GNUnet  0.11.x
gnunet-communicator-udp.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
40 #include "platform.h"
41 #include "gnunet_util_lib.h"
42 #include "gnunet_protocols.h"
43 #include "gnunet_signatures.h"
44 #include "gnunet_constants.h"
45 #include "gnunet_nt_lib.h"
46 #include "gnunet_nat_service.h"
50 
54 #define DEFAULT_REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
55 
59 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
60 
64 #define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
65 
69 #define INTERFACE_SCAN_FREQUENCY \
70  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
71 
76 #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
77 
78 #define WORKING_QUEUE_INTERVALL \
79  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)
80 
84 #define AES_KEY_SIZE (256 / 8)
85 
89 #define AES_IV_SIZE (96 / 8)
90 
94 #define GCM_TAG_SIZE (128 / 8)
95 
96 #define GENERATE_AT_ONCE 2
97 
107 #define KCN_THRESHOLD 92
108 
115 #define KCN_TARGET 128
116 
126 #define MAX_SQN_DELTA 160
127 
137 #define MAX_SECRETS 128000
138 
143 #define DEFAULT_REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
144 
149 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
150 
154 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
155 
157 
158 
165 {
170 
175 
180 
185 
191 };
192 
193 
198 struct InitialKX
199 {
204 
209  char gcm_tag[GCM_TAG_SIZE];
210 
214  int rekeying;
215 };
216 
217 
223 {
228 
232  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
233 
238  struct GNUNET_TIME_AbsoluteNBO monotonic_time;
239 
240  /* followed by messages */
241 
242  /* padding may follow actual messages */
243 };
244 
245 
250 struct UDPAck
251 {
255  struct GNUNET_MessageHeader header;
256 
261  uint32_t sequence_max GNUNET_PACKED;
262 
267  uint32_t acks_available GNUNET_PACKED;
268 
272  struct GNUNET_HashCode cmac;
273 };
274 
275 
285 {
290 
295 
299  struct GNUNET_HashCode h_address;
300 };
301 
302 
310 {
315 
320  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
321 };
322 
323 
328 struct UDPBox
329 {
338 
346  char gcm_tag[GCM_TAG_SIZE];
347 
351  int rekeying;
352 };
353 
358 struct UDPRekey
359 {
368 
376  char gcm_tag[GCM_TAG_SIZE];
377 
382 };
383 
385 
389 struct SharedSecret;
390 
391 
397 {
402 
407 
416 
420  struct SharedSecret *ss;
421 
425  uint32_t sequence_number;
426 };
427 
428 
433 struct SenderAddress;
434 
439 struct ReceiverAddress;
440 
445 {
450 
455 
460 
465 
470 
475 
479  struct GNUNET_HashCode master;
480 
484  struct GNUNET_HashCode cmac;
485 
490  uint32_t sequence_used;
491 
498 
502  unsigned int active_kce_count;
503 };
504 
505 
511 {
516 
520  int rekeying;
521 
525  struct GNUNET_PeerIdentity target;
526 
531 
536 
541 
545  struct sockaddr *address;
546 
550  socklen_t address_len;
551 
556 
560  unsigned int num_secrets;
561 
566  unsigned int acks_available;
567 
572 
577 };
578 
579 
585 {
586 
591 
595  unsigned int rekey_acks_available;
596 
601 
605  struct GNUNET_TIME_Absolute rekey_timeout;
606 
610  int rekeying;
611 
616 
620  struct GNUNET_PeerIdentity target;
621 
626 
631 
637 
641  struct sockaddr *address;
642 
646  socklen_t address_len;
647 
652 
657 
662 
667 
672 
677 
681  size_t kx_mtu;
682 
686  size_t d_mtu;
687 
691  unsigned int num_secrets;
692 
697  unsigned int acks_available;
698 
703 
708 };
709 
714 {
719 
724 
729 
733  struct sockaddr *sa;
734 
738  struct sockaddr *ba;
739 
743  struct UDPBroadcast bcm;
744 
749  struct ipv6_mreq mcreq;
750 
754  socklen_t salen;
755 
759  int found;
760 };
761 
766 
770 static unsigned long long rekey_max_bytes;
775 
780 
785 
790 
795 
800 
805 
810 
815 
820 
825 
830 
835 
840 
845 
850 
855 
859 static int have_v6_socket;
860 
865 
870 
874 static const struct GNUNET_CONFIGURATION_Handle *cfg;
875 
880 
885 
889 static struct GNUNET_NAT_Handle *nat;
890 
894 static uint16_t my_port;
895 
896 
902 static void
904 {
905  if (AF_INET6 == bi->sa->sa_family)
906  {
907  /* Leave the multicast group */
909  IPPROTO_IPV6,
910  IPV6_LEAVE_GROUP,
911  &bi->mcreq,
912  sizeof(bi->mcreq)))
913  {
915  }
916  }
917  GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
919  GNUNET_free (bi->sa);
920  GNUNET_free (bi->ba);
921  GNUNET_free (bi);
922 }
923 
924 
930 static void
932 {
933 
935 
937  "Disconnecting receiver for peer `%s'\n",
938  GNUNET_i2s (&receiver->target));
939  /*if (NULL != (mq = receiver->kx_mq))
940  {
941  receiver->kx_mq = NULL;
942  GNUNET_MQ_destroy (mq);
943  }*/
944  if (NULL != receiver->kx_qh)
945  {
947  receiver->kx_qh = NULL;
948  receiver->kx_mq = NULL;
949  }
950  /*if (NULL != (mq = receiver->d_mq))
951  {
952  receiver->d_mq = NULL;
953  GNUNET_MQ_destroy (mq);
954  }*/
955  if (NULL != receiver->d_qh)
956  {
958  receiver->d_qh = NULL;
959  }
962  &receiver->target,
963  receiver));
964  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
965  GNUNET_STATISTICS_set (stats,
966  "# receivers active",
968  GNUNET_NO);
969  GNUNET_free (receiver->address);
970  GNUNET_free (receiver->foreign_addr);
971  GNUNET_free (receiver);
972 }
973 
974 
980 static void
982 {
983  struct SharedSecret *ss = kce->ss;
984 
985  ss->active_kce_count--;
986  ss->sender->acks_available--;
989  &kce->kid,
990  kce));
991  GNUNET_free (kce);
992 }
993 
994 
1002 static void
1003 get_kid (const struct GNUNET_HashCode *msec,
1004  uint32_t serial,
1005  struct GNUNET_ShortHashCode *kid)
1006 {
1007  uint32_t sid = htonl (serial);
1008 
1009  GNUNET_CRYPTO_hkdf (kid,
1010  sizeof(*kid),
1011  GCRY_MD_SHA512,
1012  GCRY_MD_SHA256,
1013  &sid,
1014  sizeof(sid),
1015  msec,
1016  sizeof(*msec),
1017  "UDP-KID",
1018  strlen ("UDP-KID"),
1019  NULL,
1020  0);
1021 }
1022 
1023 
1030 static void
1031 kce_generate (struct SharedSecret *ss, uint32_t seq)
1032 {
1033  struct KeyCacheEntry *kce;
1034 
1035  GNUNET_assert (0 < seq);
1036  kce = GNUNET_new (struct KeyCacheEntry);
1037  kce->ss = ss;
1038  kce->sequence_number = seq;
1039  get_kid (&ss->master, seq, &kce->kid);
1041  ss->active_kce_count++;
1042  ss->sender->acks_available++;
1044  key_cache,
1045  &kce->kid,
1046  kce,
1048  GNUNET_STATISTICS_set (stats,
1049  "# KIDs active",
1051  GNUNET_NO);
1052 }
1053 
1054 
1061 static int
1062 secret_destroy (struct SharedSecret *ss, int withoutKce)
1063 {
1064  struct SenderAddress *sender;
1065  struct ReceiverAddress *receiver;
1066  struct KeyCacheEntry *kce;
1067 
1068  if (withoutKce && (ss->sequence_allowed > 0))
1069  return GNUNET_NO;
1070 
1072  "secret %s destroy %u %u\n",
1073  GNUNET_h2s (&ss->master),
1074  withoutKce,
1075  ss->sequence_allowed);
1076  if (NULL != (sender = ss->sender))
1077  {
1078  GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
1079  sender->num_secrets--;
1080  }
1081  if (NULL != (receiver = ss->receiver))
1082  {
1083  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1084  receiver->num_secrets--;
1085  // Uncomment this for alternativ 1 of backchannel functionality
1086  receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
1088  "%u receiver->acks_available 3\n",
1089  receiver->acks_available);
1090  // Until here for alternativ 1
1091  }
1092  while (NULL != (kce = ss->kce_head))
1093  kce_destroy (kce);
1094  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
1095  GNUNET_STATISTICS_set (stats,
1096  "# KIDs active",
1098  GNUNET_NO);
1099  GNUNET_free (ss);
1100  return GNUNET_YES;
1101 }
1102 
1103 
1110 static void
1112 {
1114  GNUNET_assert (
1115  GNUNET_YES ==
1116  GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
1117  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
1118  GNUNET_STATISTICS_set (stats,
1119  "# senders active",
1121  GNUNET_NO);
1122  GNUNET_free (sender->address);
1123  GNUNET_free (sender);
1124 }
1125 
1126 
1135 static void
1136 get_iv_key (const struct GNUNET_HashCode *msec,
1137  uint32_t serial,
1138  char key[AES_KEY_SIZE],
1139  char iv[AES_IV_SIZE])
1140 {
1141  uint32_t sid = htonl (serial);
1142  char res[AES_KEY_SIZE + AES_IV_SIZE];
1143 
1144  GNUNET_CRYPTO_hkdf (res,
1145  sizeof(res),
1146  GCRY_MD_SHA512,
1147  GCRY_MD_SHA256,
1148  &sid,
1149  sizeof(sid),
1150  msec,
1151  sizeof(*msec),
1152  "UDP-IV-KEY",
1153  strlen ("UDP-IV-KEY"),
1154  NULL,
1155  0);
1156  memcpy (key, res, AES_KEY_SIZE);
1157  memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
1158 }
1159 
1160 
1166 static void
1168 {
1169  sender->timeout =
1172 }
1173 
1174 
1180 static void
1182 {
1183  receiver->timeout =
1186  receiver->timeout.abs_value_us);
1187 }
1188 
1189 
1195 static void
1196 check_timeouts (void *cls)
1197 {
1198  struct GNUNET_TIME_Relative st;
1199  struct GNUNET_TIME_Relative rt;
1200  struct GNUNET_TIME_Relative delay;
1201  struct ReceiverAddress *receiver;
1202  struct SenderAddress *sender;
1203 
1204  (void) cls;
1205  timeout_task = NULL;
1207  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1208  {
1209  /* if (GNUNET_YES != receiver->receiver_destroy_called) */
1210  /* { */
1212  if (0 != rt.rel_value_us)
1213  break;
1215  "Receiver timed out\n");
1216  receiver_destroy (receiver);
1217  // }
1218  }
1220  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1221  {
1222  if (GNUNET_YES != sender->sender_destroy_called)
1223  {
1225  if (0 != st.rel_value_us)
1226  break;
1227  sender_destroy (sender);
1228  }
1229  }
1230  delay = GNUNET_TIME_relative_min (rt, st);
1231  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1232  timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1233 }
1234 
1235 
1241 static void
1243 {
1244  GNUNET_CRYPTO_hkdf (&ss->cmac,
1245  sizeof(ss->cmac),
1246  GCRY_MD_SHA512,
1247  GCRY_MD_SHA256,
1248  "CMAC",
1249  strlen ("CMAC"),
1250  &ss->master,
1251  sizeof(ss->master),
1252  "UDP-CMAC",
1253  strlen ("UDP-CMAC"),
1254  NULL,
1255  0);
1256 }
1257 
1258 
1267 static void
1269  const void *plaintext,
1270  size_t plaintext_len)
1271 {
1272  const struct GNUNET_MessageHeader *hdr = plaintext;
1273  const char *pos = plaintext;
1274 
1275  while (ntohs (hdr->size) < plaintext_len)
1276  {
1277  GNUNET_STATISTICS_update (stats,
1278  "# bytes given to core",
1279  ntohs (hdr->size),
1280  GNUNET_NO);
1282  "Giving %u bytes to TNG\n", ntohs (hdr->size));
1285  &sender->target,
1286  hdr,
1288  NULL /* no flow control possible */
1289  ,
1290  NULL));
1291  /* move on to next message, if any */
1292  plaintext_len -= ntohs (hdr->size);
1293  if (plaintext_len < sizeof(*hdr))
1294  break;
1295  pos += ntohs (hdr->size);
1296  hdr = (const struct GNUNET_MessageHeader *) pos;
1297  // TODO for now..., we do not actually sen >1msg or have a way of telling
1298  // if we are done
1299  break;
1300  }
1301  GNUNET_STATISTICS_update (stats,
1302  "# bytes padding discarded",
1303  plaintext_len,
1304  GNUNET_NO);
1305 }
1306 
1307 
1316 static void
1317 setup_cipher (const struct GNUNET_HashCode *msec,
1318  uint32_t serial,
1319  gcry_cipher_hd_t *cipher)
1320 {
1321  char key[AES_KEY_SIZE];
1322  char iv[AES_IV_SIZE];
1323  int rc;
1324 
1325  GNUNET_assert (0 ==
1326  gcry_cipher_open (cipher,
1327  GCRY_CIPHER_AES256 /* low level: go for speed */,
1328  GCRY_CIPHER_MODE_GCM,
1329  0 /* flags */));
1330  get_iv_key (msec, serial, key, iv);
1331  rc = gcry_cipher_setkey (*cipher, key, sizeof(key));
1332  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1333  rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1334  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1335 }
1336 
1337 
1350 static int
1351 try_decrypt (const struct SharedSecret *ss,
1352  const char tag[GCM_TAG_SIZE],
1353  uint32_t serial,
1354  const char *in_buf,
1355  size_t in_buf_size,
1356  char *out_buf)
1357 {
1358  gcry_cipher_hd_t cipher;
1359 
1360  setup_cipher (&ss->master, serial, &cipher);
1361  GNUNET_assert (
1362  0 ==
1363  gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1364  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1365  {
1366  gcry_cipher_close (cipher);
1367  GNUNET_STATISTICS_update (stats,
1368  "# AEAD authentication failures",
1369  1,
1370  GNUNET_NO);
1371  return GNUNET_SYSERR;
1372  }
1373  gcry_cipher_close (cipher);
1374  return GNUNET_OK;
1375 }
1376 
1377 
1384 static struct SharedSecret *
1386 {
1387  struct SharedSecret *ss;
1388 
1389  ss = GNUNET_new (struct SharedSecret);
1390  GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1391  return ss;
1392 }
1393 
1394 
1402 static struct SharedSecret *
1404  struct ReceiverAddress *receiver, int add_to_receiver)
1405 {
1406  struct SharedSecret *ss;
1407 
1408  ss = GNUNET_new (struct SharedSecret);
1409  GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1410  &receiver->target.public_key,
1411  &ss->master);
1412  calculate_cmac (ss);
1413  ss->receiver = receiver;
1414  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1415  receiver->num_secrets++;
1416  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1417  return ss;
1418 }
1419 
1420 
1428 static void
1430 
1437 static void
1438 destroy_all_secrets (struct SharedSecret *ss, int withoutKce)
1439 {
1440  struct SenderAddress *sender;
1441  struct ReceiverAddress *receiver;
1442  struct SharedSecret *ss_to_destroy;
1443  struct SharedSecret *ss_start;
1444  struct SharedSecret *pos;
1445  int at_least_one_destroyed = GNUNET_NO;
1446 
1448  "Starting destroy all withoutKce: %u.\n",
1449  withoutKce);
1450 
1451  if (NULL != (sender = ss->sender))
1452  {
1453  ss_start = sender->ss_head;
1454  }
1455  else if (NULL != (receiver = ss->receiver))
1456  {
1457  ss_start = receiver->ss_head;
1458  }
1459  else
1460  {
1462  "Shared secret has no sender or receiver!\n");
1463  return;
1464  }
1465 
1466  pos = ss_start;
1467  while (NULL != pos)
1468  {
1469  ss_to_destroy = pos;
1470  pos = pos->next;
1471 
1472  if (ss != ss_to_destroy)
1473  at_least_one_destroyed = secret_destroy (ss_to_destroy, withoutKce);
1474  }
1475 
1476  if ((ss != ss_start) && ! at_least_one_destroyed)
1477  {
1479  "Really destroying all.\n");
1480  destroy_all_secrets (ss_start, GNUNET_NO);
1481  }
1482 
1484  "Finished destroy all.\n");
1485 }
1486 
1487 
1488 static void
1489 add_acks (struct SharedSecret *ss, int acks_to_add)
1490 {
1491 
1492  struct ReceiverAddress *receiver = ss->receiver;
1493 
1494  if (NULL == ss)
1496  "secret NULL!\n");
1497 
1498  if (NULL == receiver)
1500  "Receiver NULL!\n");
1501  if (NULL == receiver->d_qh)
1503  "Queue NULL!\n");
1504 
1506  "Tell transport we have %u more acks!\n",
1507  acks_to_add);
1509  "%u kce for rekeying.\n",
1510  receiver->number_rekeying_kce);
1512  receiver->d_qh,
1513  acks_to_add,
1514  1);
1515  // Until here for alternativ 1
1516 
1517  /* move ss to head to avoid discarding it anytime soon! */
1518 
1519  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1520  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1522 }
1523 
1524 
1525 static uint32_t
1527  uint32_t acks_to_add)
1528 {
1529  int needed_for_rekeying;
1530 
1532  "%u kce for rekeying and %u acks_to_add\n",
1533  receiver->number_rekeying_kce,
1534  acks_to_add);
1535 
1536  needed_for_rekeying = (3 - receiver->number_rekeying_kce);
1537  if (acks_to_add <= needed_for_rekeying)
1538  {
1539  receiver->number_rekeying_kce += acks_to_add;
1540  acks_to_add = 0;
1541  }
1542  else
1543  {
1544  acks_to_add -= (3 - receiver->number_rekeying_kce);
1545  receiver->number_rekeying_kce = 3;
1546  }
1547 
1549  "%u kce for rekeying and %u acks_to_add\n",
1550  receiver->number_rekeying_kce,
1551  acks_to_add);
1552  return acks_to_add;
1553 }
1554 
1555 
1556 static void
1558 {
1559  uint32_t acks_to_add = receiver->ss_rekey->sequence_allowed;
1560 
1561  if (receiver->number_rekeying_kce < 3)
1562  acks_to_add = reset_rekey_kces (receiver, acks_to_add);
1563  receiver->acks_available = receiver->ss_rekey->sequence_allowed;
1565  "%u receiver->acks_available 4\n",
1566  receiver->acks_available);
1567  /* add_acks (receiver->ss_rekey, acks_to_add - 3); */
1568  if (0 != acks_to_add)
1569  {
1570  add_acks (receiver->ss_rekey, acks_to_add);
1571  }
1572  receiver->ss_rekey = NULL;
1574  "# rekeying successful\n");
1575  GNUNET_STATISTICS_update (stats,
1576  "# rekeying successful",
1577  1,
1578  GNUNET_NO);
1579 }
1580 
1581 
1592 static int
1593 handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1594 {
1595  const struct UDPAck *ack = cls;
1596  struct ReceiverAddress *receiver = value;
1597  uint32_t acks_to_add;
1598  uint32_t allowed;
1599  // int needed_for_rekeying;
1600 
1602  "in handle ack with cmac %s\n",
1603  GNUNET_h2s (&ack->cmac));
1604 
1605  if (NULL != receiver->ss_rekey)
1607  "We have rekey secret with cmac %s \n",
1608  GNUNET_h2s (&receiver->ss_rekey->cmac));
1609 
1610  if ((NULL != receiver->ss_rekey) && (0 == memcmp (&ack->cmac,
1611  &receiver->ss_rekey->cmac,
1612  sizeof(struct
1613  GNUNET_HashCode))) )
1614  {
1615  allowed = ntohl (ack->sequence_max);
1616 
1617  if (allowed > receiver->ss_rekey->sequence_allowed)
1618  {
1620  "%u > %u (%u %u) for rekey secrect %s\n", allowed,
1621  receiver->ss_rekey->sequence_allowed,
1622  receiver->acks_available,
1623  ack->acks_available,
1624  GNUNET_h2s (&receiver->ss_rekey->master));
1625 
1626  receiver->ss_rekey->sequence_allowed = allowed;
1627 
1628  if (GNUNET_NO == receiver->rekeying)
1629  add_acks_rekey (receiver);
1630 
1631  return GNUNET_NO;
1632  }
1633  }
1634 
1635  (void) pid;
1636  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1637  {
1638  if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1639  {
1640 
1642  "Found matching mac\n");
1643 
1644  allowed = ntohl (ack->sequence_max);
1645 
1646  if (allowed > ss->sequence_allowed)
1647  {
1649  "%u > %u (%u %u) for secrect %s\n", allowed,
1650  ss->sequence_allowed,
1651  receiver->acks_available,
1652  ack->acks_available,
1653  GNUNET_h2s (&ss->master));
1654  // Uncomment this for alternativ 1 of backchannel functionality
1655  acks_to_add = (allowed - ss->sequence_allowed);
1656  if ((GNUNET_NO == receiver->rekeying) &&
1657  (receiver->number_rekeying_kce < 3) )
1658  acks_to_add = reset_rekey_kces (receiver, acks_to_add);
1659  /* if ((GNUNET_NO == receiver->rekeying) && */
1660  /* (receiver->number_rekeying_kce < */
1661  /* 3) ) */
1662  /* { */
1663  /* needed_for_rekeying = (3 - receiver->number_rekeying_kce); */
1664  /* if (acks_to_add <= needed_for_rekeying) */
1665  /* { */
1666  /* receiver->number_rekeying_kce += acks_to_add; */
1667  /* acks_to_add = 0; */
1668  /* } */
1669  /* else */
1670  /* { */
1671  /* acks_to_add -= (3 - receiver->number_rekeying_kce); */
1672  /* receiver->number_rekeying_kce = 3; */
1673  /* } */
1674  /* } */
1675  /* GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, */
1676  /* "%u kce for rekeying\n", */
1677  /* receiver->number_rekeying_kce); */
1678 
1679  if ((0 != acks_to_add) && (GNUNET_NO == receiver->rekeying))
1680  {
1681  receiver->acks_available += (allowed - ss->sequence_allowed);
1682  ss->sequence_allowed = allowed;
1684  "%u receiver->acks_available 5\n",
1685  receiver->acks_available);
1686  add_acks (ss, acks_to_add);
1687  }
1688  }
1689  return GNUNET_NO;
1690  }
1691  }
1692  return GNUNET_YES;
1693 }
1694 
1695 
1704 static void
1706  const void *buf,
1707  size_t buf_size)
1708 {
1709  const struct GNUNET_MessageHeader *hdr =
1710  (const struct GNUNET_MessageHeader *) buf;
1711  const struct UDPAck *ack = (const struct UDPAck *) buf;
1712  uint16_t type;
1713 
1714  if (sizeof(*hdr) > buf_size)
1715  return; /* not even a header */
1716  if (ntohs (hdr->size) > buf_size)
1717  return; /* not even a header */
1718  type = ntohs (hdr->type);
1719  switch (type)
1720  {
1722  /* lookup master secret by 'cmac', then update sequence_max */
1724  &sender->target,
1725  &handle_ack,
1726  (void *) ack);
1727  /* There could be more messages after the ACK, handle those as well */
1728  buf += ntohs (hdr->size);
1729  buf_size -= ntohs (hdr->size);
1730  pass_plaintext_to_core (sender, buf, buf_size);
1731  break;
1732 
1734  /* skip padding */
1735  break;
1736 
1737  default:
1738  pass_plaintext_to_core (sender, buf, buf_size);
1739  }
1740 }
1741 
1742 
1743 static void
1744 kce_generate_cb (void *cls)
1745 {
1746  struct SharedSecret *ss = cls;
1747  kce_task = NULL;
1748 
1749  if (((GNUNET_NO == ss->sender->rekeying) && (ss->sender->acks_available <
1750  KCN_TARGET) ) ||
1751  ((ss->sender->ss_rekey == ss) && (GNUNET_YES == ss->sender->rekeying) &&
1752  (ss->sender->acks_available < 128)))
1753  {
1754 
1756  "Precomputing keys for master %s\n",
1757  GNUNET_h2s (&(ss->master)));
1758 
1759  for (int i = 0; i < GENERATE_AT_ONCE; i++)
1760  kce_generate (ss, ++ss->sequence_allowed);
1761 
1764  ss);
1765  }
1766  else
1767  {
1769  "We have enough keys.\n");
1770  ss_finished = ss;
1772  }
1773 
1774 
1775 }
1776 
1777 
1778 static void
1780 {
1781  struct SharedSecret *ss = cls;
1782  kce_task_rekey = NULL;
1783 
1784  if (NULL == kce_task)
1785  {
1786 
1788  "Precomputing keys for rekey master %s\n",
1789  GNUNET_h2s (&(ss->master)));
1790 
1791  for (int i = 0; i < GENERATE_AT_ONCE; i++)
1792  kce_generate (ss, ++ss->sequence_allowed);
1793 
1796  ss);
1797  kce_task_rekey = NULL;
1798  }
1799  else
1800  {
1803  ss);
1804  }
1805 }
1806 
1807 
1817 static void
1818 consider_ss_ack (struct SharedSecret *ss, int initial)
1819 {
1820  GNUNET_assert (NULL != ss->sender);
1822  "Considering SS UDPAck %s\n",
1823  GNUNET_i2s_full (&ss->sender->target));
1824 
1826  "We have %u acks available.\n",
1827  ss->sender->acks_available);
1828  /* drop ancient KeyCacheEntries */
1829  while ((NULL != ss->kce_head) &&
1830  (MAX_SQN_DELTA <
1832  kce_destroy (ss->kce_tail);
1833 
1834 
1835  if (GNUNET_NO == initial)
1836  kce_generate (ss, ++ss->sequence_allowed);
1837 
1838  /*if (0 == ss->sender->acks_available)
1839  {
1840  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1841  "Generating keys\n");
1842  while (ss->active_kce_count < KCN_TARGET)
1843  kce_generate (ss, ++ss->sequence_allowed);
1844  }*/
1845 
1846  if (((NULL != kce_task) && kce_task_finished) || (GNUNET_NO == initial))
1847  {
1848  struct UDPAck ack;
1849  struct SharedSecret *ss_tell;
1850 
1851  if (GNUNET_NO != initial)
1852  ss_tell = ss_finished;
1853  else
1854  ss_tell = ss;
1855 
1857  ack.header.size = htons (sizeof(ack));
1858  ack.sequence_max = htonl (ss_tell->sequence_allowed);
1860  ack.cmac = ss_tell->cmac;
1862  "Notifying transport of UDPAck %s with intial %u and master %s\n",
1863  GNUNET_i2s_full (&ss_tell->sender->target),
1864  initial,
1865  GNUNET_h2s (&(ss_tell->master)));
1867  &ss_tell->sender->target,
1869  &ack.header);
1870  if (GNUNET_NO != initial)
1871  {
1873  kce_task = NULL;
1875  }
1876  }
1877  else if ((NULL == kce_task) && ((KCN_THRESHOLD >
1878  ss->sender->acks_available) ||
1879  (GNUNET_YES == ss->sender->rekeying) ||
1880  (ss->sender->num_secrets > MAX_SECRETS) ))
1881  {
1882 
1883  // kce_generate (ss, ++ss->sequence_allowed);
1884  // kce_generate (ss, ++ss->sequence_allowed);
1885  // TODO This task must be per sender!
1888  ss);
1889 
1890  }
1891  else if ((NULL == kce_task_rekey) && (GNUNET_YES ==
1892  ss->sender->rekeying) )
1893  {
1896  ss);
1897  }
1898 }
1899 
1900 
1908 static void
1909 decrypt_box (const struct UDPBox *box,
1910  size_t box_len,
1911  struct KeyCacheEntry *kce)
1912 {
1913  struct SharedSecret *ss = kce->ss;
1914  char out_buf[box_len - sizeof(*box)];
1915 
1916  GNUNET_assert (NULL != ss->sender);
1917  if (GNUNET_OK != try_decrypt (ss,
1918  box->gcm_tag,
1919  kce->sequence_number,
1920  (const char *) &box[1],
1921  sizeof(out_buf),
1922  out_buf))
1923  {
1924  GNUNET_STATISTICS_update (stats,
1925  "# Decryption failures with valid KCE",
1926  1,
1927  GNUNET_NO);
1928  kce_destroy (kce);
1929  return;
1930  }
1931  kce_destroy (kce);
1932  GNUNET_STATISTICS_update (stats,
1933  "# bytes decrypted with BOX",
1934  sizeof(out_buf),
1935  GNUNET_NO);
1936  GNUNET_STATISTICS_update (stats,
1937  "# messages decrypted with BOX",
1938  1,
1939  GNUNET_NO);
1941  "decrypted UDPBox with kid %s\n",
1942  GNUNET_sh2s (&box->kid));
1943  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1944  if ((GNUNET_NO == box->rekeying) && (GNUNET_YES == ss->sender->rekeying))
1945  {
1946  ss->sender->rekeying = GNUNET_NO;
1947  ss->sender->ss_rekey = NULL;
1948  // destroy_all_secrets (ss, GNUNET_NO);
1950  "Receiver stopped rekeying.\n");
1951  }
1952  else if (GNUNET_NO == box->rekeying)
1953  consider_ss_ack (ss, GNUNET_NO);
1954  else
1955  {
1956  ss->sender->rekeying = GNUNET_YES;
1958  "Got Box: Receiver doing rekeying.\n");
1959  }
1960 }
1961 
1962 
1970 static void
1971 decrypt_rekey (const struct UDPRekey *rekey,
1972  size_t rekey_len,
1973  struct KeyCacheEntry *kce,
1974  struct SenderAddress *sender)
1975 {
1976  struct SharedSecret *ss = kce->ss;
1977  struct SharedSecret *ss_rekey;
1978  char out_buf[rekey_len - sizeof(*rekey)];
1979  struct GNUNET_HashCode *master;
1980 
1981 
1983  "decrypt_rekey.\n");
1984 
1985  GNUNET_assert (NULL != ss->sender);
1986  if (GNUNET_OK != try_decrypt (ss,
1987  rekey->gcm_tag,
1988  kce->sequence_number,
1989  (const char *) &rekey[1],
1990  sizeof(out_buf),
1991  out_buf))
1992  {
1993  GNUNET_STATISTICS_update (stats,
1994  "# Decryption failures with valid KCE",
1995  1,
1996  GNUNET_NO);
1998  "Decryption with kid %s failed\n",
1999  GNUNET_sh2s (&rekey->kid));
2000  kce_destroy (kce);
2001  return;
2002  }
2003  kce_destroy (kce);
2004  GNUNET_STATISTICS_update (stats,
2005  "# bytes decrypted with Rekey",
2006  sizeof(out_buf),
2007  GNUNET_NO);
2009  "decrypted UDPRekey with kid %s\n",
2010  GNUNET_sh2s (&rekey->kid));
2011  /*cmac = (struct GNUNET_HashCode *) out_buf;
2012  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2013  "Received secret with cmac %s \n",
2014  GNUNET_h2s (&cmac));*/
2015  // ss_rekey = (struct SharedSecret *) out_buf;
2016  master = (struct GNUNET_HashCode *) out_buf;
2017  ss_rekey = GNUNET_new (struct SharedSecret);
2018  ss_rekey->master = *master;
2019  calculate_cmac (ss_rekey);
2020  ss_rekey->sender = sender;
2021  // ss_rekey->sequence_used = 0;
2022  // ss_rekey->sequence_allowed = 0;
2023  /* ss_rekey->active_kce_count = 0; */
2024  /* ss_rekey->prev = NULL; */
2025  /* ss_rekey->next = NULL; */
2026  /* GNUNET_assert (ss_rekey->prev == NULL && sender->ss_head != ss_rekey); */
2027  /* GNUNET_assert (ss_rekey->next == NULL && sender->ss_tail != ss_rekey); */
2028  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey);
2029  sender->ss_rekey = ss_rekey;
2030  sender->num_secrets++;
2032  "Received secret with cmac %s\n",
2033  GNUNET_h2s (&(ss_rekey->cmac)));
2035  "Received secret with master %s.\n",
2036  GNUNET_h2s (&(ss_rekey->master)));
2038  "We have %u sequence_allowed.\n",
2039  ss_rekey->sequence_allowed);
2041  "We have a sender %p\n",
2042  ss_rekey->sender);
2044  "We have %u acks available.\n",
2045  ss_rekey->sender->acks_available);
2046  consider_ss_ack (ss_rekey, GNUNET_YES);
2047 
2048 }
2049 
2050 
2054 struct SearchContext
2055 {
2059  const struct sockaddr *address;
2060 
2064  socklen_t address_len;
2065 
2070 };
2071 
2072 
2081 static int
2083  const struct GNUNET_PeerIdentity *key,
2084  void *value)
2085 {
2086  struct SearchContext *sc = cls;
2087  struct SenderAddress *sender = value;
2088 
2089  if ((sender->address_len == sc->address_len) &&
2090  (0 == memcmp (sender->address, sc->address, sender->address_len)))
2091  {
2092  sc->sender = sender;
2093  return GNUNET_NO; /* stop iterating! */
2094  }
2095  return GNUNET_YES;
2096 }
2097 
2098 
2110 static struct SenderAddress *
2112  const struct sockaddr *address,
2113  socklen_t address_len)
2114 {
2115  struct SenderAddress *sender;
2116  struct SearchContext sc = { .address = address,
2117  .address_len = address_len,
2118  .sender = NULL };
2119 
2121  target,
2123  &sc);
2124  if (NULL != sc.sender)
2125  {
2127  return sc.sender;
2128  }
2129  sender = GNUNET_new (struct SenderAddress);
2130  sender->target = *target;
2131  sender->address = GNUNET_memdup (address, address_len);
2132  sender->address_len = address_len;
2134  senders,
2135  &sender->target,
2136  sender,
2138  GNUNET_STATISTICS_set (stats,
2139  "# senders active",
2141  GNUNET_NO);
2142  sender->timeout =
2144  sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
2145  sender,
2146  sender->timeout.abs_value_us);
2147  sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
2148  if (NULL == timeout_task)
2149  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2150  return sender;
2151 }
2152 
2153 
2161 static int
2163  const struct UDPConfirmation *uc)
2164 {
2165  struct UdpHandshakeSignature uhs;
2166 
2168  uhs.purpose.size = htonl (sizeof(uhs));
2169  uhs.sender = uc->sender;
2170  uhs.receiver = my_identity;
2171  uhs.ephemeral = *ephemeral;
2172  uhs.monotonic_time = uc->monotonic_time;
2175  &uhs,
2176  &uc->sender_sig,
2177  &uc->sender.public_key);
2178 }
2179 
2180 
2189 static char *
2190 sockaddr_to_udpaddr_string (const struct sockaddr *address,
2191  socklen_t address_len)
2192 {
2193  char *ret;
2194 
2195  switch (address->sa_family)
2196  {
2197  case AF_INET:
2198  GNUNET_asprintf (&ret,
2199  "%s-%s",
2201  GNUNET_a2s (address, address_len));
2202  break;
2203 
2204  case AF_INET6:
2205  GNUNET_asprintf (&ret,
2206  "%s-%s",
2208  GNUNET_a2s (address, address_len));
2209  break;
2210 
2211  default:
2212  GNUNET_assert (0);
2213  }
2214  return ret;
2215 }
2216 
2217 
2223 static void
2224 sock_read (void *cls)
2225 {
2226  struct sockaddr_storage sa;
2227  socklen_t salen = sizeof(sa);
2228  char buf[UINT16_MAX];
2229  ssize_t rcvd;
2230 
2231  (void) cls;
2233  udp_sock,
2234  &sock_read,
2235  NULL);
2236  rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
2237  buf,
2238  sizeof(buf),
2239  (struct sockaddr *) &sa,
2240  &salen);
2241  if (-1 == rcvd)
2242  {
2244  return;
2245  }
2247  "Read %lu bytes\n", rcvd);
2248 
2249  if (rcvd > sizeof(struct UDPRekey))
2250  {
2251  const struct UDPRekey *rekey;
2252  const struct UDPBox *box;
2253  struct KeyCacheEntry *kce;
2254  struct SenderAddress *sender;
2255  int do_decrypt = GNUNET_NO;
2256 
2257  rekey = (const struct UDPRekey *) buf;
2258  box = (const struct UDPBox *) buf;
2259  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &rekey->kid);
2260 
2261  if ((GNUNET_YES == box->rekeying) || (GNUNET_NO == box->rekeying))
2263  "UDPRekey has rekeying %u\n",
2264  box->rekeying);
2265  else
2266  do_decrypt = GNUNET_YES;
2267 
2268  if ((GNUNET_YES == do_decrypt) && (NULL != kce) && (GNUNET_YES ==
2269  kce->ss->sender->
2270  rekeying))
2271  {
2273  "UDPRekey with kid %s\n",
2274  GNUNET_sh2s (&rekey->kid));
2275  sender = setup_sender (&rekey->sender, (const struct sockaddr *) &sa,
2276  salen);
2277 
2278  if (NULL != sender->ss_rekey)
2279  return;
2280 
2281  decrypt_rekey (rekey, (size_t) rcvd, kce, sender);
2282  return;
2283  }
2284  }
2285 
2286  /* first, see if it is a UDPBox */
2287  if (rcvd > sizeof(struct UDPBox))
2288  {
2289  const struct UDPBox *box;
2290  struct KeyCacheEntry *kce;
2291 
2292  box = (const struct UDPBox *) buf;
2293  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
2294  if (NULL != kce)
2295  {
2296  decrypt_box (box, (size_t) rcvd, kce);
2297  return;
2298  }
2299  }
2300 
2301  /* next, check if it is a broadcast */
2302  if (sizeof(struct UDPBroadcast) == rcvd)
2303  {
2304  const struct UDPBroadcast *ub;
2305  struct UdpBroadcastSignature uhs;
2306 
2307  ub = (const struct UDPBroadcast *) buf;
2309  uhs.purpose.size = htonl (sizeof(uhs));
2310  uhs.sender = ub->sender;
2311  GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
2312  if (GNUNET_OK ==
2314  &uhs,
2315  &ub->sender_sig,
2316  &ub->sender.public_key))
2317  {
2318  char *addr_s;
2319  enum GNUNET_NetworkType nt;
2320 
2321  addr_s =
2322  sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
2323  GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
2324  /* use our own mechanism to determine network type */
2325  nt =
2326  GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
2327  GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s);
2328  GNUNET_free (addr_s);
2329  return;
2330  }
2331  /* continue with KX, mostly for statistics... */
2332  }
2333 
2334 
2335  /* finally, test if it is a KX */
2336  if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
2337  {
2338  GNUNET_STATISTICS_update (stats,
2339  "# messages dropped (no kid, too small for KX)",
2340  1,
2341  GNUNET_NO);
2342  return;
2343  }
2345  "Got KX\n");
2346  {
2347  const struct InitialKX *kx;
2348  struct SharedSecret *ss;
2349  char pbuf[rcvd - sizeof(struct InitialKX)];
2350  const struct UDPConfirmation *uc;
2351  struct SenderAddress *sender;
2352 
2353  kx = (const struct InitialKX *) buf;
2354  ss = setup_shared_secret_dec (&kx->ephemeral);
2356  "Before DEC\n");
2357 
2358  if (GNUNET_OK != try_decrypt (ss,
2359  kx->gcm_tag,
2360  0,
2361  &buf[sizeof(*kx)],
2362  sizeof(pbuf),
2363  pbuf))
2364  {
2366  "Unable to decrypt tag, dropping...\n");
2367  GNUNET_free (ss);
2369  stats,
2370  "# messages dropped (no kid, AEAD decryption failed)",
2371  1,
2372  GNUNET_NO);
2373  return;
2374  }
2376  "Before VERIFY\n");
2377 
2378  uc = (const struct UDPConfirmation *) pbuf;
2379  if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
2380  {
2381  GNUNET_break_op (0);
2382  GNUNET_free (ss);
2383  GNUNET_STATISTICS_update (stats,
2384  "# messages dropped (sender signature invalid)",
2385  1,
2386  GNUNET_NO);
2387  return;
2388  }
2390  "Before SETUP_SENDER\n");
2391 
2392  calculate_cmac (ss);
2393  sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
2394  ss->sender = sender;
2395  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
2396  sender->num_secrets++;
2397  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
2398  GNUNET_STATISTICS_update (stats,
2399  "# messages decrypted without BOX",
2400  1,
2401  GNUNET_NO);
2402  try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
2403  if ((GNUNET_NO == kx->rekeying) && (GNUNET_YES == ss->sender->rekeying))
2404  {
2405  ss->sender->rekeying = GNUNET_NO;
2406  sender->ss_rekey = NULL;
2407  // destroy_all_secrets (ss, GNUNET_NO);
2409  "Receiver stopped rekeying.\n");
2410  }
2411  else if (GNUNET_NO == kx->rekeying)
2413  else
2414  {
2415  ss->sender->rekeying = GNUNET_YES;
2417  "Got KX: Receiver doing rekeying.\n");
2418  }
2419  /*if (sender->num_secrets > MAX_SECRETS)
2420  secret_destroy (sender->ss_tail);*/
2421  }
2422 }
2423 
2424 
2432 static struct sockaddr *
2433 udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
2434 {
2435  struct sockaddr *in;
2436  unsigned int port;
2437  char dummy[2];
2438  char *colon;
2439  char *cp;
2440 
2441  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
2442  {
2443  /* interpreting value as just a PORT number */
2444  if (port > UINT16_MAX)
2445  {
2447  "BINDTO specification `%s' invalid: value too large for port\n",
2448  bindto);
2449  return NULL;
2450  }
2451  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
2452  (GNUNET_YES ==
2455  "DISABLE_V6")))
2456  {
2457  struct sockaddr_in *i4;
2458 
2459  i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
2460  i4->sin_family = AF_INET;
2461  i4->sin_port = htons ((uint16_t) port);
2462  *sock_len = sizeof(struct sockaddr_in);
2463  in = (struct sockaddr *) i4;
2464  }
2465  else
2466  {
2467  struct sockaddr_in6 *i6;
2468 
2469  i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
2470  i6->sin6_family = AF_INET6;
2471  i6->sin6_port = htons ((uint16_t) port);
2472  *sock_len = sizeof(struct sockaddr_in6);
2473  in = (struct sockaddr *) i6;
2474  }
2475  return in;
2476  }
2477  cp = GNUNET_strdup (bindto);
2478  colon = strrchr (cp, ':');
2479  if (NULL != colon)
2480  {
2481  /* interpet value after colon as port */
2482  *colon = '\0';
2483  colon++;
2484  if (1 == sscanf (colon, "%u%1s", &port, dummy))
2485  {
2486  /* interpreting value as just a PORT number */
2487  if (port > UINT16_MAX)
2488  {
2490  "BINDTO specification `%s' invalid: value too large for port\n",
2491  bindto);
2492  GNUNET_free (cp);
2493  return NULL;
2494  }
2495  }
2496  else
2497  {
2498  GNUNET_log (
2500  "BINDTO specification `%s' invalid: last ':' not followed by number\n",
2501  bindto);
2502  GNUNET_free (cp);
2503  return NULL;
2504  }
2505  }
2506  else
2507  {
2508  /* interpret missing port as 0, aka pick any free one */
2509  port = 0;
2510  }
2511  {
2512  /* try IPv4 */
2513  struct sockaddr_in v4;
2514  if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
2515  {
2516  v4.sin_family = AF_INET;
2517  v4.sin_port = htons ((uint16_t) port);
2518 #if HAVE_SOCKADDR_IN_SIN_LEN
2519  v4.sin_len = sizeof(struct sockaddr_in);
2520 #endif
2521  in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
2522  *sock_len = sizeof(struct sockaddr_in);
2523  GNUNET_free (cp);
2524  return in;
2525  }
2526  }
2527  {
2528  /* try IPv6 */
2529  struct sockaddr_in6 v6;
2530  const char *start;
2531 
2532  start = cp;
2533  if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
2534  {
2535  start++; /* skip over '[' */
2536  cp[strlen (cp) - 1] = '\0'; /* eat ']' */
2537  }
2538  if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
2539  {
2540  v6.sin6_family = AF_INET6;
2541  v6.sin6_port = htons ((uint16_t) port);
2542 #if HAVE_SOCKADDR_IN_SIN_LEN
2543  v6.sin6_len = sizeof(sizeof(struct sockaddr_in6));
2544 #endif
2545  in = GNUNET_memdup (&v6, sizeof(v6));
2546  *sock_len = sizeof(v6);
2547  GNUNET_free (cp);
2548  return in;
2549  }
2550  }
2551  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
2552  GNUNET_free (cp);
2553  return NULL;
2554 }
2555 
2556 
2564 static void
2565 do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
2566 {
2567  char pad[pad_size];
2568 
2570  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
2571  {
2572  struct GNUNET_MessageHeader hdr =
2573  { .size = htons (sizeof(pad)),
2574  .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
2575 
2576  memcpy (pad, &hdr, sizeof(hdr));
2577  }
2578  GNUNET_assert (
2579  0 ==
2580  gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
2581 }
2582 
2583 
2592 static void
2594  const struct GNUNET_MessageHeader *msg,
2595  void *impl_state)
2596 {
2597  struct ReceiverAddress *receiver = impl_state;
2598  uint16_t msize = ntohs (msg->size);
2599  struct UdpHandshakeSignature uhs;
2600  struct UDPConfirmation uc;
2601  struct InitialKX kx;
2602  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2603  char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)];
2604  size_t dpos;
2605  gcry_cipher_hd_t out_cipher;
2606  struct SharedSecret *ss;
2607 
2608  GNUNET_assert (mq == receiver->kx_mq);
2609  if (msize > receiver->kx_mtu)
2610  {
2611  GNUNET_break (0);
2612  if (GNUNET_YES != receiver->receiver_destroy_called)
2613  receiver_destroy (receiver);
2614  return;
2615  }
2616  reschedule_receiver_timeout (receiver);
2617 
2618  /* setup key material */
2620 
2621  ss = setup_shared_secret_enc (&epriv, receiver, GNUNET_YES);
2622 
2623  if (receiver->num_secrets > MAX_SECRETS)
2624  {
2626  }
2627 
2628  setup_cipher (&ss->master, 0, &out_cipher);
2629  /* compute 'uc' */
2630  uc.sender = my_identity;
2631  uc.monotonic_time =
2634  uhs.purpose.size = htonl (sizeof(uhs));
2635  uhs.sender = my_identity;
2636  uhs.receiver = receiver->target;
2638  uhs.monotonic_time = uc.monotonic_time;
2639  GNUNET_CRYPTO_eddsa_sign (my_private_key,
2640  &uhs,
2641  &uc.sender_sig);
2642  /* Leave space for kx */
2643  dpos = sizeof(kx);
2644  /* Append encrypted uc to dgram */
2645  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
2646  &dgram[dpos],
2647  sizeof(uc),
2648  &uc,
2649  sizeof(uc)));
2650  dpos += sizeof(uc);
2651  /* Append encrypted payload to dgram */
2652  GNUNET_assert (
2653  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2654  dpos += msize;
2655  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2656  /* Datagram starts with kx */
2657  kx.ephemeral = uhs.ephemeral;
2658  GNUNET_assert (
2659  0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
2660  gcry_cipher_close (out_cipher);
2661  if (GNUNET_NO == receiver->rekeying)
2662  kx.rekeying = GNUNET_NO;
2663  else
2664  kx.rekeying = GNUNET_YES;
2665  memcpy (dgram, &kx, sizeof(kx));
2666  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2667  dgram,
2668  sizeof(dgram),
2669  receiver->address,
2670  receiver->address_len))
2673  "Sending KX to %s\n", GNUNET_a2s (receiver->address,
2674  receiver->address_len));
2676 }
2677 
2678 
2679 static void
2680 check_for_rekeying (struct ReceiverAddress *receiver, struct UDPBox *box)
2681 {
2682 
2683  struct GNUNET_TIME_Relative rt;
2684 
2686  "Timeout is %lu\n.",
2687  receiver->rekey_timeout.abs_value_us);
2688 
2689  if (0 == receiver->rekey_timeout.abs_value_us)
2690  {
2692  rekey_interval);
2693  }
2694  else
2695  {
2698  "Relative time is %lu and timeout is %lu\n.",
2699  rt.rel_value_us,
2700  receiver->rekey_timeout.abs_value_us);
2701 
2702  if ((0 == rt.rel_value_us) || (receiver->rekey_send_bytes >
2703  rekey_max_bytes) )
2704  {
2706  "Bytes send %lu greater than %llu max bytes\n.",
2707  receiver->rekey_send_bytes,
2708  rekey_max_bytes);
2710  "Relative time is %lu and timeout is %lu\n.",
2711  rt.rel_value_us,
2712  receiver->rekey_timeout.abs_value_us);
2713 
2714  receiver->rekey_timeout.abs_value_us = 0;
2715  receiver->rekey_send_bytes = 0;
2716  receiver->ss_rekey = NULL;
2717  // destroy_all_secrets (ss, GNUNET_NO);
2718  receiver->rekeying = GNUNET_YES;
2719  receiver->rekey_acks_available = receiver->acks_available;
2720  box->rekeying = GNUNET_YES;
2722  "Sender started rekeying.\n");
2723  if (GNUNET_YES == box->rekeying)
2725  "Sending rekeying with kid %s\n",
2726  GNUNET_sh2s (&box->kid));
2727  }
2728  }
2729 }
2730 
2731 
2732 static void
2733 send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss)
2734 {
2735  uint8_t is_ss_rekey_sequence_allowed_zero = GNUNET_NO;
2736  uint8_t is_acks_available_below = GNUNET_NO;
2737  uint8_t send_rekey = GNUNET_NO;
2738  uint16_t not_below;
2739  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2740  struct UDPRekey *rekey;
2741  size_t dpos;
2742 
2743  char rekey_dgram[sizeof(struct UDPRekey) + receiver->d_mtu];
2744 
2745  if (NULL != receiver->ss_rekey)
2746  {
2747  not_below = (receiver->rekey_acks_available
2748  - (receiver->rekey_acks_available % 3)) / 3;
2749  is_ss_rekey_sequence_allowed_zero = (0 ==
2750  receiver->ss_rekey->sequence_allowed);
2751  is_acks_available_below = (receiver->acks_available >= not_below);
2752  send_rekey = (0 == (receiver->acks_available - not_below) % not_below) &&
2753  is_acks_available_below && is_ss_rekey_sequence_allowed_zero;
2755  "send_rekey: %u, %u, %u\n",
2756  send_rekey,
2757  receiver->rekey_acks_available,
2758  receiver->acks_available);
2759  }
2760  else if (NULL == receiver->ss_rekey)
2761  {
2762  /* setup key material */
2764  receiver->ss_rekey = setup_shared_secret_enc (&epriv, receiver,
2765  GNUNET_NO);
2766  receiver->ss_rekey->sequence_allowed = 0;
2768  "Setup secret with cmac %s\n",
2769  GNUNET_h2s (&(receiver->ss_rekey->cmac)));
2771  "Setup secret with master %s.\n",
2772  GNUNET_h2s (&(receiver->ss_rekey->master)));
2773  }
2774 
2775  if (send_rekey)
2776  {
2777  GNUNET_assert (0 != receiver->number_rekeying_kce);
2778  gcry_cipher_hd_t rekey_out_cipher;
2779 
2780  while (NULL != ss && ss->sequence_used >= ss->sequence_allowed)
2781  {
2782  ss = ss->prev;
2783  }
2784 
2785  if (NULL != ss)
2786  {
2787  rekey = (struct UDPRekey *) rekey_dgram;
2788  rekey->sender = my_identity;
2789  ss->sequence_used++;
2790  get_kid (&ss->master, ss->sequence_used, &rekey->kid);
2791  receiver->number_rekeying_kce--;
2792  setup_cipher (&ss->master, ss->sequence_used, &rekey_out_cipher);
2793  /* Append encrypted payload to dgram */
2794  dpos = sizeof(struct UDPRekey);
2795 
2796  GNUNET_assert (
2797  0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos],
2798  sizeof(receiver->ss_rekey->master),
2799  &(receiver->ss_rekey->master),
2800  sizeof(receiver->ss_rekey->master)));
2801  dpos += sizeof(receiver->ss_rekey->master);
2802  /* GNUNET_assert ( */
2803  /* 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], */
2804  /* /\*sizeof(receiver->ss_rekey->cmac), */
2805  /* &(receiver->ss_rekey->cmac), */
2806  /* sizeof(receiver->ss_rekey->cmac))); */
2807  /* dpos += sizeof(receiver->ss_rekey->cmac);*\/ */
2808  /* sizeof(receiver->ss_rekey), */
2809  /* receiver->ss_rekey, */
2810  /* sizeof(receiver->ss_rekey))); */
2811  /* dpos += sizeof(receiver->ss_rekey); */
2812  do_pad (rekey_out_cipher, &rekey_dgram[dpos], sizeof(rekey_dgram)
2813  - dpos);
2814  GNUNET_assert (0 == gcry_cipher_gettag (rekey_out_cipher,
2815  rekey->gcm_tag,
2816  sizeof(rekey->gcm_tag)));
2817  gcry_cipher_close (rekey_out_cipher);
2818 
2820  "Sending rekey with kid %s and master %s\n",
2821  GNUNET_sh2s (&rekey->kid),
2822  GNUNET_h2s (&(receiver->ss_rekey->master)));
2824  "Sending rekey with cmac %s\n",
2825  GNUNET_h2s (&(receiver->ss_rekey->cmac)));
2827  "%u rekey kces left.\n",
2828  receiver->number_rekeying_kce);
2829 
2830  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2831  rekey_dgram,
2832  sizeof(rekey_dgram),
2833  receiver->address,
2834  receiver->address_len))
2836 
2837  receiver->acks_available--;
2839  "%u receiver->acks_available 1\n",
2840  receiver->acks_available);
2842  "Sending UDPRekey to %s\n", GNUNET_a2s (receiver->address,
2843  receiver->
2844  address_len));
2845  }
2846  }
2847 }
2848 
2849 
2858 static void
2860  const struct GNUNET_MessageHeader *msg,
2861  void *impl_state)
2862 {
2863  struct ReceiverAddress *receiver = impl_state;
2864  uint16_t msize = ntohs (msg->size);
2865 
2866  GNUNET_assert (mq == receiver->d_mq);
2867  if ((msize > receiver->d_mtu) ||
2868  (0 == receiver->acks_available))
2869  {
2871  "msize: %u, mtu: %lu, acks: %u\n",
2872  msize,
2873  receiver->d_mtu,
2874  receiver->acks_available);
2875 
2876  GNUNET_break (0);
2877  if (GNUNET_YES != receiver->receiver_destroy_called)
2878  receiver_destroy (receiver);
2879  return;
2880  }
2881  reschedule_receiver_timeout (receiver);
2882 
2883  /* begin "BOX" encryption method, scan for ACKs from tail! */
2884  for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
2885  {
2886  if (0 < ss->sequence_used)
2888  "Trying to send UDPBox with shared secrect %s sequence_used %u and ss->sequence_allowed %u\n",
2889  GNUNET_h2s (&ss->master),
2890  ss->sequence_used,
2891  ss->sequence_allowed);
2892  // Uncomment this for alternativ 1 of backchannel functionality
2893  if (ss->sequence_used >= ss->sequence_allowed)
2894  // Until here for alternativ 1
2895  // Uncomment this for alternativ 2 of backchannel functionality
2896  // if (0 == ss->sequence_allowed)
2897  // Until here for alternativ 2
2898  {
2899  continue;
2900  }
2901  char dgram[sizeof(struct UDPBox) + receiver->d_mtu];
2902  struct UDPBox *box;
2903  gcry_cipher_hd_t out_cipher;
2904  size_t dpos;
2905 
2906  box = (struct UDPBox *) dgram;
2907  ss->sequence_used++;
2908  get_kid (&ss->master, ss->sequence_used, &box->kid);
2909  setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
2910  /* Append encrypted payload to dgram */
2911  dpos = sizeof(struct UDPBox);
2912  GNUNET_assert (
2913  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2914  dpos += msize;
2915  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2916  GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
2917  box->gcm_tag,
2918  sizeof(box->gcm_tag)));
2919  gcry_cipher_close (out_cipher);
2920 
2921  receiver->rekey_send_bytes += sizeof(struct UDPBox) + receiver->d_mtu;
2922 
2923  if (GNUNET_NO == receiver->rekeying)
2924  box->rekeying = GNUNET_NO;
2925  else
2926  box->rekeying = GNUNET_YES;
2927 
2928  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2929  dgram,
2930  sizeof(dgram),
2931  receiver->address,
2932  receiver->address_len))
2935  "Sending UDPBox %u acks left\n",
2936  receiver->acks_available);
2938  receiver->acks_available--;
2940  "%u receiver->acks_available 2\n",
2941  receiver->acks_available);
2942  check_for_rekeying (receiver, box);
2943  if (0 == receiver->acks_available - receiver->number_rekeying_kce)
2944  {
2945  /* We have no more ACKs */
2947  "No more acks\n");
2948  if (GNUNET_YES == receiver->rekeying)
2949  {
2950  receiver->rekeying = GNUNET_NO;
2952  "Sender stopped rekeying\n");
2953 
2954  if ((NULL != receiver->ss_rekey) && (0 <
2955  receiver->ss_rekey->
2956  sequence_allowed) )
2957  add_acks_rekey (receiver);
2958  }
2959  }
2960  else if ((GNUNET_YES == receiver->rekeying) )
2961  {
2962  send_UDPRekey (receiver, ss);
2963  }
2964 
2965  return;
2966  }
2967 }
2968 
2969 
2978 static void
2979 mq_destroy_d (struct GNUNET_MQ_Handle *mq, void *impl_state)
2980 {
2981  struct ReceiverAddress *receiver = impl_state;
2983  "Default MQ destroyed\n");
2984  if (mq == receiver->d_mq)
2985  {
2986  receiver->d_mq = NULL;
2987  if (GNUNET_YES != receiver->receiver_destroy_called)
2988  receiver_destroy (receiver);
2989  }
2990 }
2991 
2992 
3001 static void
3002 mq_destroy_kx (struct GNUNET_MQ_Handle *mq, void *impl_state)
3003 {
3004  struct ReceiverAddress *receiver = impl_state;
3006  "KX MQ destroyed\n");
3007  if (mq == receiver->kx_mq)
3008  {
3009  receiver->kx_mq = NULL;
3010  if (GNUNET_YES != receiver->receiver_destroy_called)
3011  receiver_destroy (receiver);
3012  }
3013 }
3014 
3015 
3022 static void
3023 mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
3024 {
3025  /* Cancellation is impossible with UDP; bail */
3026  GNUNET_assert (0);
3027 }
3028 
3029 
3039 static void
3040 mq_error (void *cls, enum GNUNET_MQ_Error error)
3041 {
3042  struct ReceiverAddress *receiver = cls;
3043 
3045  "MQ error in queue to %s: %d\n",
3046  GNUNET_i2s (&receiver->target),
3047  (int) error);
3048  receiver_destroy (receiver);
3049 }
3050 
3051 
3059 static void
3061 {
3062  size_t base_mtu;
3063 
3064  /*if (NULL != receiver->kx_qh)
3065  {
3066  GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh);
3067  receiver->kx_qh = NULL;
3068  }
3069  if (NULL != receiver->d_qh)
3070  {
3071  GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh);
3072  receiver->d_qh = NULL;
3073  }*/
3074  // GNUNET_assert (NULL == receiver->mq);
3075  switch (receiver->address->sa_family)
3076  {
3077  case AF_INET:
3078  base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
3079  - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
3080  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
3081  break;
3082 
3083  case AF_INET6:
3084  base_mtu = 1280 /* Minimum MTU required by IPv6 */
3085  - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
3086  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
3087  break;
3088 
3089  default:
3090  GNUNET_assert (0);
3091  break;
3092  }
3093  /* MTU based on full KX messages */
3094  receiver->kx_mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
3095  - sizeof(struct UDPConfirmation); /* 104 */
3096  /* MTU based on BOXed messages */
3097  receiver->d_mtu = base_mtu - sizeof(struct UDPBox);
3098 
3100  "Setting up MQs and QHs\n");
3101  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
3102  1404 (IPv4 + Box) bytes, depending on circumstances... */
3103  if (NULL == receiver->kx_mq)
3105  &mq_destroy_kx,
3106  &mq_cancel,
3107  receiver,
3108  NULL,
3109  &mq_error,
3110  receiver);
3111  if (NULL == receiver->d_mq)
3113  &mq_destroy_d,
3114  &mq_cancel,
3115  receiver,
3116  NULL,
3117  &mq_error,
3118  receiver);
3119 
3120  receiver->kx_qh =
3122  &receiver->target,
3123  receiver->foreign_addr,
3124  receiver->kx_mtu,
3126  0, /* Priority */
3127  receiver->nt,
3129  receiver->kx_mq);
3130  receiver->d_qh =
3132  &receiver->target,
3133  receiver->foreign_addr,
3134  receiver->d_mtu,
3135  0, /* Initialize with 0 acks */
3136  1, /* Priority */
3137  receiver->nt,
3139  receiver->d_mq);
3140 
3141 }
3142 
3143 
3162 static int
3163 mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
3164 {
3165  struct ReceiverAddress *receiver;
3166  const char *path;
3167  struct sockaddr *in;
3168  socklen_t in_len;
3169 
3170  if (0 != strncmp (address,
3172  strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
3173  {
3174  GNUNET_break_op (0);
3175  return GNUNET_SYSERR;
3176  }
3177  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
3178  in = udp_address_to_sockaddr (path, &in_len);
3179 
3180  receiver = GNUNET_new (struct ReceiverAddress);
3181  receiver->address = in;
3182  receiver->address_len = in_len;
3183  receiver->target = *peer;
3184  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
3186  receivers,
3187  &receiver->target,
3188  receiver,
3191  "Added %s to receivers\n",
3192  GNUNET_i2s_full (&receiver->target));
3193  receiver->timeout =
3195  receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
3196  receiver,
3197  receiver->timeout.abs_value_us);
3198  GNUNET_STATISTICS_set (stats,
3199  "# receivers active",
3201  GNUNET_NO);
3202  receiver->foreign_addr =
3203  sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
3204  setup_receiver_mq (receiver);
3205  if (NULL == timeout_task)
3206  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
3207  return GNUNET_OK;
3208 }
3209 
3210 
3219 static int
3221  const struct GNUNET_PeerIdentity *target,
3222  void *value)
3223 {
3224  struct ReceiverAddress *receiver = value;
3225 
3226  (void) cls;
3227  (void) target;
3228  receiver_destroy (receiver);
3229  return GNUNET_OK;
3230 }
3231 
3232 
3241 static int
3243  const struct GNUNET_PeerIdentity *target,
3244  void *value)
3245 {
3246  struct SenderAddress *sender = value;
3247 
3248  (void) cls;
3249  (void) target;
3250  sender_destroy (sender);
3251  return GNUNET_OK;
3252 }
3253 
3254 
3260 static void
3261 do_shutdown (void *cls)
3262 {
3264  "do_shutdown\n");
3265  if (NULL != nat)
3266  {
3267  GNUNET_NAT_unregister (nat);
3268  nat = NULL;
3269  }
3270  while (NULL != bi_head)
3271  bi_destroy (bi_head);
3272  if (NULL != broadcast_task)
3273  {
3274  GNUNET_SCHEDULER_cancel (broadcast_task);
3275  broadcast_task = NULL;
3276  }
3277  if (NULL != kce_task_rekey)
3278  {
3279  GNUNET_SCHEDULER_cancel (kce_task_rekey);
3280  kce_task_rekey = NULL;
3281  }
3282  if (NULL != kce_task)
3283  {
3284  GNUNET_SCHEDULER_cancel (kce_task);
3285  kce_task = NULL;
3286  }
3287  if (NULL != timeout_task)
3288  {
3289  GNUNET_SCHEDULER_cancel (timeout_task);
3290  timeout_task = NULL;
3291  }
3292  if (NULL != read_task)
3293  {
3294  GNUNET_SCHEDULER_cancel (read_task);
3295  read_task = NULL;
3296  }
3297  if (NULL != udp_sock)
3298  {
3300  GNUNET_NETWORK_socket_close (udp_sock));
3301  udp_sock = NULL;
3302  }
3305  NULL);
3309  NULL);
3312  GNUNET_CONTAINER_heap_destroy (senders_heap);
3313  GNUNET_CONTAINER_heap_destroy (receivers_heap);
3314  if (NULL != timeout_task)
3315  {
3316  GNUNET_SCHEDULER_cancel (timeout_task);
3317  timeout_task = NULL;
3318  }
3319  if (NULL != ch)
3320  {
3322  ch = NULL;
3323  }
3324  if (NULL != ah)
3325  {
3327  ah = NULL;
3328  }
3329  if (NULL != stats)
3330  {
3332  stats = NULL;
3333  }
3334  if (NULL != my_private_key)
3335  {
3336  GNUNET_free (my_private_key);
3337  my_private_key = NULL;
3338  }
3339  if (NULL != is)
3340  {
3342  is = NULL;
3343  }
3345  "do_shutdown finished\n");
3346 }
3347 
3348 
3358 static void
3359 enc_notify_cb (void *cls,
3360  const struct GNUNET_PeerIdentity *sender,
3361  const struct GNUNET_MessageHeader *msg)
3362 {
3363  const struct UDPAck *ack;
3364 
3365  (void) cls;
3367  "Storing UDPAck received from backchannel from %s\n",
3368  GNUNET_i2s_full (sender));
3369  if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
3370  (ntohs (msg->size) != sizeof(struct UDPAck)))
3371  {
3372  GNUNET_break_op (0);
3373  return;
3374  }
3375  ack = (const struct UDPAck *) msg;
3377  sender,
3378  &handle_ack,
3379  (void *) ack);
3380 }
3381 
3382 
3396 static void
3397 nat_address_cb (void *cls,
3398  void **app_ctx,
3399  int add_remove,
3401  const struct sockaddr *addr,
3402  socklen_t addrlen)
3403 {
3404  char *my_addr;
3406 
3407  if (GNUNET_YES == add_remove)
3408  {
3409  enum GNUNET_NetworkType nt;
3410 
3411  GNUNET_asprintf (&my_addr,
3412  "%s-%s",
3414  GNUNET_a2s (addr, addrlen));
3415  nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
3416  ai =
3418  my_addr,
3419  nt,
3421  GNUNET_free (my_addr);
3422  *app_ctx = ai;
3423  }
3424  else
3425  {
3426  ai = *app_ctx;
3428  *app_ctx = NULL;
3429  }
3430 }
3431 
3432 
3438 static void
3439 ifc_broadcast (void *cls)
3440 {
3441  struct BroadcastInterface *bi = cls;
3442  struct GNUNET_TIME_Relative delay;
3443 
3444  delay = BROADCAST_FREQUENCY;
3445  delay.rel_value_us =
3447  bi->broadcast_task =
3449 
3450  switch (bi->sa->sa_family)
3451  {
3452  case AF_INET: {
3453  static int yes = 1;
3454  static int no = 0;
3455  ssize_t sent;
3456 
3457  if (GNUNET_OK !=
3459  SOL_SOCKET,
3460  SO_BROADCAST,
3461  &yes,
3462  sizeof(int)))
3464  "setsockopt");
3465  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
3466  &bi->bcm,
3467  sizeof(bi->bcm),
3468  bi->ba,
3469  bi->salen);
3470  if (-1 == sent)
3472  "sendto");
3474  SOL_SOCKET,
3475  SO_BROADCAST,
3476  &no,
3477  sizeof(int)))
3479  "setsockopt");
3480  break;
3481  }
3482 
3483  case AF_INET6: {
3484  ssize_t sent;
3485  struct sockaddr_in6 dst;
3486 
3487  dst.sin6_family = AF_INET6;
3488  dst.sin6_port = htons (my_port);
3489  dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
3490  dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
3491 
3492  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
3493  &bi->bcm,
3494  sizeof(bi->bcm),
3495  (const struct sockaddr *) &dst,
3496  sizeof(dst));
3497  if (-1 == sent)
3499  break;
3500  }
3501 
3502  default:
3503  GNUNET_break (0);
3504  break;
3505  }
3506 }
3507 
3508 
3523 static int
3524 iface_proc (void *cls,
3525  const char *name,
3526  int isDefault,
3527  const struct sockaddr *addr,
3528  const struct sockaddr *broadcast_addr,
3529  const struct sockaddr *netmask,
3530  socklen_t addrlen)
3531 {
3532  struct BroadcastInterface *bi;
3533  enum GNUNET_NetworkType network;
3534  struct UdpBroadcastSignature ubs;
3535 
3536  (void) cls;
3537  (void) netmask;
3538  if (NULL == addr)
3539  return GNUNET_YES; /* need to know our address! */
3540  network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
3541  if (GNUNET_NT_LOOPBACK == network)
3542  {
3543  /* Broadcasting on loopback does not make sense */
3544  return GNUNET_YES;
3545  }
3546  for (bi = bi_head; NULL != bi; bi = bi->next)
3547  {
3548  if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
3549  {
3550  bi->found = GNUNET_YES;
3551  return GNUNET_OK;
3552  }
3553  }
3554 
3555  if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
3556  return GNUNET_OK; /* broadcast_addr is required for IPv6! */
3557  if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
3558  return GNUNET_OK; /* not using IPv6 */
3559 
3560  bi = GNUNET_new (struct BroadcastInterface);
3561  bi->sa = GNUNET_memdup (addr,
3562  addrlen);
3563  if ( (NULL != broadcast_addr) &&
3564  (addrlen == sizeof (struct sockaddr_in)) )
3565  {
3566  struct sockaddr_in *ba;
3567 
3568  ba = GNUNET_memdup (broadcast_addr,
3569  addrlen);
3570  ba->sin_port = htons (2086); /* always GNUnet port, ignore configuration! */
3571  bi->ba = (struct sockaddr *) ba;
3572  }
3573  bi->salen = addrlen;
3574  bi->found = GNUNET_YES;
3575  bi->bcm.sender = my_identity;
3577  ubs.purpose.size = htonl (sizeof(ubs));
3578  ubs.sender = my_identity;
3579  GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
3580  GNUNET_CRYPTO_eddsa_sign (my_private_key,
3581  &ubs,
3582  &bi->bcm.sender_sig);
3583  if (NULL != bi->ba)
3584  {
3586  GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
3587  }
3588  if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
3589  {
3590  /* Create IPv6 multicast request */
3591  const struct sockaddr_in6 *s6 =
3592  (const struct sockaddr_in6 *) broadcast_addr;
3593 
3594  GNUNET_assert (
3595  1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
3596 
3597  /* http://tools.ietf.org/html/rfc2553#section-5.2:
3598  *
3599  * IPV6_JOIN_GROUP
3600  *
3601  * Join a multicast group on a specified local interface. If the
3602  * interface index is specified as 0, the kernel chooses the local
3603  * interface. For example, some kernels look up the multicast
3604  * group in the normal IPv6 routing table and using the resulting
3605  * interface; we do this for each interface, so no need to use
3606  * zero (anymore...).
3607  */bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
3608 
3609  /* Join the multicast group */
3611  IPPROTO_IPV6,
3612  IPV6_JOIN_GROUP,
3613  &bi->mcreq,
3614  sizeof(bi->mcreq)))
3615  {
3617  }
3618  }
3619  return GNUNET_OK;
3620 }
3621 
3622 
3628 static void
3629 do_broadcast (void *cls)
3630 {
3631  struct BroadcastInterface *bin;
3632 
3633  (void) cls;
3634  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
3635  bi->found = GNUNET_NO;
3637  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
3638  {
3639  bin = bi->next;
3640  if (GNUNET_NO == bi->found)
3641  bi_destroy (bi);
3642  }
3644  &do_broadcast,
3645  NULL);
3646 }
3647 
3648 
3657 static void
3658 run (void *cls,
3659  char *const *args,
3660  const char *cfgfile,
3661  const struct GNUNET_CONFIGURATION_Handle *c)
3662 {
3663  char *bindto;
3664  struct sockaddr *in;
3665  socklen_t in_len;
3666  struct sockaddr_storage in_sto;
3667  socklen_t sto_len;
3668 
3669  (void) cls;
3670  cfg = c;
3671  if (GNUNET_OK !=
3674  "BINDTO",
3675  &bindto))
3676  {
3679  "BINDTO");
3680  return;
3681  }
3682 
3683  if (GNUNET_OK !=
3686  "REKEY_INTERVAL",
3687  &rekey_interval))
3689 
3690  if (GNUNET_OK !=
3693  "REKEY_MAX_BYTES",
3694  &rekey_max_bytes))
3696 
3697  in = udp_address_to_sockaddr (bindto, &in_len);
3698  if (NULL == in)
3699  {
3701  "Failed to setup UDP socket address with path `%s'\n",
3702  bindto);
3703  GNUNET_free (bindto);
3704  return;
3705  }
3706  udp_sock =
3707  GNUNET_NETWORK_socket_create (in->sa_family,
3708  SOCK_DGRAM,
3709  IPPROTO_UDP);
3710  if (NULL == udp_sock)
3711  {
3713  GNUNET_free (in);
3714  GNUNET_free (bindto);
3715  return;
3716  }
3717  if (AF_INET6 == in->sa_family)
3719  if (GNUNET_OK !=
3720  GNUNET_NETWORK_socket_bind (udp_sock,
3721  in,
3722  in_len))
3723  {
3725  "bind",
3726  bindto);
3727  GNUNET_NETWORK_socket_close (udp_sock);
3728  udp_sock = NULL;
3729  GNUNET_free (in);
3730  GNUNET_free (bindto);
3731  return;
3732  }
3733 
3734  /* We might have bound to port 0, allowing the OS to figure it out;
3735  thus, get the real IN-address from the socket */
3736  sto_len = sizeof(in_sto);
3737  if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
3738  (struct sockaddr *) &in_sto,
3739  &sto_len))
3740  {
3741  memcpy (&in_sto, in, in_len);
3742  sto_len = in_len;
3743  }
3744  GNUNET_free (in);
3745  GNUNET_free (bindto);
3746  in = (struct sockaddr *) &in_sto;
3747  in_len = sto_len;
3749  "Bound to `%s'\n",
3750  GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
3751  switch (in->sa_family)
3752  {
3753  case AF_INET:
3754  my_port = ntohs (((struct sockaddr_in *) in)->sin_port);
3755  break;
3756 
3757  case AF_INET6:
3758  my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port);
3759  break;
3760 
3761  default:
3762  GNUNET_break (0);
3763  my_port = 0;
3764  }
3765  stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
3769  receivers_heap =
3773  is = GNUNET_NT_scanner_init ();
3775  if (NULL == my_private_key)
3776  {
3777  GNUNET_log (
3779  _ (
3780  "Transport service is lacking key configuration settings. Exiting.\n"));
3782  return;
3783  }
3785  /* start reading */
3787  udp_sock,
3788  &sock_read,
3789  NULL);
3794  &mq_init,
3795  NULL,
3796  &enc_notify_cb,
3797  NULL);
3798  if (NULL == ch)
3799  {
3800  GNUNET_break (0);
3802  return;
3803  }
3805  if (NULL == ah)
3806  {
3807  GNUNET_break (0);
3809  return;
3810  }
3811  /* start broadcasting */
3812  if (GNUNET_YES !=
3815  "DISABLE_BROADCAST"))
3816  {
3817  broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
3818  }
3819  nat = GNUNET_NAT_register (cfg,
3821  IPPROTO_UDP,
3822  1 /* one address */,
3823  (const struct sockaddr **) &in,
3824  &in_len,
3825  &nat_address_cb,
3826  NULL /* FIXME: support reversal: #5529 */,
3827  NULL /* closure */);
3828 }
3829 
3830 
3838 int
3839 main (int argc, char *const *argv)
3840 {
3841  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
3843  };
3844  int ret;
3845 
3846  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
3847  return 2;
3848 
3849  ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
3850  argv,
3851  "gnunet-communicator-udp",
3852  _ ("GNUnet UDP communicator"),
3853  options,
3854  &run,
3855  NULL))
3856  ? 0
3857  : 1;
3858  GNUNET_free_nz ((void *) argv);
3859  return ret;
3860 }
3861 
3862 
3863 /* end of gnunet-communicator-udp.c */
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct GNUNET_TIME_Absolute rekey_timeout
Timeout for this receiver address.
static void mq_send_d(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
struct KeyCacheEntry * next
Kept in a DLL.
Handle to the interface scanner.
Definition: nt.c:110
int GNUNET_NETWORK_socket_setsockopt(struct GNUNET_NETWORK_Handle *fd, int level, int option_name, const void *option_value, socklen_t option_len)
Set socket option.
Definition: network.c:880
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
int GNUNET_NETWORK_get_fd(const struct GNUNET_NETWORK_Handle *desc)
Return file descriptor for this network handle.
Definition: network.c:1077
#define COMMUNICATOR_CONFIG_SECTION
Configuration section used by the communicator.
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WANT.
Definition: nt.c:314
static void mq_destroy_d(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
static struct BroadcastInterface * bi_tail
Broadcast interface tasks.
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
Handle for active NAT registrations.
Definition: nat_api.c:71
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
#define BROADCAST_FREQUENCY
How often do we broadcast our presence on the LAN?
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP connection (UDP client).
int main(int argc, char *const *argv)
The main function for the UNIX communicator.
static void add_acks(struct SharedSecret *ss, int acks_to_add)
struct KeyCacheEntry * prev
Kept in a DLL.
int found
Was this interface found in the last iface_proc() scan?
static void do_broadcast(void *cls)
Scan interfaces to broadcast our presence on the LAN.
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GNUNET_TRANSPORT_ApplicationHandle * ah
Our handle to report addresses for validation to TRANSPORT.
enum GNUNET_GenericReturnValue GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:363
GNUNET_NAT_AddressClass
Some addresses contain sensitive information or are not suitable for global distribution.
uint64_t rel_value_us
The actual value.
#define GNUNET_CRYPTO_eddsa_sign(priv, ps, sig)
EdDSA sign a given block.
struct GNUNET_PeerIdentity sender
Sender&#39;s peer identity.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
static uint16_t my_port
Port number to which we are actually bound.
Broadcast by peer in LAN announcing its presence.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
static struct SenderAddress * setup_sender(const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
Create sender address for target.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
struct GNUNET_PeerIdentity receiver
Presumed identity of the target of the UDP connection (UDP server)
static struct GNUNET_NAT_Handle * nat
Connection to NAT service.
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
static void consider_ss_ack(struct SharedSecret *ss, int initial)
We established a shared secret with a sender.
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Setup communicator and launch network interactions.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
static struct GNUNET_SCHEDULER_Task * kce_task_rekey
ID of kce rekey working queue task.
char gcm_tag[(128/8)]
HMAC for the following encrypted message, using GCM.
#define KCN_TARGET
How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD s...
struct GNUNET_TRANSPORT_AddressIdentifier * GNUNET_TRANSPORT_communicator_address_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const char *address, enum GNUNET_NetworkType nt, struct GNUNET_TIME_Relative expiration)
Notify transport service about an address that this communicator provides for this peer...
static struct GNUNET_PeerIdentity my_identity
Our public key.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
static struct SharedSecret * setup_shared_secret_dec(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
Setup shared secret for decryption.
GNUNET_MQ_Error
Error codes for the queue.
uint64_t GNUNET_CRYPTO_random_u64(enum GNUNET_CRYPTO_Quality mode, uint64_t max)
Random on unsigned 64-bit values.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1331
static struct GNUNET_SCHEDULER_Task * kce_task
ID of kce working queue task.
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
socklen_t address_len
Number of bytes in address.
struct GNUNET_STATISTICS_Handle * GNUNET_STATISTICS_create(const char *subsystem, const struct GNUNET_CONFIGURATION_Handle *cfg)
Get handle for the statistics service.
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:39
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1459
void GNUNET_TRANSPORT_application_validate(struct GNUNET_TRANSPORT_ApplicationHandle *ch, const struct GNUNET_PeerIdentity *peer, enum GNUNET_NetworkType nt, const char *addr)
An application (or a communicator) has received a HELLO (or other address data of another peer) and w...
static struct sockaddr * udp_address_to_sockaddr(const char *bindto, socklen_t *sock_len)
Convert UDP bind specification to a struct sockaddr *
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key for KX.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Bandwidth allocation API for applications to interact with.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
static unsigned long long rekey_max_bytes
How often we do rekey based on number of bytes transmitted.
static void send_UDPRekey(struct ReceiverAddress *receiver, struct SharedSecret *ss)
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
static struct BroadcastInterface * bi_head
Broadcast interface tasks.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
socklen_t address_len
Length of the address.
struct sockaddr * address
Address of the other peer.
int GNUNET_NETWORK_socket_bind(struct GNUNET_NETWORK_Handle *desc, const struct sockaddr *address, socklen_t address_len)
Bind a socket to a particular address.
Definition: network.c:485
static struct GNUNET_FS_UnindexContext * uc
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
#define WORKING_QUEUE_INTERVALL
#define DEFAULT_REKEY_TIME_INTERVAL
How often do we rekey based on time (at least)
unsigned int num_secrets
Length of the DLL at ss_head.
int GNUNET_CONTAINER_multishortmap_remove(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, const void *value)
Remove the given key-value pair from the map.
int sender_destroy_called
sender_destroy already called on sender.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
struct SharedSecret * ss
Corresponding shared secret.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
Standard IPv4 header.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_OS_network_interfaces_list(GNUNET_OS_NetworkInterfaceProcessor proc, void *proc_cls)
Enumerate all network interfaces.
Definition: os_network.c:396
static int iface_proc(void *cls, const char *name, int isDefault, const struct sockaddr *addr, const struct sockaddr *broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
Callback function invoked for each interface found.
static int have_v6_socket
GNUNET_YES if udp_sock supports IPv6.
#define GCM_TAG_SIZE
Size of the GCM tag.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
static int handle_ack(void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
We received an ACK for pid.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
Encrypted continuation of UDP initial handshake, followed by message header with payload.
void GNUNET_STATISTICS_destroy(struct GNUNET_STATISTICS_Handle *h, int sync_first)
Destroy a handle (free all state associated with it).
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:531
struct GNUNET_CONTAINER_MultiPeerMap * GNUNET_CONTAINER_multipeermap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
Handle for the service.
#define GNUNET_CRYPTO_eddsa_verify(purp, ps, sig, pub)
Verify EdDSA signature.
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_string(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be a string.
int rekeying
A flag indicating, if the sender is doing rekeying.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
void GNUNET_TRANSPORT_application_done(struct GNUNET_TRANSPORT_ApplicationHandle *ch)
Shutdown TRANSPORT application client.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
uint64_t abs_value_us
The actual value.
static void reschedule_sender_timeout(struct SenderAddress *sender)
Increment sender timeout due to activity.
static void bi_destroy(struct BroadcastInterface *bi)
An interface went away, stop broadcasting on it.
GNUNET_NetworkType
Types of networks (with separate quotas) we support.
Definition: gnunet_nt_lib.h:35
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
uint32_t sequence_number
Sequence number used to derive this entry from master key.
"Plaintext" header at beginning of KX message.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32.
void GNUNET_CONTAINER_multipeermap_destroy(struct GNUNET_CONTAINER_MultiPeerMap *map)
Destroy a hash map.
static uint32_t reset_rekey_kces(struct ReceiverAddress *receiver, uint32_t acks_to_add)
A 256-bit hashcode.
Opaque handle to the transport service for communicators.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
#define _(String)
GNU gettext support macro.
Definition: platform.h:184
void GNUNET_TRANSPORT_communicator_disconnect(struct GNUNET_TRANSPORT_CommunicatorHandle *ch)
Disconnect from the transport service.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct sockaddr * ba
Broadcast address to use on the interface.
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
static void enc_notify_cb(void *cls, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg)
Function called when the transport service has received a backchannel message for this communicator (...
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static void ifc_broadcast(void *cls)
Broadcast our presence on one of our interfaces.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
void GNUNET_TRANSPORT_communicator_mq_del(struct GNUNET_TRANSPORT_QueueHandle *qh)
Notify transport service that an MQ became unavailable due to a disconnect or timeout.
struct GNUNET_PeerIdentity target
To whom are we talking to.
struct GNUNET_TRANSPORT_QueueHandle * d_qh
handle for default queue with the ch.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:419
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
static int do_decrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Decrypt size bytes from in and write the result to out.
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
static struct GNUNET_TIME_Relative rekey_interval
The rekey interval.
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
uint64_t rekey_send_bytes
Send bytes for this receiver address.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
static struct GNUNET_SCHEDULER_Task * broadcast_task
ID of master broadcast task.
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
static struct GNUNET_TIME_Relative timeout
Desired timeout for the lookup (default is no timeout).
Definition: gnunet-abd.c:61
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:565
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
static char * value
Value of the record to add/remove.
static int get_sender_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all senders to clean up.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:867
static int verify_confirmation(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
Check signature from uc against ephemeral.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
struct GNUNET_HashCode master
Master shared secret.
enum GNUNET_NetworkType nt
Which network type does this queue use?
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
Signature used by UDP broadcasts.
struct GNUNET_MQ_Handle * kx_mq
KX message queue we are providing for the ch.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1296
static void add_acks_rekey(struct ReceiverAddress *receiver)
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
#define AES_IV_SIZE
AES (GCM) IV size.
void * GNUNET_CONTAINER_heap_peek(const struct GNUNET_CONTAINER_Heap *heap)
Get element stored at the root of heap.
static void pass_plaintext_to_core(struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
We received plaintext_len bytes of plaintext from a sender.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
size_t kx_mtu
MTU we allowed transport for this receiver&#39;s KX queue.
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
static void kce_generate_rekey_cb(void *cls)
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:846
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
static char buf[2048]
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
struct GNUNET_TRANSPORT_CommunicatorHandle * GNUNET_TRANSPORT_communicator_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section_name, const char *addr_prefix, enum GNUNET_TRANSPORT_CommunicatorCharacteristics cc, GNUNET_TRANSPORT_CommunicatorMqInit mq_init, void *mq_init_cls, GNUNET_TRANSPORT_CommunicatorNotify notify_cb, void *notify_cb_cls)
Connect to the transport service.
int GNUNET_CONTAINER_multishortmap_put(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
unsigned int rekey_acks_available
Acks available when we started rekeying.
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
Handle to a node in a heap.
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP broadcast.
UDP message box.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
struct sockaddr * address
Address of the other peer.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Internal representation of the hash map.
struct GNUNET_CONTAINER_MultiShortmap * GNUNET_CONTAINER_multishortmap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
#define GENERATE_AT_ONCE
Heap with the minimum cost at the root.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
UDP message box.
void GNUNET_CONTAINER_heap_destroy(struct GNUNET_CONTAINER_Heap *heap)
Destroys the heap.
struct sockaddr * sa
Sender&#39;s address of the interface.
A 512-bit hashcode.
socklen_t salen
Number of bytes in sa.
static void mq_destroy_kx(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
static void sock_read(void *cls)
Socket read task.
static void mq_cancel(struct GNUNET_MQ_Handle *mq, void *impl_state)
Implementation function that cancels the currently sent message.
static void setup_receiver_mq(struct ReceiverAddress *receiver)
Setup the MQ for the receiver.
int receiver_destroy_called
receiver_destroy already called on receiver.
static int res
static void kce_generate_cb(void *cls)
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
static struct GNUNET_NAT_AUTO_Test * nt
Handle to a NAT test operation.
void GNUNET_NT_scanner_done(struct GNUNET_NT_InterfaceScanner *is)
Terminate interface scanner.
Definition: nt.c:433
int int GNUNET_asprintf(char **buf, const char *format,...) __attribute__((format(printf
Like asprintf, just portable.
size_t d_mtu
MTU we allowed transport for this receiver&#39;s default queue.
struct GNUNET_HashCode cmac
CMAC of the base key being acknowledged.
Node in the heap.
Private ECC key encoded for transmission.
void GNUNET_NAT_unregister(struct GNUNET_NAT_Handle *nh)
Stop port redirection and public IP address detection for the given handle.
Definition: nat_api.c:692
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
#define GNUNET_free_nz(ptr)
Wrapper around free.
Shared secret we generated for a particular sender or receiver.
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
void GNUNET_TRANSPORT_communicator_address_remove(struct GNUNET_TRANSPORT_AddressIdentifier *ai)
Notify transport service about an address that this communicator no longer provides for this peer...
unsigned int num_secrets
Length of the DLL at ss_head.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_min(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the minimum of two relative time values.
Definition: time.c:272
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
struct GNUNET_HashCode key
The key used in the DHT.
Internal representation of the hash map.
static int mq_init(void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
Function called by the transport service to initialize a message queue given address information abou...
static struct GNUNET_TRANSPORT_AddressIdentifier * ai
Handle to the operation that publishes our address.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:197
static int get_receiver_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all receivers to clean up.
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_size(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *size)
Get a configuration value that should be a size in bytes.
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver, int add_to_receiver)
Setup shared secret for encryption.
struct GNUNET_NAT_Handle * GNUNET_NAT_register(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section, uint8_t proto, unsigned int num_addrs, const struct sockaddr **addrs, const socklen_t *addrlens, GNUNET_NAT_AddressCallback address_callback, GNUNET_NAT_ReversalCallback reversal_callback, void *callback_cls)
Attempt to enable port redirection and detect public IP address contacting UPnP or NAT-PMP routers on...
Definition: nat_api.c:378
static struct GNUNET_MQ_Envelope * ac
Handle to current GNUNET_PEERINFO_add_peer() operation.
struct GNUNET_NT_InterfaceScanner * GNUNET_NT_scanner_init(void)
Initialize the address characterization client handle.
Definition: nt.c:412
struct GNUNET_HashCode h_address
Hash of the sender&#39;s UDP address.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
struct GNUNET_TRANSPORT_QueueHandle * GNUNET_TRANSPORT_communicator_mq_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *peer, const char *address, uint32_t mtu, uint64_t q_len, uint32_t priority, enum GNUNET_NetworkType nt, enum GNUNET_TRANSPORT_ConnectionStatus cs, struct GNUNET_MQ_Handle *mq)
Notify transport service that a MQ became available due to an "inbound" connection or because the com...
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
Loopback (same host).
Definition: gnunet_nt_lib.h:45
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
unsigned int active_kce_count
Number of active KCN entries.
struct SharedSecret * prev
Kept in a DLL.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get_monotonic(const struct GNUNET_CONFIGURATION_Handle *cfg)
Obtain the current time and make sure it is monotonically increasing.
Definition: time.c:837
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
int GNUNET_TRANSPORT_communicator_receive(struct GNUNET_TRANSPORT_CommunicatorHandle *handle, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, struct GNUNET_TIME_Relative expected_addr_validity, GNUNET_TRANSPORT_MessageCompletedCallback cb, void *cb_cls)
Notify transport service that the communicator has received a message.
struct UDPBroadcast bcm
Message we broadcast on this interface.
static void decrypt_box(const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
We received a box with matching kce.
void GNUNET_CONTAINER_multishortmap_destroy(struct GNUNET_CONTAINER_MultiShortmap *map)
Destroy a hash map.
struct GNUNET_CONTAINER_Heap * GNUNET_CONTAINER_heap_create(enum GNUNET_CONTAINER_HeapOrder order)
Create a new heap.
an ECC signature using EdDSA.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:181
Standard IPv6 header.
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
static struct in_addr dummy
Target "dummy" address of the packet we pretend to respond to.
#define KCN_THRESHOLD
If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET...
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
Handle to a message queue.
Definition: mq.c:85
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32;.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Private ECC key encoded for transmission.
int GNUNET_CONTAINER_multipeermap_iterate(struct GNUNET_CONTAINER_MultiPeerMap *map, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
uint32_t sequence_max
Sequence acknowledgement limit.
struct ipv6_mreq mcreq
If this is an IPv6 interface, this is the request we use to join/leave the group. ...
The identity of the host (wraps the signing key of the peer).
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:827
#define AES_KEY_SIZE
AES key size.
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
int rekeying
A flag indicating, if the sender is doing rekeying.
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
static void get_iv_key(const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
Compute key and iv.
struct GNUNET_TRANSPORT_ApplicationHandle * GNUNET_TRANSPORT_application_init(const struct GNUNET_CONFIGURATION_Handle *cfg)
Initialize the TRANSPORT application client handle.
#define GNUNET_PACKED
gcc-ism to get packed structs.
#define GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED
Queue length.
static uint16_t port
Port number.
Definition: gnunet-bcd.c:82
configuration data
Definition: configuration.c:84
void * GNUNET_CONTAINER_multishortmap_get(const struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key)
Given a key find a value in the map matching the key.
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_time(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, struct GNUNET_TIME_Relative *time)
Get a configuration value that should be a relative time.
static int secret_destroy(struct SharedSecret *ss, int withoutKce)
Destroy ss and associated key cache entries.
socklen_t address_len
Length of the address.
const char * name
this is an outbound connection (transport initiated)
#define ADDRESS_VALIDITY_PERIOD
How long do we believe our addresses to remain up (before the other peer should revalidate).
struct SharedSecret * ss_finished
Shared secret we finished the last kce working queue for.
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
Signature we use to verify that the broadcast was really made by the peer that claims to have made it...
#define INTERFACE_SCAN_FREQUENCY
How often do we scan for changes to our network interfaces?
void GNUNET_TRANSPORT_communicator_notify(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *pid, const char *comm, const struct GNUNET_MessageHeader *header)
The communicator asks the transport service to route a message via a different path to another commun...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
UDP key acknowledgement.
Entry in list of pending tasks.
Definition: scheduler.c:134
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
#define DEFAULT_REKEY_MAX_BYTES
Default value for how often we do rekey based on number of bytes transmitted? (additionally randomize...
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
static struct GNUNET_SCHEDULER_Task * read_task
ID of read task.
handle to a socket
Definition: network.c:52
static void nat_address_cb(void *cls, void **app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr *addr, socklen_t addrlen)
Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of ...
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer&#39;s key from the file specified in the configuration...
struct GNUNET_SCHEDULER_Task * broadcast_task
Task for this broadcast interface.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Header for all communications.
static int find_sender_by_address(void *cls, const struct GNUNET_PeerIdentity *key, void *value)
Find existing struct SenderAddress by matching addresses.
Time for absolute times used by GNUnet, in microseconds.
static void mq_error(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_read_net(struct GNUNET_TIME_Relative delay, struct GNUNET_NETWORK_Handle *rfd, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay or when the specified file descriptor is ready f...
Definition: scheduler.c:1517
struct SenderAddress * sender
Return value to set if we found a match.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:320
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
#define MAX_SQN_DELTA
What is the maximum delta between KCN sequence numbers that we allow.
static void check_for_rekeying(struct ReceiverAddress *receiver, struct UDPBox *box)
static void decrypt_rekey(const struct UDPRekey *rekey, size_t rekey_len, struct KeyCacheEntry *kce, struct SenderAddress *sender)
We received a rekey with matching kce.
static int kce_task_finished
Is the kce_task finished?
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key used by the sender.
int number_rekeying_kce
Numer of kce we retain for sending the rekeying shared secret.
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
struct GNUNET_PeerIdentity target
To whom are we talking to.
uint32_t acks_available
Sequence acknowledgement limit.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
static void mq_send_kx(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
ssize_t GNUNET_NETWORK_socket_recvfrom(const struct GNUNET_NETWORK_Handle *desc, void *buffer, size_t length, struct sockaddr *src_addr, socklen_t *addrlen)
Read data from a socket (always non-blocking).
Definition: network.c:754
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
static void do_shutdown(void *cls)
Shutdown the UNIX communicator.
static void destroy_all_secrets(struct SharedSecret *ss, int withoutKce)
Destroying all secrets.
Interface we broadcast our presence on.
Handle to the TRANSPORT subsystem for application management.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
static char * address
GNS address for this phone.
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:499
struct GNUNET_TRANSPORT_QueueHandle * kx_qh
handle for KX queue with the ch.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct BroadcastInterface * prev
Kept in a DLL.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Handle returned to identify the internal data structure the transport API has created to manage a mes...
int GNUNET_NETWORK_socket_close(struct GNUNET_NETWORK_Handle *desc)
Close a socket.
Definition: network.c:560
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
#define GNUNET_malloc(size)
Wrapper around malloc.
void GNUNET_TRANSPORT_communicator_mq_update(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_TRANSPORT_QueueHandle *u_qh, uint64_t q_len, uint32_t priority)
Notify transport service that an MQ was updated.
int GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:85
struct BroadcastInterface * next
Kept in a DLL.
Internal representation of an address a communicator is currently providing for the transport service...
#define GNUNET_free(ptr)
Wrapper around free.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
Time for relative time used by GNUnet, in microseconds.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_NETWORK_Handle * GNUNET_NETWORK_socket_create(int domain, int type, int protocol)
Create a new socket.
Definition: network.c:909
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
const struct sockaddr * address
Address we are looking for.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:972
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
struct GNUNET_MQ_Handle * d_mq
Default message queue we are providing for the ch.
enum GNUNET_NetworkType nt
Which network type does this queue use?