenderAddress::ss_tail, stats, try_decrypt(), and try_handle_plaintext().

Referenced by sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ setup_sender()

static struct SenderAddress * setup_sender	(	const struct GNUNET_PeerIdentity *	target,
		const struct sockaddr *	address,
		socklen_t	address_len
	)

static

Create sender address for target.

Note that we might already have one, so a fresh one is only allocated if one does not yet exist for address.

Parameters

target	peer to generate address for
address	target address
address_len	number of bytes in address

Returns: data structure to keep track of key material for decrypting data from target

Definition at line 1971 of file gnunet-communicator-udp.c.

{
  struct SenderAddress *sender;
  struct GNUNET_HashContext *hsh;
  struct GNUNET_HashCode sender_key;
 
  hsh = GNUNET_CRYPTO_hash_context_start ();
  GNUNET_CRYPTO_hash_context_read (hsh, address, address_len);
  GNUNET_CRYPTO_hash_context_read (hsh, target, sizeof(*target));
  GNUNET_CRYPTO_hash_context_finish (hsh, &sender_key);
 
  sender = GNUNET_CONTAINER_multihashmap_get (senders, &sender_key);
  if (NULL != sender)
  {
    reschedule_sender_timeout (sender);
    return sender;
  }
  sender = GNUNET_new (struct SenderAddress);
  sender->key = sender_key;
  sender->target = *target;
  sender->address = GNUNET_memdup (address, address_len);
  sender->address_len = address_len;
  (void) GNUNET_CONTAINER_multihashmap_put (
    senders,
    &sender->key,
    sender,
    GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
  GNUNET_STATISTICS_set (stats,
                         "# senders active",
                         GNUNET_CONTAINER_multihashmap_size (receivers),
                         GNUNET_NO);
  sender->timeout =
    GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
  sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
                                             sender,
                                             sender->timeout.abs_value_us);
  sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
  if (NULL == timeout_task)
    timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
  return sender;
}

References GNUNET_TIME_Absolute::abs_value_us, address, SenderAddress::address, SenderAddress::address_len, check_timeouts(), GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_insert(), GNUNET_CONTAINER_multihashmap_get(), GNUNET_CONTAINER_multihashmap_put(), GNUNET_CONTAINER_multihashmap_size(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE, GNUNET_CRYPTO_hash_context_finish(), GNUNET_CRYPTO_hash_context_read(), GNUNET_CRYPTO_hash_context_start(), GNUNET_memdup, GNUNET_new, GNUNET_NO, GNUNET_NT_scanner_get_type(), GNUNET_SCHEDULER_add_now(), GNUNET_STATISTICS_set(), GNUNET_TIME_relative_to_absolute(), SenderAddress::hn, is, SenderAddress::key, SenderAddress::nt, receivers, reschedule_sender_timeout(), senders, senders_heap, stats, SenderAddress::target, SenderAddress::timeout, and timeout_task.

Referenced by sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ verify_confirmation()

static int verify_confirmation	(	const struct GNUNET_CRYPTO_HpkeEncapsulation *	enc,
		const struct UDPConfirmation *	uc
	)

static

Check signature from uc against ephemeral.

Parameters

ephemeral	key that is signed
uc	signature of claimant

Returns: GNUNET_OK if signature is valid

Definition at line 2024 of file gnunet-communicator-udp.c.

{
  struct UdpHandshakeSignature uhs;
 
  uhs.purpose.purpose = htonl (
    GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE);
  uhs.purpose.size = htonl (sizeof(uhs));
  uhs.sender = uc->sender;
  uhs.receiver = my_identity;
  uhs.enc = *enc;
  uhs.monotonic_time = uc->monotonic_time;
  return GNUNET_CRYPTO_eddsa_verify (
    GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE,
    &uhs,
    &uc->sender_sig,
    &uc->sender.public_key);
}

References enc, UdpHandshakeSignature::enc, GNUNET_CRYPTO_eddsa_verify, GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE, UdpHandshakeSignature::monotonic_time, my_identity, GNUNET_CRYPTO_EccSignaturePurpose::purpose, UdpHandshakeSignature::purpose, UdpHandshakeSignature::receiver, UdpHandshakeSignature::sender, GNUNET_CRYPTO_EccSignaturePurpose::size, and uc.

Referenced by sock_read().

Here is the caller graph for this function:

◆ sockaddr_to_udpaddr_string()

static char * sockaddr_to_udpaddr_string	(	const struct sockaddr *	address,
		socklen_t	address_len
	)

static

Converts address to the address string format used by this communicator in HELLOs.

Parameters

address	the address to convert, must be AF_INET or AF_INET6.
address_len	number of bytes in address

Returns: string representation of address

Definition at line 2053 of file gnunet-communicator-udp.c.

{
  char *ret;
 
  switch (address->sa_family)
  {
  case AF_INET:
    GNUNET_asprintf (&ret,
                     "%s-%s",
                     COMMUNICATOR_ADDRESS_PREFIX,
                     GNUNET_a2s (address, address_len));
    break;
 
  case AF_INET6:
    GNUNET_asprintf (&ret,
                     "%s-%s",
                     COMMUNICATOR_ADDRESS_PREFIX,
                     GNUNET_a2s (address, address_len));
    break;
 
  default:
    GNUNET_assert (0);
  }
  return ret;
}

References address, COMMUNICATOR_ADDRESS_PREFIX, GNUNET_a2s(), GNUNET_asprintf(), GNUNET_assert, and ret.

Referenced by create_receiver(), sock_read(), and udp_socket_notify().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ get_socket()

static struct GNUNET_NETWORK_Handle * get_socket ( struct ReceiverAddress * receiver )

static

Definition at line 2082 of file gnunet-communicator-udp.c.

{
  struct GNUNET_NETWORK_Handle *udp_sock;
 
  if (NULL == receiver->udp_sock)
  {
    if (AF_INET6 == receiver->address->sa_family)
      udp_sock = default_v6_sock;
    else
      udp_sock = default_v4_sock;
  }
  else
    udp_sock = receiver->udp_sock;
 
  return udp_sock;
}

References default_v4_sock, default_v6_sock, receiver(), and udp_sock.

Referenced by mq_send_d(), and send_msg_with_kx().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ udp_address_to_sockaddr()

static struct sockaddr * udp_address_to_sockaddr	(	const char *	bindto,
		sa_family_t	family,
		socklen_t *	sock_len
	)

static

Convert UDP bind specification to a struct sockaddr *

Parameters

	bindto	bind specification to convert
	family	address family to enforce
[out]	sock_len	set to the length of the address

Returns: converted bindto specification

Definition at line 2109 of file gnunet-communicator-udp.c.

{
  struct sockaddr *in;
  unsigned int port;
  char dummy[2];
  char *colon;
  char *cp;
 
  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
  {
    /* interpreting value as just a PORT number */
    if (port > UINT16_MAX)
    {
      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                  "BINDTO specification `%s' invalid: value too large for port\n",
                  bindto);
      return NULL;
    }
    if ((AF_INET == family) || (GNUNET_YES == disable_v6))
    {
      struct sockaddr_in *i4;
 
      i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
      i4->sin_family = AF_INET;
      i4->sin_port = htons ((uint16_t) port);
      *sock_len = sizeof(struct sockaddr_in);
      in = (struct sockaddr *) i4;
    }
    else
    {
      struct sockaddr_in6 *i6;
 
      i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
      i6->sin6_family = AF_INET6;
      i6->sin6_port = htons ((uint16_t) port);
      *sock_len = sizeof(struct sockaddr_in6);
      in = (struct sockaddr *) i6;
    }
    return in;
  }
  cp = GNUNET_strdup (bindto);
  colon = strrchr (cp, ':');
  if (NULL != colon)
  {
    /* interpret value after colon as port */
    *colon = '\0';
    colon++;
    if (1 == sscanf (colon, "%u%1s", &port, dummy))
    {
      /* interpreting value as just a PORT number */
      if (port > UINT16_MAX)
      {
        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                    "BINDTO specification `%s' invalid: value too large for port\n",
                    bindto);
        GNUNET_free (cp);
        return NULL;
      }
    }
    else
    {
      GNUNET_log (
        GNUNET_ERROR_TYPE_ERROR,
        "BINDTO specification `%s' invalid: last ':' not followed by number\n",
        bindto);
      GNUNET_free (cp);
      return NULL;
    }
  }
  else
  {
    /* interpret missing port as 0, aka pick any free one */
    port = 0;
  }
  if (AF_INET6 != family)
  {
    /* try IPv4 */
    struct sockaddr_in v4;
 
    memset (&v4, 0, sizeof(v4));
    if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
    {
      v4.sin_family = AF_INET;
      v4.sin_port = htons ((uint16_t) port);
#if HAVE_SOCKADDR_IN_SIN_LEN
      v4.sin_len = sizeof(struct sockaddr_in);
#endif
      in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
      *sock_len = sizeof(struct sockaddr_in);
      GNUNET_free (cp);
      return in;
    }
  }
  if (AF_INET != family)
  {
    /* try IPv6 */
    struct sockaddr_in6 v6;
    const char *start;
 
    memset (&v6, 0, sizeof(v6));
    start = cp;
    if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
    {
      start++;   /* skip over '[' */
      cp[strlen (cp) - 1] = '\0';  /* eat ']' */
    }
    if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
    {
      v6.sin6_family = AF_INET6;
      v6.sin6_port = htons ((uint16_t) port);
#if HAVE_SOCKADDR_IN_SIN_LEN
      v6.sin6_len = sizeof(struct sockaddr_in6);
#endif
      in = GNUNET_memdup (&v6, sizeof(v6));
      *sock_len = sizeof(v6);
      GNUNET_free (cp);
      return in;
    }
  }
  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
  GNUNET_free (cp);
  return NULL;
}

References disable_v6, dummy, GNUNET_ERROR_TYPE_ERROR, GNUNET_free, GNUNET_log, GNUNET_malloc, GNUNET_memdup, GNUNET_strdup, GNUNET_YES, port, and start.

Referenced by create_receiver(), and create_udp_socket().

Here is the caller graph for this function:

◆ sock_read()

static void sock_read ( void * cls )

static

Socket read task.

Parameters

cls NULL

Definition at line 2349 of file gnunet-communicator-udp.c.

{
  struct sockaddr_storage sa;
  struct sockaddr_in *addr_verify;
  socklen_t salen = sizeof(sa);
  char buf[UINT16_MAX];
  ssize_t rcvd;
 
  struct GNUNET_NETWORK_Handle *udp_sock = cls;
 
  if (default_v4_sock == udp_sock)
    read_v4_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
                                                  udp_sock,
                                                  &sock_read,
                                                  udp_sock);
  if (default_v6_sock == udp_sock)
    read_v6_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
                                                  udp_sock,
                                                  &sock_read,
                                                  udp_sock);
  while (1)
  {
    rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
                                           buf,
                                           sizeof(buf),
                                           (struct sockaddr *) &sa,
                                           &salen);
    if (-1 == rcvd)
    {
      struct sockaddr *addr = (struct sockaddr*) &sa;
 
      if (EAGAIN == errno)
        break; // We are done reading data
      GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                  "Failed to recv from %s family %d failed sock %p\n",
                  GNUNET_a2s ((struct sockaddr*) &sa,
                              sizeof (*addr)),
                  addr->sa_family,
                  udp_sock);
      GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "recv");
      return;
    }
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Read %llu bytes\n",
                (unsigned long long) rcvd);
    if (0 == rcvd)
    {
      GNUNET_break_op (0);
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Read 0 bytes from UDP socket\n");
      return;
    }
 
    /* first, see if it is a GNUNET_BurstMessage */
    if (rcvd == sizeof (struct GNUNET_BurstMessage))
    {
      struct GNUNET_BurstMessage *bm = (struct GNUNET_BurstMessage *) buf;
      struct sockaddr *addr = (struct sockaddr*) &sa;
      char *address = sockaddr_to_udpaddr_string (addr, sizeof (*addr));
 
      GNUNET_assert (0 == bm->local_port);
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Received a burst message for default port\n");
      create_receiver (&bm->peer,
                       address,
                       NULL);
      if (AF_INET6 == addr->sa_family)
        GNUNET_stop_burst (default_v6_sock);
      else
        GNUNET_stop_burst (default_v4_sock);
      GNUNET_TRANSPORT_communicator_burst_finished (ch);
      GNUNET_free (address);
      return;
    }
    /* second, see if it is a UDPBox */
    if (rcvd > sizeof(struct UDPBox))
    {
      const struct UDPBox *box;
      struct KeyCacheEntry *kce;
 
      box = (const struct UDPBox *) buf;
      kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
      if (NULL != kce)
      {
        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                    "Found KCE with kid %s\n",
                    GNUNET_sh2s (&box->kid));
        decrypt_box (box, (size_t) rcvd, kce);
        continue;
      }
    }
 
    /* next, check if it is a broadcast */
    if (sizeof(struct UDPBroadcast) == rcvd)
    {
      const struct UDPBroadcast *ub;
      struct UdpBroadcastSignature uhs;
      struct GNUNET_PeerIdentity sender;
 
      addr_verify = GNUNET_memdup (&sa, salen);
      addr_verify->sin_port = 0;
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "received UDPBroadcast from %s\n",
                  GNUNET_a2s ((const struct sockaddr *) addr_verify, salen));
      ub = (const struct UDPBroadcast *) buf;
      uhs.purpose.purpose = htonl (
        GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST);
      uhs.purpose.size = htonl (sizeof(uhs));
      uhs.sender = ub->sender;
      sender = ub->sender;
      if (0 == memcmp (&sender, &my_identity, sizeof (struct
                                                      GNUNET_PeerIdentity)))
      {
        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                    "Received our own broadcast\n");
        GNUNET_free (addr_verify);
        continue;
      }
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "checking UDPBroadcastSignature for %s\n",
                  GNUNET_i2s (&sender));
      GNUNET_CRYPTO_hash ((struct sockaddr *) addr_verify, salen,
                          &uhs.h_address);
      if (GNUNET_OK ==
          GNUNET_CRYPTO_eddsa_verify (
            GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST,
            &uhs,
            &ub->sender_sig,
            &ub->sender.public_key))
      {
        char *addr_s;
        enum GNUNET_NetworkType nt;
 
        addr_s =
          sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
        GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
        /* use our own mechanism to determine network type */
        nt =
          GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                    "validating address %s received from UDPBroadcast\n",
                    GNUNET_i2s (&sender));
        GNUNET_TRANSPORT_application_validate (ah, &sender, nt, addr_s);
        GNUNET_free (addr_s);
        GNUNET_free (addr_verify);
        continue;
      }
      else
      {
        GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                    "VerifyingPeer %s is verifying UDPBroadcast\n",
                    GNUNET_i2s (&my_identity));
        GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
                    "Verifying UDPBroadcast from %s failed\n",
                    GNUNET_i2s (&ub->sender));
      }
      GNUNET_free (addr_verify);
      /* continue with KX, mostly for statistics... */
    }
 
 
    /* finally, test if it is a KX */
    if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
    {
      GNUNET_STATISTICS_update (stats,
                                "# messages dropped (no kid, too small for KX)",
                                1,
                                GNUNET_NO);
      continue;
    }
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Got KX\n");
    {
      const struct InitialKX *kx;
      struct SharedSecret *ss;
      char pbuf[rcvd - sizeof(struct InitialKX)];
      const struct UDPConfirmation *uc;
      struct SenderAddress *sender;
 
      kx = (const struct InitialKX *) buf;
      ss = setup_initial_shared_secret_dec (&kx->enc);
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Before DEC\n");
 
      if (GNUNET_OK != try_decrypt (ss,
                                    kx->gcm_tag,
                                    0,
                                    &buf[sizeof(*kx)],
                                    sizeof(pbuf),
                                    pbuf))
      {
        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                    "Unable to decrypt tag, dropping...\n");
        GNUNET_free (ss);
        GNUNET_STATISTICS_update (
          stats,
          "# messages dropped (no kid, AEAD decryption failed)",
          1,
          GNUNET_NO);
        continue;
      }
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Before VERIFY\n");
 
      uc = (const struct UDPConfirmation *) pbuf;
 
      if (GNUNET_OK != verify_confirmation (&kx->enc, uc)) // TODO: need ephemeral instead of representative
      {
        GNUNET_break_op (0);
        GNUNET_free (ss);
        GNUNET_STATISTICS_update (stats,
                                  "# messages dropped (sender signature invalid)",
                                  1,
                                  GNUNET_NO);
        continue;
      }
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Before SETUP_SENDER\n");
 
      calculate_cmac (ss);
      sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
      ss->sender = sender;
      GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
      if ((KCN_THRESHOLD > ss->sender->acks_available) &&
          (NULL == ss->sender->kce_task) &&
          (GNUNET_NO == ss->sender->kce_task_finished))
      {
        // TODO This task must be per sender! FIXME: This is a nice todo, but I do not know what must be done here to fix.
        ss->sender->kce_send_ack_on_finish = GNUNET_YES;
        ss->sender->kce_task = GNUNET_SCHEDULER_add_now (
          kce_generate_cb,
          ss);
      }
      sender->num_secrets++;
      GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
      GNUNET_STATISTICS_update (stats,
                                "# messages decrypted without BOX",
                                1,
                                GNUNET_NO);
      try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
      if (0 == purge_secrets (sender->ss_tail))
      {
        // No secret purged. Delete oldest.
        if (sender->num_secrets > MAX_SECRETS)
        {
          secret_destroy (sender->ss_tail);
        }
      }
    }
  }
}

References SenderAddress::acks_available, address, ah, calculate_cmac(), ch, create_receiver(), decrypt_box(), default_v4_sock, default_v6_sock, InitialKX::enc, InitialKX::gcm_tag, GNUNET_a2s(), GNUNET_assert, GNUNET_break_op, GNUNET_CONTAINER_DLL_insert, GNUNET_CONTAINER_multishortmap_get(), GNUNET_CRYPTO_eddsa_verify, GNUNET_CRYPTO_hash(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_ERROR_TYPE_WARNING, GNUNET_free, GNUNET_i2s(), GNUNET_log, GNUNET_log_strerror, GNUNET_memdup, GNUNET_NETWORK_socket_recvfrom(), GNUNET_NO, GNUNET_NT_scanner_get_type(), GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_add_read_net(), GNUNET_sh2s(), GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST, GNUNET_STATISTICS_update(), GNUNET_stop_burst(), GNUNET_TIME_UNIT_FOREVER_REL, GNUNET_TRANSPORT_application_validate(), GNUNET_TRANSPORT_communicator_burst_finished(), GNUNET_YES, UdpBroadcastSignature::h_address, is, kce_generate_cb(), SenderAddress::kce_send_ack_on_finish, SenderAddress::kce_task, SenderAddress::kce_task_finished, KCN_THRESHOLD, key_cache, UDPBox::kid, GNUNET_BurstMessage::local_port, MAX_SECRETS, my_identity, nt, GNUNET_BurstMessage::peer, GNUNET_PeerIdentity::public_key, purge_secrets(), GNUNET_CRYPTO_EccSignaturePurpose::purpose, UdpBroadcastSignature::purpose, read_v4_task, read_v6_task, secret_destroy(), UDPConfirmation::sender, UdpBroadcastSignature::sender, UDPBroadcast::sender, SharedSecret::sender, UDPBroadcast::sender_sig, setup_initial_shared_secret_dec(), setup_sender(), GNUNET_CRYPTO_EccSignaturePurpose::size, sock_read(), sockaddr_to_udpaddr_string(), stats, try_decrypt(), try_handle_plaintext(), uc, udp_sock, and verify_confirmation().

Referenced by create_receiver(), run(), and sock_read().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ create_receiver()

static enum GNUNET_GenericReturnValue create_receiver	(	const struct GNUNET_PeerIdentity *	peer,
		const char *	address,
		struct GNUNET_NETWORK_Handle *	udp_sock
	)

static

Definition at line 2241 of file gnunet-communicator-udp.c.

{
  struct GNUNET_HashContext *hsh;
  struct ReceiverAddress *receiver;
  struct GNUNET_HashCode receiver_key;
  const char *path;
  struct sockaddr *in;
  socklen_t in_len;
 
  if (0 != strncmp (address,
                    COMMUNICATOR_ADDRESS_PREFIX "-",
                    strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
  {
    GNUNET_break_op (0);
    return GNUNET_SYSERR;
  }
  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
  in = udp_address_to_sockaddr (path, AF_UNSPEC, &in_len);
 
  if (NULL == in)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Failed to setup UDP socket address\n");
    return GNUNET_SYSERR;
  }
  if ((AF_INET6 == in->sa_family) &&
      (GNUNET_YES == disable_v6))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "IPv6 disabled, skipping %s\n", address);
    GNUNET_free (in);
    return GNUNET_SYSERR;
  }
  else if (AF_INET == in->sa_family)
  {
    struct sockaddr_in *sin = (struct sockaddr_in *) in;
    if (0 == sin->sin_port)
    {
      GNUNET_free (in);
      return GNUNET_NO;
    }
  }
 
  hsh = GNUNET_CRYPTO_hash_context_start ();
  GNUNET_CRYPTO_hash_context_read (hsh, in, in_len);
  GNUNET_CRYPTO_hash_context_read (hsh, peer, sizeof(*peer));
  GNUNET_CRYPTO_hash_context_finish (hsh, &receiver_key);
 
  receiver = GNUNET_CONTAINER_multihashmap_get (receivers, &receiver_key);
  if (NULL != receiver)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "receiver %s already exist or is being connected to\n",
                address);
    return GNUNET_NO;
  }
 
  receiver = GNUNET_new (struct ReceiverAddress);
  receiver->udp_sock = udp_sock;
  receiver->key = receiver_key;
  receiver->address = in;
  receiver->address_len = in_len;
  receiver->target = *peer;
  eddsa_pub_to_hpke_key (&receiver->target.public_key,
                         &receiver->target_hpke_key);
  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
  (void) GNUNET_CONTAINER_multihashmap_put (
    receivers,
    &receiver->key,
    receiver,
    GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Added %s to receivers with address %s and sock %p\n",
              GNUNET_i2s_full (&receiver->target),
              address,
              udp_sock);
  receiver->timeout =
    GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
  receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
                                               receiver,
                                               receiver->timeout.abs_value_us);
  GNUNET_STATISTICS_set (stats,
                         "# receivers active",
                         GNUNET_CONTAINER_multihashmap_size (receivers),
                         GNUNET_NO);
  receiver->foreign_addr =
    sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
  if (NULL != udp_sock)
    receiver->read_task = GNUNET_SCHEDULER_add_read_net (
      GNUNET_TIME_UNIT_FOREVER_REL,
      udp_sock,
      &sock_read,
      udp_sock);
  setup_receiver_mq (receiver);
  if (NULL == timeout_task)
    timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
  return GNUNET_OK;
}

References address, check_timeouts(), COMMUNICATOR_ADDRESS_PREFIX, disable_v6, eddsa_pub_to_hpke_key(), GNUNET_break_op, GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT, GNUNET_CONTAINER_heap_insert(), GNUNET_CONTAINER_multihashmap_get(), GNUNET_CONTAINER_multihashmap_put(), GNUNET_CONTAINER_multihashmap_size(), GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE, GNUNET_CRYPTO_hash_context_finish(), GNUNET_CRYPTO_hash_context_read(), GNUNET_CRYPTO_hash_context_start(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_free, GNUNET_i2s_full(), GNUNET_log, GNUNET_new, GNUNET_NO, GNUNET_NT_scanner_get_type(), GNUNET_OK, GNUNET_SCHEDULER_add_now(), GNUNET_SCHEDULER_add_read_net(), GNUNET_STATISTICS_set(), GNUNET_SYSERR, GNUNET_TIME_relative_to_absolute(), GNUNET_TIME_UNIT_FOREVER_REL, GNUNET_YES, is, receiver(), receivers, receivers_heap, setup_receiver_mq(), sock_read(), sockaddr_to_udpaddr_string(), stats, timeout_task, udp_address_to_sockaddr(), and udp_sock.

Referenced by mq_init(), sock_read(), and udp_socket_notify().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ do_pad()

static void do_pad	(	gcry_cipher_hd_t	out_cipher,
		char *	dgram,
		size_t	pad_size
	)

static

Pad dgram by pad_size using out_cipher.

Parameters

out_cipher	cipher to use
dgram	datagram to pad
pad_size	number of bytes of padding to append

Definition at line 2610 of file gnunet-communicator-udp.c.

{
  char pad[pad_size];
 
  GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK, pad, sizeof(pad));
  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
  {
    struct GNUNET_MessageHeader hdr =
    { .size = htons (sizeof(pad)),
      .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
 
    memcpy (pad, &hdr, sizeof(hdr));
  }
  GNUNET_assert (
    0 ==
    gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
}

References GNUNET_assert, GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_block(), GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD, and GNUNET_MessageHeader::size.

Referenced by mq_send_d(), and send_msg_with_kx().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ send_msg_with_kx()

static void send_msg_with_kx	(	const struct GNUNET_MessageHeader *	msg,
		struct ReceiverAddress *	receiver,
		struct GNUNET_MQ_Handle *	mq
	)

static

Definition at line 2630 of file gnunet-communicator-udp.c.

{
  uint16_t msize = ntohs (msg->size);
  struct UdpHandshakeSignature uhs;
  struct UDPConfirmation uc;
  struct InitialKX kx;
  char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)];
  size_t dpos;
  gcry_cipher_hd_t out_cipher;
  struct SharedSecret *ss;
 
  if (msize > receiver->kx_mtu)
  {
    GNUNET_break (0);
    if (GNUNET_YES != receiver->receiver_destroy_called)
      receiver_destroy (receiver);
    return;
  }
  reschedule_receiver_timeout (receiver);
 
  /* setup key material */
  ss = setup_initial_shared_secret_ephemeral (&uhs.enc, receiver);
 
  if (0 == purge_secrets (receiver->ss_tail))
  {
    // No secret purged. Delete oldest.
    if (receiver->num_secrets > MAX_SECRETS)
    {
      secret_destroy (receiver->ss_tail);
    }
  }
 
  setup_cipher (&ss->master, 0, &out_cipher);
  /* compute 'uc' */
  uc.sender = my_identity;
  uc.monotonic_time =
    GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
  uhs.purpose.purpose = htonl (
    GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE);
  uhs.purpose.size = htonl (sizeof(uhs));
  uhs.sender = my_identity;
  uhs.receiver = receiver->target;
  uhs.monotonic_time = uc.monotonic_time;
  GNUNET_CRYPTO_eddsa_sign (my_private_key,
                            &uhs,
                            &uc.sender_sig);
  /* Leave space for kx */
  dpos = sizeof(kx);
  /* Append encrypted uc to dgram */
  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
                                           &dgram[dpos],
                                           sizeof(uc),
                                           &uc,
                                           sizeof(uc)));
  dpos += sizeof(uc);
  /* Append encrypted payload to dgram */
  GNUNET_assert (
    0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
  dpos += msize;
  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
  /* Datagram starts with kx */
  kx.enc = uhs.enc;
  GNUNET_assert (
    0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
  gcry_cipher_close (out_cipher);
  memcpy (dgram, &kx, sizeof(kx));
  if (-1 == GNUNET_NETWORK_socket_sendto (get_socket (receiver),
                                          dgram,
                                          sizeof(dgram),
                                          receiver->address,
                                          receiver->address_len))
  {
    GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Sending KX with payload size %u to %s family %d failed sock %p\n",
                msize,
                GNUNET_a2s (receiver->address,
                            receiver->address_len),
                receiver->address->sa_family,
                get_socket (receiver));
    GNUNET_MQ_impl_send_continue (mq);
    receiver_destroy (receiver);
    return;
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Sending KX with payload size %u to %s with socket %p\n",
              msize,
              GNUNET_a2s (receiver->address,
                          receiver->address_len),
              get_socket (receiver));
  GNUNET_MQ_impl_send_continue (mq);
}

References cfg, do_pad(), UdpHandshakeSignature::enc, InitialKX::enc, InitialKX::gcm_tag, get_socket(), GNUNET_a2s(), GNUNET_assert, GNUNET_break, GNUNET_CRYPTO_eddsa_sign, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_ERROR_TYPE_WARNING, GNUNET_log, GNUNET_log_strerror, GNUNET_MQ_impl_send_continue(), GNUNET_NETWORK_socket_sendto(), GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_HANDSHAKE, GNUNET_TIME_absolute_get_monotonic(), GNUNET_TIME_absolute_hton(), GNUNET_YES, SharedSecret::master, MAX_SECRETS, UdpHandshakeSignature::monotonic_time, mq, msg, my_identity, my_private_key, purge_secrets(), GNUNET_CRYPTO_EccSignaturePurpose::purpose, UdpHandshakeSignature::purpose, receiver(), UdpHandshakeSignature::receiver, receiver_destroy(), reschedule_receiver_timeout(), secret_destroy(), UdpHandshakeSignature::sender, setup_cipher(), setup_initial_shared_secret_ephemeral(), GNUNET_MessageHeader::size, GNUNET_CRYPTO_EccSignaturePurpose::size, and uc.

Referenced by mq_send_d(), and mq_send_kx().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mq_send_kx()

static void mq_send_kx	(	struct GNUNET_MQ_Handle *	mq,
		const struct GNUNET_MessageHeader *	msg,
		void *	impl_state
	)

static

Signature of functions implementing the sending functionality of a message queue.

Parameters

mq	the message queue
msg	the message to send
impl_state	our `struct ReceiverAddress`

Definition at line 2735 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = impl_state;
 
  GNUNET_assert (mq == receiver->kx_mq);
  send_msg_with_kx (msg, receiver, mq);
}

References GNUNET_assert, mq, msg, receiver(), and send_msg_with_kx().

Referenced by setup_receiver_mq().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ create_rekey()

static void create_rekey	(	struct ReceiverAddress *	receiver,
		struct SharedSecret *	ss,
		struct UDPRekey *	rekey
	)

static

Definition at line 2747 of file gnunet-communicator-udp.c.

{
  struct SharedSecret *ss_rekey;
 
  ss->rekey_initiated = GNUNET_YES;
  /* setup key material */
  ss_rekey = setup_shared_secret_ephemeral (&rekey->ephemeral,
                                            receiver);
  ss_rekey->sequence_allowed = 0;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Setup secret with k = %s\n",
              GNUNET_sh2s (&ss_rekey->master));
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Setup secret with H(k) = %s\n",
              GNUNET_h2s (&(ss_rekey->cmac)));
 
  /* Append encrypted payload to dgram */
  rekey->header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY);
  rekey->header.size = htons (sizeof (struct UDPRekey));
}

References SharedSecret::cmac, UDPRekey::ephemeral, GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_log, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_REKEY, GNUNET_sh2s(), GNUNET_YES, UDPRekey::header, SharedSecret::master, receiver(), SharedSecret::rekey_initiated, SharedSecret::sequence_allowed, setup_shared_secret_ephemeral(), GNUNET_MessageHeader::size, and GNUNET_MessageHeader::type.

Referenced by mq_send_d().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mq_send_d()

static void mq_send_d	(	struct GNUNET_MQ_Handle *	mq,
		const struct GNUNET_MessageHeader *	msg,
		void *	impl_state
	)

static

Signature of functions implementing the sending functionality of a message queue.

Parameters

mq	the message queue
msg	the message to send
impl_state	our `struct ReceiverAddress`

Definition at line 2779 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = impl_state;
  struct UDPRekey rekey;
  struct SharedSecret *ss;
  int inject_rekey = GNUNET_NO;
  uint16_t msize = ntohs (msg->size);
 
  GNUNET_assert (mq == receiver->d_mq);
  if ((msize > receiver->d_mtu) ||
      (0 == receiver->acks_available))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "msize: %u, mtu: %llu, acks: %u\n",
                (unsigned int) msize,
                (unsigned long long) receiver->d_mtu,
                receiver->acks_available);
 
    GNUNET_break (0);
    if (GNUNET_YES != receiver->receiver_destroy_called)
      receiver_destroy (receiver);
    return;
  }
  reschedule_receiver_timeout (receiver);
 
  if (receiver->num_secrets > MAX_SECRETS)
  {
    if ((0 == purge_secrets (receiver->ss_tail)) &&
        (NULL != receiver->ss_tail))
    {
      // No secret purged. Delete oldest.
      secret_destroy (receiver->ss_tail);
    }
  }
  /* begin "BOX" encryption method, scan for ACKs from tail! */
  ss = receiver->ss_tail;
  while (NULL != ss)
  {
    size_t payload_len = sizeof(struct UDPBox) + receiver->d_mtu;
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "Considering SS %s sequence used: %u sequence allowed: %u bytes sent: %lu.\n",
                GNUNET_sh2s (&ss->master), ss->sequence_used,
                ss->sequence_allowed, ss->bytes_sent);
    if (ss->sequence_used >= ss->sequence_allowed)
    {
      //  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
      //              "Skipping ss because no acks to use.\n");
      ss = ss->prev;
      continue;
    }
    if (ss->bytes_sent >= rekey_max_bytes)
    {
      struct SharedSecret *ss_tmp;
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Skipping ss because rekey bytes reached.\n");
      // FIXME cleanup ss with too many bytes sent!
      ss_tmp = ss->prev;
      secret_destroy (ss);
      ss = ss_tmp;
      continue;
    }
    if (ss->bytes_sent > rekey_max_bytes * 0.7)
    {
      if (ss->rekey_initiated == GNUNET_NO)
      {
        GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                    "Injecting rekey for ss with byte sent %lu\n",
                    (unsigned long) ss->bytes_sent);
        create_rekey (receiver, ss, &rekey);
        inject_rekey = GNUNET_YES;
        payload_len += sizeof (rekey);
        ss->rekey_initiated = GNUNET_YES;
      }
    }
    if (0 < ss->sequence_used)
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Trying to send UDPBox with shared secret %s sequence_used %u and ss->sequence_allowed %u\n",
                  GNUNET_sh2s (&ss->master),
                  ss->sequence_used,
                  ss->sequence_allowed);
    {
      char dgram[payload_len];
      struct UDPBox *box;
      gcry_cipher_hd_t out_cipher;
      size_t dpos;
 
      box = (struct UDPBox *) dgram;
      ss->sequence_used++;
      get_kid (&ss->master, ss->sequence_used, &box->kid);
      setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
      /* Append encrypted payload to dgram */
      dpos = sizeof(struct UDPBox);
      if (GNUNET_YES == inject_rekey)
      {
        GNUNET_assert (
          0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], sizeof (rekey),
                                    &rekey, sizeof (rekey)));
        dpos += sizeof (rekey);
      }
      GNUNET_assert (
        0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
      dpos += msize;
      do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
      GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
                                              box->gcm_tag,
                                              sizeof(box->gcm_tag)));
      gcry_cipher_close (out_cipher);
 
      if (-1 == GNUNET_NETWORK_socket_sendto (get_socket (receiver),
                                              dgram,
                                              payload_len, // FIXME why always send sizeof dgram?
                                              receiver->address,
                                              receiver->address_len))
      {
        GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "send");
        GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                    "Sending UDPBox to %s family %d failed sock %p failed\n",
                    GNUNET_a2s (receiver->address,
                                receiver->address_len),
                    receiver->address->sa_family,
                    get_socket (receiver));
        receiver_destroy (receiver);
        return;
      }
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "Sending UDPBox with payload size %u, %u acks left, %lu bytes sent with socket %p\n",
                  msize,
                  receiver->acks_available,
                  (unsigned long) ss->bytes_sent,
                  get_socket (receiver));
      ss->bytes_sent += sizeof (dgram);
      receiver->acks_available--;
      GNUNET_MQ_impl_send_continue (mq);
      return;
    }
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "No suitable ss found, sending as KX...\n");
  send_msg_with_kx (msg, receiver, mq);
}

References SharedSecret::bytes_sent, create_rekey(), do_pad(), UDPBox::gcm_tag, get_kid(), get_socket(), GNUNET_a2s(), GNUNET_assert, GNUNET_break, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_ERROR_TYPE_WARNING, GNUNET_log, GNUNET_log_strerror, GNUNET_MQ_impl_send_continue(), GNUNET_NETWORK_socket_sendto(), GNUNET_NO, GNUNET_sh2s(), GNUNET_YES, inject_rekey(), UDPBox::kid, SharedSecret::master, MAX_SECRETS, mq, msg, SharedSecret::prev, purge_secrets(), receiver(), receiver_destroy(), SharedSecret::rekey_initiated, rekey_max_bytes, reschedule_receiver_timeout(), secret_destroy(), send_msg_with_kx(), SharedSecret::sequence_allowed, SharedSecret::sequence_used, setup_cipher(), and GNUNET_MessageHeader::size.

Referenced by setup_receiver_mq().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mq_destroy_d()

static void mq_destroy_d	(	struct GNUNET_MQ_Handle *	mq,
		void *	impl_state
	)

static

Signature of functions implementing the destruction of a message queue.

Implementations must not free mq, but should take care of impl_state.

Parameters

mq	the message queue to destroy
impl_state	our `struct ReceiverAddress`

Definition at line 2932 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = impl_state;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Default MQ destroyed\n");
  if (mq == receiver->d_mq)
  {
    receiver->d_mq = NULL;
    if (GNUNET_YES != receiver->receiver_destroy_called)
      receiver_destroy (receiver);
  }
}

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_YES, mq, receiver(), and receiver_destroy().

Referenced by setup_receiver_mq().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mq_destroy_kx()

static void mq_destroy_kx	(	struct GNUNET_MQ_Handle *	mq,
		void *	impl_state
	)

static

Signature of functions implementing the destruction of a message queue.

Implementations must not free mq, but should take care of impl_state.

Parameters

mq	the message queue to destroy
impl_state	our `struct ReceiverAddress`

Definition at line 2955 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = impl_state;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "KX MQ destroyed\n");
  if (mq == receiver->kx_mq)
  {
    receiver->kx_mq = NULL;
    if (GNUNET_YES != receiver->receiver_destroy_called)
      receiver_destroy (receiver);
  }
}

References GNUNET_ERROR_TYPE_DEBUG, GNUNET_log, GNUNET_YES, mq, receiver(), and receiver_destroy().

Referenced by setup_receiver_mq().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mq_cancel()

static void mq_cancel	(	struct GNUNET_MQ_Handle *	mq,
		void *	impl_state
	)

static

Implementation function that cancels the currently sent message.

Parameters

mq	message queue
impl_state	our `struct RecvierAddress`

Definition at line 2976 of file gnunet-communicator-udp.c.

{
  /* Cancellation is impossible with UDP; bail */
  GNUNET_assert (0);
}

References GNUNET_assert.

Referenced by setup_receiver_mq().

Here is the caller graph for this function:

◆ mq_error()

static void mq_error	(	void *	cls,
		enum GNUNET_MQ_Error	error
	)

static

Generic error handler, called with the appropriate error code and the same closure specified at the creation of the message queue.

Not every message queue implementation supports an error handler.

Parameters

cls	our `struct ReceiverAddress`
error	error code

Definition at line 2993 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = cls;
 
  GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
              "MQ error in queue to %s: %d\n",
              GNUNET_i2s (&receiver->target),
              (int) error);
  receiver_destroy (receiver);
}

References GNUNET_ERROR_TYPE_ERROR, GNUNET_i2s(), GNUNET_log, receiver(), and receiver_destroy().

Referenced by setup_receiver_mq().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ mq_init()

static int mq_init	(	void *	cls,
		const struct GNUNET_PeerIdentity *	peer,
		const char *	address
	)

static

Function called by the transport service to initialize a message queue given address information about another peer.

If and when the communication channel is established, the communicator must call GNUNET_TRANSPORT_communicator_mq_add() to notify the service that the channel is now up. It is the responsibility of the communicator to manage sane retries and timeouts for any peer/address combination provided by the transport service. Timeouts and retries do not need to be signalled to the transport service.

Parameters

cls	closure
peer	identity of the other peer
address	where to send the message, human-readable communicator-specific format, 0-terminated, UTF-8

Returns: GNUNET_OK on success, GNUNET_SYSERR if the provided address is invalid

Definition at line 3094 of file gnunet-communicator-udp.c.

{
  (void) cls;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "create receiver for mq_init\n");
  return create_receiver (peer,
                          address,
                          NULL);
}

References address, create_receiver(), GNUNET_ERROR_TYPE_DEBUG, and GNUNET_log.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ get_receiver_delete_it()

static int get_receiver_delete_it	(	void *	cls,
		const struct GNUNET_HashCode *	target,
		void *	value
	)

static

Iterator over all receivers to clean up.

Parameters

cls	NULL
target	unused
value	the queue to destroy

Returns: GNUNET_OK to continue to iterate

Definition at line 3114 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = value;
 
  (void) cls;
  (void) target;
  receiver_destroy (receiver);
  return GNUNET_OK;
}

References GNUNET_OK, receiver(), receiver_destroy(), ReceiverAddress::target, and value.

Referenced by do_shutdown().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ get_sender_delete_it()

static int get_sender_delete_it	(	void *	cls,
		const struct GNUNET_HashCode *	target,
		void *	value
	)

static

Iterator over all senders to clean up.

Parameters

cls	NULL
target	unused
value	the queue to destroy

Returns: GNUNET_OK to continue to iterate

Definition at line 3136 of file gnunet-communicator-udp.c.

{
  struct SenderAddress *sender = value;
 
  (void) cls;
  (void) target;
 
 
  sender_destroy (sender);
  return GNUNET_OK;
}

References GNUNET_OK, sender_destroy(), SenderAddress::target, and value.

Referenced by do_shutdown().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ do_shutdown()

static void do_shutdown ( void * cls )

static

Shutdown the UNIX communicator.

Parameters

cls	NULL (always)

Definition at line 3157 of file gnunet-communicator-udp.c.

{
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "do_shutdown\n");
  GNUNET_stop_burst (NULL);
  if (NULL != nat)
  {
    GNUNET_NAT_unregister (nat);
    nat = NULL;
  }
  while (NULL != bi_head)
    bi_destroy (bi_head);
  if (NULL != broadcast_task)
  {
    GNUNET_SCHEDULER_cancel (broadcast_task);
    broadcast_task = NULL;
  }
  if (NULL != timeout_task)
  {
    GNUNET_SCHEDULER_cancel (timeout_task);
    timeout_task = NULL;
  }
  if (NULL != read_v6_task)
  {
    GNUNET_SCHEDULER_cancel (read_v6_task);
    read_v6_task = NULL;
  }
  if (NULL != read_v4_task)
  {
    GNUNET_SCHEDULER_cancel (read_v4_task);
    read_v4_task = NULL;
  }
  if (NULL != default_v6_sock)
  {
    GNUNET_break (GNUNET_OK ==
                  GNUNET_NETWORK_socket_close (default_v6_sock));
    default_v6_sock = NULL;
  }
  if (NULL != default_v4_sock)
  {
    GNUNET_break (GNUNET_OK ==
                  GNUNET_NETWORK_socket_close (default_v4_sock));
    default_v4_sock = NULL;
  }
  GNUNET_CONTAINER_multihashmap_iterate (receivers,
                                         &get_receiver_delete_it,
                                         NULL);
  GNUNET_CONTAINER_multihashmap_destroy (receivers);
  GNUNET_CONTAINER_multihashmap_iterate (senders,
                                         &get_sender_delete_it,
                                         NULL);
  GNUNET_CONTAINER_multihashmap_destroy (senders);
  GNUNET_CONTAINER_multishortmap_destroy (key_cache);
  GNUNET_CONTAINER_heap_destroy (senders_heap);
  GNUNET_CONTAINER_heap_destroy (receivers_heap);
  if (NULL != timeout_task)
  {
    GNUNET_SCHEDULER_cancel (timeout_task);
    timeout_task = NULL;
  }
  if (NULL != ch)
  {
    GNUNET_TRANSPORT_communicator_disconnect (ch);
    ch = NULL;
  }
  if (NULL != ah)
  {
    GNUNET_TRANSPORT_application_done (ah);
    ah = NULL;
  }
  if (NULL != pils)
  {
    GNUNET_PILS_disconnect (pils);
    pils = NULL;
  }
  if (NULL != stats)
  {
    GNUNET_STATISTICS_destroy (stats, GNUNET_YES);
    stats = NULL;
  }
  if (NULL != my_private_key)
  {
    GNUNET_free (my_private_key);
    my_private_key = NULL;
  }
  if (NULL != is)
  {
    GNUNET_NT_scanner_done (is);
    is = NULL;
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "do_shutdown finished\n");
}

References ah, bi_destroy(), bi_head, broadcast_task, ch, default_v4_sock, default_v6_sock, get_receiver_delete_it(), get_sender_delete_it(), GNUNET_break, GNUNET_CONTAINER_heap_destroy(), GNUNET_CONTAINER_multihashmap_destroy(), GNUNET_CONTAINER_multihashmap_iterate(), GNUNET_CONTAINER_multishortmap_destroy(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_log, GNUNET_NAT_unregister(), GNUNET_NETWORK_socket_close(), GNUNET_NT_scanner_done(), GNUNET_OK, GNUNET_PILS_disconnect(), GNUNET_SCHEDULER_cancel(), GNUNET_STATISTICS_destroy(), GNUNET_stop_burst(), GNUNET_TRANSPORT_application_done(), GNUNET_TRANSPORT_communicator_disconnect(), GNUNET_YES, is, key_cache, my_private_key, nat, pils, read_v4_task, read_v6_task, receivers, receivers_heap, senders, senders_heap, stats, and timeout_task.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ handle_ack_by_sender()

static int handle_ack_by_sender	(	void *	cls,
		const struct GNUNET_HashCode *	key,
		void *	value
	)

static

Definition at line 3260 of file gnunet-communicator-udp.c.

{
  struct ReceiverAddress *receiver = value;
  struct AckInfo *ai = cls;
 
  if (0 != GNUNET_memcmp (ai->sender, &receiver->target))
  {
    return GNUNET_YES;
  }
  handle_ack ((void*) ai->ack, key, receiver);
  return GNUNET_YES;
}

References ai, GNUNET_memcmp, GNUNET_YES, handle_ack(), key, receiver(), and value.

Referenced by enc_notify_cb().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ enc_notify_cb()

static void enc_notify_cb	(	void *	cls,
		const struct GNUNET_PeerIdentity *	sender,
		const struct GNUNET_MessageHeader *	msg
	)

static

Function called when the transport service has received a backchannel message for this communicator (!) via a different return path.

Should be an acknowledgement.

Parameters

cls	closure, NULL
sender	which peer sent the notification
msg	payload

Definition at line 3284 of file gnunet-communicator-udp.c.

{
  struct AckInfo ai;
 
  (void) cls;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Storing UDPAck received from backchannel from %s\n",
              GNUNET_i2s_full (sender));
  if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
      (ntohs (msg->size) != sizeof(struct UDPAck)))
  {
    GNUNET_break_op (0);
    return;
  }
  ai.ack = (const struct UDPAck *) msg;
  ai.sender = sender;
  GNUNET_CONTAINER_multihashmap_iterate (receivers,
                                         &handle_ack_by_sender,
                                         &ai);
}

References ai, GNUNET_break_op, GNUNET_CONTAINER_multihashmap_iterate(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_i2s_full(), GNUNET_log, GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK, handle_ack_by_sender(), msg, receivers, AckInfo::sender, GNUNET_MessageHeader::size, and GNUNET_MessageHeader::type.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ nat_address_cb()

static void nat_address_cb	(	void *	cls,
		void **	app_ctx,
		int	add_remove,
		enum GNUNET_NAT_AddressClass	ac,
		const struct sockaddr *	addr,
		socklen_t	addrlen
	)

static

Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of 'valid' addresses changes.

Parameters

cls	closure
app_ctx[in,out]	location where the app can store stuff on add and retrieve it on remove
add_remove	GNUNET_YES to add a new public IP address, GNUNET_NO to remove a previous (now invalid) one
ac	address class the address belongs to
addr	either the previous or the new public IP address
addrlen	actual length of the addr

Definition at line 3322 of file gnunet-communicator-udp.c.

{
  char *my_addr;
  struct GNUNET_TRANSPORT_AddressIdentifier *ai;
 
  if (GNUNET_YES == add_remove)
  {
    enum GNUNET_NetworkType nt;
 
    GNUNET_asprintf (&my_addr,
                     "%s-%s",
                     COMMUNICATOR_ADDRESS_PREFIX,
                     GNUNET_a2s (addr, addrlen));
    nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
    ai =
      GNUNET_TRANSPORT_communicator_address_add (ch,
                                                 my_addr,
                                                 nt,
                                                 GNUNET_TIME_UNIT_FOREVER_REL);
    GNUNET_free (my_addr);
    *app_ctx = ai;
  }
  else
  {
    ai = *app_ctx;
    GNUNET_TRANSPORT_communicator_address_remove (ai);
    *app_ctx = NULL;
  }
}

References ai, ch, COMMUNICATOR_ADDRESS_PREFIX, GNUNET_a2s(), GNUNET_asprintf(), GNUNET_free, GNUNET_NT_scanner_get_type(), GNUNET_TIME_UNIT_FOREVER_REL, GNUNET_TRANSPORT_communicator_address_add(), GNUNET_TRANSPORT_communicator_address_remove(), GNUNET_YES, is, and nt.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ ifc_broadcast()

static void ifc_broadcast ( void * cls )

static

Broadcast our presence on one of our interfaces.

Parameters

cls	a `struct BroadcastInterface`

Definition at line 3364 of file gnunet-communicator-udp.c.

{
  struct BroadcastInterface *bi = cls;
  struct GNUNET_TIME_Relative delay;
 
  delay = BROADCAST_FREQUENCY;
  delay.rel_value_us =
    GNUNET_CRYPTO_random_u64 (GNUNET_CRYPTO_QUALITY_WEAK, delay.rel_value_us);
  bi->broadcast_task =
    GNUNET_SCHEDULER_add_delayed (delay, &ifc_broadcast, bi);
 
  switch (bi->sa->sa_family)
  {
  case AF_INET: {
      static int yes = 1;
      static int no = 0;
      ssize_t sent;
 
      if (GNUNET_OK !=
          GNUNET_NETWORK_socket_setsockopt (default_v4_sock,
                                            SOL_SOCKET,
                                            SO_BROADCAST,
                                            &yes,
                                            sizeof(int)))
        GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
                             "setsockopt");
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "creating UDPBroadcast from %s\n",
                  GNUNET_i2s (&(bi->bcm.sender)));
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "sending UDPBroadcast to add %s\n",
                  GNUNET_a2s (bi->ba, bi->salen));
      sent = GNUNET_NETWORK_socket_sendto (default_v4_sock,
                                           &bi->bcm,
                                           sizeof(bi->bcm),
                                           bi->ba,
                                           bi->salen);
      if (-1 == sent)
        GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
                             "sendto");
      if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (default_v4_sock,
                                                         SOL_SOCKET,
                                                         SO_BROADCAST,
                                                         &no,
                                                         sizeof(int)))
        GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
                             "setsockopt");
      break;
    }
 
  case AF_INET6: {
      ssize_t sent;
      struct sockaddr_in6 dst;
 
      dst.sin6_family = AF_INET6;
      dst.sin6_port = htons (my_port);
      dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
      dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
 
      GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                  "sending UDPBroadcast\n");
      sent = GNUNET_NETWORK_socket_sendto (default_v6_sock,
                                           &bi->bcm,
                                           sizeof(bi->bcm),
                                           (const struct sockaddr *) &dst,
                                           sizeof(dst));
      if (-1 == sent)
        GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "sendto");
      break;
    }
 
  default:
    GNUNET_break (0);
    break;
  }
}

References BroadcastInterface::ba, BroadcastInterface::bcm, BROADCAST_FREQUENCY, BroadcastInterface::broadcast_task, default_v4_sock, default_v6_sock, GNUNET_a2s(), GNUNET_break, GNUNET_CRYPTO_QUALITY_WEAK, GNUNET_CRYPTO_random_u64(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_WARNING, GNUNET_i2s(), GNUNET_log, GNUNET_log_strerror, GNUNET_NETWORK_socket_sendto(), GNUNET_NETWORK_socket_setsockopt(), GNUNET_OK, GNUNET_SCHEDULER_add_delayed(), ifc_broadcast(), BroadcastInterface::mcreq, my_port, GNUNET_TIME_Relative::rel_value_us, BroadcastInterface::sa, BroadcastInterface::salen, and UDPBroadcast::sender.

Referenced by iface_proc(), and ifc_broadcast().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ iface_proc()

static int iface_proc	(	void *	cls,
		const char *	name,
		int	isDefault,
		const struct sockaddr *	addr,
		const struct sockaddr *	broadcast_addr,
		const struct sockaddr *	netmask,
		socklen_t	addrlen
	)

static

Callback function invoked for each interface found.

Activates/deactivates broadcast interfaces.

Parameters

cls	NULL
name	name of the interface (can be NULL for unknown)
isDefault	is this presumably the default interface
addr	address of this interface (can be NULL for unknown or unassigned)
broadcast_addr	the broadcast address (can be NULL for unknown or unassigned)
netmask	the network mask (can be NULL for unknown or unassigned)
addrlen	length of the address

Returns: GNUNET_OK to continue iteration, GNUNET_SYSERR to abort

Definition at line 3457 of file gnunet-communicator-udp.c.

{
  struct BroadcastInterface *bi;
  enum GNUNET_NetworkType network;
  struct UdpBroadcastSignature ubs;
 
  (void) cls;
  (void) netmask;
  if (NULL == my_private_key)
    return GNUNET_YES;
  if (NULL == addr)
    return GNUNET_YES; /* need to know our address! */
  network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
  if (GNUNET_NT_LOOPBACK == network)
  {
    /* Broadcasting on loopback does not make sense */
    return GNUNET_YES;
  }
  for (bi = bi_head; NULL != bi; bi = bi->next)
  {
    if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
    {
      bi->found = GNUNET_YES;
      return GNUNET_OK;
    }
  }
 
  if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
    return GNUNET_OK; /* broadcast_addr is required for IPv6! */
  if ((AF_INET6 == addr->sa_family) && (NULL != default_v6_sock))
    return GNUNET_OK; /* not using IPv6 */
 
  bi = GNUNET_new (struct BroadcastInterface);
  bi->sa = GNUNET_memdup (addr,
                          addrlen);
  if ( (NULL != broadcast_addr) &&
       (addrlen == sizeof (struct sockaddr_in)) )
  {
    struct sockaddr_in *ba;
 
    ba = GNUNET_memdup (broadcast_addr,
                        addrlen);
    ba->sin_port = htons (2086); /* always GNUnet port, ignore configuration! */
    bi->ba = (struct sockaddr *) ba;
  }
  bi->salen = addrlen;
  bi->found = GNUNET_YES;
  bi->bcm.sender = my_identity;
  ubs.purpose.purpose = htonl (
    GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_UDP_BROADCAST);
  ubs.purpose.size = htonl (sizeof(ubs));
  ubs.sender = my_identity;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "creating UDPBroadcastSignature for %s\n",
              GNUNET_a2s (addr, addrlen));
  GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
  GNUNET_CRYPTO_eddsa_sign (my_private_key,
                            &ubs,
                            &bi->bcm.sender_sig);
  if (NULL != bi->ba)
  {
    bi->broadcast_task = GNUNET_SCHEDULER_add_now (&ifc_broadcast, bi);
    GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
  }
  if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
  {
    /* Create IPv6 multicast request */
    const struct sockaddr_in6 *s6 =
      (const struct sockaddr_in6 *) broadcast_addr;
 
    GNUNET_assert (
      1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
 
    /* http://tools.ietf.org/html/rfc2553#section-5.2:
     *
     * IPV6_JOIN_GROUP
     *
     * Join a multicast group on a specified local interface.  If the
     * interface index is specified as 0, the kernel chooses the local
     * interface.  For example, some kernels look up the multicast
     * group in the normal IPv6 routing table and using the resulting
     * interface; we do this for each interface, so no need to use
     * zero (anymore...).
     */
    bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
 
    /* Join the multicast group */
    if (GNUNET_OK != GNUNET_NETWORK_socket_setsockopt (default_v6_sock,
                                                       IPPROTO_IPV6,
                                                       IPV6_JOIN_GROUP,
                                                       &bi->mcreq,
                                                       sizeof(bi->mcreq)))
    {
      GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING, "setsockopt");
    }
  }
  return GNUNET_OK;
}

Referenced by do_broadcast().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ do_broadcast()

static void do_broadcast ( void * cls )

static

Scan interfaces to broadcast our presence on the LAN.

Parameters

cls	NULL, unused

Definition at line 3569 of file gnunet-communicator-udp.c.

{
  struct BroadcastInterface *bin;
 
  (void) cls;
  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
    bi->found = GNUNET_NO;
  GNUNET_OS_network_interfaces_list (&iface_proc, NULL);
  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
  {
    bin = bi->next;
    if (GNUNET_NO == bi->found)
      bi_destroy (bi);
  }
  broadcast_task = GNUNET_SCHEDULER_add_delayed (INTERFACE_SCAN_FREQUENCY,
                                                 &do_broadcast,
                                                 NULL);
}

References bi_destroy(), bi_head, broadcast_task, do_broadcast(), BroadcastInterface::found, GNUNET_NO, GNUNET_OS_network_interfaces_list(), GNUNET_SCHEDULER_add_delayed(), iface_proc(), INTERFACE_SCAN_FREQUENCY, and BroadcastInterface::next.

Referenced by do_broadcast(), pid_change_cb(), and run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ try_connection_reversal()

static void try_connection_reversal	(	void *	cls,
		const struct sockaddr *	addr,
		socklen_t	addrlen
	)

static

Definition at line 3590 of file gnunet-communicator-udp.c.

{
  /* FIXME: support reversal: #5529 */
  GNUNET_log (GNUNET_ERROR_TYPE_INFO,
              "No connection reversal implemented!\n");
}

References GNUNET_ERROR_TYPE_INFO, and GNUNET_log.

Referenced by run().

Here is the caller graph for this function:

◆ udp_socket_notify()

static void udp_socket_notify ( struct GNUNET_UdpSocketInfo * sock_info )

static

Definition at line 3601 of file gnunet-communicator-udp.c.

{
  char *address = sockaddr_to_udpaddr_string (sock_info->actual_address,
                                              sizeof (*sock_info->actual_address
                                                      ));
  create_receiver (sock_info->pid,
                   address,
                   default_v4_sock == sock_info->udp_sock ||
                   default_v6_sock == sock_info->udp_sock ?
                   NULL : sock_info->udp_sock);
  GNUNET_TRANSPORT_communicator_burst_finished (ch);
  GNUNET_free (sock_info);
}

References GNUNET_UdpSocketInfo::actual_address, address, ch, create_receiver(), default_v4_sock, default_v6_sock, GNUNET_free, GNUNET_TRANSPORT_communicator_burst_finished(), GNUNET_UdpSocketInfo::pid, sockaddr_to_udpaddr_string(), and GNUNET_UdpSocketInfo::udp_sock.

Referenced by start_burst().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ start_burst()

static void start_burst	(	const char *	addr,
		struct GNUNET_TIME_Relative	rtt,
		struct GNUNET_PeerIdentity *	pid
	)

static

Definition at line 3617 of file gnunet-communicator-udp.c.

{
  struct GNUNET_UdpSocketInfo *sock_info;
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Communicator was called to start burst to address %s from %s\n",
              addr,
              my_ipv4);
 
  GNUNET_stop_burst (NULL);
 
  sock_info = GNUNET_new (struct GNUNET_UdpSocketInfo);
  sock_info->pid = GNUNET_new (struct GNUNET_PeerIdentity);
  sock_info->address = GNUNET_strdup (addr);
  sock_info->bind_address = my_ipv4;
  sock_info->has_port = GNUNET_YES;
  sock_info->udp_sock = default_v4_sock;
  sock_info->rtt = rtt;
  GNUNET_memcpy (sock_info->pid, pid, sizeof (struct GNUNET_PeerIdentity));
  sock_info->std_port = my_port;
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "1 sock addr %s addr %s rtt %lu %u\n",
              sock_info->address,
              addr,
              (unsigned long) sock_info->rtt.rel_value_us,
              my_port);
  burst_task = GNUNET_get_udp_socket (sock_info,
                                      &udp_socket_notify);
  GNUNET_free (sock_info);
}

References GNUNET_UdpSocketInfo::address, GNUNET_UdpSocketInfo::bind_address, burst_task, default_v4_sock, GNUNET_ERROR_TYPE_DEBUG, GNUNET_free, GNUNET_get_udp_socket(), GNUNET_log, GNUNET_memcpy, GNUNET_new, GNUNET_stop_burst(), GNUNET_strdup, GNUNET_YES, GNUNET_UdpSocketInfo::has_port, my_ipv4, my_port, GNUNET_UdpSocketInfo::pid, pid, GNUNET_TIME_Relative::rel_value_us, GNUNET_UdpSocketInfo::rtt, GNUNET_UdpSocketInfo::std_port, GNUNET_UdpSocketInfo::udp_sock, and udp_socket_notify().

Referenced by reconnect(), and run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ create_udp_socket()

static struct GNUNET_NETWORK_Handle * create_udp_socket	(	const char *	bindto,
		sa_family_t	family,
		struct sockaddr **	out,
		socklen_t *	out_len
	)

static

Definition at line 3652 of file gnunet-communicator-udp.c.

{
  struct GNUNET_NETWORK_Handle *sock;
  struct sockaddr *in;
  socklen_t in_len;
  struct sockaddr_storage in_sto;
  socklen_t sto_len;
 
  in = udp_address_to_sockaddr (bindto, family, &in_len);
  if (NULL == in)
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Failed to setup UDP socket address with path `%s'\n",
                bindto);
    return NULL;
  }
 
  if ((AF_UNSPEC != family) && (in->sa_family != family))
  {
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Invalid UDP socket address setup with path `%s'\n",
                bindto);
    GNUNET_free (in);
    return NULL;
  }
 
  sock =
    GNUNET_NETWORK_socket_create (in->sa_family,
                                  SOCK_DGRAM,
                                  IPPROTO_UDP);
  if (NULL == sock)
  {
    GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, "socket");
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Failed to create socket for %s family %d\n",
                GNUNET_a2s (in,
                            in_len),
                in->sa_family);
    GNUNET_free (in);
    return NULL;
  }
  if (GNUNET_OK !=
      GNUNET_NETWORK_socket_bind (sock,
                                  in,
                                  in_len))
  {
    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
                              "bind",
                              bindto);
    GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
                "Failed to bind socket for %s family %d sock %p\n",
                GNUNET_a2s (in,
                            in_len),
                in->sa_family,
                sock);
    GNUNET_NETWORK_socket_close (sock);
    sock = NULL;
    GNUNET_free (in);
    return NULL;
  }
 
  /* We might have bound to port 0, allowing the OS to figure it out;
     thus, get the real IN-address from the socket */
  sto_len = sizeof(in_sto);
  if (0 != getsockname (GNUNET_NETWORK_get_fd (sock),
                        (struct sockaddr *) &in_sto,
                        &sto_len))
  {
    memcpy (&in_sto, in, in_len);
    sto_len = in_len;
  }
  GNUNET_free (in);
  *out = GNUNET_malloc (sto_len);
  memcpy (*out, (struct sockaddr *) &in_sto, sto_len);
  *out_len = sto_len;
  return sock;
}

References GNUNET_a2s(), GNUNET_ERROR_TYPE_ERROR, GNUNET_free, GNUNET_log, GNUNET_log_strerror, GNUNET_log_strerror_file, GNUNET_malloc, GNUNET_NETWORK_get_fd(), GNUNET_NETWORK_socket_bind(), GNUNET_NETWORK_socket_close(), GNUNET_NETWORK_socket_create(), GNUNET_OK, and udp_address_to_sockaddr().

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ shutdown_run()

static void shutdown_run ( struct sockaddr * addrs[2] )

static

Definition at line 3735 of file gnunet-communicator-udp.c.

{
  if (NULL != addrs[0])
    GNUNET_free (addrs[0]);
  if (NULL != addrs[1])
    GNUNET_free (addrs[1]);
  GNUNET_SCHEDULER_shutdown ();
}

References GNUNET_free, and GNUNET_SCHEDULER_shutdown().

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ load_ikm()

static enum GNUNET_GenericReturnValue load_ikm ( )

static

FIXME: We could alternatively ask PILS for de/encaps, but at a high cost wrt async RPC calls...

Get the initial secret key for generating the peer id. This is supposed to be generated at random once in the lifetime of a peer, so all generated peer ids use the same initial secret key to optain the same peer id per set of addresses.

First check whether there's already a initial secret key. If so: return it. If no initial secret key exists yet, generate at random and store it where it will be found.

Parameters

initial secret key the memory the initial secret key can be written to.

Definition at line 3759 of file gnunet-communicator-udp.c.

{
  char *filename;
  struct GNUNET_DISK_FileHandle *filehandle;
  int ret;
 
  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_filename (cfg,
                                               "pils",
                                               "SECRET_KEY_FILE",
                                               &filename))
  {
    LOG (GNUNET_ERROR_TYPE_ERROR,
         "PILS service is lacking initial secret key file configuration setting. Exiting\n");
    return GNUNET_SYSERR;
  }
  if (NULL == filename)
    return GNUNET_SYSERR;
  ret = GNUNET_DISK_file_test_read (filename);
  if (GNUNET_SYSERR == ret)
    return GNUNET_SYSERR;
  if (GNUNET_NO == ret)
  {
    /* File does not exist - generate a new initial secret key and save it */
    // TODO consider the case that the file exists and ist not readable
    GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE,
                                ikm,
                                sizeof ikm);
    if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (filename))
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "PILS service cannot create dir for saving initial secret key file. Exiting\n");
      return GNUNET_SYSERR;
    }
    filehandle = GNUNET_DISK_file_open (filename,
                                        GNUNET_DISK_OPEN_WRITE
                                        | GNUNET_DISK_OPEN_CREATE,
                                        GNUNET_DISK_PERM_USER_READ   // TODO
                                        |                            // would
                                                                     // the
                                                                     // group
                                                                     // need
                                                                     // read
                                                                     // perm?
                                        GNUNET_DISK_PERM_USER_WRITE);
    if (NULL == filehandle)
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "PILS service had an issue with opening the initial secret key file. Exiting\n");
      GNUNET_DISK_file_close (filehandle);
      return GNUNET_SYSERR;
    }
    ret = GNUNET_DISK_file_write (filehandle,
                                  ikm,
                                  sizeof ikm);
    GNUNET_DISK_file_close (filehandle);
    if (sizeof ikm != ret)
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "PILS service had an issue with writing the initial secret key to file. Exiting\n")
      ;
      return GNUNET_SYSERR;
    }
  }
  else
  {
    /* File existes - just read from it */
    off_t size;
    LOG (GNUNET_ERROR_TYPE_DEBUG,
         "PILS is going to read initial secret key from file %s\n",
         filename);
    filehandle = GNUNET_DISK_file_open (filename,
                                        GNUNET_DISK_OPEN_READ,
                                        GNUNET_DISK_PERM_NONE);
    if (NULL == filehandle)
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "  Not able to open file\n");
      return GNUNET_SYSERR;
    }
    if (GNUNET_OK != GNUNET_DISK_file_handle_size (filehandle, &size))
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "  File has the wrong size %lu\n",
           size);
      GNUNET_DISK_file_close (filehandle);
      return GNUNET_SYSERR;
    }
    if (sizeof ikm != size)
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "  Something is wrong with the file size, expected: %lu size, got: %lu\n",
           size,
           sizeof ikm);
      GNUNET_DISK_file_close (filehandle);
      return GNUNET_SYSERR;
    }
    ret = GNUNET_DISK_file_read (filehandle,
                                 ikm,
                                 sizeof ikm);
    GNUNET_DISK_file_close (filehandle);
    if (sizeof ikm != ret)
    {
      LOG (GNUNET_ERROR_TYPE_ERROR,
           "  Read initial secret key with wrong size %u, expected %lu\n", ret,
           sizeof ikm);
      return GNUNET_SYSERR;
    }
 
  }
  return GNUNET_OK;
}

References cfg, filename, GNUNET_CONFIGURATION_get_value_filename(), GNUNET_CRYPTO_QUALITY_NONCE, GNUNET_CRYPTO_random_block(), GNUNET_DISK_directory_create_for_file(), GNUNET_DISK_file_close(), GNUNET_DISK_file_handle_size(), GNUNET_DISK_file_open(), GNUNET_DISK_file_read(), GNUNET_DISK_file_test_read(), GNUNET_DISK_file_write(), GNUNET_DISK_OPEN_CREATE, GNUNET_DISK_OPEN_READ, GNUNET_DISK_OPEN_WRITE, GNUNET_DISK_PERM_NONE, GNUNET_DISK_PERM_USER_READ, GNUNET_DISK_PERM_USER_WRITE, GNUNET_ERROR_TYPE_DEBUG, GNUNET_ERROR_TYPE_ERROR, GNUNET_NO, GNUNET_OK, GNUNET_SYSERR, ikm, LOG, ret, and size.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ pid_change_cb()

void pid_change_cb	(	void *	cls,
		const struct GNUNET_HELLO_Parser *	parser,
		const struct GNUNET_HashCode *	addr_hash
	)

Definition at line 3874 of file gnunet-communicator-udp.c.

{
  LOG (GNUNET_ERROR_TYPE_DEBUG,
       "Got PID to derive from `%s':\n",
       GNUNET_h2s (addr_hash));
  if (NULL == my_private_key)
    my_private_key = GNUNET_new (struct GNUNET_CRYPTO_EddsaPrivateKey);
 
  GNUNET_PILS_derive_pid (sizeof ikm,
                          (uint8_t*) ikm,
                          addr_hash,
                          my_private_key);
  GNUNET_CRYPTO_eddsa_key_get_public (my_private_key,
                                      &my_identity.public_key);
  eddsa_priv_to_hpke_key (my_private_key,
                          &my_x25519_private_key);
  /* start broadcasting */
  if (GNUNET_YES !=
      GNUNET_CONFIGURATION_get_value_yesno (cfg,
                                            COMMUNICATOR_CONFIG_SECTION,
                                            "DISABLE_BROADCAST"))
  {
    if (NULL == broadcast_task)
      broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
  }
}

References broadcast_task, cfg, COMMUNICATOR_CONFIG_SECTION, do_broadcast(), eddsa_priv_to_hpke_key(), GNUNET_CONFIGURATION_get_value_yesno(), GNUNET_CRYPTO_eddsa_key_get_public(), GNUNET_ERROR_TYPE_DEBUG, GNUNET_h2s(), GNUNET_new, GNUNET_PILS_derive_pid(), GNUNET_SCHEDULER_add_now(), GNUNET_YES, ikm, LOG, my_identity, my_private_key, my_x25519_private_key, and GNUNET_PeerIdentity::public_key.

Referenced by run().

Here is the call graph for this function:

Here is the caller graph for this function:

◆ run()

static void run	(	void *	cls,
		char const	args,
		const char *	cfgfile,
		const struct GNUNET_CONFIGURATION_Handle *	c
	)

static

Definition at line 3905 of file gnunet-communicator-udp.c.

{
  const struct sockaddr_in *v4;
  char *bindto;
  char *bindto6;
  struct sockaddr *in[2];
  socklen_t in_len[2];
 
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Entering the run method of udp communicator.\n");
 
  cfg = c;
  disable_v6 = GNUNET_NO;
  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
      (GNUNET_YES ==
       GNUNET_CONFIGURATION_get_value_yesno (cfg,
                                             COMMUNICATOR_CONFIG_SECTION,
                                             "DISABLE_V6")))
  {
    disable_v6 = GNUNET_YES;
  }
 
  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_string (cfg,
                                             COMMUNICATOR_CONFIG_SECTION,
                                             "BINDTO",
                                             &bindto))
  {
    GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
                               COMMUNICATOR_CONFIG_SECTION,
                               "BINDTO");
    return;
  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "The udp communicator will bind to %s for IPv4\n",
              bindto);
  if (GNUNET_YES != disable_v6)
  {
    if (GNUNET_OK !=
        GNUNET_CONFIGURATION_get_value_string (cfg,
                                               COMMUNICATOR_CONFIG_SECTION,
                                               "BINDTO6",
                                               &bindto6))
    {
      GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
                                 COMMUNICATOR_CONFIG_SECTION,
                                 "BINDTO6");
      return;
    }
 
    GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
                "The udp communicator will bind to %s for IPv6\n",
                bindto6);
  }
  else
    bindto6 = NULL;
  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_time (cfg,
                                           COMMUNICATOR_CONFIG_SECTION,
                                           "REKEY_INTERVAL",
                                           &rekey_interval))
    rekey_interval = DEFAULT_REKEY_TIME_INTERVAL;
 
  if (GNUNET_OK !=
      GNUNET_CONFIGURATION_get_value_size (cfg,
                                           COMMUNICATOR_CONFIG_SECTION,
                                           "REKEY_MAX_BYTES",
                                           &rekey_max_bytes))
  {
    rekey_max_bytes = DEFAULT_REKEY_MAX_BYTES;
  }
 
  memset (in, 0, sizeof(struct sockaddr*) * 2);
  memset (in_len, 0, sizeof(socklen_t) * 2);
 
  GNUNET_assert (bindto);
  default_v4_sock = create_udp_socket (
    bindto, AF_INET, &(in[0]), &(in_len[0]));
  GNUNET_free (bindto);
 
  if (GNUNET_YES != disable_v6)
  {
    GNUNET_assert (bindto6);
    default_v6_sock = create_udp_socket (
      bindto6, AF_INET6, &(in[1]), &(in_len[1]));
    GNUNET_free (bindto6);
  }
  else
    default_v6_sock = NULL;
 
  if ((NULL == default_v4_sock) && (NULL == default_v6_sock))
    return;
 
  my_port = 0;
  if (NULL != default_v4_sock)
  {
    GNUNET_assert (in[0]);
    GNUNET_log_from_nocheck (GNUNET_ERROR_TYPE_INFO,
                             "transport",
                             "Bound to `%s' sock %p\n",
                             GNUNET_a2s ((const struct sockaddr *) in[0],
                                         in_len[0]),
                             default_v4_sock);
 
    v4 = (const struct sockaddr_in *) in[0];
 
    my_ipv4 = GNUNET_malloc (INET_ADDRSTRLEN);
    my_port = ntohs (((struct sockaddr_in *) in[0])->sin_port);
    inet_ntop (AF_INET, &v4->sin_addr, my_ipv4, in_len[0]);
  }
  if (NULL != default_v6_sock)
  {
    GNUNET_assert (in[1]);
    GNUNET_log_from_nocheck (GNUNET_ERROR_TYPE_INFO,
                             "transport",
                             "Bound to `%s' sock %p\n",
                             GNUNET_a2s ((const struct sockaddr *) in[1],
                                         in_len[1]),
                             default_v6_sock);
    my_port = ntohs (((struct sockaddr_in6 *) in[1])->sin6_port);
  }
  stats = GNUNET_STATISTICS_create ("communicator-udp", cfg);
  senders = GNUNET_CONTAINER_multihashmap_create (32, GNUNET_YES);
  receivers = GNUNET_CONTAINER_multihashmap_create (32, GNUNET_YES);
  senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
  receivers_heap =
    GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
  key_cache = GNUNET_CONTAINER_multishortmap_create (1024, GNUNET_YES);
  GNUNET_SCHEDULER_add_shutdown (&do_shutdown, NULL);
  is = GNUNET_NT_scanner_init ();
  /* start reading */
  if (NULL != default_v4_sock)
    read_v4_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
                                                  default_v4_sock,
                                                  &sock_read,
                                                  default_v4_sock);
  else
    read_v4_task = NULL;
  if (NULL != default_v6_sock)
    read_v6_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
                                                  default_v6_sock,
                                                  &sock_read,
                                                  default_v6_sock);
  else
    read_v6_task = NULL;
  ch = GNUNET_TRANSPORT_communicator_connect (cfg,
                                              COMMUNICATOR_CONFIG_SECTION,
                                              COMMUNICATOR_ADDRESS_PREFIX,
                                              GNUNET_TRANSPORT_CC_UNRELIABLE,
                                              &mq_init,
                                              NULL,
                                              &enc_notify_cb,
                                              NULL,
                                              &start_burst);
  if (NULL == ch)
  {
    GNUNET_break (0);
    shutdown_run (in);
    return;
  }
  ah = GNUNET_TRANSPORT_application_init (cfg);
  if (NULL == ah)
  {
    GNUNET_break (0);
    shutdown_run (in);
    return;
  }
  /* start broadcasting */
  if (GNUNET_YES !=
      GNUNET_CONFIGURATION_get_value_yesno (cfg,
                                            COMMUNICATOR_CONFIG_SECTION,
                                            "DISABLE_BROADCAST"))
  {
    broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
  }
  load_ikm ();
  pils = GNUNET_PILS_connect (cfg, &pid_change_cb, NULL);
  GNUNET_assert (NULL != pils);
 
  nat = GNUNET_NAT_register (cfg,
                             COMMUNICATOR_CONFIG_SECTION,
                             IPPROTO_UDP,
                             (NULL != in[0]? 1 : 0)
                             + (NULL != in[1]? 1 : 0),
                             (const struct sockaddr**)
                             (NULL != in[0]? in : &(in[1])),
                             NULL != in[0]? in_len : &(in_len[1]),
                             &nat_address_cb,
                             try_connection_reversal,
                             NULL /* closure */);
  if (NULL != in[0])
    GNUNET_free (in[0]);
  if (NULL != in[1])
    GNUNET_free (in[1]);
}