GNUnet  0.11.x
gnunet-communicator-udp.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
40 #include "platform.h"
41 #include "gnunet_util_lib.h"
42 #include "gnunet_protocols.h"
43 #include "gnunet_signatures.h"
44 #include "gnunet_constants.h"
45 #include "gnunet_nt_lib.h"
46 #include "gnunet_nat_service.h"
50 
54 #define REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
55 
59 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
60 
64 #define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
65 
69 #define INTERFACE_SCAN_FREQUENCY \
70  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
71 
76 #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
77 
81 #define AES_KEY_SIZE (256 / 8)
82 
86 #define AES_IV_SIZE (96 / 8)
87 
91 #define GCM_TAG_SIZE (128 / 8)
92 
102 #define KCN_THRESHOLD 92
103 
110 #define KCN_TARGET 128
111 
121 #define MAX_SQN_DELTA 160
122 
132 #define MAX_SECRETS 128
133 
138 #define REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
139 
144 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
145 
149 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
150 
152 
153 
160 {
165 
170 
175 
180 
186 };
187 
188 
193 struct InitialKX
194 {
199 
204  char gcm_tag[GCM_TAG_SIZE];
205 };
206 
207 
213 {
218 
222  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
223 
228  struct GNUNET_TIME_AbsoluteNBO monotonic_time;
229 
230  /* followed by messages */
231 
232  /* padding may follow actual messages */
233 };
234 
235 
240 struct UDPAck
241 {
245  struct GNUNET_MessageHeader header;
246 
251  uint32_t sequence_max GNUNET_PACKED;
252 
256  struct GNUNET_HashCode cmac;
257 };
258 
259 
269 {
274 
279 
283  struct GNUNET_HashCode h_address;
284 };
285 
286 
294 {
299 
304  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
305 };
306 
307 
312 struct UDPBox
313 {
322 
330  char gcm_tag[GCM_TAG_SIZE];
331 };
332 
333 
335 
339 struct SharedSecret;
340 
341 
347 {
352 
357 
366 
370  struct SharedSecret *ss;
371 
375  uint32_t sequence_number;
376 };
377 
378 
383 struct SenderAddress;
384 
389 struct ReceiverAddress;
390 
395 {
400 
405 
410 
415 
420 
425 
429  struct GNUNET_HashCode master;
430 
434  struct GNUNET_HashCode cmac;
435 
440  uint32_t sequence_used;
441 
448 
452  unsigned int active_kce_count;
453 };
454 
455 
461 {
465  struct GNUNET_PeerIdentity target;
466 
471 
476 
481 
485  struct sockaddr *address;
486 
490  socklen_t address_len;
491 
496 
500  unsigned int num_secrets;
501 
506 };
507 
508 
514 {
518  struct GNUNET_PeerIdentity target;
519 
524 
529 
535 
539  struct sockaddr *address;
540 
544  socklen_t address_len;
545 
550 
555 
560 
565 
569  size_t mtu;
570 
574  unsigned int num_secrets;
575 
580  unsigned int acks_available;
581 
586 };
587 
588 
593 {
598 
603 
608 
612  struct sockaddr *sa;
613 
617  struct sockaddr *ba;
618 
622  struct UDPBroadcast bcm;
623 
628  struct ipv6_mreq mcreq;
629 
633  socklen_t salen;
634 
638  int found;
639 };
640 
641 
646 
651 
656 
661 
666 
671 
676 
681 
686 
691 
696 
701 
706 
710 static int have_v6_socket;
711 
716 
721 
725 static const struct GNUNET_CONFIGURATION_Handle *cfg;
726 
731 
736 
740 static struct GNUNET_NAT_Handle *nat;
741 
745 static uint16_t my_port;
746 
747 
753 static void
755 {
756  if (AF_INET6 == bi->sa->sa_family)
757  {
758  /* Leave the multicast group */
760  IPPROTO_IPV6,
761  IPV6_LEAVE_GROUP,
762  &bi->mcreq,
763  sizeof(bi->mcreq)))
764  {
766  }
767  }
768  GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
770  GNUNET_free (bi->sa);
771  GNUNET_free_non_null (bi->ba);
772  GNUNET_free (bi);
773 }
774 
775 
781 static void
783 {
784  struct GNUNET_MQ_Handle *mq;
785 
787  "Disconnecting receiver for peer `%s'\n",
788  GNUNET_i2s (&receiver->target));
789  if (NULL != (mq = receiver->mq))
790  {
791  receiver->mq = NULL;
792  GNUNET_MQ_destroy (mq);
793  }
794  if (NULL != receiver->qh)
795  {
797  receiver->qh = NULL;
798  }
801  &receiver->target,
802  receiver));
803  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
804  GNUNET_STATISTICS_set (stats,
805  "# receivers active",
807  GNUNET_NO);
808  GNUNET_free (receiver->address);
809  GNUNET_free (receiver->foreign_addr);
810  GNUNET_free (receiver);
811 }
812 
813 
819 static void
821 {
822  struct SharedSecret *ss = kce->ss;
823 
824  ss->active_kce_count--;
827  &kce->kid,
828  kce));
829  GNUNET_free (kce);
830 }
831 
832 
840 static void
841 get_kid (const struct GNUNET_HashCode *msec,
842  uint32_t serial,
843  struct GNUNET_ShortHashCode *kid)
844 {
845  uint32_t sid = htonl (serial);
846 
847  GNUNET_CRYPTO_hkdf (kid,
848  sizeof(*kid),
849  GCRY_MD_SHA512,
850  GCRY_MD_SHA256,
851  &sid,
852  sizeof(sid),
853  msec,
854  sizeof(*msec),
855  "UDP-KID",
856  strlen ("UDP-KID"),
857  NULL,
858  0);
859 }
860 
861 
868 static void
869 kce_generate (struct SharedSecret *ss, uint32_t seq)
870 {
871  struct KeyCacheEntry *kce;
872 
873  GNUNET_assert (0 < seq);
874  kce = GNUNET_new (struct KeyCacheEntry);
875  kce->ss = ss;
876  kce->sequence_number = seq;
877  get_kid (&ss->master, seq, &kce->kid);
879  ss->active_kce_count++;
881  key_cache,
882  &kce->kid,
883  kce,
885  GNUNET_STATISTICS_set (stats,
886  "# KIDs active",
888  GNUNET_NO);
889 }
890 
891 
897 static void
899 {
900  struct SenderAddress *sender;
901  struct ReceiverAddress *receiver;
902  struct KeyCacheEntry *kce;
903 
904  if (NULL != (sender = ss->sender))
905  {
906  GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
907  sender->num_secrets--;
908  }
909  if (NULL != (receiver = ss->receiver))
910  {
911  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
912  receiver->num_secrets--;
913  receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
914  }
915  while (NULL != (kce = ss->kce_head))
916  kce_destroy (kce);
917  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
918  GNUNET_STATISTICS_set (stats,
919  "# KIDs active",
921  GNUNET_NO);
922  GNUNET_free (ss);
923 }
924 
925 
932 static void
934 {
935  GNUNET_assert (
936  GNUNET_YES ==
937  GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
938  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
939  GNUNET_STATISTICS_set (stats,
940  "# senders active",
942  GNUNET_NO);
943  GNUNET_free (sender->address);
944  GNUNET_free (sender);
945 }
946 
947 
956 static void
957 get_iv_key (const struct GNUNET_HashCode *msec,
958  uint32_t serial,
959  char key[AES_KEY_SIZE],
960  char iv[AES_IV_SIZE])
961 {
962  uint32_t sid = htonl (serial);
963  char res[AES_KEY_SIZE + AES_IV_SIZE];
964 
965  GNUNET_CRYPTO_hkdf (res,
966  sizeof(res),
967  GCRY_MD_SHA512,
968  GCRY_MD_SHA256,
969  &sid,
970  sizeof(sid),
971  msec,
972  sizeof(*msec),
973  "UDP-IV-KEY",
974  strlen ("UDP-IV-KEY"),
975  NULL,
976  0);
977  memcpy (key, res, AES_KEY_SIZE);
978  memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
979 }
980 
981 
987 static void
989 {
990  sender->timeout =
993 }
994 
995 
1001 static void
1003 {
1004  receiver->timeout =
1007  receiver->timeout.abs_value_us);
1008 }
1009 
1010 
1016 static void
1017 check_timeouts (void *cls)
1018 {
1019  struct GNUNET_TIME_Relative st;
1020  struct GNUNET_TIME_Relative rt;
1021  struct GNUNET_TIME_Relative delay;
1022  struct ReceiverAddress *receiver;
1023  struct SenderAddress *sender;
1024 
1025  (void) cls;
1026  timeout_task = NULL;
1028  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1029  {
1031  if (0 != rt.rel_value_us)
1032  break;
1033  receiver_destroy (receiver);
1034  }
1036  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1037  {
1039  if (0 != st.rel_value_us)
1040  break;
1041  sender_destroy (sender);
1042  }
1043  delay = GNUNET_TIME_relative_min (rt, st);
1044  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1045  timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1046 }
1047 
1048 
1054 static void
1056 {
1057  GNUNET_CRYPTO_hkdf (&ss->cmac,
1058  sizeof(ss->cmac),
1059  GCRY_MD_SHA512,
1060  GCRY_MD_SHA256,
1061  "CMAC",
1062  strlen ("CMAC"),
1063  &ss->master,
1064  sizeof(ss->master),
1065  "UDP-CMAC",
1066  strlen ("UDP-CMAC"),
1067  NULL,
1068  0);
1069 }
1070 
1071 
1080 static void
1082  const void *plaintext,
1083  size_t plaintext_len)
1084 {
1085  const struct GNUNET_MessageHeader *hdr = plaintext;
1086  const char *pos = plaintext;
1087 
1088  while (ntohs (hdr->size) < plaintext_len)
1089  {
1090  GNUNET_STATISTICS_update (stats,
1091  "# bytes given to core",
1092  ntohs (hdr->size),
1093  GNUNET_NO);
1095  "Giving %u bytes to TNG\n", ntohs (hdr->size));
1098  &sender->target,
1099  hdr,
1101  NULL /* no flow control possible */
1102  ,
1103  NULL));
1104  /* move on to next message, if any */
1105  plaintext_len -= ntohs (hdr->size);
1106  if (plaintext_len < sizeof(*hdr))
1107  break;
1108  pos += ntohs (hdr->size);
1109  hdr = (const struct GNUNET_MessageHeader *) pos;
1110  // TODO for now..., we do not actually sen >1msg or have a way of telling
1111  // if we are done
1112  break;
1113  }
1114  GNUNET_STATISTICS_update (stats,
1115  "# bytes padding discarded",
1116  plaintext_len,
1117  GNUNET_NO);
1118 }
1119 
1120 
1129 static void
1130 setup_cipher (const struct GNUNET_HashCode *msec,
1131  uint32_t serial,
1132  gcry_cipher_hd_t *cipher)
1133 {
1134  char key[AES_KEY_SIZE];
1135  char iv[AES_IV_SIZE];
1136 
1137  gcry_cipher_open (cipher,
1138  GCRY_CIPHER_AES256 /* low level: go for speed */,
1139  GCRY_CIPHER_MODE_GCM,
1140  0 /* flags */);
1141  get_iv_key (msec, serial, key, iv);
1142  gcry_cipher_setkey (*cipher, key, sizeof(key));
1143  gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1144 }
1145 
1146 
1159 static int
1160 try_decrypt (const struct SharedSecret *ss,
1161  const char tag[GCM_TAG_SIZE],
1162  uint32_t serial,
1163  const char *in_buf,
1164  size_t in_buf_size,
1165  char *out_buf)
1166 {
1167  gcry_cipher_hd_t cipher;
1168 
1169  setup_cipher (&ss->master, serial, &cipher);
1170  GNUNET_assert (
1171  0 ==
1172  gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1173  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1174  {
1175  gcry_cipher_close (cipher);
1176  GNUNET_STATISTICS_update (stats,
1177  "# AEAD authentication failures",
1178  1,
1179  GNUNET_NO);
1180  return GNUNET_SYSERR;
1181  }
1182  gcry_cipher_close (cipher);
1183  return GNUNET_OK;
1184 }
1185 
1186 
1193 static struct SharedSecret *
1195 {
1196  struct SharedSecret *ss;
1197 
1198  ss = GNUNET_new (struct SharedSecret);
1199  GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1200  return ss;
1201 }
1202 
1203 
1211 static struct SharedSecret *
1213  struct ReceiverAddress *receiver)
1214 {
1215  struct SharedSecret *ss;
1216 
1217  ss = GNUNET_new (struct SharedSecret);
1218  GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1219  &receiver->target.public_key,
1220  &ss->master);
1221  calculate_cmac (ss);
1222  ss->receiver = receiver;
1223  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1224  receiver->num_secrets++;
1225  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1226  return ss;
1227 }
1228 
1229 
1237 static void
1239 
1240 
1251 static int
1252 handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1253 {
1254  const struct UDPAck *ack = cls;
1255  struct ReceiverAddress *receiver = value;
1256 
1257  (void) pid;
1258  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1259  {
1260  if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1261  {
1262  uint32_t allowed;
1263 
1264  allowed = ntohl (ack->sequence_max);
1265 
1266  if (allowed > ss->sequence_allowed)
1267  {
1268  receiver->acks_available += (allowed - ss->sequence_allowed);
1269  if ((allowed - ss->sequence_allowed) == receiver->acks_available)
1270  {
1271  /* we just incremented from zero => MTU change! */
1272  setup_receiver_mq (receiver);
1273  }
1274  ss->sequence_allowed = allowed;
1275  /* move ss to head to avoid discarding it anytime soon! */
1276  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1277  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1278  }
1279  return GNUNET_NO;
1280  }
1281  }
1282  return GNUNET_YES;
1283 }
1284 
1285 
1294 static void
1296  const void *buf,
1297  size_t buf_size)
1298 {
1299  const struct GNUNET_MessageHeader *hdr =
1300  (const struct GNUNET_MessageHeader *) buf;
1301  const struct UDPAck *ack = (const struct UDPAck *) buf;
1302  uint16_t type;
1303 
1304  if (sizeof(*hdr) > buf_size)
1305  return; /* not even a header */
1306  if (ntohs (hdr->size) > buf_size)
1307  return; /* not even a header */
1308  type = ntohs (hdr->type);
1309  switch (type)
1310  {
1312  /* lookup master secret by 'cmac', then update sequence_max */
1314  &sender->target,
1315  &handle_ack,
1316  (void *) ack);
1317  /* There could be more messages after the ACK, handle those as well */
1318  buf += ntohs (hdr->size);
1319  buf_size -= ntohs (hdr->size);
1320  pass_plaintext_to_core (sender, buf, buf_size);
1321  break;
1322 
1324  /* skip padding */
1325  break;
1326 
1327  default:
1328  pass_plaintext_to_core (sender, buf, buf_size);
1329  }
1330 }
1331 
1332 
1341 static void
1343 {
1344  GNUNET_assert (NULL != ss->sender);
1345  /* drop ancient KeyCacheEntries */
1346  while ((NULL != ss->kce_head) &&
1347  (MAX_SQN_DELTA <
1349  kce_destroy (ss->kce_tail);
1350  if (ss->active_kce_count < KCN_THRESHOLD)
1351  {
1352  struct UDPAck ack;
1353 
1354  while (ss->active_kce_count < KCN_TARGET)
1355  kce_generate (ss, ++ss->sequence_allowed);
1357  ack.header.size = htons (sizeof(ack));
1358  ack.sequence_max = htonl (ss->sequence_allowed);
1359  ack.cmac = ss->cmac;
1361  &ss->sender->target,
1363  &ack.header);
1364  }
1365 }
1366 
1367 
1375 static void
1376 decrypt_box (const struct UDPBox *box,
1377  size_t box_len,
1378  struct KeyCacheEntry *kce)
1379 {
1380  struct SharedSecret *ss = kce->ss;
1381  char out_buf[box_len - sizeof(*box)];
1382 
1383  GNUNET_assert (NULL != ss->sender);
1384  if (GNUNET_OK != try_decrypt (ss,
1385  box->gcm_tag,
1386  kce->sequence_number,
1387  (const char *) &box[1],
1388  sizeof(out_buf),
1389  out_buf))
1390  {
1391  GNUNET_STATISTICS_update (stats,
1392  "# Decryption failures with valid KCE",
1393  1,
1394  GNUNET_NO);
1395  kce_destroy (kce);
1396  return;
1397  }
1398  kce_destroy (kce);
1399  GNUNET_STATISTICS_update (stats,
1400  "# bytes decrypted with BOX",
1401  sizeof(out_buf),
1402  GNUNET_NO);
1403  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1404  consider_ss_ack (ss);
1405 }
1406 
1407 
1411 struct SearchContext
1412 {
1416  const struct sockaddr *address;
1417 
1421  socklen_t address_len;
1422 
1427 };
1428 
1429 
1438 static int
1440  const struct GNUNET_PeerIdentity *key,
1441  void *value)
1442 {
1443  struct SearchContext *sc = cls;
1444  struct SenderAddress *sender = value;
1445 
1446  if ((sender->address_len == sc->address_len) &&
1447  (0 == memcmp (sender->address, sc->address, sender->address_len)))
1448  {
1449  sc->sender = sender;
1450  return GNUNET_NO; /* stop iterating! */
1451  }
1452  return GNUNET_YES;
1453 }
1454 
1455 
1467 static struct SenderAddress *
1469  const struct sockaddr *address,
1470  socklen_t address_len)
1471 {
1472  struct SenderAddress *sender;
1473  struct SearchContext sc = { .address = address,
1474  .address_len = address_len,
1475  .sender = NULL };
1476 
1478  target,
1480  &sc);
1481  if (NULL != sc.sender)
1482  {
1484  return sc.sender;
1485  }
1486  sender = GNUNET_new (struct SenderAddress);
1487  sender->target = *target;
1488  sender->address = GNUNET_memdup (address, address_len);
1489  sender->address_len = address_len;
1491  senders,
1492  &sender->target,
1493  sender,
1495  GNUNET_STATISTICS_set (stats,
1496  "# senders active",
1498  GNUNET_NO);
1499  sender->timeout =
1501  sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1502  sender,
1503  sender->timeout.abs_value_us);
1504  sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
1505  if (NULL == timeout_task)
1506  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
1507  return sender;
1508 }
1509 
1510 
1518 static int
1520  const struct UDPConfirmation *uc)
1521 {
1522  struct UdpHandshakeSignature uhs;
1523 
1525  uhs.purpose.size = htonl (sizeof(uhs));
1526  uhs.sender = uc->sender;
1527  uhs.receiver = my_identity;
1528  uhs.ephemeral = *ephemeral;
1529  uhs.monotonic_time = uc->monotonic_time;
1532  &uhs.purpose,
1533  &uc->sender_sig,
1534  &uc->sender.public_key);
1535 }
1536 
1537 
1546 static char *
1547 sockaddr_to_udpaddr_string (const struct sockaddr *address,
1548  socklen_t address_len)
1549 {
1550  char *ret;
1551 
1552  switch (address->sa_family)
1553  {
1554  case AF_INET:
1555  GNUNET_asprintf (&ret,
1556  "%s-%s",
1558  GNUNET_a2s (address, address_len));
1559  break;
1560 
1561  case AF_INET6:
1562  GNUNET_asprintf (&ret,
1563  "%s-%s",
1565  GNUNET_a2s (address, address_len));
1566  break;
1567 
1568  default:
1569  GNUNET_assert (0);
1570  }
1571  return ret;
1572 }
1573 
1574 
1580 static void
1581 sock_read (void *cls)
1582 {
1583  struct sockaddr_storage sa;
1584  socklen_t salen = sizeof(sa);
1585  char buf[UINT16_MAX];
1586  ssize_t rcvd;
1587 
1588  (void) cls;
1590  udp_sock,
1591  &sock_read,
1592  NULL);
1593  rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1594  buf,
1595  sizeof(buf),
1596  (struct sockaddr *) &sa,
1597  &salen);
1598  if (-1 == rcvd)
1599  {
1601  return;
1602  }
1604  "Read %lu bytes\n", rcvd);
1605  /* first, see if it is a UDPBox */
1606  if (rcvd > sizeof(struct UDPBox))
1607  {
1608  const struct UDPBox *box;
1609  struct KeyCacheEntry *kce;
1610 
1611  box = (const struct UDPBox *) buf;
1612  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
1613  if (NULL != kce)
1614  {
1615  decrypt_box (box, (size_t) rcvd, kce);
1616  return;
1617  }
1618  }
1619 
1620  /* next, check if it is a broadcast */
1621  if (sizeof(struct UDPBroadcast) == rcvd)
1622  {
1623  const struct UDPBroadcast *ub;
1624  struct UdpBroadcastSignature uhs;
1625 
1626  ub = (const struct UDPBroadcast *) buf;
1628  uhs.purpose.size = htonl (sizeof(uhs));
1629  uhs.sender = ub->sender;
1630  GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
1631  if (GNUNET_OK ==
1633  &uhs.purpose,
1634  &ub->sender_sig,
1635  &ub->sender.public_key))
1636  {
1637  char *addr_s;
1638  enum GNUNET_NetworkType nt;
1639 
1640  addr_s =
1641  sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
1642  GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
1643  /* use our own mechanism to determine network type */
1644  nt =
1645  GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
1646  GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s);
1647  GNUNET_free (addr_s);
1648  return;
1649  }
1650  /* continue with KX, mostly for statistics... */
1651  }
1652 
1653 
1654  /* finally, test if it is a KX */
1655  if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
1656  {
1657  GNUNET_STATISTICS_update (stats,
1658  "# messages dropped (no kid, too small for KX)",
1659  1,
1660  GNUNET_NO);
1661  return;
1662  }
1664  "Got KX\n");
1665  {
1666  const struct InitialKX *kx;
1667  struct SharedSecret *ss;
1668  char pbuf[rcvd - sizeof(struct InitialKX)];
1669  const struct UDPConfirmation *uc;
1670  struct SenderAddress *sender;
1671 
1672  kx = (const struct InitialKX *) buf;
1673  ss = setup_shared_secret_dec (&kx->ephemeral);
1674  if (GNUNET_OK != try_decrypt (ss,
1675  kx->gcm_tag,
1676  0,
1677  &buf[sizeof(*kx)],
1678  sizeof(pbuf),
1679  pbuf))
1680  {
1682  "Unable to decrypt tag, dropping...\n");
1683  GNUNET_free (ss);
1685  stats,
1686  "# messages dropped (no kid, AEAD decryption failed)",
1687  1,
1688  GNUNET_NO);
1689  return;
1690  }
1691  uc = (const struct UDPConfirmation *) pbuf;
1692  if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
1693  {
1694  GNUNET_break_op (0);
1695  GNUNET_free (ss);
1696  GNUNET_STATISTICS_update (stats,
1697  "# messages dropped (sender signature invalid)",
1698  1,
1699  GNUNET_NO);
1700  return;
1701  }
1702  calculate_cmac (ss);
1703  sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
1704  ss->sender = sender;
1705  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
1706  sender->num_secrets++;
1707  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1708  GNUNET_STATISTICS_update (stats,
1709  "# messages decrypted without BOX",
1710  1,
1711  GNUNET_NO);
1712  try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
1713  consider_ss_ack (ss);
1714  if (sender->num_secrets > MAX_SECRETS)
1715  secret_destroy (sender->ss_tail);
1716  }
1717 }
1718 
1719 
1727 static struct sockaddr *
1728 udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
1729 {
1730  struct sockaddr *in;
1731  unsigned int port;
1732  char dummy[2];
1733  char *colon;
1734  char *cp;
1735 
1736  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
1737  {
1738  /* interpreting value as just a PORT number */
1739  if (port > UINT16_MAX)
1740  {
1742  "BINDTO specification `%s' invalid: value too large for port\n",
1743  bindto);
1744  return NULL;
1745  }
1746  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
1747  (GNUNET_YES ==
1750  "DISABLE_V6")))
1751  {
1752  struct sockaddr_in *i4;
1753 
1754  i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
1755  i4->sin_family = AF_INET;
1756  i4->sin_port = htons ((uint16_t) port);
1757  *sock_len = sizeof(struct sockaddr_in);
1758  in = (struct sockaddr *) i4;
1759  }
1760  else
1761  {
1762  struct sockaddr_in6 *i6;
1763 
1764  i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
1765  i6->sin6_family = AF_INET6;
1766  i6->sin6_port = htons ((uint16_t) port);
1767  *sock_len = sizeof(struct sockaddr_in6);
1768  in = (struct sockaddr *) i6;
1769  }
1770  return in;
1771  }
1772  cp = GNUNET_strdup (bindto);
1773  colon = strrchr (cp, ':');
1774  if (NULL != colon)
1775  {
1776  /* interpet value after colon as port */
1777  *colon = '\0';
1778  colon++;
1779  if (1 == sscanf (colon, "%u%1s", &port, dummy))
1780  {
1781  /* interpreting value as just a PORT number */
1782  if (port > UINT16_MAX)
1783  {
1785  "BINDTO specification `%s' invalid: value too large for port\n",
1786  bindto);
1787  GNUNET_free (cp);
1788  return NULL;
1789  }
1790  }
1791  else
1792  {
1793  GNUNET_log (
1795  "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1796  bindto);
1797  GNUNET_free (cp);
1798  return NULL;
1799  }
1800  }
1801  else
1802  {
1803  /* interpret missing port as 0, aka pick any free one */
1804  port = 0;
1805  }
1806  {
1807  /* try IPv4 */
1808  struct sockaddr_in v4;
1809  if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
1810  {
1811  v4.sin_family = AF_INET;
1812  v4.sin_port = htons ((uint16_t) port);
1813 #if HAVE_SOCKADDR_IN_SIN_LEN
1814  v4.sin_len = sizeof(struct sockaddr_in);
1815 #endif
1816  in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
1817  *sock_len = sizeof(struct sockaddr_in);
1818  GNUNET_free (cp);
1819  return in;
1820  }
1821  }
1822  {
1823  /* try IPv6 */
1824  struct sockaddr_in6 v6;
1825  const char *start;
1826 
1827  start = cp;
1828  if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
1829  {
1830  start++; /* skip over '[' */
1831  cp[strlen (cp) - 1] = '\0'; /* eat ']' */
1832  }
1833  if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
1834  {
1835  v6.sin6_family = AF_INET6;
1836  v6.sin6_port = htons ((uint16_t) port);
1837 #if HAVE_SOCKADDR_IN_SIN_LEN
1838  v6.sin6_len = sizeof(sizeof(struct sockaddr_in6));
1839 #endif
1840  in = GNUNET_memdup (&v6, sizeof(v6));
1841  *sock_len = sizeof(v6);
1842  GNUNET_free (cp);
1843  return in;
1844  }
1845  }
1846  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
1847  GNUNET_free (cp);
1848  return NULL;
1849 }
1850 
1851 
1859 static void
1860 do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
1861 {
1862  char pad[pad_size];
1863 
1865  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
1866  {
1867  struct GNUNET_MessageHeader hdr =
1868  { .size = htons (sizeof(pad)),
1869  .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
1870 
1871  memcpy (pad, &hdr, sizeof(hdr));
1872  }
1873  GNUNET_assert (
1874  0 ==
1875  gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
1876 }
1877 
1878 
1887 static void
1889  const struct GNUNET_MessageHeader *msg,
1890  void *impl_state)
1891 {
1892  struct ReceiverAddress *receiver = impl_state;
1893  uint16_t msize = ntohs (msg->size);
1894 
1895  GNUNET_assert (mq == receiver->mq);
1896  if (msize > receiver->mtu)
1897  {
1898  GNUNET_break (0);
1899  receiver_destroy (receiver);
1900  return;
1901  }
1902  reschedule_receiver_timeout (receiver);
1903 
1904  if (0 == receiver->acks_available)
1905  {
1906  /* use KX encryption method */
1907  struct UdpHandshakeSignature uhs;
1908  struct UDPConfirmation uc;
1909  struct InitialKX kx;
1910  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
1911  char dgram[receiver->mtu + sizeof(uc) + sizeof(kx)];
1912  size_t dpos;
1913  gcry_cipher_hd_t out_cipher;
1914  struct SharedSecret *ss;
1915 
1916  /* setup key material */
1918 
1919  ss = setup_shared_secret_enc (&epriv, receiver);
1920  setup_cipher (&ss->master, 0, &out_cipher);
1921  /* compute 'uc' */
1922  uc.sender = my_identity;
1923  uc.monotonic_time =
1926  uhs.purpose.size = htonl (sizeof(uhs));
1927  uhs.sender = my_identity;
1928  uhs.receiver = receiver->target;
1930  uhs.monotonic_time = uc.monotonic_time;
1931  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
1932  &uhs.purpose,
1933  &uc.sender_sig));
1934  /* Leave space for kx */
1935  dpos = sizeof(kx);
1936  /* Append encrypted uc to dgram */
1937  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
1938  &dgram[dpos],
1939  sizeof(uc),
1940  &uc,
1941  sizeof(uc)));
1942  dpos += sizeof(uc);
1943  /* Append encrypted payload to dgram */
1944  GNUNET_assert (
1945  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
1946  dpos += msize;
1947  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
1948  /* Datagram starts with kx */
1949  kx.ephemeral = uhs.ephemeral;
1950  GNUNET_assert (
1951  0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
1952  gcry_cipher_close (out_cipher);
1953  memcpy (dgram, &kx, sizeof(kx));
1954  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
1955  dgram,
1956  sizeof(dgram),
1957  receiver->address,
1958  receiver->address_len))
1961  "Sending KX to %s\n", GNUNET_a2s (receiver->address,
1962  receiver->address_len));
1964  return;
1965  } /* End of KX encryption method */
1966 
1967  /* begin "BOX" encryption method, scan for ACKs from tail! */
1968  for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
1969  {
1971  "In non-kx mode...\n");
1972  if (ss->sequence_used < ss->sequence_allowed)
1973  {
1974  char dgram[sizeof(struct UDPBox) + receiver->mtu];
1975  struct UDPBox *box;
1976  gcry_cipher_hd_t out_cipher;
1977  size_t dpos;
1978 
1979  box = (struct UDPBox *) dgram;
1980  ss->sequence_used++;
1981  get_kid (&ss->master, ss->sequence_used, &box->kid);
1982  setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
1983  /* Append encrypted payload to dgram */
1984  dpos = sizeof(struct UDPBox);
1985  GNUNET_assert (
1986  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
1987  dpos += msize;
1988  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
1989  GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
1990  box->gcm_tag,
1991  sizeof(box->gcm_tag)));
1992  gcry_cipher_close (out_cipher);
1993  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
1994  dgram,
1995  sizeof(dgram),
1996  receiver->address,
1997  receiver->address_len))
2000  "Sending data\n");
2001 
2003  receiver->acks_available--;
2004  if (0 == receiver->acks_available)
2005  {
2006  /* We have no more ACKs => MTU change! */
2007  setup_receiver_mq (receiver);
2009  "No more acks, MTU changed\n");
2010  }
2011  return;
2012  }
2013  }
2014  GNUNET_assert (0);
2015 }
2016 
2017 
2026 static void
2027 mq_destroy (struct GNUNET_MQ_Handle *mq, void *impl_state)
2028 {
2029  struct ReceiverAddress *receiver = impl_state;
2030 
2031  if (mq == receiver->mq)
2032  {
2033  receiver->mq = NULL;
2034  receiver_destroy (receiver);
2035  }
2036 }
2037 
2038 
2045 static void
2046 mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
2047 {
2048  /* Cancellation is impossible with UDP; bail */
2049  GNUNET_assert (0);
2050 }
2051 
2052 
2062 static void
2063 mq_error (void *cls, enum GNUNET_MQ_Error error)
2064 {
2065  struct ReceiverAddress *receiver = cls;
2066 
2068  "MQ error in queue to %s: %d\n",
2069  GNUNET_i2s (&receiver->target),
2070  (int) error);
2071  receiver_destroy (receiver);
2072 }
2073 
2074 
2082 static void
2084 {
2085  size_t base_mtu;
2086 
2087  if (NULL != receiver->qh)
2088  {
2090  receiver->qh = NULL;
2091  }
2092  GNUNET_assert (NULL == receiver->mq);
2093  switch (receiver->address->sa_family)
2094  {
2095  case AF_INET:
2096  base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
2097  - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
2098  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2099  break;
2100 
2101  case AF_INET6:
2102  base_mtu = 1280 /* Minimum MTU required by IPv6 */
2103  - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
2104  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2105  break;
2106 
2107  default:
2108  GNUNET_assert (0);
2109  break;
2110  }
2111  if (0 == receiver->acks_available)
2112  {
2113  /* MTU based on full KX messages */
2114  receiver->mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
2115  - sizeof(struct UDPConfirmation); /* 104 */
2116  }
2117  else
2118  {
2119  /* MTU based on BOXed messages */
2120  receiver->mtu = base_mtu - sizeof(struct UDPBox);
2121  }
2122  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
2123  1404 (IPv4 + Box) bytes, depending on circumstances... */
2124  if (NULL == receiver->mq)
2126  &mq_destroy,
2127  &mq_cancel,
2128  receiver,
2129  NULL,
2130  &mq_error,
2131  receiver);
2132  receiver->qh =
2134  &receiver->target,
2135  receiver->foreign_addr,
2136  receiver->mtu,
2137  receiver->nt,
2139  receiver->mq);
2140 }
2141 
2142 
2161 static int
2162 mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2163 {
2164  struct ReceiverAddress *receiver;
2165  const char *path;
2166  struct sockaddr *in;
2167  socklen_t in_len;
2168 
2169  if (0 != strncmp (address,
2171  strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
2172  {
2173  GNUNET_break_op (0);
2174  return GNUNET_SYSERR;
2175  }
2176  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2177  in = udp_address_to_sockaddr (path, &in_len);
2178 
2179  receiver = GNUNET_new (struct ReceiverAddress);
2180  receiver->address = in;
2181  receiver->address_len = in_len;
2182  receiver->target = *peer;
2183  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
2185  receivers,
2186  &receiver->target,
2187  receiver,
2189  receiver->timeout =
2191  receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
2192  receiver,
2193  receiver->timeout.abs_value_us);
2194  GNUNET_STATISTICS_set (stats,
2195  "# receivers active",
2197  GNUNET_NO);
2198  receiver->foreign_addr =
2199  sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
2200  setup_receiver_mq (receiver);
2201  if (NULL == timeout_task)
2202  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2203  return GNUNET_OK;
2204 }
2205 
2206 
2215 static int
2217  const struct GNUNET_PeerIdentity *target,
2218  void *value)
2219 {
2220  struct ReceiverAddress *receiver = value;
2221 
2222  (void) cls;
2223  (void) target;
2224  receiver_destroy (receiver);
2225  return GNUNET_OK;
2226 }
2227 
2228 
2237 static int
2239  const struct GNUNET_PeerIdentity *target,
2240  void *value)
2241 {
2242  struct SenderAddress *sender = value;
2243 
2244  (void) cls;
2245  (void) target;
2246  sender_destroy (sender);
2247  return GNUNET_OK;
2248 }
2249 
2250 
2256 static void
2257 do_shutdown (void *cls)
2258 {
2259  if (NULL != nat)
2260  {
2261  GNUNET_NAT_unregister (nat);
2262  nat = NULL;
2263  }
2264  while (NULL != bi_head)
2265  bi_destroy (bi_head);
2266  if (NULL != broadcast_task)
2267  {
2268  GNUNET_SCHEDULER_cancel (broadcast_task);
2269  broadcast_task = NULL;
2270  }
2271  if (NULL != read_task)
2272  {
2273  GNUNET_SCHEDULER_cancel (read_task);
2274  read_task = NULL;
2275  }
2276  if (NULL != udp_sock)
2277  {
2279  udp_sock = NULL;
2280  }
2283  NULL);
2288  GNUNET_CONTAINER_heap_destroy (senders_heap);
2289  GNUNET_CONTAINER_heap_destroy (receivers_heap);
2290  if (NULL != ch)
2291  {
2293  ch = NULL;
2294  }
2295  if (NULL != ah)
2296  {
2298  ah = NULL;
2299  }
2300  if (NULL != stats)
2301  {
2303  stats = NULL;
2304  }
2305  if (NULL != my_private_key)
2306  {
2307  GNUNET_free (my_private_key);
2308  my_private_key = NULL;
2309  }
2310  if (NULL != is)
2311  {
2313  is = NULL;
2314  }
2315 }
2316 
2317 
2327 static void
2328 enc_notify_cb (void *cls,
2329  const struct GNUNET_PeerIdentity *sender,
2330  const struct GNUNET_MessageHeader *msg)
2331 {
2332  const struct UDPAck *ack;
2333 
2334  (void) cls;
2335  if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2336  (ntohs (msg->size) != sizeof(struct UDPAck)))
2337  {
2338  GNUNET_break_op (0);
2339  return;
2340  }
2341  ack = (const struct UDPAck *) msg;
2343  sender,
2344  &handle_ack,
2345  (void *) ack);
2346 }
2347 
2348 
2362 static void
2363 nat_address_cb (void *cls,
2364  void **app_ctx,
2365  int add_remove,
2367  const struct sockaddr *addr,
2368  socklen_t addrlen)
2369 {
2370  char *my_addr;
2372 
2373  if (GNUNET_YES == add_remove)
2374  {
2375  enum GNUNET_NetworkType nt;
2376 
2377  GNUNET_asprintf (&my_addr,
2378  "%s-%s",
2380  GNUNET_a2s (addr, addrlen));
2381  nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2382  ai =
2384  my_addr,
2385  nt,
2387  GNUNET_free (my_addr);
2388  *app_ctx = ai;
2389  }
2390  else
2391  {
2392  ai = *app_ctx;
2394  *app_ctx = NULL;
2395  }
2396 }
2397 
2398 
2404 static void
2405 ifc_broadcast (void *cls)
2406 {
2407  struct BroadcastInterface *bi = cls;
2408  struct GNUNET_TIME_Relative delay;
2409 
2410  delay = BROADCAST_FREQUENCY;
2411  delay.rel_value_us =
2413  bi->broadcast_task =
2415 
2416  switch (bi->sa->sa_family)
2417  {
2418  case AF_INET: {
2419  static int yes = 1;
2420  static int no = 0;
2421  ssize_t sent;
2422 
2424  SOL_SOCKET,
2425  SO_BROADCAST,
2426  &yes,
2427  sizeof(int)))
2429  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2430  &bi->bcm,
2431  sizeof(bi->bcm),
2432  bi->ba,
2433  bi->salen);
2434  if (-1 == sent)
2437  SOL_SOCKET,
2438  SO_BROADCAST,
2439  &no,
2440  sizeof(int)))
2442  break;
2443  }
2444 
2445  case AF_INET6: {
2446  ssize_t sent;
2447  struct sockaddr_in6 dst;
2448 
2449  dst.sin6_family = AF_INET6;
2450  dst.sin6_port = htons (my_port);
2451  dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
2452  dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
2453 
2454  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2455  &bi->bcm,
2456  sizeof(bi->bcm),
2457  (const struct sockaddr *) &dst,
2458  sizeof(dst));
2459  if (-1 == sent)
2461  break;
2462  }
2463 
2464  default:
2465  GNUNET_break (0);
2466  break;
2467  }
2468 }
2469 
2470 
2485 static int
2486 iface_proc (void *cls,
2487  const char *name,
2488  int isDefault,
2489  const struct sockaddr *addr,
2490  const struct sockaddr *broadcast_addr,
2491  const struct sockaddr *netmask,
2492  socklen_t addrlen)
2493 {
2494  struct BroadcastInterface *bi;
2495  enum GNUNET_NetworkType network;
2496  struct UdpBroadcastSignature ubs;
2497 
2498  (void) cls;
2499  (void) netmask;
2500  if (NULL == addr)
2501  return GNUNET_YES; /* need to know our address! */
2502  network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2503  if (GNUNET_NT_LOOPBACK == network)
2504  {
2505  /* Broadcasting on loopback does not make sense */
2506  return GNUNET_YES;
2507  }
2508  for (bi = bi_head; NULL != bi; bi = bi->next)
2509  {
2510  if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
2511  {
2512  bi->found = GNUNET_YES;
2513  return GNUNET_OK;
2514  }
2515  }
2516 
2517  if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
2518  return GNUNET_OK; /* broadcast_addr is required for IPv6! */
2519  if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
2520  return GNUNET_OK; /* not using IPv6 */
2521 
2522  bi = GNUNET_new (struct BroadcastInterface);
2523  bi->sa = GNUNET_memdup (addr, addrlen);
2524  if (NULL != broadcast_addr)
2525  bi->ba = GNUNET_memdup (broadcast_addr, addrlen);
2526  bi->salen = addrlen;
2527  bi->found = GNUNET_YES;
2528  bi->bcm.sender = my_identity;
2530  ubs.purpose.size = htonl (sizeof(ubs));
2531  ubs.sender = my_identity;
2532  GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
2533  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
2534  &ubs.purpose,
2535  &bi->bcm.sender_sig));
2536  if (NULL != broadcast_addr)
2537  {
2539  GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
2540  }
2541  if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
2542  {
2543  /* Create IPv6 multicast request */
2544  const struct sockaddr_in6 *s6 =
2545  (const struct sockaddr_in6 *) broadcast_addr;
2546 
2547  GNUNET_assert (
2548  1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
2549 
2550  /* http://tools.ietf.org/html/rfc2553#section-5.2:
2551  *
2552  * IPV6_JOIN_GROUP
2553  *
2554  * Join a multicast group on a specified local interface. If the
2555  * interface index is specified as 0, the kernel chooses the local
2556  * interface. For example, some kernels look up the multicast
2557  * group in the normal IPv6 routing table and using the resulting
2558  * interface; we do this for each interface, so no need to use
2559  * zero (anymore...).
2560  */bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
2561 
2562  /* Join the multicast group */
2564  IPPROTO_IPV6,
2565  IPV6_JOIN_GROUP,
2566  &bi->mcreq,
2567  sizeof(bi->mcreq)))
2568  {
2570  }
2571  }
2572  return GNUNET_OK;
2573 }
2574 
2575 
2581 static void
2582 do_broadcast (void *cls)
2583 {
2584  struct BroadcastInterface *bin;
2585 
2586  (void) cls;
2587  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
2588  bi->found = GNUNET_NO;
2590  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
2591  {
2592  bin = bi->next;
2593  if (GNUNET_NO == bi->found)
2594  bi_destroy (bi);
2595  }
2597  &do_broadcast,
2598  NULL);
2599 }
2600 
2601 
2610 static void
2611 run (void *cls,
2612  char *const *args,
2613  const char *cfgfile,
2614  const struct GNUNET_CONFIGURATION_Handle *c)
2615 {
2616  char *bindto;
2617  struct sockaddr *in;
2618  socklen_t in_len;
2619  struct sockaddr_storage in_sto;
2620  socklen_t sto_len;
2621 
2622  (void) cls;
2623  cfg = c;
2624  if (GNUNET_OK !=
2627  "BINDTO",
2628  &bindto))
2629  {
2632  "BINDTO");
2633  return;
2634  }
2635 
2636  in = udp_address_to_sockaddr (bindto, &in_len);
2637  if (NULL == in)
2638  {
2640  "Failed to setup UDP socket address with path `%s'\n",
2641  bindto);
2642  GNUNET_free (bindto);
2643  return;
2644  }
2645  udp_sock =
2646  GNUNET_NETWORK_socket_create (in->sa_family, SOCK_DGRAM, IPPROTO_UDP);
2647  if (NULL == udp_sock)
2648  {
2650  GNUNET_free (in);
2651  GNUNET_free (bindto);
2652  return;
2653  }
2654  if (AF_INET6 == in->sa_family)
2656  if (GNUNET_OK != GNUNET_NETWORK_socket_bind (udp_sock, in, in_len))
2657  {
2659  GNUNET_NETWORK_socket_close (udp_sock);
2660  udp_sock = NULL;
2661  GNUNET_free (in);
2662  GNUNET_free (bindto);
2663  return;
2664  }
2665 
2666  /* We might have bound to port 0, allowing the OS to figure it out;
2667  thus, get the real IN-address from the socket */
2668  sto_len = sizeof(in_sto);
2669  if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
2670  (struct sockaddr *) &in_sto,
2671  &sto_len))
2672  {
2673  memcpy (&in_sto, in, in_len);
2674  sto_len = in_len;
2675  }
2676  GNUNET_free (in);
2677  GNUNET_free (bindto);
2678  in = (struct sockaddr *) &in_sto;
2679  in_len = sto_len;
2681  "Bound to `%s'\n",
2682  GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
2683  switch (in->sa_family)
2684  {
2685  case AF_INET:
2686  my_port = ntohs (((struct sockaddr_in *) in)->sin_port);
2687  break;
2688 
2689  case AF_INET6:
2690  my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port);
2691  break;
2692 
2693  default:
2694  GNUNET_break (0);
2695  my_port = 0;
2696  }
2697  stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
2701  receivers_heap =
2705  is = GNUNET_NT_scanner_init ();
2707  if (NULL == my_private_key)
2708  {
2709  GNUNET_log (
2711  _ (
2712  "Transport service is lacking key configuration settings. Exiting.\n"));
2714  return;
2715  }
2717  /* start reading */
2719  udp_sock,
2720  &sock_read,
2721  NULL);
2726  &mq_init,
2727  NULL,
2728  &enc_notify_cb,
2729  NULL);
2730  if (NULL == ch)
2731  {
2732  GNUNET_break (0);
2734  return;
2735  }
2737  if (NULL == ah)
2738  {
2739  GNUNET_break (0);
2741  return;
2742  }
2743  /* start broadcasting */
2744  if (GNUNET_YES !=
2747  "DISABLE_BROADCAST"))
2748  {
2749  broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
2750  }
2751  nat = GNUNET_NAT_register (cfg,
2753  IPPROTO_UDP,
2754  1 /* one address */,
2755  (const struct sockaddr **) &in,
2756  &in_len,
2757  &nat_address_cb,
2758  NULL /* FIXME: support reversal: #5529 */,
2759  NULL /* closure */);
2760 }
2761 
2762 
2770 int
2771 main (int argc, char *const *argv)
2772 {
2773  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2775  };
2776  int ret;
2777 
2778  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
2779  return 2;
2780 
2781  ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
2782  argv,
2783  "gnunet-communicator-udp",
2784  _ ("GNUnet UDP communicator"),
2785  options,
2786  &run,
2787  NULL))
2788  ? 0
2789  : 1;
2790  GNUNET_free ((void *) argv);
2791  return ret;
2792 }
2793 
2794 
2795 /* end of gnunet-communicator-udp.c */
int GNUNET_CRYPTO_ecdhe_key_create2(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:521
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct KeyCacheEntry * next
Kept in a DLL.
Handle to the interface scanner.
Definition: nt.c:110
int GNUNET_NETWORK_socket_setsockopt(struct GNUNET_NETWORK_Handle *fd, int level, int option_name, const void *option_value, socklen_t option_len)
Set socket option.
Definition: network.c:883
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
int GNUNET_NETWORK_get_fd(const struct GNUNET_NETWORK_Handle *desc)
Return file descriptor for this network handle.
Definition: network.c:1080
size_t mtu
MTU we allowed transport for this receiver right now.
#define COMMUNICATOR_CONFIG_SECTION
Configuration section used by the communicator.
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WAN.
Definition: nt.c:314
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
static struct BroadcastInterface * bi_tail
Broadcast interface tasks.
static void consider_ss_ack(struct SharedSecret *ss)
We established a shared secret with a sender.
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
Handle for active NAT registrations.
Definition: nat_api.c:71
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
#define BROADCAST_FREQUENCY
How often do we broadcast our presence on the LAN?
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP connection (UDP client).
int main(int argc, char *const *argv)
The main function for the UNIX communicator.
struct KeyCacheEntry * prev
Kept in a DLL.
int found
Was this interface found in the last iface_proc() scan?
static void do_broadcast(void *cls)
Scan interfaces to broadcast our presence on the LAN.
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GNUNET_TRANSPORT_ApplicationHandle * ah
Our handle to report addresses for validation to TRANSPORT.
GNUNET_NAT_AddressClass
Some addresses contain sensitive information or are not suitable for global distribution.
uint64_t rel_value_us
The actual value.
struct GNUNET_PeerIdentity sender
Sender&#39;s peer identity.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
static uint16_t my_port
Port number to which we are actually bound.
Broadcast by peer in LAN announcing its presence.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
static struct SenderAddress * setup_sender(const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
Create sender address for target.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
struct GNUNET_PeerIdentity receiver
Presumed identity of the target of the UDP connection (UDP server)
static struct GNUNET_NAT_Handle * nat
Connection to NAT service.
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Setup communicator and launch network interactions.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
char gcm_tag[(128/8)]
HMAC for the following encrypted message, using GCM.
#define KCN_TARGET
How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD s...
struct GNUNET_TRANSPORT_AddressIdentifier * GNUNET_TRANSPORT_communicator_address_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const char *address, enum GNUNET_NetworkType nt, struct GNUNET_TIME_Relative expiration)
Notify transport service about an address that this communicator provides for this peer...
static struct GNUNET_PeerIdentity my_identity
Our public key.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
static struct SharedSecret * setup_shared_secret_dec(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
Setup shared secret for decryption.
GNUNET_MQ_Error
Error codes for the queue.
uint64_t GNUNET_CRYPTO_random_u64(enum GNUNET_CRYPTO_Quality mode, uint64_t max)
Random on unsigned 64-bit values.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1300
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
socklen_t address_len
Number of bytes in address.
struct GNUNET_STATISTICS_Handle * GNUNET_STATISTICS_create(const char *subsystem, const struct GNUNET_CONFIGURATION_Handle *cfg)
Get handle for the statistics service.
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:39
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1438
void GNUNET_TRANSPORT_application_validate(struct GNUNET_TRANSPORT_ApplicationHandle *ch, const struct GNUNET_PeerIdentity *peer, enum GNUNET_NetworkType nt, const char *addr)
An application (or a communicator) has received a HELLO (or other address data of another peer) and w...
static struct sockaddr * udp_address_to_sockaddr(const char *bindto, socklen_t *sock_len)
Convert UDP bind specification to a struct sockaddr *
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key for KX.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
static void secret_destroy(struct SharedSecret *ss)
Destroy ss and associated key cache entries.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Bandwidth allocation API for applications to interact with.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
static struct BroadcastInterface * bi_head
Broadcast interface tasks.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
socklen_t address_len
Length of the address.
struct sockaddr * address
Address of the other peer.
int GNUNET_NETWORK_socket_bind(struct GNUNET_NETWORK_Handle *desc, const struct sockaddr *address, socklen_t address_len)
Bind a socket to a particular address.
Definition: network.c:485
int GNUNET_CRYPTO_eddsa_sign(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition: crypto_ecc.c:745
static struct GNUNET_FS_UnindexContext * uc
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
unsigned int num_secrets
Length of the DLL at ss_head.
int GNUNET_CONTAINER_multishortmap_remove(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, const void *value)
Remove the given key-value pair from the map.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
struct SharedSecret * ss
Corresponding shared secret.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
#define GNUNET_NO
Definition: gnunet_common.h:86
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
int GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:291
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:83
Standard IPv4 header.
#define GNUNET_free_non_null(ptr)
Free the memory pointed to by ptr if ptr is not NULL.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_OS_network_interfaces_list(GNUNET_OS_NetworkInterfaceProcessor proc, void *proc_cls)
Enumerate all network interfaces.
Definition: os_network.c:396
static int iface_proc(void *cls, const char *name, int isDefault, const struct sockaddr *addr, const struct sockaddr *broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
Callback function invoked for each interface found.
static int have_v6_socket
GNUNET_YES if udp_sock supports IPv6.
#define GCM_TAG_SIZE
Size of the GCM tag.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
static int handle_ack(void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
We received an ACK for pid.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
Encrypted continuation of UDP initial handshake, followed by message header with payload.
void GNUNET_STATISTICS_destroy(struct GNUNET_STATISTICS_Handle *h, int sync_first)
Destroy a handle (free all state associated with it).
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:526
struct GNUNET_CONTAINER_MultiPeerMap * GNUNET_CONTAINER_multipeermap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
Handle for the service.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
void GNUNET_TRANSPORT_application_done(struct GNUNET_TRANSPORT_ApplicationHandle *ch)
Shutdown TRANSPORT application client.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
uint64_t abs_value_us
The actual value.
static void reschedule_sender_timeout(struct SenderAddress *sender)
Increment sender timeout due to activity.
static void bi_destroy(struct BroadcastInterface *bi)
An interface went away, stop broadcasting on it.
GNUNET_NetworkType
Types of networks (with separate quotas) we support.
Definition: gnunet_nt_lib.h:35
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
uint32_t sequence_number
Sequence number used to derive this entry from master key.
"Plaintext" header at beginning of KX message.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32.
void GNUNET_CONTAINER_multipeermap_destroy(struct GNUNET_CONTAINER_MultiPeerMap *map)
Destroy a hash map.
A 256-bit hashcode.
Opaque handle to the transport service for communicators.
#define _(String)
GNU gettext support macro.
Definition: platform.h:180
void GNUNET_TRANSPORT_communicator_disconnect(struct GNUNET_TRANSPORT_CommunicatorHandle *ch)
Disconnect from the transport service.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct sockaddr * ba
Broadcast address to use on the interface.
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
static void enc_notify_cb(void *cls, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg)
Function called when the transport service has received a backchannel message for this communicator (...
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static void ifc_broadcast(void *cls)
Broadcast our presence on one of our interfaces.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
void GNUNET_TRANSPORT_communicator_mq_del(struct GNUNET_TRANSPORT_QueueHandle *qh)
Notify transport service that an MQ became unavailable due to a disconnect or timeout.
struct GNUNET_PeerIdentity target
To whom are we talking to.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
int GNUNET_asprintf(char **buf, const char *format,...)
Like asprintf, just portable.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1253
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
static struct GNUNET_SCHEDULER_Task * broadcast_task
ID of master broadcast task.
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
static struct GNUNET_TIME_Relative timeout
Desired timeout for the lookup (default is no timeout).
Definition: gnunet-abd.c:61
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:552
int GNUNET_CRYPTO_eddsa_verify(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition: crypto_ecc.c:844
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
int GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:1040
static char * value
Value of the record to add/remove.
static int get_sender_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all senders to clean up.
static int verify_confirmation(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
Check signature from uc against ephemeral.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
struct GNUNET_HashCode master
Master shared secret.
enum GNUNET_NetworkType nt
Which network type does this queue use?
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
Signature used by UDP broadcasts.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1280
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
#define AES_IV_SIZE
AES (GCM) IV size.
void * GNUNET_CONTAINER_heap_peek(const struct GNUNET_CONTAINER_Heap *heap)
Get element stored at the root of heap.
static void pass_plaintext_to_core(struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
We received plaintext_len bytes of plaintext from a sender.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:850
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
static char buf[2048]
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
struct GNUNET_TRANSPORT_CommunicatorHandle * GNUNET_TRANSPORT_communicator_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section_name, const char *addr_prefix, enum GNUNET_TRANSPORT_CommunicatorCharacteristics cc, GNUNET_TRANSPORT_CommunicatorMqInit mq_init, void *mq_init_cls, GNUNET_TRANSPORT_CommunicatorNotify notify_cb, void *notify_cb_cls)
Connect to the transport service.
int GNUNET_CONTAINER_multishortmap_put(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
Handle to a node in a heap.
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP broadcast.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
struct sockaddr * address
Address of the other peer.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Internal representation of the hash map.
struct GNUNET_CONTAINER_MultiShortmap * GNUNET_CONTAINER_multishortmap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
static void mq_destroy(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
Heap with the minimum cost at the root.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
UDP message box.
void GNUNET_CONTAINER_heap_destroy(struct GNUNET_CONTAINER_Heap *heap)
Destroys the heap.
struct sockaddr * sa
Sender&#39;s address of the interface.
A 512-bit hashcode.
socklen_t salen
Number of bytes in sa.
static void sock_read(void *cls)
Socket read task.
int GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:1101
static void mq_cancel(struct GNUNET_MQ_Handle *mq, void *impl_state)
Implementation function that cancels the currently sent message.
static void setup_receiver_mq(struct ReceiverAddress *receiver)
Setup the MQ for the receiver.
static int res
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
static struct GNUNET_NAT_AUTO_Test * nt
Handle to a NAT test operation.
void GNUNET_NT_scanner_done(struct GNUNET_NT_InterfaceScanner *is)
Terminate interface scanner.
Definition: nt.c:433
int GNUNET_CONFIGURATION_get_value_string(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be a string.
struct GNUNET_HashCode cmac
CMAC of the base key being acknowledged.
Node in the heap.
Private ECC key encoded for transmission.
void GNUNET_NAT_unregister(struct GNUNET_NAT_Handle *nh)
Stop port redirection and public IP address detection for the given handle.
Definition: nat_api.c:692
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
Shared secret we generated for a particular sender or receiver.
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
void GNUNET_TRANSPORT_communicator_address_remove(struct GNUNET_TRANSPORT_AddressIdentifier *ai)
Notify transport service about an address that this communicator no longer provides for this peer...
unsigned int num_secrets
Length of the DLL at ss_head.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_min(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the minimum of two relative time values.
Definition: time.c:272
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
struct GNUNET_HashCode key
The key used in the DHT.
Internal representation of the hash map.
static int mq_init(void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
Function called by the transport service to initialize a message queue given address information abou...
#define GNUNET_SYSERR
Definition: gnunet_common.h:84
static void mq_send(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
static struct GNUNET_TRANSPORT_AddressIdentifier * ai
Handle to the operation that publishes our address.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:206
static int get_receiver_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all receivers to clean up.
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
struct GNUNET_NAT_Handle * GNUNET_NAT_register(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section, uint8_t proto, unsigned int num_addrs, const struct sockaddr **addrs, const socklen_t *addrlens, GNUNET_NAT_AddressCallback address_callback, GNUNET_NAT_ReversalCallback reversal_callback, void *callback_cls)
Attempt to enable port redirection and detect public IP address contacting UPnP or NAT-PMP routers on...
Definition: nat_api.c:378
static struct GNUNET_MQ_Envelope * ac
Handle to current GNUNET_PEERINFO_add_peer() operation.
struct GNUNET_NT_InterfaceScanner * GNUNET_NT_scanner_init(void)
Initialize the address characterization client handle.
Definition: nt.c:412
struct GNUNET_HashCode h_address
Hash of the sender&#39;s UDP address.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
Loopback (same host).
Definition: gnunet_nt_lib.h:45
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
unsigned int active_kce_count
Number of active KCN entries.
struct SharedSecret * prev
Kept in a DLL.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get_monotonic(const struct GNUNET_CONFIGURATION_Handle *cfg)
Obtain the current time and make sure it is monotonically increasing.
Definition: time.c:807
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
int GNUNET_TRANSPORT_communicator_receive(struct GNUNET_TRANSPORT_CommunicatorHandle *handle, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, struct GNUNET_TIME_Relative expected_addr_validity, GNUNET_TRANSPORT_MessageCompletedCallback cb, void *cb_cls)
Notify transport service that the communicator has received a message.
struct UDPBroadcast bcm
Message we broadcast on this interface.
static void decrypt_box(const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
We received a box with matching kce.
void GNUNET_CONTAINER_multishortmap_destroy(struct GNUNET_CONTAINER_MultiShortmap *map)
Destroy a hash map.
struct GNUNET_CONTAINER_Heap * GNUNET_CONTAINER_heap_create(enum GNUNET_CONTAINER_HeapOrder order)
Create a new heap.
an ECC signature using EdDSA.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:189
Standard IPv6 header.
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
static struct in_addr dummy
Target "dummy" address of the packet we pretend to respond to.
#define KCN_THRESHOLD
If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET...
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
Handle to a message queue.
Definition: mq.c:85
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32;.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Private ECC key encoded for transmission.
int GNUNET_CONTAINER_multipeermap_iterate(struct GNUNET_CONTAINER_MultiPeerMap *map, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
uint32_t sequence_max
Sequence acknowledgement limit.
struct ipv6_mreq mcreq
If this is an IPv6 interface, this is the request we use to join/leave the group. ...
The identity of the host (wraps the signing key of the peer).
#define AES_KEY_SIZE
AES key size.
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
static void get_iv_key(const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
Compute key and iv.
struct GNUNET_TRANSPORT_ApplicationHandle * GNUNET_TRANSPORT_application_init(const struct GNUNET_CONFIGURATION_Handle *cfg)
Initialize the TRANSPORT application client handle.
#define GNUNET_PACKED
gcc-ism to get packed structs.
static uint16_t port
Port number.
Definition: gnunet-bcd.c:81
configuration data
Definition: configuration.c:84
void * GNUNET_CONTAINER_multishortmap_get(const struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key)
Given a key find a value in the map matching the key.
socklen_t address_len
Length of the address.
const char * name
this is an outbound connection (transport initiated)
#define ADDRESS_VALIDITY_PERIOD
How long do we believe our addresses to remain up (before the other peer should revalidate).
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
Signature we use to verify that the broadcast was really made by the peer that claims to have made it...
#define INTERFACE_SCAN_FREQUENCY
How often do we scan for changes to our network interfaces?
void GNUNET_TRANSPORT_communicator_notify(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *pid, const char *comm, const struct GNUNET_MessageHeader *header)
The communicator asks the transport service to route a message via a different path to another commun...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
UDP key acknowledgement.
Entry in list of pending tasks.
Definition: scheduler.c:134
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
static struct GNUNET_SCHEDULER_Task * read_task
ID of read task.
handle to a socket
Definition: network.c:52
static void nat_address_cb(void *cls, void **app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr *addr, socklen_t addrlen)
Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of ...
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
int GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:367
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer&#39;s key from the file specified in the configuration...
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver)
Setup shared secret for encryption.
struct GNUNET_SCHEDULER_Task * broadcast_task
Task for this broadcast interface.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Header for all communications.
static int find_sender_by_address(void *cls, const struct GNUNET_PeerIdentity *key, void *value)
Find existing struct SenderAddress by matching addresses.
Time for absolute times used by GNUnet, in microseconds.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:824
static void mq_error(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
#define GNUNET_YES
Definition: gnunet_common.h:85
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_read_net(struct GNUNET_TIME_Relative delay, struct GNUNET_NETWORK_Handle *rfd, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay or when the specified file descriptor is ready f...
Definition: scheduler.c:1486
struct SenderAddress * sender
Return value to set if we found a match.
struct GNUNET_TRANSPORT_QueueHandle * qh
handle for this queue with the ch.
struct GNUNET_TRANSPORT_QueueHandle * GNUNET_TRANSPORT_communicator_mq_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *peer, const char *address, uint32_t mtu, enum GNUNET_NetworkType nt, enum GNUNET_TRANSPORT_ConnectionStatus cs, struct GNUNET_MQ_Handle *mq)
Notify transport service that a MQ became available due to an "inbound" connection or because the com...
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
#define MAX_SQN_DELTA
What is the maximum delta between KCN sequence numbers that we allow.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key used by the sender.
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
struct GNUNET_PeerIdentity target
To whom are we talking to.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
int GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
ssize_t GNUNET_NETWORK_socket_recvfrom(const struct GNUNET_NETWORK_Handle *desc, void *buffer, size_t length, struct sockaddr *src_addr, socklen_t *addrlen)
Read data from a socket (always non-blocking).
Definition: network.c:754
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
struct GNUNET_MQ_Handle * mq
Message queue we are providing for the ch.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
static void do_shutdown(void *cls)
Shutdown the UNIX communicator.
Interface we broadcast our presence on.
Handle to the TRANSPORT subsystem for application management.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
static char * address
GNS address for this phone.
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:486
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct BroadcastInterface * prev
Kept in a DLL.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Handle returned to identify the internal data structure the transport API has created to manage a mes...
int GNUNET_NETWORK_socket_close(struct GNUNET_NETWORK_Handle *desc)
Close a socket.
Definition: network.c:560
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
#define GNUNET_malloc(size)
Wrapper around malloc.
int GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:85
struct BroadcastInterface * next
Kept in a DLL.
Internal representation of an address a communicator is currently providing for the transport service...
#define GNUNET_free(ptr)
Wrapper around free.
Time for relative time used by GNUnet, in microseconds.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_NETWORK_Handle * GNUNET_NETWORK_socket_create(int domain, int type, int protocol)
Create a new socket.
Definition: network.c:912
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
const struct sockaddr * address
Address we are looking for.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:966
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
enum GNUNET_NetworkType nt
Which network type does this queue use?