GNUnet  0.11.x
gnunet-communicator-udp.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
40 #include "platform.h"
41 #include "gnunet_util_lib.h"
42 #include "gnunet_protocols.h"
43 #include "gnunet_signatures.h"
44 #include "gnunet_constants.h"
45 #include "gnunet_nt_lib.h"
46 #include "gnunet_nat_service.h"
50 
54 #define REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
55 
59 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
60 
64 #define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
65 
69 #define INTERFACE_SCAN_FREQUENCY \
70  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
71 
76 #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
77 
81 #define AES_KEY_SIZE (256 / 8)
82 
86 #define AES_IV_SIZE (96 / 8)
87 
91 #define GCM_TAG_SIZE (128 / 8)
92 
102 #define KCN_THRESHOLD 92
103 
110 #define KCN_TARGET 128
111 
121 #define MAX_SQN_DELTA 160
122 
132 #define MAX_SECRETS 128
133 
138 #define REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
139 
144 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
145 
149 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
150 
152 
153 
160 {
165 
170 
175 
180 
186 };
187 
188 
193 struct InitialKX
194 {
199 
204  char gcm_tag[GCM_TAG_SIZE];
205 };
206 
207 
213 {
218 
222  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
223 
228  struct GNUNET_TIME_AbsoluteNBO monotonic_time;
229 
230  /* followed by messages */
231 
232  /* padding may follow actual messages */
233 };
234 
235 
240 struct UDPAck
241 {
245  struct GNUNET_MessageHeader header;
246 
251  uint32_t sequence_max GNUNET_PACKED;
252 
256  struct GNUNET_HashCode cmac;
257 };
258 
259 
269 {
274 
279 
283  struct GNUNET_HashCode h_address;
284 };
285 
286 
294 {
299 
304  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
305 };
306 
307 
312 struct UDPBox
313 {
322 
330  char gcm_tag[GCM_TAG_SIZE];
331 };
332 
333 
335 
339 struct SharedSecret;
340 
341 
347 {
352 
357 
366 
370  struct SharedSecret *ss;
371 
375  uint32_t sequence_number;
376 };
377 
378 
383 struct SenderAddress;
384 
389 struct ReceiverAddress;
390 
395 {
400 
405 
410 
415 
420 
425 
429  struct GNUNET_HashCode master;
430 
434  struct GNUNET_HashCode cmac;
435 
440  uint32_t sequence_used;
441 
448 
452  unsigned int active_kce_count;
453 };
454 
455 
461 {
465  struct GNUNET_PeerIdentity target;
466 
471 
476 
481 
485  struct sockaddr *address;
486 
490  socklen_t address_len;
491 
496 
500  unsigned int num_secrets;
501 
506 };
507 
508 
514 {
518  struct GNUNET_PeerIdentity target;
519 
524 
529 
535 
539  struct sockaddr *address;
540 
544  socklen_t address_len;
545 
550 
555 
560 
565 
569  size_t mtu;
570 
574  unsigned int num_secrets;
575 
580  unsigned int acks_available;
581 
586 };
587 
588 
593 {
598 
603 
608 
612  struct sockaddr *sa;
613 
617  struct sockaddr *ba;
618 
622  struct UDPBroadcast bcm;
623 
628  struct ipv6_mreq mcreq;
629 
633  socklen_t salen;
634 
638  int found;
639 };
640 
641 
646 
651 
656 
661 
666 
671 
676 
681 
686 
691 
696 
701 
706 
710 static int have_v6_socket;
711 
716 
721 
725 static const struct GNUNET_CONFIGURATION_Handle *cfg;
726 
731 
736 
740 static struct GNUNET_NAT_Handle *nat;
741 
745 static uint16_t my_port;
746 
747 
753 static void
755 {
756  if (AF_INET6 == bi->sa->sa_family)
757  {
758  /* Leave the multicast group */
760  IPPROTO_IPV6,
761  IPV6_LEAVE_GROUP,
762  &bi->mcreq,
763  sizeof(bi->mcreq)))
764  {
766  }
767  }
768  GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
770  GNUNET_free (bi->sa);
771  GNUNET_free_non_null (bi->ba);
772  GNUNET_free (bi);
773 }
774 
775 
781 static void
783 {
784  struct GNUNET_MQ_Handle *mq;
785 
787  "Disconnecting receiver for peer `%s'\n",
788  GNUNET_i2s (&receiver->target));
789  if (NULL != (mq = receiver->mq))
790  {
791  receiver->mq = NULL;
792  GNUNET_MQ_destroy (mq);
793  }
794  if (NULL != receiver->qh)
795  {
797  receiver->qh = NULL;
798  }
801  &receiver->target,
802  receiver));
803  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
804  GNUNET_STATISTICS_set (stats,
805  "# receivers active",
807  GNUNET_NO);
808  GNUNET_free (receiver->address);
809  GNUNET_free (receiver->foreign_addr);
810  GNUNET_free (receiver);
811 }
812 
813 
819 static void
821 {
822  struct SharedSecret *ss = kce->ss;
823 
824  ss->active_kce_count--;
827  &kce->kid,
828  kce));
829  GNUNET_free (kce);
830 }
831 
832 
840 static void
841 get_kid (const struct GNUNET_HashCode *msec,
842  uint32_t serial,
843  struct GNUNET_ShortHashCode *kid)
844 {
845  uint32_t sid = htonl (serial);
846 
847  GNUNET_CRYPTO_hkdf (kid,
848  sizeof(*kid),
849  GCRY_MD_SHA512,
850  GCRY_MD_SHA256,
851  &sid,
852  sizeof(sid),
853  msec,
854  sizeof(*msec),
855  "UDP-KID",
856  strlen ("UDP-KID"),
857  NULL,
858  0);
859 }
860 
861 
868 static void
869 kce_generate (struct SharedSecret *ss, uint32_t seq)
870 {
871  struct KeyCacheEntry *kce;
872 
873  GNUNET_assert (0 < seq);
874  kce = GNUNET_new (struct KeyCacheEntry);
875  kce->ss = ss;
876  kce->sequence_number = seq;
877  get_kid (&ss->master, seq, &kce->kid);
879  ss->active_kce_count++;
881  key_cache,
882  &kce->kid,
883  kce,
885  GNUNET_STATISTICS_set (stats,
886  "# KIDs active",
888  GNUNET_NO);
889 }
890 
891 
897 static void
899 {
900  struct SenderAddress *sender;
901  struct ReceiverAddress *receiver;
902  struct KeyCacheEntry *kce;
903 
904  if (NULL != (sender = ss->sender))
905  {
906  GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
907  sender->num_secrets--;
908  }
909  if (NULL != (receiver = ss->receiver))
910  {
911  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
912  receiver->num_secrets--;
913  receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
914  }
915  while (NULL != (kce = ss->kce_head))
916  kce_destroy (kce);
917  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
918  GNUNET_STATISTICS_set (stats,
919  "# KIDs active",
921  GNUNET_NO);
922  GNUNET_free (ss);
923 }
924 
925 
932 static void
934 {
935  GNUNET_assert (
936  GNUNET_YES ==
937  GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
938  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
939  GNUNET_STATISTICS_set (stats,
940  "# senders active",
942  GNUNET_NO);
943  GNUNET_free (sender->address);
944  GNUNET_free (sender);
945 }
946 
947 
956 static void
957 get_iv_key (const struct GNUNET_HashCode *msec,
958  uint32_t serial,
959  char key[AES_KEY_SIZE],
960  char iv[AES_IV_SIZE])
961 {
962  uint32_t sid = htonl (serial);
963  char res[AES_KEY_SIZE + AES_IV_SIZE];
964 
965  GNUNET_CRYPTO_hkdf (res,
966  sizeof(res),
967  GCRY_MD_SHA512,
968  GCRY_MD_SHA256,
969  &sid,
970  sizeof(sid),
971  msec,
972  sizeof(*msec),
973  "UDP-IV-KEY",
974  strlen ("UDP-IV-KEY"),
975  NULL,
976  0);
977  memcpy (key, res, AES_KEY_SIZE);
978  memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
979 }
980 
981 
987 static void
989 {
990  sender->timeout =
993 }
994 
995 
1001 static void
1003 {
1004  receiver->timeout =
1007  receiver->timeout.abs_value_us);
1008 }
1009 
1010 
1016 static void
1017 check_timeouts (void *cls)
1018 {
1019  struct GNUNET_TIME_Relative st;
1020  struct GNUNET_TIME_Relative rt;
1021  struct GNUNET_TIME_Relative delay;
1022  struct ReceiverAddress *receiver;
1023  struct SenderAddress *sender;
1024 
1025  (void) cls;
1026  timeout_task = NULL;
1028  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1029  {
1031  if (0 != rt.rel_value_us)
1032  break;
1033  receiver_destroy (receiver);
1034  }
1036  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1037  {
1039  if (0 != st.rel_value_us)
1040  break;
1041  sender_destroy (sender);
1042  }
1043  delay = GNUNET_TIME_relative_min (rt, st);
1044  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1045  timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1046 }
1047 
1048 
1054 static void
1056 {
1057  GNUNET_CRYPTO_hkdf (&ss->cmac,
1058  sizeof(ss->cmac),
1059  GCRY_MD_SHA512,
1060  GCRY_MD_SHA256,
1061  "CMAC",
1062  strlen ("CMAC"),
1063  &ss->master,
1064  sizeof(ss->master),
1065  "UDP-CMAC",
1066  strlen ("UDP-CMAC"),
1067  NULL,
1068  0);
1069 }
1070 
1071 
1080 static void
1082  const void *plaintext,
1083  size_t plaintext_len)
1084 {
1085  const struct GNUNET_MessageHeader *hdr = plaintext;
1086  const char *pos = plaintext;
1087 
1088  while (ntohs (hdr->size) < plaintext_len)
1089  {
1090  GNUNET_STATISTICS_update (stats,
1091  "# bytes given to core",
1092  ntohs (hdr->size),
1093  GNUNET_NO);
1095  "Giving %u bytes to TNG\n", ntohs (hdr->size));
1098  &sender->target,
1099  hdr,
1101  NULL /* no flow control possible */
1102  ,
1103  NULL));
1104  /* move on to next message, if any */
1105  plaintext_len -= ntohs (hdr->size);
1106  if (plaintext_len < sizeof(*hdr))
1107  break;
1108  pos += ntohs (hdr->size);
1109  hdr = (const struct GNUNET_MessageHeader *) pos;
1110  // TODO for now..., we do not actually sen >1msg or have a way of telling
1111  // if we are done
1112  break;
1113  }
1114  GNUNET_STATISTICS_update (stats,
1115  "# bytes padding discarded",
1116  plaintext_len,
1117  GNUNET_NO);
1118 }
1119 
1120 
1129 static void
1130 setup_cipher (const struct GNUNET_HashCode *msec,
1131  uint32_t serial,
1132  gcry_cipher_hd_t *cipher)
1133 {
1134  char key[AES_KEY_SIZE];
1135  char iv[AES_IV_SIZE];
1136  int rc;
1137 
1138  GNUNET_assert (0 ==
1139  gcry_cipher_open (cipher,
1140  GCRY_CIPHER_AES256 /* low level: go for speed */,
1141  GCRY_CIPHER_MODE_GCM,
1142  0 /* flags */));
1143  get_iv_key (msec, serial, key, iv);
1144  rc = gcry_cipher_setkey (*cipher, key, sizeof(key));
1145  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1146  rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1147  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1148 }
1149 
1150 
1163 static int
1164 try_decrypt (const struct SharedSecret *ss,
1165  const char tag[GCM_TAG_SIZE],
1166  uint32_t serial,
1167  const char *in_buf,
1168  size_t in_buf_size,
1169  char *out_buf)
1170 {
1171  gcry_cipher_hd_t cipher;
1172 
1173  setup_cipher (&ss->master, serial, &cipher);
1174  GNUNET_assert (
1175  0 ==
1176  gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1177  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1178  {
1179  gcry_cipher_close (cipher);
1180  GNUNET_STATISTICS_update (stats,
1181  "# AEAD authentication failures",
1182  1,
1183  GNUNET_NO);
1184  return GNUNET_SYSERR;
1185  }
1186  gcry_cipher_close (cipher);
1187  return GNUNET_OK;
1188 }
1189 
1190 
1197 static struct SharedSecret *
1199 {
1200  struct SharedSecret *ss;
1201 
1202  ss = GNUNET_new (struct SharedSecret);
1203  GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1204  return ss;
1205 }
1206 
1207 
1215 static struct SharedSecret *
1217  struct ReceiverAddress *receiver)
1218 {
1219  struct SharedSecret *ss;
1220 
1221  ss = GNUNET_new (struct SharedSecret);
1222  GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1223  &receiver->target.public_key,
1224  &ss->master);
1225  calculate_cmac (ss);
1226  ss->receiver = receiver;
1227  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1228  receiver->num_secrets++;
1229  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1230  return ss;
1231 }
1232 
1233 
1241 static void
1243 
1244 
1255 static int
1256 handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1257 {
1258  const struct UDPAck *ack = cls;
1259  struct ReceiverAddress *receiver = value;
1260 
1261  (void) pid;
1262  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1263  {
1264  if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1265  {
1266  uint32_t allowed;
1267 
1268  allowed = ntohl (ack->sequence_max);
1269 
1270  if (allowed > ss->sequence_allowed)
1271  {
1272  receiver->acks_available += (allowed - ss->sequence_allowed);
1273  if ((allowed - ss->sequence_allowed) == receiver->acks_available)
1274  {
1275  /* we just incremented from zero => MTU change! */
1276  setup_receiver_mq (receiver);
1277  }
1278  ss->sequence_allowed = allowed;
1279  /* move ss to head to avoid discarding it anytime soon! */
1280  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1281  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1282  }
1283  return GNUNET_NO;
1284  }
1285  }
1286  return GNUNET_YES;
1287 }
1288 
1289 
1298 static void
1300  const void *buf,
1301  size_t buf_size)
1302 {
1303  const struct GNUNET_MessageHeader *hdr =
1304  (const struct GNUNET_MessageHeader *) buf;
1305  const struct UDPAck *ack = (const struct UDPAck *) buf;
1306  uint16_t type;
1307 
1308  if (sizeof(*hdr) > buf_size)
1309  return; /* not even a header */
1310  if (ntohs (hdr->size) > buf_size)
1311  return; /* not even a header */
1312  type = ntohs (hdr->type);
1313  switch (type)
1314  {
1316  /* lookup master secret by 'cmac', then update sequence_max */
1318  &sender->target,
1319  &handle_ack,
1320  (void *) ack);
1321  /* There could be more messages after the ACK, handle those as well */
1322  buf += ntohs (hdr->size);
1323  buf_size -= ntohs (hdr->size);
1324  pass_plaintext_to_core (sender, buf, buf_size);
1325  break;
1326 
1328  /* skip padding */
1329  break;
1330 
1331  default:
1332  pass_plaintext_to_core (sender, buf, buf_size);
1333  }
1334 }
1335 
1336 
1345 static void
1347 {
1348  GNUNET_assert (NULL != ss->sender);
1349  /* drop ancient KeyCacheEntries */
1350  while ((NULL != ss->kce_head) &&
1351  (MAX_SQN_DELTA <
1353  kce_destroy (ss->kce_tail);
1354  if (ss->active_kce_count < KCN_THRESHOLD)
1355  {
1356  struct UDPAck ack;
1357 
1358  while (ss->active_kce_count < KCN_TARGET)
1359  kce_generate (ss, ++ss->sequence_allowed);
1361  ack.header.size = htons (sizeof(ack));
1362  ack.sequence_max = htonl (ss->sequence_allowed);
1363  ack.cmac = ss->cmac;
1365  &ss->sender->target,
1367  &ack.header);
1368  }
1369 }
1370 
1371 
1379 static void
1380 decrypt_box (const struct UDPBox *box,
1381  size_t box_len,
1382  struct KeyCacheEntry *kce)
1383 {
1384  struct SharedSecret *ss = kce->ss;
1385  char out_buf[box_len - sizeof(*box)];
1386 
1387  GNUNET_assert (NULL != ss->sender);
1388  if (GNUNET_OK != try_decrypt (ss,
1389  box->gcm_tag,
1390  kce->sequence_number,
1391  (const char *) &box[1],
1392  sizeof(out_buf),
1393  out_buf))
1394  {
1395  GNUNET_STATISTICS_update (stats,
1396  "# Decryption failures with valid KCE",
1397  1,
1398  GNUNET_NO);
1399  kce_destroy (kce);
1400  return;
1401  }
1402  kce_destroy (kce);
1403  GNUNET_STATISTICS_update (stats,
1404  "# bytes decrypted with BOX",
1405  sizeof(out_buf),
1406  GNUNET_NO);
1407  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1408  consider_ss_ack (ss);
1409 }
1410 
1411 
1415 struct SearchContext
1416 {
1420  const struct sockaddr *address;
1421 
1425  socklen_t address_len;
1426 
1431 };
1432 
1433 
1442 static int
1444  const struct GNUNET_PeerIdentity *key,
1445  void *value)
1446 {
1447  struct SearchContext *sc = cls;
1448  struct SenderAddress *sender = value;
1449 
1450  if ((sender->address_len == sc->address_len) &&
1451  (0 == memcmp (sender->address, sc->address, sender->address_len)))
1452  {
1453  sc->sender = sender;
1454  return GNUNET_NO; /* stop iterating! */
1455  }
1456  return GNUNET_YES;
1457 }
1458 
1459 
1471 static struct SenderAddress *
1473  const struct sockaddr *address,
1474  socklen_t address_len)
1475 {
1476  struct SenderAddress *sender;
1477  struct SearchContext sc = { .address = address,
1478  .address_len = address_len,
1479  .sender = NULL };
1480 
1482  target,
1484  &sc);
1485  if (NULL != sc.sender)
1486  {
1488  return sc.sender;
1489  }
1490  sender = GNUNET_new (struct SenderAddress);
1491  sender->target = *target;
1492  sender->address = GNUNET_memdup (address, address_len);
1493  sender->address_len = address_len;
1495  senders,
1496  &sender->target,
1497  sender,
1499  GNUNET_STATISTICS_set (stats,
1500  "# senders active",
1502  GNUNET_NO);
1503  sender->timeout =
1505  sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1506  sender,
1507  sender->timeout.abs_value_us);
1508  sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
1509  if (NULL == timeout_task)
1510  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
1511  return sender;
1512 }
1513 
1514 
1522 static int
1524  const struct UDPConfirmation *uc)
1525 {
1526  struct UdpHandshakeSignature uhs;
1527 
1529  uhs.purpose.size = htonl (sizeof(uhs));
1530  uhs.sender = uc->sender;
1531  uhs.receiver = my_identity;
1532  uhs.ephemeral = *ephemeral;
1533  uhs.monotonic_time = uc->monotonic_time;
1536  &uhs.purpose,
1537  &uc->sender_sig,
1538  &uc->sender.public_key);
1539 }
1540 
1541 
1550 static char *
1551 sockaddr_to_udpaddr_string (const struct sockaddr *address,
1552  socklen_t address_len)
1553 {
1554  char *ret;
1555 
1556  switch (address->sa_family)
1557  {
1558  case AF_INET:
1559  GNUNET_asprintf (&ret,
1560  "%s-%s",
1562  GNUNET_a2s (address, address_len));
1563  break;
1564 
1565  case AF_INET6:
1566  GNUNET_asprintf (&ret,
1567  "%s-%s",
1569  GNUNET_a2s (address, address_len));
1570  break;
1571 
1572  default:
1573  GNUNET_assert (0);
1574  }
1575  return ret;
1576 }
1577 
1578 
1584 static void
1585 sock_read (void *cls)
1586 {
1587  struct sockaddr_storage sa;
1588  socklen_t salen = sizeof(sa);
1589  char buf[UINT16_MAX];
1590  ssize_t rcvd;
1591 
1592  (void) cls;
1594  udp_sock,
1595  &sock_read,
1596  NULL);
1597  rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1598  buf,
1599  sizeof(buf),
1600  (struct sockaddr *) &sa,
1601  &salen);
1602  if (-1 == rcvd)
1603  {
1605  return;
1606  }
1608  "Read %lu bytes\n", rcvd);
1609  /* first, see if it is a UDPBox */
1610  if (rcvd > sizeof(struct UDPBox))
1611  {
1612  const struct UDPBox *box;
1613  struct KeyCacheEntry *kce;
1614 
1615  box = (const struct UDPBox *) buf;
1616  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
1617  if (NULL != kce)
1618  {
1619  decrypt_box (box, (size_t) rcvd, kce);
1620  return;
1621  }
1622  }
1623 
1624  /* next, check if it is a broadcast */
1625  if (sizeof(struct UDPBroadcast) == rcvd)
1626  {
1627  const struct UDPBroadcast *ub;
1628  struct UdpBroadcastSignature uhs;
1629 
1630  ub = (const struct UDPBroadcast *) buf;
1632  uhs.purpose.size = htonl (sizeof(uhs));
1633  uhs.sender = ub->sender;
1634  GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
1635  if (GNUNET_OK ==
1637  &uhs.purpose,
1638  &ub->sender_sig,
1639  &ub->sender.public_key))
1640  {
1641  char *addr_s;
1642  enum GNUNET_NetworkType nt;
1643 
1644  addr_s =
1645  sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
1646  GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
1647  /* use our own mechanism to determine network type */
1648  nt =
1649  GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
1650  GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s);
1651  GNUNET_free (addr_s);
1652  return;
1653  }
1654  /* continue with KX, mostly for statistics... */
1655  }
1656 
1657 
1658  /* finally, test if it is a KX */
1659  if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
1660  {
1661  GNUNET_STATISTICS_update (stats,
1662  "# messages dropped (no kid, too small for KX)",
1663  1,
1664  GNUNET_NO);
1665  return;
1666  }
1668  "Got KX\n");
1669  {
1670  const struct InitialKX *kx;
1671  struct SharedSecret *ss;
1672  char pbuf[rcvd - sizeof(struct InitialKX)];
1673  const struct UDPConfirmation *uc;
1674  struct SenderAddress *sender;
1675 
1676  kx = (const struct InitialKX *) buf;
1677  ss = setup_shared_secret_dec (&kx->ephemeral);
1678  if (GNUNET_OK != try_decrypt (ss,
1679  kx->gcm_tag,
1680  0,
1681  &buf[sizeof(*kx)],
1682  sizeof(pbuf),
1683  pbuf))
1684  {
1686  "Unable to decrypt tag, dropping...\n");
1687  GNUNET_free (ss);
1689  stats,
1690  "# messages dropped (no kid, AEAD decryption failed)",
1691  1,
1692  GNUNET_NO);
1693  return;
1694  }
1695  uc = (const struct UDPConfirmation *) pbuf;
1696  if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
1697  {
1698  GNUNET_break_op (0);
1699  GNUNET_free (ss);
1700  GNUNET_STATISTICS_update (stats,
1701  "# messages dropped (sender signature invalid)",
1702  1,
1703  GNUNET_NO);
1704  return;
1705  }
1706  calculate_cmac (ss);
1707  sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
1708  ss->sender = sender;
1709  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
1710  sender->num_secrets++;
1711  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1712  GNUNET_STATISTICS_update (stats,
1713  "# messages decrypted without BOX",
1714  1,
1715  GNUNET_NO);
1716  try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
1717  consider_ss_ack (ss);
1718  if (sender->num_secrets > MAX_SECRETS)
1719  secret_destroy (sender->ss_tail);
1720  }
1721 }
1722 
1723 
1731 static struct sockaddr *
1732 udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
1733 {
1734  struct sockaddr *in;
1735  unsigned int port;
1736  char dummy[2];
1737  char *colon;
1738  char *cp;
1739 
1740  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
1741  {
1742  /* interpreting value as just a PORT number */
1743  if (port > UINT16_MAX)
1744  {
1746  "BINDTO specification `%s' invalid: value too large for port\n",
1747  bindto);
1748  return NULL;
1749  }
1750  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
1751  (GNUNET_YES ==
1754  "DISABLE_V6")))
1755  {
1756  struct sockaddr_in *i4;
1757 
1758  i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
1759  i4->sin_family = AF_INET;
1760  i4->sin_port = htons ((uint16_t) port);
1761  *sock_len = sizeof(struct sockaddr_in);
1762  in = (struct sockaddr *) i4;
1763  }
1764  else
1765  {
1766  struct sockaddr_in6 *i6;
1767 
1768  i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
1769  i6->sin6_family = AF_INET6;
1770  i6->sin6_port = htons ((uint16_t) port);
1771  *sock_len = sizeof(struct sockaddr_in6);
1772  in = (struct sockaddr *) i6;
1773  }
1774  return in;
1775  }
1776  cp = GNUNET_strdup (bindto);
1777  colon = strrchr (cp, ':');
1778  if (NULL != colon)
1779  {
1780  /* interpet value after colon as port */
1781  *colon = '\0';
1782  colon++;
1783  if (1 == sscanf (colon, "%u%1s", &port, dummy))
1784  {
1785  /* interpreting value as just a PORT number */
1786  if (port > UINT16_MAX)
1787  {
1789  "BINDTO specification `%s' invalid: value too large for port\n",
1790  bindto);
1791  GNUNET_free (cp);
1792  return NULL;
1793  }
1794  }
1795  else
1796  {
1797  GNUNET_log (
1799  "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1800  bindto);
1801  GNUNET_free (cp);
1802  return NULL;
1803  }
1804  }
1805  else
1806  {
1807  /* interpret missing port as 0, aka pick any free one */
1808  port = 0;
1809  }
1810  {
1811  /* try IPv4 */
1812  struct sockaddr_in v4;
1813  if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
1814  {
1815  v4.sin_family = AF_INET;
1816  v4.sin_port = htons ((uint16_t) port);
1817 #if HAVE_SOCKADDR_IN_SIN_LEN
1818  v4.sin_len = sizeof(struct sockaddr_in);
1819 #endif
1820  in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
1821  *sock_len = sizeof(struct sockaddr_in);
1822  GNUNET_free (cp);
1823  return in;
1824  }
1825  }
1826  {
1827  /* try IPv6 */
1828  struct sockaddr_in6 v6;
1829  const char *start;
1830 
1831  start = cp;
1832  if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
1833  {
1834  start++; /* skip over '[' */
1835  cp[strlen (cp) - 1] = '\0'; /* eat ']' */
1836  }
1837  if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
1838  {
1839  v6.sin6_family = AF_INET6;
1840  v6.sin6_port = htons ((uint16_t) port);
1841 #if HAVE_SOCKADDR_IN_SIN_LEN
1842  v6.sin6_len = sizeof(sizeof(struct sockaddr_in6));
1843 #endif
1844  in = GNUNET_memdup (&v6, sizeof(v6));
1845  *sock_len = sizeof(v6);
1846  GNUNET_free (cp);
1847  return in;
1848  }
1849  }
1850  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
1851  GNUNET_free (cp);
1852  return NULL;
1853 }
1854 
1855 
1863 static void
1864 do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
1865 {
1866  char pad[pad_size];
1867 
1869  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
1870  {
1871  struct GNUNET_MessageHeader hdr =
1872  { .size = htons (sizeof(pad)),
1873  .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
1874 
1875  memcpy (pad, &hdr, sizeof(hdr));
1876  }
1877  GNUNET_assert (
1878  0 ==
1879  gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
1880 }
1881 
1882 
1891 static void
1893  const struct GNUNET_MessageHeader *msg,
1894  void *impl_state)
1895 {
1896  struct ReceiverAddress *receiver = impl_state;
1897  uint16_t msize = ntohs (msg->size);
1898 
1899  GNUNET_assert (mq == receiver->mq);
1900  if (msize > receiver->mtu)
1901  {
1902  GNUNET_break (0);
1903  receiver_destroy (receiver);
1904  return;
1905  }
1906  reschedule_receiver_timeout (receiver);
1907 
1908  if (0 == receiver->acks_available)
1909  {
1910  /* use KX encryption method */
1911  struct UdpHandshakeSignature uhs;
1912  struct UDPConfirmation uc;
1913  struct InitialKX kx;
1914  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
1915  char dgram[receiver->mtu + sizeof(uc) + sizeof(kx)];
1916  size_t dpos;
1917  gcry_cipher_hd_t out_cipher;
1918  struct SharedSecret *ss;
1919 
1920  /* setup key material */
1922 
1923  ss = setup_shared_secret_enc (&epriv, receiver);
1924  setup_cipher (&ss->master, 0, &out_cipher);
1925  /* compute 'uc' */
1926  uc.sender = my_identity;
1927  uc.monotonic_time =
1930  uhs.purpose.size = htonl (sizeof(uhs));
1931  uhs.sender = my_identity;
1932  uhs.receiver = receiver->target;
1934  uhs.monotonic_time = uc.monotonic_time;
1935  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
1936  &uhs.purpose,
1937  &uc.sender_sig));
1938  /* Leave space for kx */
1939  dpos = sizeof(kx);
1940  /* Append encrypted uc to dgram */
1941  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
1942  &dgram[dpos],
1943  sizeof(uc),
1944  &uc,
1945  sizeof(uc)));
1946  dpos += sizeof(uc);
1947  /* Append encrypted payload to dgram */
1948  GNUNET_assert (
1949  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
1950  dpos += msize;
1951  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
1952  /* Datagram starts with kx */
1953  kx.ephemeral = uhs.ephemeral;
1954  GNUNET_assert (
1955  0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
1956  gcry_cipher_close (out_cipher);
1957  memcpy (dgram, &kx, sizeof(kx));
1958  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
1959  dgram,
1960  sizeof(dgram),
1961  receiver->address,
1962  receiver->address_len))
1965  "Sending KX to %s\n", GNUNET_a2s (receiver->address,
1966  receiver->address_len));
1968  return;
1969  } /* End of KX encryption method */
1970 
1971  /* begin "BOX" encryption method, scan for ACKs from tail! */
1972  for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
1973  {
1975  "In non-kx mode...\n");
1976  if (ss->sequence_used < ss->sequence_allowed)
1977  {
1978  char dgram[sizeof(struct UDPBox) + receiver->mtu];
1979  struct UDPBox *box;
1980  gcry_cipher_hd_t out_cipher;
1981  size_t dpos;
1982 
1983  box = (struct UDPBox *) dgram;
1984  ss->sequence_used++;
1985  get_kid (&ss->master, ss->sequence_used, &box->kid);
1986  setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
1987  /* Append encrypted payload to dgram */
1988  dpos = sizeof(struct UDPBox);
1989  GNUNET_assert (
1990  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
1991  dpos += msize;
1992  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
1993  GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
1994  box->gcm_tag,
1995  sizeof(box->gcm_tag)));
1996  gcry_cipher_close (out_cipher);
1997  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
1998  dgram,
1999  sizeof(dgram),
2000  receiver->address,
2001  receiver->address_len))
2004  "Sending data\n");
2005 
2007  receiver->acks_available--;
2008  if (0 == receiver->acks_available)
2009  {
2010  /* We have no more ACKs => MTU change! */
2011  setup_receiver_mq (receiver);
2013  "No more acks, MTU changed\n");
2014  }
2015  return;
2016  }
2017  }
2018  GNUNET_assert (0);
2019 }
2020 
2021 
2030 static void
2031 mq_destroy (struct GNUNET_MQ_Handle *mq, void *impl_state)
2032 {
2033  struct ReceiverAddress *receiver = impl_state;
2034 
2035  if (mq == receiver->mq)
2036  {
2037  receiver->mq = NULL;
2038  receiver_destroy (receiver);
2039  }
2040 }
2041 
2042 
2049 static void
2050 mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
2051 {
2052  /* Cancellation is impossible with UDP; bail */
2053  GNUNET_assert (0);
2054 }
2055 
2056 
2066 static void
2067 mq_error (void *cls, enum GNUNET_MQ_Error error)
2068 {
2069  struct ReceiverAddress *receiver = cls;
2070 
2072  "MQ error in queue to %s: %d\n",
2073  GNUNET_i2s (&receiver->target),
2074  (int) error);
2075  receiver_destroy (receiver);
2076 }
2077 
2078 
2086 static void
2088 {
2089  size_t base_mtu;
2090 
2091  if (NULL != receiver->qh)
2092  {
2094  receiver->qh = NULL;
2095  }
2096  GNUNET_assert (NULL == receiver->mq);
2097  switch (receiver->address->sa_family)
2098  {
2099  case AF_INET:
2100  base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
2101  - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
2102  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2103  break;
2104 
2105  case AF_INET6:
2106  base_mtu = 1280 /* Minimum MTU required by IPv6 */
2107  - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
2108  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2109  break;
2110 
2111  default:
2112  GNUNET_assert (0);
2113  break;
2114  }
2115  if (0 == receiver->acks_available)
2116  {
2117  /* MTU based on full KX messages */
2118  receiver->mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
2119  - sizeof(struct UDPConfirmation); /* 104 */
2120  }
2121  else
2122  {
2123  /* MTU based on BOXed messages */
2124  receiver->mtu = base_mtu - sizeof(struct UDPBox);
2125  }
2126  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
2127  1404 (IPv4 + Box) bytes, depending on circumstances... */
2128  if (NULL == receiver->mq)
2130  &mq_destroy,
2131  &mq_cancel,
2132  receiver,
2133  NULL,
2134  &mq_error,
2135  receiver);
2136  receiver->qh =
2138  &receiver->target,
2139  receiver->foreign_addr,
2140  receiver->mtu,
2141  receiver->nt,
2143  receiver->mq);
2144 }
2145 
2146 
2165 static int
2166 mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2167 {
2168  struct ReceiverAddress *receiver;
2169  const char *path;
2170  struct sockaddr *in;
2171  socklen_t in_len;
2172 
2173  if (0 != strncmp (address,
2175  strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
2176  {
2177  GNUNET_break_op (0);
2178  return GNUNET_SYSERR;
2179  }
2180  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2181  in = udp_address_to_sockaddr (path, &in_len);
2182 
2183  receiver = GNUNET_new (struct ReceiverAddress);
2184  receiver->address = in;
2185  receiver->address_len = in_len;
2186  receiver->target = *peer;
2187  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
2189  receivers,
2190  &receiver->target,
2191  receiver,
2193  receiver->timeout =
2195  receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
2196  receiver,
2197  receiver->timeout.abs_value_us);
2198  GNUNET_STATISTICS_set (stats,
2199  "# receivers active",
2201  GNUNET_NO);
2202  receiver->foreign_addr =
2203  sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
2204  setup_receiver_mq (receiver);
2205  if (NULL == timeout_task)
2206  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2207  return GNUNET_OK;
2208 }
2209 
2210 
2219 static int
2221  const struct GNUNET_PeerIdentity *target,
2222  void *value)
2223 {
2224  struct ReceiverAddress *receiver = value;
2225 
2226  (void) cls;
2227  (void) target;
2228  receiver_destroy (receiver);
2229  return GNUNET_OK;
2230 }
2231 
2232 
2241 static int
2243  const struct GNUNET_PeerIdentity *target,
2244  void *value)
2245 {
2246  struct SenderAddress *sender = value;
2247 
2248  (void) cls;
2249  (void) target;
2250  sender_destroy (sender);
2251  return GNUNET_OK;
2252 }
2253 
2254 
2260 static void
2261 do_shutdown (void *cls)
2262 {
2263  if (NULL != nat)
2264  {
2265  GNUNET_NAT_unregister (nat);
2266  nat = NULL;
2267  }
2268  while (NULL != bi_head)
2269  bi_destroy (bi_head);
2270  if (NULL != broadcast_task)
2271  {
2272  GNUNET_SCHEDULER_cancel (broadcast_task);
2273  broadcast_task = NULL;
2274  }
2275  if (NULL != read_task)
2276  {
2277  GNUNET_SCHEDULER_cancel (read_task);
2278  read_task = NULL;
2279  }
2280  if (NULL != udp_sock)
2281  {
2283  udp_sock = NULL;
2284  }
2287  NULL);
2292  GNUNET_CONTAINER_heap_destroy (senders_heap);
2293  GNUNET_CONTAINER_heap_destroy (receivers_heap);
2294  if (NULL != ch)
2295  {
2297  ch = NULL;
2298  }
2299  if (NULL != ah)
2300  {
2302  ah = NULL;
2303  }
2304  if (NULL != stats)
2305  {
2307  stats = NULL;
2308  }
2309  if (NULL != my_private_key)
2310  {
2311  GNUNET_free (my_private_key);
2312  my_private_key = NULL;
2313  }
2314  if (NULL != is)
2315  {
2317  is = NULL;
2318  }
2319 }
2320 
2321 
2331 static void
2332 enc_notify_cb (void *cls,
2333  const struct GNUNET_PeerIdentity *sender,
2334  const struct GNUNET_MessageHeader *msg)
2335 {
2336  const struct UDPAck *ack;
2337 
2338  (void) cls;
2339  if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2340  (ntohs (msg->size) != sizeof(struct UDPAck)))
2341  {
2342  GNUNET_break_op (0);
2343  return;
2344  }
2345  ack = (const struct UDPAck *) msg;
2347  sender,
2348  &handle_ack,
2349  (void *) ack);
2350 }
2351 
2352 
2366 static void
2367 nat_address_cb (void *cls,
2368  void **app_ctx,
2369  int add_remove,
2371  const struct sockaddr *addr,
2372  socklen_t addrlen)
2373 {
2374  char *my_addr;
2376 
2377  if (GNUNET_YES == add_remove)
2378  {
2379  enum GNUNET_NetworkType nt;
2380 
2381  GNUNET_asprintf (&my_addr,
2382  "%s-%s",
2384  GNUNET_a2s (addr, addrlen));
2385  nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2386  ai =
2388  my_addr,
2389  nt,
2391  GNUNET_free (my_addr);
2392  *app_ctx = ai;
2393  }
2394  else
2395  {
2396  ai = *app_ctx;
2398  *app_ctx = NULL;
2399  }
2400 }
2401 
2402 
2408 static void
2409 ifc_broadcast (void *cls)
2410 {
2411  struct BroadcastInterface *bi = cls;
2412  struct GNUNET_TIME_Relative delay;
2413 
2414  delay = BROADCAST_FREQUENCY;
2415  delay.rel_value_us =
2417  bi->broadcast_task =
2419 
2420  switch (bi->sa->sa_family)
2421  {
2422  case AF_INET: {
2423  static int yes = 1;
2424  static int no = 0;
2425  ssize_t sent;
2426 
2428  SOL_SOCKET,
2429  SO_BROADCAST,
2430  &yes,
2431  sizeof(int)))
2433  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2434  &bi->bcm,
2435  sizeof(bi->bcm),
2436  bi->ba,
2437  bi->salen);
2438  if (-1 == sent)
2441  SOL_SOCKET,
2442  SO_BROADCAST,
2443  &no,
2444  sizeof(int)))
2446  break;
2447  }
2448 
2449  case AF_INET6: {
2450  ssize_t sent;
2451  struct sockaddr_in6 dst;
2452 
2453  dst.sin6_family = AF_INET6;
2454  dst.sin6_port = htons (my_port);
2455  dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
2456  dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
2457 
2458  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2459  &bi->bcm,
2460  sizeof(bi->bcm),
2461  (const struct sockaddr *) &dst,
2462  sizeof(dst));
2463  if (-1 == sent)
2465  break;
2466  }
2467 
2468  default:
2469  GNUNET_break (0);
2470  break;
2471  }
2472 }
2473 
2474 
2489 static int
2490 iface_proc (void *cls,
2491  const char *name,
2492  int isDefault,
2493  const struct sockaddr *addr,
2494  const struct sockaddr *broadcast_addr,
2495  const struct sockaddr *netmask,
2496  socklen_t addrlen)
2497 {
2498  struct BroadcastInterface *bi;
2499  enum GNUNET_NetworkType network;
2500  struct UdpBroadcastSignature ubs;
2501 
2502  (void) cls;
2503  (void) netmask;
2504  if (NULL == addr)
2505  return GNUNET_YES; /* need to know our address! */
2506  network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2507  if (GNUNET_NT_LOOPBACK == network)
2508  {
2509  /* Broadcasting on loopback does not make sense */
2510  return GNUNET_YES;
2511  }
2512  for (bi = bi_head; NULL != bi; bi = bi->next)
2513  {
2514  if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
2515  {
2516  bi->found = GNUNET_YES;
2517  return GNUNET_OK;
2518  }
2519  }
2520 
2521  if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
2522  return GNUNET_OK; /* broadcast_addr is required for IPv6! */
2523  if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
2524  return GNUNET_OK; /* not using IPv6 */
2525 
2526  bi = GNUNET_new (struct BroadcastInterface);
2527  bi->sa = GNUNET_memdup (addr, addrlen);
2528  if (NULL != broadcast_addr)
2529  bi->ba = GNUNET_memdup (broadcast_addr, addrlen);
2530  bi->salen = addrlen;
2531  bi->found = GNUNET_YES;
2532  bi->bcm.sender = my_identity;
2534  ubs.purpose.size = htonl (sizeof(ubs));
2535  ubs.sender = my_identity;
2536  GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
2537  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
2538  &ubs.purpose,
2539  &bi->bcm.sender_sig));
2540  if (NULL != broadcast_addr)
2541  {
2543  GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
2544  }
2545  if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
2546  {
2547  /* Create IPv6 multicast request */
2548  const struct sockaddr_in6 *s6 =
2549  (const struct sockaddr_in6 *) broadcast_addr;
2550 
2551  GNUNET_assert (
2552  1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
2553 
2554  /* http://tools.ietf.org/html/rfc2553#section-5.2:
2555  *
2556  * IPV6_JOIN_GROUP
2557  *
2558  * Join a multicast group on a specified local interface. If the
2559  * interface index is specified as 0, the kernel chooses the local
2560  * interface. For example, some kernels look up the multicast
2561  * group in the normal IPv6 routing table and using the resulting
2562  * interface; we do this for each interface, so no need to use
2563  * zero (anymore...).
2564  */bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
2565 
2566  /* Join the multicast group */
2568  IPPROTO_IPV6,
2569  IPV6_JOIN_GROUP,
2570  &bi->mcreq,
2571  sizeof(bi->mcreq)))
2572  {
2574  }
2575  }
2576  return GNUNET_OK;
2577 }
2578 
2579 
2585 static void
2586 do_broadcast (void *cls)
2587 {
2588  struct BroadcastInterface *bin;
2589 
2590  (void) cls;
2591  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
2592  bi->found = GNUNET_NO;
2594  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
2595  {
2596  bin = bi->next;
2597  if (GNUNET_NO == bi->found)
2598  bi_destroy (bi);
2599  }
2601  &do_broadcast,
2602  NULL);
2603 }
2604 
2605 
2614 static void
2615 run (void *cls,
2616  char *const *args,
2617  const char *cfgfile,
2618  const struct GNUNET_CONFIGURATION_Handle *c)
2619 {
2620  char *bindto;
2621  struct sockaddr *in;
2622  socklen_t in_len;
2623  struct sockaddr_storage in_sto;
2624  socklen_t sto_len;
2625 
2626  (void) cls;
2627  cfg = c;
2628  if (GNUNET_OK !=
2631  "BINDTO",
2632  &bindto))
2633  {
2636  "BINDTO");
2637  return;
2638  }
2639 
2640  in = udp_address_to_sockaddr (bindto, &in_len);
2641  if (NULL == in)
2642  {
2644  "Failed to setup UDP socket address with path `%s'\n",
2645  bindto);
2646  GNUNET_free (bindto);
2647  return;
2648  }
2649  udp_sock =
2650  GNUNET_NETWORK_socket_create (in->sa_family, SOCK_DGRAM, IPPROTO_UDP);
2651  if (NULL == udp_sock)
2652  {
2654  GNUNET_free (in);
2655  GNUNET_free (bindto);
2656  return;
2657  }
2658  if (AF_INET6 == in->sa_family)
2660  if (GNUNET_OK != GNUNET_NETWORK_socket_bind (udp_sock, in, in_len))
2661  {
2663  GNUNET_NETWORK_socket_close (udp_sock);
2664  udp_sock = NULL;
2665  GNUNET_free (in);
2666  GNUNET_free (bindto);
2667  return;
2668  }
2669 
2670  /* We might have bound to port 0, allowing the OS to figure it out;
2671  thus, get the real IN-address from the socket */
2672  sto_len = sizeof(in_sto);
2673  if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
2674  (struct sockaddr *) &in_sto,
2675  &sto_len))
2676  {
2677  memcpy (&in_sto, in, in_len);
2678  sto_len = in_len;
2679  }
2680  GNUNET_free (in);
2681  GNUNET_free (bindto);
2682  in = (struct sockaddr *) &in_sto;
2683  in_len = sto_len;
2685  "Bound to `%s'\n",
2686  GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
2687  switch (in->sa_family)
2688  {
2689  case AF_INET:
2690  my_port = ntohs (((struct sockaddr_in *) in)->sin_port);
2691  break;
2692 
2693  case AF_INET6:
2694  my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port);
2695  break;
2696 
2697  default:
2698  GNUNET_break (0);
2699  my_port = 0;
2700  }
2701  stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
2705  receivers_heap =
2709  is = GNUNET_NT_scanner_init ();
2711  if (NULL == my_private_key)
2712  {
2713  GNUNET_log (
2715  _ (
2716  "Transport service is lacking key configuration settings. Exiting.\n"));
2718  return;
2719  }
2721  /* start reading */
2723  udp_sock,
2724  &sock_read,
2725  NULL);
2730  &mq_init,
2731  NULL,
2732  &enc_notify_cb,
2733  NULL);
2734  if (NULL == ch)
2735  {
2736  GNUNET_break (0);
2738  return;
2739  }
2741  if (NULL == ah)
2742  {
2743  GNUNET_break (0);
2745  return;
2746  }
2747  /* start broadcasting */
2748  if (GNUNET_YES !=
2751  "DISABLE_BROADCAST"))
2752  {
2753  broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
2754  }
2755  nat = GNUNET_NAT_register (cfg,
2757  IPPROTO_UDP,
2758  1 /* one address */,
2759  (const struct sockaddr **) &in,
2760  &in_len,
2761  &nat_address_cb,
2762  NULL /* FIXME: support reversal: #5529 */,
2763  NULL /* closure */);
2764 }
2765 
2766 
2774 int
2775 main (int argc, char *const *argv)
2776 {
2777  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2779  };
2780  int ret;
2781 
2782  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
2783  return 2;
2784 
2785  ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
2786  argv,
2787  "gnunet-communicator-udp",
2788  _ ("GNUnet UDP communicator"),
2789  options,
2790  &run,
2791  NULL))
2792  ? 0
2793  : 1;
2794  GNUNET_free ((void *) argv);
2795  return ret;
2796 }
2797 
2798 
2799 /* end of gnunet-communicator-udp.c */
int GNUNET_CRYPTO_ecdhe_key_create2(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:521
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct KeyCacheEntry * next
Kept in a DLL.
Handle to the interface scanner.
Definition: nt.c:110
int GNUNET_NETWORK_socket_setsockopt(struct GNUNET_NETWORK_Handle *fd, int level, int option_name, const void *option_value, socklen_t option_len)
Set socket option.
Definition: network.c:883
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
int GNUNET_NETWORK_get_fd(const struct GNUNET_NETWORK_Handle *desc)
Return file descriptor for this network handle.
Definition: network.c:1080
size_t mtu
MTU we allowed transport for this receiver right now.
#define COMMUNICATOR_CONFIG_SECTION
Configuration section used by the communicator.
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WAN.
Definition: nt.c:314
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
static struct BroadcastInterface * bi_tail
Broadcast interface tasks.
static void consider_ss_ack(struct SharedSecret *ss)
We established a shared secret with a sender.
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
Handle for active NAT registrations.
Definition: nat_api.c:71
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
#define BROADCAST_FREQUENCY
How often do we broadcast our presence on the LAN?
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP connection (UDP client).
int main(int argc, char *const *argv)
The main function for the UNIX communicator.
struct KeyCacheEntry * prev
Kept in a DLL.
int found
Was this interface found in the last iface_proc() scan?
static void do_broadcast(void *cls)
Scan interfaces to broadcast our presence on the LAN.
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GNUNET_TRANSPORT_ApplicationHandle * ah
Our handle to report addresses for validation to TRANSPORT.
GNUNET_NAT_AddressClass
Some addresses contain sensitive information or are not suitable for global distribution.
uint64_t rel_value_us
The actual value.
struct GNUNET_PeerIdentity sender
Sender&#39;s peer identity.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
static uint16_t my_port
Port number to which we are actually bound.
Broadcast by peer in LAN announcing its presence.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
static struct SenderAddress * setup_sender(const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
Create sender address for target.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
struct GNUNET_PeerIdentity receiver
Presumed identity of the target of the UDP connection (UDP server)
static struct GNUNET_NAT_Handle * nat
Connection to NAT service.
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Setup communicator and launch network interactions.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
char gcm_tag[(128/8)]
HMAC for the following encrypted message, using GCM.
#define KCN_TARGET
How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD s...
struct GNUNET_TRANSPORT_AddressIdentifier * GNUNET_TRANSPORT_communicator_address_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const char *address, enum GNUNET_NetworkType nt, struct GNUNET_TIME_Relative expiration)
Notify transport service about an address that this communicator provides for this peer...
static struct GNUNET_PeerIdentity my_identity
Our public key.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
static struct SharedSecret * setup_shared_secret_dec(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
Setup shared secret for decryption.
GNUNET_MQ_Error
Error codes for the queue.
uint64_t GNUNET_CRYPTO_random_u64(enum GNUNET_CRYPTO_Quality mode, uint64_t max)
Random on unsigned 64-bit values.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1333
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
socklen_t address_len
Number of bytes in address.
struct GNUNET_STATISTICS_Handle * GNUNET_STATISTICS_create(const char *subsystem, const struct GNUNET_CONFIGURATION_Handle *cfg)
Get handle for the statistics service.
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:39
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1441
void GNUNET_TRANSPORT_application_validate(struct GNUNET_TRANSPORT_ApplicationHandle *ch, const struct GNUNET_PeerIdentity *peer, enum GNUNET_NetworkType nt, const char *addr)
An application (or a communicator) has received a HELLO (or other address data of another peer) and w...
static struct sockaddr * udp_address_to_sockaddr(const char *bindto, socklen_t *sock_len)
Convert UDP bind specification to a struct sockaddr *
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key for KX.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
static void secret_destroy(struct SharedSecret *ss)
Destroy ss and associated key cache entries.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Bandwidth allocation API for applications to interact with.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
static struct BroadcastInterface * bi_head
Broadcast interface tasks.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
socklen_t address_len
Length of the address.
struct sockaddr * address
Address of the other peer.
int GNUNET_NETWORK_socket_bind(struct GNUNET_NETWORK_Handle *desc, const struct sockaddr *address, socklen_t address_len)
Bind a socket to a particular address.
Definition: network.c:485
int GNUNET_CRYPTO_eddsa_sign(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition: crypto_ecc.c:745
static struct GNUNET_FS_UnindexContext * uc
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
unsigned int num_secrets
Length of the DLL at ss_head.
int GNUNET_CONTAINER_multishortmap_remove(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, const void *value)
Remove the given key-value pair from the map.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
struct SharedSecret * ss
Corresponding shared secret.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
#define GNUNET_NO
Definition: gnunet_common.h:86
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
int GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:291
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:83
Standard IPv4 header.
#define GNUNET_free_non_null(ptr)
Free the memory pointed to by ptr if ptr is not NULL.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_OS_network_interfaces_list(GNUNET_OS_NetworkInterfaceProcessor proc, void *proc_cls)
Enumerate all network interfaces.
Definition: os_network.c:396
static int iface_proc(void *cls, const char *name, int isDefault, const struct sockaddr *addr, const struct sockaddr *broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
Callback function invoked for each interface found.
static int have_v6_socket
GNUNET_YES if udp_sock supports IPv6.
#define GCM_TAG_SIZE
Size of the GCM tag.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
static int handle_ack(void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
We received an ACK for pid.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
Encrypted continuation of UDP initial handshake, followed by message header with payload.
void GNUNET_STATISTICS_destroy(struct GNUNET_STATISTICS_Handle *h, int sync_first)
Destroy a handle (free all state associated with it).
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:531
struct GNUNET_CONTAINER_MultiPeerMap * GNUNET_CONTAINER_multipeermap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
Handle for the service.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
void GNUNET_TRANSPORT_application_done(struct GNUNET_TRANSPORT_ApplicationHandle *ch)
Shutdown TRANSPORT application client.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
uint64_t abs_value_us
The actual value.
static void reschedule_sender_timeout(struct SenderAddress *sender)
Increment sender timeout due to activity.
static void bi_destroy(struct BroadcastInterface *bi)
An interface went away, stop broadcasting on it.
GNUNET_NetworkType
Types of networks (with separate quotas) we support.
Definition: gnunet_nt_lib.h:35
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
uint32_t sequence_number
Sequence number used to derive this entry from master key.
"Plaintext" header at beginning of KX message.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32.
void GNUNET_CONTAINER_multipeermap_destroy(struct GNUNET_CONTAINER_MultiPeerMap *map)
Destroy a hash map.
A 256-bit hashcode.
Opaque handle to the transport service for communicators.
#define _(String)
GNU gettext support macro.
Definition: platform.h:180
void GNUNET_TRANSPORT_communicator_disconnect(struct GNUNET_TRANSPORT_CommunicatorHandle *ch)
Disconnect from the transport service.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct sockaddr * ba
Broadcast address to use on the interface.
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
static void enc_notify_cb(void *cls, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg)
Function called when the transport service has received a backchannel message for this communicator (...
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static void ifc_broadcast(void *cls)
Broadcast our presence on one of our interfaces.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
void GNUNET_TRANSPORT_communicator_mq_del(struct GNUNET_TRANSPORT_QueueHandle *qh)
Notify transport service that an MQ became unavailable due to a disconnect or timeout.
struct GNUNET_PeerIdentity target
To whom are we talking to.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
int GNUNET_asprintf(char **buf, const char *format,...)
Like asprintf, just portable.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1271
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
static struct GNUNET_SCHEDULER_Task * broadcast_task
ID of master broadcast task.
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
static struct GNUNET_TIME_Relative timeout
Desired timeout for the lookup (default is no timeout).
Definition: gnunet-abd.c:61
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:559
int GNUNET_CRYPTO_eddsa_verify(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition: crypto_ecc.c:844
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
int GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:1040
static char * value
Value of the record to add/remove.
static int get_sender_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all senders to clean up.
static int verify_confirmation(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
Check signature from uc against ephemeral.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
struct GNUNET_HashCode master
Master shared secret.
enum GNUNET_NetworkType nt
Which network type does this queue use?
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
Signature used by UDP broadcasts.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1298
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
#define AES_IV_SIZE
AES (GCM) IV size.
void * GNUNET_CONTAINER_heap_peek(const struct GNUNET_CONTAINER_Heap *heap)
Get element stored at the root of heap.
static void pass_plaintext_to_core(struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
We received plaintext_len bytes of plaintext from a sender.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:850
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
static char buf[2048]
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
struct GNUNET_TRANSPORT_CommunicatorHandle * GNUNET_TRANSPORT_communicator_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section_name, const char *addr_prefix, enum GNUNET_TRANSPORT_CommunicatorCharacteristics cc, GNUNET_TRANSPORT_CommunicatorMqInit mq_init, void *mq_init_cls, GNUNET_TRANSPORT_CommunicatorNotify notify_cb, void *notify_cb_cls)
Connect to the transport service.
int GNUNET_CONTAINER_multishortmap_put(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
Handle to a node in a heap.
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP broadcast.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
struct sockaddr * address
Address of the other peer.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Internal representation of the hash map.
struct GNUNET_CONTAINER_MultiShortmap * GNUNET_CONTAINER_multishortmap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
static void mq_destroy(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
Heap with the minimum cost at the root.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
UDP message box.
void GNUNET_CONTAINER_heap_destroy(struct GNUNET_CONTAINER_Heap *heap)
Destroys the heap.
struct sockaddr * sa
Sender&#39;s address of the interface.
A 512-bit hashcode.
socklen_t salen
Number of bytes in sa.
static void sock_read(void *cls)
Socket read task.
int GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:1101
static void mq_cancel(struct GNUNET_MQ_Handle *mq, void *impl_state)
Implementation function that cancels the currently sent message.
static void setup_receiver_mq(struct ReceiverAddress *receiver)
Setup the MQ for the receiver.
static int res
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
static struct GNUNET_NAT_AUTO_Test * nt
Handle to a NAT test operation.
void GNUNET_NT_scanner_done(struct GNUNET_NT_InterfaceScanner *is)
Terminate interface scanner.
Definition: nt.c:433
int GNUNET_CONFIGURATION_get_value_string(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be a string.
struct GNUNET_HashCode cmac
CMAC of the base key being acknowledged.
Node in the heap.
Private ECC key encoded for transmission.
void GNUNET_NAT_unregister(struct GNUNET_NAT_Handle *nh)
Stop port redirection and public IP address detection for the given handle.
Definition: nat_api.c:692
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
Shared secret we generated for a particular sender or receiver.
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
void GNUNET_TRANSPORT_communicator_address_remove(struct GNUNET_TRANSPORT_AddressIdentifier *ai)
Notify transport service about an address that this communicator no longer provides for this peer...
unsigned int num_secrets
Length of the DLL at ss_head.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_min(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the minimum of two relative time values.
Definition: time.c:272
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
struct GNUNET_HashCode key
The key used in the DHT.
Internal representation of the hash map.
static int mq_init(void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
Function called by the transport service to initialize a message queue given address information abou...
#define GNUNET_SYSERR
Definition: gnunet_common.h:84
static void mq_send(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
static struct GNUNET_TRANSPORT_AddressIdentifier * ai
Handle to the operation that publishes our address.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:206
static int get_receiver_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all receivers to clean up.
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
struct GNUNET_NAT_Handle * GNUNET_NAT_register(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section, uint8_t proto, unsigned int num_addrs, const struct sockaddr **addrs, const socklen_t *addrlens, GNUNET_NAT_AddressCallback address_callback, GNUNET_NAT_ReversalCallback reversal_callback, void *callback_cls)
Attempt to enable port redirection and detect public IP address contacting UPnP or NAT-PMP routers on...
Definition: nat_api.c:378
static struct GNUNET_MQ_Envelope * ac
Handle to current GNUNET_PEERINFO_add_peer() operation.
struct GNUNET_NT_InterfaceScanner * GNUNET_NT_scanner_init(void)
Initialize the address characterization client handle.
Definition: nt.c:412
struct GNUNET_HashCode h_address
Hash of the sender&#39;s UDP address.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
Loopback (same host).
Definition: gnunet_nt_lib.h:45
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
unsigned int active_kce_count
Number of active KCN entries.
struct SharedSecret * prev
Kept in a DLL.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get_monotonic(const struct GNUNET_CONFIGURATION_Handle *cfg)
Obtain the current time and make sure it is monotonically increasing.
Definition: time.c:807
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
int GNUNET_TRANSPORT_communicator_receive(struct GNUNET_TRANSPORT_CommunicatorHandle *handle, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, struct GNUNET_TIME_Relative expected_addr_validity, GNUNET_TRANSPORT_MessageCompletedCallback cb, void *cb_cls)
Notify transport service that the communicator has received a message.
struct UDPBroadcast bcm
Message we broadcast on this interface.
static void decrypt_box(const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
We received a box with matching kce.
void GNUNET_CONTAINER_multishortmap_destroy(struct GNUNET_CONTAINER_MultiShortmap *map)
Destroy a hash map.
struct GNUNET_CONTAINER_Heap * GNUNET_CONTAINER_heap_create(enum GNUNET_CONTAINER_HeapOrder order)
Create a new heap.
an ECC signature using EdDSA.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:189
Standard IPv6 header.
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
static struct in_addr dummy
Target "dummy" address of the packet we pretend to respond to.
#define KCN_THRESHOLD
If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET...
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
Handle to a message queue.
Definition: mq.c:85
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32;.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Private ECC key encoded for transmission.
int GNUNET_CONTAINER_multipeermap_iterate(struct GNUNET_CONTAINER_MultiPeerMap *map, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
uint32_t sequence_max
Sequence acknowledgement limit.
struct ipv6_mreq mcreq
If this is an IPv6 interface, this is the request we use to join/leave the group. ...
The identity of the host (wraps the signing key of the peer).
#define AES_KEY_SIZE
AES key size.
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
static void get_iv_key(const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
Compute key and iv.
struct GNUNET_TRANSPORT_ApplicationHandle * GNUNET_TRANSPORT_application_init(const struct GNUNET_CONFIGURATION_Handle *cfg)
Initialize the TRANSPORT application client handle.
#define GNUNET_PACKED
gcc-ism to get packed structs.
static uint16_t port
Port number.
Definition: gnunet-bcd.c:81
configuration data
Definition: configuration.c:84
void * GNUNET_CONTAINER_multishortmap_get(const struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key)
Given a key find a value in the map matching the key.
socklen_t address_len
Length of the address.
const char * name
this is an outbound connection (transport initiated)
#define ADDRESS_VALIDITY_PERIOD
How long do we believe our addresses to remain up (before the other peer should revalidate).
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
Signature we use to verify that the broadcast was really made by the peer that claims to have made it...
#define INTERFACE_SCAN_FREQUENCY
How often do we scan for changes to our network interfaces?
void GNUNET_TRANSPORT_communicator_notify(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *pid, const char *comm, const struct GNUNET_MessageHeader *header)
The communicator asks the transport service to route a message via a different path to another commun...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
UDP key acknowledgement.
Entry in list of pending tasks.
Definition: scheduler.c:134
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
static struct GNUNET_SCHEDULER_Task * read_task
ID of read task.
handle to a socket
Definition: network.c:52
static void nat_address_cb(void *cls, void **app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr *addr, socklen_t addrlen)
Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of ...
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
int GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:367
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer&#39;s key from the file specified in the configuration...
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver)
Setup shared secret for encryption.
struct GNUNET_SCHEDULER_Task * broadcast_task
Task for this broadcast interface.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Header for all communications.
static int find_sender_by_address(void *cls, const struct GNUNET_PeerIdentity *key, void *value)
Find existing struct SenderAddress by matching addresses.
Time for absolute times used by GNUnet, in microseconds.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:831
static void mq_error(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
#define GNUNET_YES
Definition: gnunet_common.h:85
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_read_net(struct GNUNET_TIME_Relative delay, struct GNUNET_NETWORK_Handle *rfd, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay or when the specified file descriptor is ready f...
Definition: scheduler.c:1519
struct SenderAddress * sender
Return value to set if we found a match.
struct GNUNET_TRANSPORT_QueueHandle * qh
handle for this queue with the ch.
struct GNUNET_TRANSPORT_QueueHandle * GNUNET_TRANSPORT_communicator_mq_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *peer, const char *address, uint32_t mtu, enum GNUNET_NetworkType nt, enum GNUNET_TRANSPORT_ConnectionStatus cs, struct GNUNET_MQ_Handle *mq)
Notify transport service that a MQ became available due to an "inbound" connection or because the com...
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
#define MAX_SQN_DELTA
What is the maximum delta between KCN sequence numbers that we allow.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key used by the sender.
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
struct GNUNET_PeerIdentity target
To whom are we talking to.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
int GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
ssize_t GNUNET_NETWORK_socket_recvfrom(const struct GNUNET_NETWORK_Handle *desc, void *buffer, size_t length, struct sockaddr *src_addr, socklen_t *addrlen)
Read data from a socket (always non-blocking).
Definition: network.c:754
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
struct GNUNET_MQ_Handle * mq
Message queue we are providing for the ch.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
static void do_shutdown(void *cls)
Shutdown the UNIX communicator.
Interface we broadcast our presence on.
Handle to the TRANSPORT subsystem for application management.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
static char * address
GNS address for this phone.
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:493
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct BroadcastInterface * prev
Kept in a DLL.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Handle returned to identify the internal data structure the transport API has created to manage a mes...
int GNUNET_NETWORK_socket_close(struct GNUNET_NETWORK_Handle *desc)
Close a socket.
Definition: network.c:560
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
#define GNUNET_malloc(size)
Wrapper around malloc.
int GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:85
struct BroadcastInterface * next
Kept in a DLL.
Internal representation of an address a communicator is currently providing for the transport service...
#define GNUNET_free(ptr)
Wrapper around free.
Time for relative time used by GNUnet, in microseconds.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_NETWORK_Handle * GNUNET_NETWORK_socket_create(int domain, int type, int protocol)
Create a new socket.
Definition: network.c:912
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
const struct sockaddr * address
Address we are looking for.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:974
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
enum GNUNET_NetworkType nt
Which network type does this queue use?