GNUnet  0.11.x
gnunet-communicator-udp.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
40 #include "platform.h"
41 #include "gnunet_util_lib.h"
42 #include "gnunet_protocols.h"
43 #include "gnunet_signatures.h"
44 #include "gnunet_constants.h"
45 #include "gnunet_nt_lib.h"
46 #include "gnunet_nat_service.h"
50 
54 #define REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
55 
59 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
60 
64 #define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
65 
69 #define INTERFACE_SCAN_FREQUENCY \
70  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
71 
76 #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
77 
81 #define AES_KEY_SIZE (256 / 8)
82 
86 #define AES_IV_SIZE (96 / 8)
87 
91 #define GCM_TAG_SIZE (128 / 8)
92 
102 #define KCN_THRESHOLD 92
103 
110 #define KCN_TARGET 128
111 
121 #define MAX_SQN_DELTA 160
122 
132 #define MAX_SECRETS 128
133 
138 #define REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
139 
144 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
145 
149 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
150 
152 
153 
160 {
165 
170 
175 
180 
186 };
187 
188 
193 struct InitialKX
194 {
199 
204  char gcm_tag[GCM_TAG_SIZE];
205 };
206 
207 
213 {
218 
222  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
223 
228  struct GNUNET_TIME_AbsoluteNBO monotonic_time;
229 
230  /* followed by messages */
231 
232  /* padding may follow actual messages */
233 };
234 
235 
240 struct UDPAck
241 {
245  struct GNUNET_MessageHeader header;
246 
251  uint32_t sequence_max GNUNET_PACKED;
252 
256  struct GNUNET_HashCode cmac;
257 };
258 
259 
269 {
274 
279 
283  struct GNUNET_HashCode h_address;
284 };
285 
286 
294 {
299 
304  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
305 };
306 
307 
312 struct UDPBox
313 {
322 
330  char gcm_tag[GCM_TAG_SIZE];
331 };
332 
333 
335 
339 struct SharedSecret;
340 
341 
347 {
352 
357 
366 
370  struct SharedSecret *ss;
371 
375  uint32_t sequence_number;
376 };
377 
378 
383 struct SenderAddress;
384 
389 struct ReceiverAddress;
390 
395 {
400 
405 
410 
415 
420 
425 
429  struct GNUNET_HashCode master;
430 
434  struct GNUNET_HashCode cmac;
435 
440  uint32_t sequence_used;
441 
448 
452  unsigned int active_kce_count;
453 };
454 
455 
461 {
465  struct GNUNET_PeerIdentity target;
466 
471 
476 
481 
485  struct sockaddr *address;
486 
490  socklen_t address_len;
491 
496 
500  unsigned int num_secrets;
501 
506 };
507 
508 
514 {
518  struct GNUNET_PeerIdentity target;
519 
524 
529 
535 
539  struct sockaddr *address;
540 
544  socklen_t address_len;
545 
550 
555 
560 
565 
569  size_t mtu;
570 
574  unsigned int num_secrets;
575 
580  unsigned int acks_available;
581 
586 };
587 
588 
593 {
598 
603 
608 
612  struct sockaddr *sa;
613 
617  struct sockaddr *ba;
618 
622  struct UDPBroadcast bcm;
623 
628  struct ipv6_mreq mcreq;
629 
633  socklen_t salen;
634 
638  int found;
639 };
640 
641 
646 
651 
656 
661 
666 
671 
676 
681 
686 
691 
696 
701 
706 
710 static int have_v6_socket;
711 
716 
721 
725 static const struct GNUNET_CONFIGURATION_Handle *cfg;
726 
731 
736 
740 static struct GNUNET_NAT_Handle *nat;
741 
745 static uint16_t my_port;
746 
747 
753 static void
755 {
756  if (AF_INET6 == bi->sa->sa_family)
757  {
758  /* Leave the multicast group */
760  IPPROTO_IPV6,
761  IPV6_LEAVE_GROUP,
762  &bi->mcreq,
763  sizeof(bi->mcreq)))
764  {
766  }
767  }
768  GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
770  GNUNET_free (bi->sa);
771  GNUNET_free_non_null (bi->ba);
772  GNUNET_free (bi);
773 }
774 
775 
781 static void
783 {
784  struct GNUNET_MQ_Handle *mq;
785 
787  "Disconnecting receiver for peer `%s'\n",
788  GNUNET_i2s (&receiver->target));
789  if (NULL != (mq = receiver->mq))
790  {
791  receiver->mq = NULL;
792  GNUNET_MQ_destroy (mq);
793  }
794  if (NULL != receiver->qh)
795  {
797  receiver->qh = NULL;
798  }
801  &receiver->target,
802  receiver));
803  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
804  GNUNET_STATISTICS_set (stats,
805  "# receivers active",
807  GNUNET_NO);
808  GNUNET_free (receiver->address);
809  GNUNET_free (receiver->foreign_addr);
810  GNUNET_free (receiver);
811 }
812 
813 
819 static void
821 {
822  struct SharedSecret *ss = kce->ss;
823 
824  ss->active_kce_count--;
827  &kce->kid,
828  kce));
829  GNUNET_free (kce);
830 }
831 
832 
840 static void
841 get_kid (const struct GNUNET_HashCode *msec,
842  uint32_t serial,
843  struct GNUNET_ShortHashCode *kid)
844 {
845  uint32_t sid = htonl (serial);
846 
847  GNUNET_CRYPTO_hkdf (kid,
848  sizeof(*kid),
849  GCRY_MD_SHA512,
850  GCRY_MD_SHA256,
851  &sid,
852  sizeof(sid),
853  msec,
854  sizeof(*msec),
855  "UDP-KID",
856  strlen ("UDP-KID"),
857  NULL,
858  0);
859 }
860 
861 
868 static void
869 kce_generate (struct SharedSecret *ss, uint32_t seq)
870 {
871  struct KeyCacheEntry *kce;
872 
873  GNUNET_assert (0 < seq);
874  kce = GNUNET_new (struct KeyCacheEntry);
875  kce->ss = ss;
876  kce->sequence_number = seq;
877  get_kid (&ss->master, seq, &kce->kid);
879  ss->active_kce_count++;
881  key_cache,
882  &kce->kid,
883  kce,
885  GNUNET_STATISTICS_set (stats,
886  "# KIDs active",
888  GNUNET_NO);
889 }
890 
891 
897 static void
899 {
900  struct SenderAddress *sender;
901  struct ReceiverAddress *receiver;
902  struct KeyCacheEntry *kce;
903 
904  if (NULL != (sender = ss->sender))
905  {
906  GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
907  sender->num_secrets--;
908  }
909  if (NULL != (receiver = ss->receiver))
910  {
911  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
912  receiver->num_secrets--;
913  receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
914  }
915  while (NULL != (kce = ss->kce_head))
916  kce_destroy (kce);
917  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
918  GNUNET_STATISTICS_set (stats,
919  "# KIDs active",
921  GNUNET_NO);
922  GNUNET_free (ss);
923 }
924 
925 
932 static void
934 {
935  GNUNET_assert (
936  GNUNET_YES ==
937  GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
938  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
939  GNUNET_STATISTICS_set (stats,
940  "# senders active",
942  GNUNET_NO);
943  GNUNET_free (sender->address);
944  GNUNET_free (sender);
945 }
946 
947 
956 static void
957 get_iv_key (const struct GNUNET_HashCode *msec,
958  uint32_t serial,
959  char key[AES_KEY_SIZE],
960  char iv[AES_IV_SIZE])
961 {
962  uint32_t sid = htonl (serial);
963  char res[AES_KEY_SIZE + AES_IV_SIZE];
964 
965  GNUNET_CRYPTO_hkdf (res,
966  sizeof(res),
967  GCRY_MD_SHA512,
968  GCRY_MD_SHA256,
969  &sid,
970  sizeof(sid),
971  msec,
972  sizeof(*msec),
973  "UDP-IV-KEY",
974  strlen ("UDP-IV-KEY"),
975  NULL,
976  0);
977  memcpy (key, res, AES_KEY_SIZE);
978  memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
979 }
980 
981 
987 static void
989 {
990  sender->timeout =
993 }
994 
995 
1001 static void
1003 {
1004  receiver->timeout =
1007  receiver->timeout.abs_value_us);
1008 }
1009 
1010 
1016 static void
1017 check_timeouts (void *cls)
1018 {
1019  struct GNUNET_TIME_Relative st;
1020  struct GNUNET_TIME_Relative rt;
1021  struct GNUNET_TIME_Relative delay;
1022  struct ReceiverAddress *receiver;
1023  struct SenderAddress *sender;
1024 
1025  (void) cls;
1026  timeout_task = NULL;
1028  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1029  {
1031  if (0 != rt.rel_value_us)
1032  break;
1033  receiver_destroy (receiver);
1034  }
1036  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1037  {
1039  if (0 != st.rel_value_us)
1040  break;
1041  sender_destroy (sender);
1042  }
1043  delay = GNUNET_TIME_relative_min (rt, st);
1044  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1045  timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1046 }
1047 
1048 
1054 static void
1056 {
1057  GNUNET_CRYPTO_hkdf (&ss->cmac,
1058  sizeof(ss->cmac),
1059  GCRY_MD_SHA512,
1060  GCRY_MD_SHA256,
1061  "CMAC",
1062  strlen ("CMAC"),
1063  &ss->master,
1064  sizeof(ss->master),
1065  "UDP-CMAC",
1066  strlen ("UDP-CMAC"),
1067  NULL,
1068  0);
1069 }
1070 
1071 
1080 static void
1082  const void *plaintext,
1083  size_t plaintext_len)
1084 {
1085  const struct GNUNET_MessageHeader *hdr = plaintext;
1086 
1087  while (ntohs (hdr->size) < plaintext_len)
1088  {
1089  GNUNET_STATISTICS_update (stats,
1090  "# bytes given to core",
1091  ntohs (hdr->size),
1092  GNUNET_NO);
1093  (void)
1095  &sender->target,
1096  hdr,
1098  NULL /* no flow control possible */
1099  ,
1100  NULL);
1101  /* move on to next message, if any */
1102  plaintext_len -= ntohs (hdr->size);
1103  if (plaintext_len < sizeof(*hdr))
1104  break;
1105  hdr = plaintext + ntohs (hdr->size);
1106  }
1107  GNUNET_STATISTICS_update (stats,
1108  "# bytes padding discarded",
1109  plaintext_len,
1110  GNUNET_NO);
1111 }
1112 
1113 
1122 static void
1123 setup_cipher (const struct GNUNET_HashCode *msec,
1124  uint32_t serial,
1125  gcry_cipher_hd_t *cipher)
1126 {
1127  char key[AES_KEY_SIZE];
1128  char iv[AES_IV_SIZE];
1129 
1130  gcry_cipher_open (cipher,
1131  GCRY_CIPHER_AES256 /* low level: go for speed */,
1132  GCRY_CIPHER_MODE_GCM,
1133  0 /* flags */);
1134  get_iv_key (msec, serial, key, iv);
1135  gcry_cipher_setkey (*cipher, key, sizeof(key));
1136  gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1137 }
1138 
1139 
1152 static int
1153 try_decrypt (const struct SharedSecret *ss,
1154  const char tag[GCM_TAG_SIZE],
1155  uint32_t serial,
1156  const char *in_buf,
1157  size_t in_buf_size,
1158  char *out_buf)
1159 {
1160  gcry_cipher_hd_t cipher;
1161 
1162  setup_cipher (&ss->master, serial, &cipher);
1163  GNUNET_assert (
1164  0 ==
1165  gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1166  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1167  {
1168  gcry_cipher_close (cipher);
1169  GNUNET_STATISTICS_update (stats,
1170  "# AEAD authentication failures",
1171  1,
1172  GNUNET_NO);
1173  return GNUNET_SYSERR;
1174  }
1175  gcry_cipher_close (cipher);
1176  return GNUNET_OK;
1177 }
1178 
1179 
1186 static struct SharedSecret *
1188 {
1189  struct SharedSecret *ss;
1190 
1191  ss = GNUNET_new (struct SharedSecret);
1192  GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1193  return ss;
1194 }
1195 
1196 
1204 static struct SharedSecret *
1206  struct ReceiverAddress *receiver)
1207 {
1208  struct SharedSecret *ss;
1209 
1210  ss = GNUNET_new (struct SharedSecret);
1211  GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1212  &receiver->target.public_key,
1213  &ss->master);
1214  calculate_cmac (ss);
1215  ss->receiver = receiver;
1216  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1217  receiver->num_secrets++;
1218  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1219  return ss;
1220 }
1221 
1222 
1230 static void
1232 
1233 
1244 static int
1245 handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1246 {
1247  const struct UDPAck *ack = cls;
1248  struct ReceiverAddress *receiver = value;
1249 
1250  (void) pid;
1251  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1252  {
1253  if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1254  {
1255  uint32_t allowed;
1256 
1257  allowed = ntohl (ack->sequence_max);
1258 
1259  if (allowed > ss->sequence_allowed)
1260  {
1261  receiver->acks_available += (allowed - ss->sequence_allowed);
1262  if ((allowed - ss->sequence_allowed) == receiver->acks_available)
1263  {
1264  /* we just incremented from zero => MTU change! */
1265  setup_receiver_mq (receiver);
1266  }
1267  ss->sequence_allowed = allowed;
1268  /* move ss to head to avoid discarding it anytime soon! */
1269  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1270  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1271  }
1272  return GNUNET_NO;
1273  }
1274  }
1275  return GNUNET_YES;
1276 }
1277 
1278 
1287 static void
1289  const void *buf,
1290  size_t buf_size)
1291 {
1292  const struct GNUNET_MessageHeader *hdr =
1293  (const struct GNUNET_MessageHeader *) buf;
1294  const struct UDPAck *ack = (const struct UDPAck *) buf;
1295  uint16_t type;
1296 
1297  if (sizeof(*hdr) > buf_size)
1298  return; /* not even a header */
1299  if (ntohs (hdr->size) > buf_size)
1300  return; /* not even a header */
1301  type = ntohs (hdr->type);
1302  switch (type)
1303  {
1305  /* lookup master secret by 'cmac', then update sequence_max */
1307  &sender->target,
1308  &handle_ack,
1309  (void *) ack);
1310  /* There could be more messages after the ACK, handle those as well */
1311  buf += ntohs (hdr->size);
1312  buf_size -= ntohs (hdr->size);
1313  pass_plaintext_to_core (sender, buf, buf_size);
1314  break;
1315 
1317  /* skip padding */
1318  break;
1319 
1320  default:
1321  pass_plaintext_to_core (sender, buf, buf_size);
1322  }
1323 }
1324 
1325 
1334 static void
1336 {
1337  GNUNET_assert (NULL != ss->sender);
1338  /* drop ancient KeyCacheEntries */
1339  while ((NULL != ss->kce_head) &&
1340  (MAX_SQN_DELTA <
1342  kce_destroy (ss->kce_tail);
1343  if (ss->active_kce_count < KCN_THRESHOLD)
1344  {
1345  struct UDPAck ack;
1346 
1347  while (ss->active_kce_count < KCN_TARGET)
1348  kce_generate (ss, ++ss->sequence_allowed);
1350  ack.header.size = htons (sizeof(ack));
1351  ack.sequence_max = htonl (ss->sequence_allowed);
1352  ack.cmac = ss->cmac;
1354  &ss->sender->target,
1356  &ack.header);
1357  }
1358 }
1359 
1360 
1368 static void
1369 decrypt_box (const struct UDPBox *box,
1370  size_t box_len,
1371  struct KeyCacheEntry *kce)
1372 {
1373  struct SharedSecret *ss = kce->ss;
1374  char out_buf[box_len - sizeof(*box)];
1375 
1376  GNUNET_assert (NULL != ss->sender);
1377  if (GNUNET_OK != try_decrypt (ss,
1378  box->gcm_tag,
1379  kce->sequence_number,
1380  (const char *) &box[1],
1381  sizeof(out_buf),
1382  out_buf))
1383  {
1384  GNUNET_STATISTICS_update (stats,
1385  "# Decryption failures with valid KCE",
1386  1,
1387  GNUNET_NO);
1388  kce_destroy (kce);
1389  return;
1390  }
1391  kce_destroy (kce);
1392  GNUNET_STATISTICS_update (stats,
1393  "# bytes decrypted with BOX",
1394  sizeof(out_buf),
1395  GNUNET_NO);
1396  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1397  consider_ss_ack (ss);
1398 }
1399 
1400 
1404 struct SearchContext
1405 {
1409  const struct sockaddr *address;
1410 
1414  socklen_t address_len;
1415 
1420 };
1421 
1422 
1431 static int
1433  const struct GNUNET_PeerIdentity *key,
1434  void *value)
1435 {
1436  struct SearchContext *sc = cls;
1437  struct SenderAddress *sender = value;
1438 
1439  if ((sender->address_len == sc->address_len) &&
1440  (0 == memcmp (sender->address, sc->address, sender->address_len)))
1441  {
1442  sc->sender = sender;
1443  return GNUNET_NO; /* stop iterating! */
1444  }
1445  return GNUNET_YES;
1446 }
1447 
1448 
1460 static struct SenderAddress *
1462  const struct sockaddr *address,
1463  socklen_t address_len)
1464 {
1465  struct SenderAddress *sender;
1466  struct SearchContext sc = { .address = address,
1467  .address_len = address_len,
1468  .sender = NULL };
1469 
1471  target,
1473  &sc);
1474  if (NULL != sc.sender)
1475  {
1477  return sc.sender;
1478  }
1479  sender = GNUNET_new (struct SenderAddress);
1480  sender->target = *target;
1481  sender->address = GNUNET_memdup (address, address_len);
1482  sender->address_len = address_len;
1484  senders,
1485  &sender->target,
1486  sender,
1488  GNUNET_STATISTICS_set (stats,
1489  "# senders active",
1491  GNUNET_NO);
1492  sender->timeout =
1494  sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1495  sender,
1496  sender->timeout.abs_value_us);
1497  sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
1498  if (NULL == timeout_task)
1499  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
1500  return sender;
1501 }
1502 
1503 
1511 static int
1513  const struct UDPConfirmation *uc)
1514 {
1515  struct UdpHandshakeSignature uhs;
1516 
1518  uhs.purpose.size = htonl (sizeof(uhs));
1519  uhs.sender = uc->sender;
1520  uhs.receiver = my_identity;
1521  uhs.ephemeral = *ephemeral;
1522  uhs.monotonic_time = uc->monotonic_time;
1525  &uhs.purpose,
1526  &uc->sender_sig,
1527  &uc->sender.public_key);
1528 }
1529 
1530 
1539 static char *
1540 sockaddr_to_udpaddr_string (const struct sockaddr *address,
1541  socklen_t address_len)
1542 {
1543  char *ret;
1544 
1545  switch (address->sa_family)
1546  {
1547  case AF_INET:
1548  GNUNET_asprintf (&ret,
1549  "%s-%s",
1551  GNUNET_a2s (address, address_len));
1552  break;
1553 
1554  case AF_INET6:
1555  GNUNET_asprintf (&ret,
1556  "%s-%s",
1558  GNUNET_a2s (address, address_len));
1559  break;
1560 
1561  default:
1562  GNUNET_assert (0);
1563  }
1564  return ret;
1565 }
1566 
1567 
1573 static void
1574 sock_read (void *cls)
1575 {
1576  struct sockaddr_storage sa;
1577  socklen_t salen = sizeof(sa);
1578  char buf[UINT16_MAX];
1579  ssize_t rcvd;
1580 
1581  (void) cls;
1583  udp_sock,
1584  &sock_read,
1585  NULL);
1586  rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1587  buf,
1588  sizeof(buf),
1589  (struct sockaddr *) &sa,
1590  &salen);
1591  if (-1 == rcvd)
1592  {
1594  return;
1595  }
1596 
1597  /* first, see if it is a UDPBox */
1598  if (rcvd > sizeof(struct UDPBox))
1599  {
1600  const struct UDPBox *box;
1601  struct KeyCacheEntry *kce;
1602 
1603  box = (const struct UDPBox *) buf;
1604  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
1605  if (NULL != kce)
1606  {
1607  decrypt_box (box, (size_t) rcvd, kce);
1608  return;
1609  }
1610  }
1611 
1612  /* next, check if it is a broadcast */
1613  if (sizeof(struct UDPBroadcast) == rcvd)
1614  {
1615  const struct UDPBroadcast *ub;
1616  struct UdpBroadcastSignature uhs;
1617 
1618  ub = (const struct UDPBroadcast *) buf;
1620  uhs.purpose.size = htonl (sizeof(uhs));
1621  uhs.sender = ub->sender;
1622  GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
1623  if (GNUNET_OK ==
1625  &uhs.purpose,
1626  &ub->sender_sig,
1627  &ub->sender.public_key))
1628  {
1629  char *addr_s;
1630  enum GNUNET_NetworkType nt;
1631 
1632  addr_s =
1633  sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
1634  GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
1635  /* use our own mechanism to determine network type */
1636  nt =
1637  GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
1638  GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s);
1639  GNUNET_free (addr_s);
1640  return;
1641  }
1642  /* continue with KX, mostly for statistics... */
1643  }
1644 
1645 
1646  /* finally, test if it is a KX */
1647  if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
1648  {
1649  GNUNET_STATISTICS_update (stats,
1650  "# messages dropped (no kid, too small for KX)",
1651  1,
1652  GNUNET_NO);
1653  return;
1654  }
1655 
1656  {
1657  const struct InitialKX *kx;
1658  struct SharedSecret *ss;
1659  char pbuf[rcvd - sizeof(struct InitialKX)];
1660  const struct UDPConfirmation *uc;
1661  struct SenderAddress *sender;
1662 
1663  kx = (const struct InitialKX *) buf;
1664  ss = setup_shared_secret_dec (&kx->ephemeral);
1665  if (GNUNET_OK != try_decrypt (ss,
1666  kx->gcm_tag,
1667  0,
1668  &buf[sizeof(*kx)],
1669  sizeof(pbuf),
1670  pbuf))
1671  {
1672  GNUNET_free (ss);
1674  stats,
1675  "# messages dropped (no kid, AEAD decryption failed)",
1676  1,
1677  GNUNET_NO);
1678  return;
1679  }
1680  uc = (const struct UDPConfirmation *) pbuf;
1681  if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
1682  {
1683  GNUNET_break_op (0);
1684  GNUNET_free (ss);
1685  GNUNET_STATISTICS_update (stats,
1686  "# messages dropped (sender signature invalid)",
1687  1,
1688  GNUNET_NO);
1689  return;
1690  }
1691  calculate_cmac (ss);
1692  sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
1693  ss->sender = sender;
1694  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
1695  sender->num_secrets++;
1696  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1697  GNUNET_STATISTICS_update (stats,
1698  "# messages decrypted without BOX",
1699  1,
1700  GNUNET_NO);
1701  try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
1702  consider_ss_ack (ss);
1703  if (sender->num_secrets > MAX_SECRETS)
1704  secret_destroy (sender->ss_tail);
1705  }
1706 }
1707 
1708 
1716 static struct sockaddr *
1717 udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
1718 {
1719  struct sockaddr *in;
1720  unsigned int port;
1721  char dummy[2];
1722  char *colon;
1723  char *cp;
1724 
1725  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
1726  {
1727  /* interpreting value as just a PORT number */
1728  if (port > UINT16_MAX)
1729  {
1731  "BINDTO specification `%s' invalid: value too large for port\n",
1732  bindto);
1733  return NULL;
1734  }
1735  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
1736  (GNUNET_YES ==
1739  "DISABLE_V6")))
1740  {
1741  struct sockaddr_in *i4;
1742 
1743  i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
1744  i4->sin_family = AF_INET;
1745  i4->sin_port = htons ((uint16_t) port);
1746  *sock_len = sizeof(struct sockaddr_in);
1747  in = (struct sockaddr *) i4;
1748  }
1749  else
1750  {
1751  struct sockaddr_in6 *i6;
1752 
1753  i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
1754  i6->sin6_family = AF_INET6;
1755  i6->sin6_port = htons ((uint16_t) port);
1756  *sock_len = sizeof(struct sockaddr_in6);
1757  in = (struct sockaddr *) i6;
1758  }
1759  return in;
1760  }
1761  cp = GNUNET_strdup (bindto);
1762  colon = strrchr (cp, ':');
1763  if (NULL != colon)
1764  {
1765  /* interpet value after colon as port */
1766  *colon = '\0';
1767  colon++;
1768  if (1 == sscanf (colon, "%u%1s", &port, dummy))
1769  {
1770  /* interpreting value as just a PORT number */
1771  if (port > UINT16_MAX)
1772  {
1774  "BINDTO specification `%s' invalid: value too large for port\n",
1775  bindto);
1776  GNUNET_free (cp);
1777  return NULL;
1778  }
1779  }
1780  else
1781  {
1782  GNUNET_log (
1784  "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1785  bindto);
1786  GNUNET_free (cp);
1787  return NULL;
1788  }
1789  }
1790  else
1791  {
1792  /* interpret missing port as 0, aka pick any free one */
1793  port = 0;
1794  }
1795  {
1796  /* try IPv4 */
1797  struct sockaddr_in v4;
1798 
1799  if (1 == inet_pton (AF_INET, cp, &v4))
1800  {
1801  v4.sin_port = htons ((uint16_t) port);
1802  in = GNUNET_memdup (&v4, sizeof(v4));
1803  *sock_len = sizeof(v4);
1804  GNUNET_free (cp);
1805  return in;
1806  }
1807  }
1808  {
1809  /* try IPv6 */
1810  struct sockaddr_in6 v6;
1811  const char *start;
1812 
1813  start = cp;
1814  if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
1815  {
1816  start++; /* skip over '[' */
1817  cp[strlen (cp) - 1] = '\0'; /* eat ']' */
1818  }
1819  if (1 == inet_pton (AF_INET6, start, &v6))
1820  {
1821  v6.sin6_port = htons ((uint16_t) port);
1822  in = GNUNET_memdup (&v6, sizeof(v6));
1823  *sock_len = sizeof(v6);
1824  GNUNET_free (cp);
1825  return in;
1826  }
1827  }
1828  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
1829  GNUNET_free (cp);
1830  return NULL;
1831 }
1832 
1833 
1841 static void
1842 do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
1843 {
1844  char pad[pad_size];
1845 
1847  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
1848  {
1849  struct GNUNET_MessageHeader hdr =
1850  { .size = htons (sizeof(pad)),
1851  .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
1852 
1853  memcpy (pad, &hdr, sizeof(hdr));
1854  }
1855  GNUNET_assert (
1856  0 ==
1857  gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
1858 }
1859 
1860 
1869 static void
1871  const struct GNUNET_MessageHeader *msg,
1872  void *impl_state)
1873 {
1874  struct ReceiverAddress *receiver = impl_state;
1875  uint16_t msize = ntohs (msg->size);
1876 
1877  GNUNET_assert (mq == receiver->mq);
1878  if (msize > receiver->mtu)
1879  {
1880  GNUNET_break (0);
1881  receiver_destroy (receiver);
1882  return;
1883  }
1884  reschedule_receiver_timeout (receiver);
1885 
1886  if (0 == receiver->acks_available)
1887  {
1888  /* use KX encryption method */
1889  struct UdpHandshakeSignature uhs;
1890  struct UDPConfirmation uc;
1891  struct InitialKX kx;
1892  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
1893  char dgram[receiver->mtu + sizeof(uc) + sizeof(kx)];
1894  size_t dpos;
1895  gcry_cipher_hd_t out_cipher;
1896  struct SharedSecret *ss;
1897 
1898  /* setup key material */
1900 
1901  ss = setup_shared_secret_enc (&epriv, receiver);
1902  setup_cipher (&ss->master, 0, &out_cipher);
1903  /* compute 'uc' */
1904  uc.sender = my_identity;
1905  uc.monotonic_time =
1908  uhs.purpose.size = htonl (sizeof(uhs));
1909  uhs.sender = my_identity;
1910  uhs.receiver = receiver->target;
1912  uhs.monotonic_time = uc.monotonic_time;
1913  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
1914  &uhs.purpose,
1915  &uc.sender_sig));
1916  /* Leave space for kx */
1917  dpos = sizeof(struct GNUNET_CRYPTO_EcdhePublicKey);
1918  /* Append encrypted uc to dgram */
1919  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
1920  &dgram[dpos],
1921  sizeof(uc),
1922  &uc,
1923  sizeof(uc)));
1924  dpos += sizeof(uc);
1925  /* Append encrypted payload to dgram */
1926  GNUNET_assert (
1927  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
1928  dpos += msize;
1929  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
1930  /* Datagram starts with kx */
1931  kx.ephemeral = uhs.ephemeral;
1932  GNUNET_assert (
1933  0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
1934  gcry_cipher_close (out_cipher);
1935  memcpy (dgram, &kx, sizeof(kx));
1936  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
1937  dgram,
1938  sizeof(dgram),
1939  receiver->address,
1940  receiver->address_len))
1943  return;
1944  } /* End of KX encryption method */
1945 
1946  /* begin "BOX" encryption method, scan for ACKs from tail! */
1947  for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
1948  {
1949  if (ss->sequence_used < ss->sequence_allowed)
1950  {
1951  char dgram[sizeof(struct UDPBox) + receiver->mtu];
1952  struct UDPBox *box;
1953  gcry_cipher_hd_t out_cipher;
1954  size_t dpos;
1955 
1956  box = (struct UDPBox *) dgram;
1957  ss->sequence_used++;
1958  get_kid (&ss->master, ss->sequence_used, &box->kid);
1959  setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
1960  /* Append encrypted payload to dgram */
1961  dpos = sizeof(struct UDPBox);
1962  GNUNET_assert (
1963  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
1964  dpos += msize;
1965  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
1966  GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
1967  box->gcm_tag,
1968  sizeof(box->gcm_tag)));
1969  gcry_cipher_close (out_cipher);
1970  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
1971  dgram,
1972  sizeof(dgram),
1973  receiver->address,
1974  receiver->address_len))
1977  receiver->acks_available--;
1978  if (0 == receiver->acks_available)
1979  {
1980  /* We have no more ACKs => MTU change! */
1981  setup_receiver_mq (receiver);
1982  }
1983  return;
1984  }
1985  }
1986  GNUNET_assert (0);
1987 }
1988 
1989 
1998 static void
1999 mq_destroy (struct GNUNET_MQ_Handle *mq, void *impl_state)
2000 {
2001  struct ReceiverAddress *receiver = impl_state;
2002 
2003  if (mq == receiver->mq)
2004  {
2005  receiver->mq = NULL;
2006  receiver_destroy (receiver);
2007  }
2008 }
2009 
2010 
2017 static void
2018 mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
2019 {
2020  /* Cancellation is impossible with UDP; bail */
2021  GNUNET_assert (0);
2022 }
2023 
2024 
2034 static void
2035 mq_error (void *cls, enum GNUNET_MQ_Error error)
2036 {
2037  struct ReceiverAddress *receiver = cls;
2038 
2040  "MQ error in queue to %s: %d\n",
2041  GNUNET_i2s (&receiver->target),
2042  (int) error);
2043  receiver_destroy (receiver);
2044 }
2045 
2046 
2054 static void
2056 {
2057  size_t base_mtu;
2058 
2059  if (NULL != receiver->qh)
2060  {
2062  receiver->qh = NULL;
2063  }
2064  GNUNET_assert (NULL == receiver->mq);
2065  switch (receiver->address->sa_family)
2066  {
2067  case AF_INET:
2068  base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
2069  - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
2070  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2071  break;
2072 
2073  case AF_INET6:
2074  base_mtu = 1280 /* Minimum MTU required by IPv6 */
2075  - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
2076  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
2077  break;
2078 
2079  default:
2080  GNUNET_assert (0);
2081  break;
2082  }
2083  if (0 == receiver->acks_available)
2084  {
2085  /* MTU based on full KX messages */
2086  receiver->mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
2087  - sizeof(struct UDPConfirmation); /* 104 */
2088  }
2089  else
2090  {
2091  /* MTU based on BOXed messages */
2092  receiver->mtu = base_mtu - sizeof(struct UDPBox);
2093  }
2094  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
2095  1404 (IPv4 + Box) bytes, depending on circumstances... */
2096  if (NULL == receiver->mq)
2098  &mq_destroy,
2099  &mq_cancel,
2100  receiver,
2101  NULL,
2102  &mq_error,
2103  receiver);
2104  receiver->qh =
2106  &receiver->target,
2107  receiver->foreign_addr,
2108  receiver->mtu,
2109  receiver->nt,
2111  receiver->mq);
2112 }
2113 
2114 
2133 static int
2134 mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
2135 {
2136  struct ReceiverAddress *receiver;
2137  const char *path;
2138  struct sockaddr *in;
2139  socklen_t in_len;
2140 
2141  if (0 != strncmp (address,
2143  strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
2144  {
2145  GNUNET_break_op (0);
2146  return GNUNET_SYSERR;
2147  }
2148  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2149  in = udp_address_to_sockaddr (path, &in_len);
2150 
2151  receiver = GNUNET_new (struct ReceiverAddress);
2152  receiver->address = in;
2153  receiver->address_len = in_len;
2154  receiver->target = *peer;
2155  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
2157  receivers,
2158  &receiver->target,
2159  receiver,
2161  receiver->timeout =
2163  receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
2164  receiver,
2165  receiver->timeout.abs_value_us);
2166  GNUNET_STATISTICS_set (stats,
2167  "# receivers active",
2169  GNUNET_NO);
2170  receiver->foreign_addr =
2171  sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
2172  setup_receiver_mq (receiver);
2173  if (NULL == timeout_task)
2174  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2175  return GNUNET_OK;
2176 }
2177 
2178 
2187 static int
2189  const struct GNUNET_PeerIdentity *target,
2190  void *value)
2191 {
2192  struct ReceiverAddress *receiver = value;
2193 
2194  (void) cls;
2195  (void) target;
2196  receiver_destroy (receiver);
2197  return GNUNET_OK;
2198 }
2199 
2200 
2209 static int
2211  const struct GNUNET_PeerIdentity *target,
2212  void *value)
2213 {
2214  struct SenderAddress *sender = value;
2215 
2216  (void) cls;
2217  (void) target;
2218  sender_destroy (sender);
2219  return GNUNET_OK;
2220 }
2221 
2222 
2228 static void
2229 do_shutdown (void *cls)
2230 {
2231  if (NULL != nat)
2232  {
2233  GNUNET_NAT_unregister (nat);
2234  nat = NULL;
2235  }
2236  while (NULL != bi_head)
2237  bi_destroy (bi_head);
2238  if (NULL != broadcast_task)
2239  {
2240  GNUNET_SCHEDULER_cancel (broadcast_task);
2241  broadcast_task = NULL;
2242  }
2243  if (NULL != read_task)
2244  {
2245  GNUNET_SCHEDULER_cancel (read_task);
2246  read_task = NULL;
2247  }
2248  if (NULL != udp_sock)
2249  {
2251  udp_sock = NULL;
2252  }
2255  NULL);
2260  GNUNET_CONTAINER_heap_destroy (senders_heap);
2261  GNUNET_CONTAINER_heap_destroy (receivers_heap);
2262  if (NULL != ch)
2263  {
2265  ch = NULL;
2266  }
2267  if (NULL != ah)
2268  {
2270  ah = NULL;
2271  }
2272  if (NULL != stats)
2273  {
2275  stats = NULL;
2276  }
2277  if (NULL != my_private_key)
2278  {
2279  GNUNET_free (my_private_key);
2280  my_private_key = NULL;
2281  }
2282  if (NULL != is)
2283  {
2285  is = NULL;
2286  }
2287 }
2288 
2289 
2299 static void
2300 enc_notify_cb (void *cls,
2301  const struct GNUNET_PeerIdentity *sender,
2302  const struct GNUNET_MessageHeader *msg)
2303 {
2304  const struct UDPAck *ack;
2305 
2306  (void) cls;
2307  if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2308  (ntohs (msg->size) != sizeof(struct UDPAck)))
2309  {
2310  GNUNET_break_op (0);
2311  return;
2312  }
2313  ack = (const struct UDPAck *) msg;
2315  sender,
2316  &handle_ack,
2317  (void *) ack);
2318 }
2319 
2320 
2334 static void
2335 nat_address_cb (void *cls,
2336  void **app_ctx,
2337  int add_remove,
2339  const struct sockaddr *addr,
2340  socklen_t addrlen)
2341 {
2342  char *my_addr;
2344 
2345  if (GNUNET_YES == add_remove)
2346  {
2347  enum GNUNET_NetworkType nt;
2348 
2349  GNUNET_asprintf (&my_addr,
2350  "%s-%s",
2352  GNUNET_a2s (addr, addrlen));
2353  nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2354  ai =
2356  my_addr,
2357  nt,
2359  GNUNET_free (my_addr);
2360  *app_ctx = ai;
2361  }
2362  else
2363  {
2364  ai = *app_ctx;
2366  *app_ctx = NULL;
2367  }
2368 }
2369 
2370 
2376 static void
2377 ifc_broadcast (void *cls)
2378 {
2379  struct BroadcastInterface *bi = cls;
2380  struct GNUNET_TIME_Relative delay;
2381 
2382  delay = BROADCAST_FREQUENCY;
2383  delay.rel_value_us =
2385  bi->broadcast_task =
2387 
2388  switch (bi->sa->sa_family)
2389  {
2390  case AF_INET: {
2391  static int yes = 1;
2392  static int no = 0;
2393  ssize_t sent;
2394 
2396  SOL_SOCKET,
2397  SO_BROADCAST,
2398  &yes,
2399  sizeof(int)))
2401  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2402  &bi->bcm,
2403  sizeof(bi->bcm),
2404  bi->ba,
2405  bi->salen);
2406  if (-1 == sent)
2409  SOL_SOCKET,
2410  SO_BROADCAST,
2411  &no,
2412  sizeof(int)))
2414  break;
2415  }
2416 
2417  case AF_INET6: {
2418  ssize_t sent;
2419  struct sockaddr_in6 dst;
2420 
2421  dst.sin6_family = AF_INET6;
2422  dst.sin6_port = htons (my_port);
2423  dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
2424  dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
2425 
2426  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
2427  &bi->bcm,
2428  sizeof(bi->bcm),
2429  (const struct sockaddr *) &dst,
2430  sizeof(dst));
2431  if (-1 == sent)
2433  break;
2434  }
2435 
2436  default:
2437  GNUNET_break (0);
2438  break;
2439  }
2440 }
2441 
2442 
2457 static int
2458 iface_proc (void *cls,
2459  const char *name,
2460  int isDefault,
2461  const struct sockaddr *addr,
2462  const struct sockaddr *broadcast_addr,
2463  const struct sockaddr *netmask,
2464  socklen_t addrlen)
2465 {
2466  struct BroadcastInterface *bi;
2467  enum GNUNET_NetworkType network;
2468  struct UdpBroadcastSignature ubs;
2469 
2470  (void) cls;
2471  (void) netmask;
2472  if (NULL == addr)
2473  return GNUNET_YES; /* need to know our address! */
2474  network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
2475  if (GNUNET_NT_LOOPBACK == network)
2476  {
2477  /* Broadcasting on loopback does not make sense */
2478  return GNUNET_YES;
2479  }
2480  for (bi = bi_head; NULL != bi; bi = bi->next)
2481  {
2482  if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
2483  {
2484  bi->found = GNUNET_YES;
2485  return GNUNET_OK;
2486  }
2487  }
2488 
2489  if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
2490  return GNUNET_OK; /* broadcast_addr is required for IPv6! */
2491  if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
2492  return GNUNET_OK; /* not using IPv6 */
2493 
2494  bi = GNUNET_new (struct BroadcastInterface);
2495  bi->sa = GNUNET_memdup (addr, addrlen);
2496  if (NULL != broadcast_addr)
2497  bi->ba = GNUNET_memdup (broadcast_addr, addrlen);
2498  bi->salen = addrlen;
2499  bi->found = GNUNET_YES;
2500  bi->bcm.sender = my_identity;
2502  ubs.purpose.size = htonl (sizeof(ubs));
2503  ubs.sender = my_identity;
2504  GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
2505  GNUNET_assert (GNUNET_OK == GNUNET_CRYPTO_eddsa_sign (my_private_key,
2506  &ubs.purpose,
2507  &bi->bcm.sender_sig));
2509  GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
2510  if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
2511  {
2512  /* Create IPv6 multicast request */
2513  const struct sockaddr_in6 *s6 =
2514  (const struct sockaddr_in6 *) broadcast_addr;
2515 
2516  GNUNET_assert (
2517  1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
2518 
2519  /* http://tools.ietf.org/html/rfc2553#section-5.2:
2520  *
2521  * IPV6_JOIN_GROUP
2522  *
2523  * Join a multicast group on a specified local interface. If the
2524  * interface index is specified as 0, the kernel chooses the local
2525  * interface. For example, some kernels look up the multicast
2526  * group in the normal IPv6 routing table and using the resulting
2527  * interface; we do this for each interface, so no need to use
2528  * zero (anymore...).
2529  */bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
2530 
2531  /* Join the multicast group */
2533  IPPROTO_IPV6,
2534  IPV6_JOIN_GROUP,
2535  &bi->mcreq,
2536  sizeof(bi->mcreq)))
2537  {
2539  }
2540  }
2541  return GNUNET_OK;
2542 }
2543 
2544 
2550 static void
2551 do_broadcast (void *cls)
2552 {
2553  struct BroadcastInterface *bin;
2554 
2555  (void) cls;
2556  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
2557  bi->found = GNUNET_NO;
2559  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
2560  {
2561  bin = bi->next;
2562  if (GNUNET_NO == bi->found)
2563  bi_destroy (bi);
2564  }
2566  &do_broadcast,
2567  NULL);
2568 }
2569 
2570 
2579 static void
2580 run (void *cls,
2581  char *const *args,
2582  const char *cfgfile,
2583  const struct GNUNET_CONFIGURATION_Handle *c)
2584 {
2585  char *bindto;
2586  struct sockaddr *in;
2587  socklen_t in_len;
2588  struct sockaddr_storage in_sto;
2589  socklen_t sto_len;
2590 
2591  (void) cls;
2592  cfg = c;
2593  if (GNUNET_OK !=
2596  "BINDTO",
2597  &bindto))
2598  {
2601  "BINDTO");
2602  return;
2603  }
2604 
2605  in = udp_address_to_sockaddr (bindto, &in_len);
2606  if (NULL == in)
2607  {
2609  "Failed to setup UDP socket address with path `%s'\n",
2610  bindto);
2611  GNUNET_free (bindto);
2612  return;
2613  }
2614  udp_sock =
2615  GNUNET_NETWORK_socket_create (in->sa_family, SOCK_DGRAM, IPPROTO_UDP);
2616  if (NULL == udp_sock)
2617  {
2619  GNUNET_free (in);
2620  GNUNET_free (bindto);
2621  return;
2622  }
2623  if (AF_INET6 == in->sa_family)
2625  if (GNUNET_OK != GNUNET_NETWORK_socket_bind (udp_sock, in, in_len))
2626  {
2628  GNUNET_NETWORK_socket_close (udp_sock);
2629  udp_sock = NULL;
2630  GNUNET_free (in);
2631  GNUNET_free (bindto);
2632  return;
2633  }
2634  /* We might have bound to port 0, allowing the OS to figure it out;
2635  thus, get the real IN-address from the socket */
2636  sto_len = sizeof(in_sto);
2637  if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
2638  (struct sockaddr *) &in_sto,
2639  &sto_len))
2640  {
2641  memcpy (&in_sto, in, in_len);
2642  sto_len = in_len;
2643  }
2644  GNUNET_free (in);
2645  GNUNET_free (bindto);
2646  in = (struct sockaddr *) &in_sto;
2647  in_len = sto_len;
2649  "Bound to `%s'\n",
2650  GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
2651  switch (in->sa_family)
2652  {
2653  case AF_INET:
2654  my_port = ntohs (((struct sockaddr_in *) in)->sin_port);
2655  break;
2656 
2657  case AF_INET6:
2658  my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port);
2659  break;
2660 
2661  default:
2662  GNUNET_break (0);
2663  my_port = 0;
2664  }
2665  stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
2669  receivers_heap =
2673  is = GNUNET_NT_scanner_init ();
2675  if (NULL == my_private_key)
2676  {
2677  GNUNET_log (
2679  _ (
2680  "Transport service is lacking key configuration settings. Exiting.\n"));
2682  return;
2683  }
2685  /* start reading */
2687  udp_sock,
2688  &sock_read,
2689  NULL);
2694  &mq_init,
2695  NULL,
2696  &enc_notify_cb,
2697  NULL);
2698  if (NULL == ch)
2699  {
2700  GNUNET_break (0);
2702  return;
2703  }
2705  if (NULL == ah)
2706  {
2707  GNUNET_break (0);
2709  return;
2710  }
2711  /* start broadcasting */
2712  if (GNUNET_YES !=
2715  "DISABLE_BROADCAST"))
2716  {
2717  broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
2718  }
2719  nat = GNUNET_NAT_register (cfg,
2721  IPPROTO_UDP,
2722  1 /* one address */,
2723  (const struct sockaddr **) &in,
2724  &in_len,
2725  &nat_address_cb,
2726  NULL /* FIXME: support reversal: #5529 */,
2727  NULL /* closure */);
2728 }
2729 
2730 
2738 int
2739 main (int argc, char *const *argv)
2740 {
2741  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2743  };
2744  int ret;
2745 
2746  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
2747  return 2;
2748 
2749  ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
2750  argv,
2751  "gnunet-communicator-udp",
2752  _ ("GNUnet UDP communicator"),
2753  options,
2754  &run,
2755  NULL))
2756  ? 0
2757  : 1;
2758  GNUNET_free ((void *) argv);
2759  return ret;
2760 }
2761 
2762 
2763 /* end of gnunet-communicator-udp.c */
int GNUNET_CRYPTO_ecdhe_key_create2(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:630
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct KeyCacheEntry * next
Kept in a DLL.
Handle to the interface scanner.
Definition: nt.c:110
int GNUNET_NETWORK_socket_setsockopt(struct GNUNET_NETWORK_Handle *fd, int level, int option_name, const void *option_value, socklen_t option_len)
Set socket option.
Definition: network.c:883
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
int GNUNET_NETWORK_get_fd(const struct GNUNET_NETWORK_Handle *desc)
Return file descriptor for this network handle.
Definition: network.c:1080
size_t mtu
MTU we allowed transport for this receiver right now.
#define COMMUNICATOR_CONFIG_SECTION
Configuration section used by the communicator.
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WAN.
Definition: nt.c:314
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
static struct BroadcastInterface * bi_tail
Broadcast interface tasks.
static void consider_ss_ack(struct SharedSecret *ss)
We established a shared secret with a sender.
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
Handle for active NAT registrations.
Definition: nat_api.c:71
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
#define BROADCAST_FREQUENCY
How often do we broadcast our presence on the LAN?
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP connection (UDP client).
int main(int argc, char *const *argv)
The main function for the UNIX communicator.
struct KeyCacheEntry * prev
Kept in a DLL.
int found
Was this interface found in the last iface_proc() scan?
static void do_broadcast(void *cls)
Scan interfaces to broadcast our presence on the LAN.
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GNUNET_TRANSPORT_ApplicationHandle * ah
Our handle to report addresses for validation to TRANSPORT.
GNUNET_NAT_AddressClass
Some addresses contain sensitive information or are not suitable for global distribution.
uint64_t rel_value_us
The actual value.
struct GNUNET_PeerIdentity sender
Sender&#39;s peer identity.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
static uint16_t my_port
Port number to which we are actually bound.
Broadcast by peer in LAN announcing its presence.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
static struct SenderAddress * setup_sender(const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
Create sender address for target.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
struct GNUNET_PeerIdentity receiver
Presumed identity of the target of the UDP connection (UDP server)
static struct GNUNET_NAT_Handle * nat
Connection to NAT service.
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Setup communicator and launch network interactions.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
char gcm_tag[(128/8)]
HMAC for the following encrypted message, using GCM.
#define KCN_TARGET
How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD s...
struct GNUNET_TRANSPORT_AddressIdentifier * GNUNET_TRANSPORT_communicator_address_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const char *address, enum GNUNET_NetworkType nt, struct GNUNET_TIME_Relative expiration)
Notify transport service about an address that this communicator provides for this peer...
static struct GNUNET_PeerIdentity my_identity
Our public key.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
static struct SharedSecret * setup_shared_secret_dec(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
Setup shared secret for decryption.
GNUNET_MQ_Error
Error codes for the queue.
uint64_t GNUNET_CRYPTO_random_u64(enum GNUNET_CRYPTO_Quality mode, uint64_t max)
Random on unsigned 64-bit values.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1300
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
socklen_t address_len
Number of bytes in address.
struct GNUNET_STATISTICS_Handle * GNUNET_STATISTICS_create(const char *subsystem, const struct GNUNET_CONFIGURATION_Handle *cfg)
Get handle for the statistics service.
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:39
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1438
void GNUNET_TRANSPORT_application_validate(struct GNUNET_TRANSPORT_ApplicationHandle *ch, const struct GNUNET_PeerIdentity *peer, enum GNUNET_NetworkType nt, const char *addr)
An application (or a communicator) has received a HELLO (or other address data of another peer) and w...
static struct sockaddr * udp_address_to_sockaddr(const char *bindto, socklen_t *sock_len)
Convert UDP bind specification to a struct sockaddr *
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key for KX.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:246
static void secret_destroy(struct SharedSecret *ss)
Destroy ss and associated key cache entries.
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Bandwidth allocation API for applications to interact with.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
static struct BroadcastInterface * bi_head
Broadcast interface tasks.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
socklen_t address_len
Length of the address.
struct sockaddr * address
Address of the other peer.
int GNUNET_NETWORK_socket_bind(struct GNUNET_NETWORK_Handle *desc, const struct sockaddr *address, socklen_t address_len)
Bind a socket to a particular address.
Definition: network.c:485
int GNUNET_CRYPTO_eddsa_sign(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EccSignaturePurpose *purpose, struct GNUNET_CRYPTO_EddsaSignature *sig)
EdDSA sign a given block.
Definition: crypto_ecc.c:986
static struct GNUNET_FS_UnindexContext * uc
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
unsigned int num_secrets
Length of the DLL at ss_head.
int GNUNET_CONTAINER_multishortmap_remove(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, const void *value)
Remove the given key-value pair from the map.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
struct SharedSecret * ss
Corresponding shared secret.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
#define GNUNET_NO
Definition: gnunet_common.h:78
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
int GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:291
#define GNUNET_OK
Named constants for return values.
Definition: gnunet_common.h:75
Standard IPv4 header.
#define GNUNET_free_non_null(ptr)
Free the memory pointed to by ptr if ptr is not NULL.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_OS_network_interfaces_list(GNUNET_OS_NetworkInterfaceProcessor proc, void *proc_cls)
Enumerate all network interfaces.
Definition: os_network.c:396
static int iface_proc(void *cls, const char *name, int isDefault, const struct sockaddr *addr, const struct sockaddr *broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
Callback function invoked for each interface found.
static int have_v6_socket
GNUNET_YES if udp_sock supports IPv6.
#define GCM_TAG_SIZE
Size of the GCM tag.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
static int handle_ack(void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
We received an ACK for pid.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
Encrypted continuation of UDP initial handshake, followed by message header with payload.
void GNUNET_STATISTICS_destroy(struct GNUNET_STATISTICS_Handle *h, int sync_first)
Destroy a handle (free all state associated with it).
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:526
struct GNUNET_CONTAINER_MultiPeerMap * GNUNET_CONTAINER_multipeermap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
Handle for the service.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
void GNUNET_TRANSPORT_application_done(struct GNUNET_TRANSPORT_ApplicationHandle *ch)
Shutdown TRANSPORT application client.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
uint64_t abs_value_us
The actual value.
static void reschedule_sender_timeout(struct SenderAddress *sender)
Increment sender timeout due to activity.
static void bi_destroy(struct BroadcastInterface *bi)
An interface went away, stop broadcasting on it.
GNUNET_NetworkType
Types of networks (with separate quotas) we support.
Definition: gnunet_nt_lib.h:35
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
uint32_t sequence_number
Sequence number used to derive this entry from master key.
"Plaintext" header at beginning of KX message.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32.
void GNUNET_CONTAINER_multipeermap_destroy(struct GNUNET_CONTAINER_MultiPeerMap *map)
Destroy a hash map.
A 256-bit hashcode.
Opaque handle to the transport service for communicators.
#define _(String)
GNU gettext support macro.
Definition: platform.h:181
void GNUNET_TRANSPORT_communicator_disconnect(struct GNUNET_TRANSPORT_CommunicatorHandle *ch)
Disconnect from the transport service.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct sockaddr * ba
Broadcast address to use on the interface.
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
static void enc_notify_cb(void *cls, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg)
Function called when the transport service has received a backchannel message for this communicator (...
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static void ifc_broadcast(void *cls)
Broadcast our presence on one of our interfaces.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
void GNUNET_TRANSPORT_communicator_mq_del(struct GNUNET_TRANSPORT_QueueHandle *qh)
Notify transport service that an MQ became unavailable due to a disconnect or timeout.
struct GNUNET_PeerIdentity target
To whom are we talking to.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
int GNUNET_asprintf(char **buf, const char *format,...)
Like asprintf, just portable.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1253
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
static struct GNUNET_SCHEDULER_Task * broadcast_task
ID of master broadcast task.
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
static struct GNUNET_TIME_Relative timeout
Desired timeout for the lookup (default is no timeout).
Definition: gnunet-abd.c:61
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:552
int GNUNET_CRYPTO_eddsa_verify(uint32_t purpose, const struct GNUNET_CRYPTO_EccSignaturePurpose *validate, const struct GNUNET_CRYPTO_EddsaSignature *sig, const struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Verify EdDSA signature.
Definition: crypto_ecc.c:1113
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
int GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:1502
static char * value
Value of the record to add/remove.
static int get_sender_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all senders to clean up.
static int verify_confirmation(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
Check signature from uc against ephemeral.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:48
struct GNUNET_HashCode master
Master shared secret.
enum GNUNET_NetworkType nt
Which network type does this queue use?
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
Signature used by UDP broadcasts.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1280
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
#define AES_IV_SIZE
AES (GCM) IV size.
void * GNUNET_CONTAINER_heap_peek(const struct GNUNET_CONTAINER_Heap *heap)
Get element stored at the root of heap.
static void pass_plaintext_to_core(struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
We received plaintext_len bytes of plaintext from a sender.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:850
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
static char buf[2048]
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
struct GNUNET_TRANSPORT_CommunicatorHandle * GNUNET_TRANSPORT_communicator_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section_name, const char *addr_prefix, enum GNUNET_TRANSPORT_CommunicatorCharacteristics cc, GNUNET_TRANSPORT_CommunicatorMqInit mq_init, void *mq_init_cls, GNUNET_TRANSPORT_CommunicatorNotify notify_cb, void *notify_cb_cls)
Connect to the transport service.
int GNUNET_CONTAINER_multishortmap_put(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
Handle to a node in a heap.
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP broadcast.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
struct sockaddr * address
Address of the other peer.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Internal representation of the hash map.
struct GNUNET_CONTAINER_MultiShortmap * GNUNET_CONTAINER_multishortmap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
static void mq_destroy(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
Heap with the minimum cost at the root.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
UDP message box.
void GNUNET_CONTAINER_heap_destroy(struct GNUNET_CONTAINER_Heap *heap)
Destroys the heap.
struct sockaddr * sa
Sender&#39;s address of the interface.
A 512-bit hashcode.
socklen_t salen
Number of bytes in sa.
static void sock_read(void *cls)
Socket read task.
int GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:1612
static void mq_cancel(struct GNUNET_MQ_Handle *mq, void *impl_state)
Implementation function that cancels the currently sent message.
static void setup_receiver_mq(struct ReceiverAddress *receiver)
Setup the MQ for the receiver.
static int res
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
static struct GNUNET_NAT_AUTO_Test * nt
Handle to a NAT test operation.
void GNUNET_NT_scanner_done(struct GNUNET_NT_InterfaceScanner *is)
Terminate interface scanner.
Definition: nt.c:433
struct GNUNET_HashCode cmac
CMAC of the base key being acknowledged.
Node in the heap.
Private ECC key encoded for transmission.
void GNUNET_NAT_unregister(struct GNUNET_NAT_Handle *nh)
Stop port redirection and public IP address detection for the given handle.
Definition: nat_api.c:692
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
Shared secret we generated for a particular sender or receiver.
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
void GNUNET_TRANSPORT_communicator_address_remove(struct GNUNET_TRANSPORT_AddressIdentifier *ai)
Notify transport service about an address that this communicator no longer provides for this peer...
unsigned int num_secrets
Length of the DLL at ss_head.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_min(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the minimum of two relative time values.
Definition: time.c:272
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
struct GNUNET_HashCode key
The key used in the DHT.
Internal representation of the hash map.
static int mq_init(void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
Function called by the transport service to initialize a message queue given address information abou...
#define GNUNET_SYSERR
Definition: gnunet_common.h:76
static void mq_send(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
static struct GNUNET_TRANSPORT_AddressIdentifier * ai
Handle to the operation that publishes our address.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:301
static int get_receiver_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all receivers to clean up.
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
struct GNUNET_NAT_Handle * GNUNET_NAT_register(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section, uint8_t proto, unsigned int num_addrs, const struct sockaddr **addrs, const socklen_t *addrlens, GNUNET_NAT_AddressCallback address_callback, GNUNET_NAT_ReversalCallback reversal_callback, void *callback_cls)
Attempt to enable port redirection and detect public IP address contacting UPnP or NAT-PMP routers on...
Definition: nat_api.c:378
static struct GNUNET_MQ_Envelope * ac
Handle to current GNUNET_PEERINFO_add_peer() operation.
struct GNUNET_NT_InterfaceScanner * GNUNET_NT_scanner_init(void)
Initialize the address characterization client handle.
Definition: nt.c:412
struct GNUNET_HashCode h_address
Hash of the sender&#39;s UDP address.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
Loopback (same host).
Definition: gnunet_nt_lib.h:45
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
unsigned int active_kce_count
Number of active KCN entries.
struct SharedSecret * prev
Kept in a DLL.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get_monotonic(const struct GNUNET_CONFIGURATION_Handle *cfg)
Obtain the current time and make sure it is monotonically increasing.
Definition: time.c:807
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
int GNUNET_TRANSPORT_communicator_receive(struct GNUNET_TRANSPORT_CommunicatorHandle *handle, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, struct GNUNET_TIME_Relative expected_addr_validity, GNUNET_TRANSPORT_MessageCompletedCallback cb, void *cb_cls)
Notify transport service that the communicator has received a message.
struct UDPBroadcast bcm
Message we broadcast on this interface.
static void decrypt_box(const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
We received a box with matching kce.
void GNUNET_CONTAINER_multishortmap_destroy(struct GNUNET_CONTAINER_MultiShortmap *map)
Destroy a hash map.
struct GNUNET_CONTAINER_Heap * GNUNET_CONTAINER_heap_create(enum GNUNET_CONTAINER_HeapOrder order)
Create a new heap.
an ECC signature using EdDSA.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:270
Standard IPv6 header.
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
static struct in_addr dummy
Target "dummy" address of the packet we pretend to respond to.
#define KCN_THRESHOLD
If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET...
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
Handle to a message queue.
Definition: mq.c:85
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32;.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Private ECC key encoded for transmission.
int GNUNET_CONTAINER_multipeermap_iterate(struct GNUNET_CONTAINER_MultiPeerMap *map, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
uint32_t sequence_max
Sequence acknowledgement limit.
struct ipv6_mreq mcreq
If this is an IPv6 interface, this is the request we use to join/leave the group. ...
The identity of the host (wraps the signing key of the peer).
#define AES_KEY_SIZE
AES key size.
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
static void get_iv_key(const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
Compute key and iv.
struct GNUNET_TRANSPORT_ApplicationHandle * GNUNET_TRANSPORT_application_init(const struct GNUNET_CONFIGURATION_Handle *cfg)
Initialize the TRANSPORT application client handle.
#define GNUNET_PACKED
gcc-ism to get packed structs.
static uint16_t port
Port number.
Definition: gnunet-bcd.c:81
configuration data
Definition: configuration.c:85
void * GNUNET_CONTAINER_multishortmap_get(const struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key)
Given a key find a value in the map matching the key.
socklen_t address_len
Length of the address.
const char * name
this is an outbound connection (transport initiated)
#define ADDRESS_VALIDITY_PERIOD
How long do we believe our addresses to remain up (before the other peer should revalidate).
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
Signature we use to verify that the broadcast was really made by the peer that claims to have made it...
#define INTERFACE_SCAN_FREQUENCY
How often do we scan for changes to our network interfaces?
void GNUNET_TRANSPORT_communicator_notify(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *pid, const char *comm, const struct GNUNET_MessageHeader *header)
The communicator asks the transport service to route a message via a different path to another commun...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
UDP key acknowledgement.
Entry in list of pending tasks.
Definition: scheduler.c:134
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
int GNUNET_CONFIGURATION_get_value_filename(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be the name of a file or directory.
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
static struct GNUNET_SCHEDULER_Task * read_task
ID of read task.
handle to a socket
Definition: network.c:52
static void nat_address_cb(void *cls, void **app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr *addr, socklen_t addrlen)
Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of ...
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
int GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:367
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer&#39;s key from the file specified in the configuration...
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver)
Setup shared secret for encryption.
struct GNUNET_SCHEDULER_Task * broadcast_task
Task for this broadcast interface.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:331
static void calculate_cmac(struct SharedSecret *ss)
Calcualte cmac from master in ss.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Header for all communications.
static int find_sender_by_address(void *cls, const struct GNUNET_PeerIdentity *key, void *value)
Find existing struct SenderAddress by matching addresses.
Time for absolute times used by GNUnet, in microseconds.
void GNUNET_MQ_destroy(struct GNUNET_MQ_Handle *mq)
Destroy the message queue.
Definition: mq.c:824
static void mq_error(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
#define GNUNET_YES
Definition: gnunet_common.h:77
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_read_net(struct GNUNET_TIME_Relative delay, struct GNUNET_NETWORK_Handle *rfd, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay or when the specified file descriptor is ready f...
Definition: scheduler.c:1486
struct SenderAddress * sender
Return value to set if we found a match.
struct GNUNET_TRANSPORT_QueueHandle * qh
handle for this queue with the ch.
struct GNUNET_TRANSPORT_QueueHandle * GNUNET_TRANSPORT_communicator_mq_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *peer, const char *address, uint32_t mtu, enum GNUNET_NetworkType nt, enum GNUNET_TRANSPORT_ConnectionStatus cs, struct GNUNET_MQ_Handle *mq)
Notify transport service that a MQ became available due to an "inbound" connection or because the com...
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
#define MAX_SQN_DELTA
What is the maximum delta between KCN sequence numbers that we allow.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key used by the sender.
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
struct GNUNET_PeerIdentity target
To whom are we talking to.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
int GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
ssize_t GNUNET_NETWORK_socket_recvfrom(const struct GNUNET_NETWORK_Handle *desc, void *buffer, size_t length, struct sockaddr *src_addr, socklen_t *addrlen)
Read data from a socket (always non-blocking).
Definition: network.c:754
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
struct GNUNET_MQ_Handle * mq
Message queue we are providing for the ch.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
static void do_shutdown(void *cls)
Shutdown the UNIX communicator.
Interface we broadcast our presence on.
Handle to the TRANSPORT subsystem for application management.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:657
static char * address
GNS address for this phone.
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:486
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct BroadcastInterface * prev
Kept in a DLL.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Handle returned to identify the internal data structure the transport API has created to manage a mes...
int GNUNET_NETWORK_socket_close(struct GNUNET_NETWORK_Handle *desc)
Close a socket.
Definition: network.c:560
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
#define GNUNET_malloc(size)
Wrapper around malloc.
int GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:85
struct BroadcastInterface * next
Kept in a DLL.
Internal representation of an address a communicator is currently providing for the transport service...
#define GNUNET_free(ptr)
Wrapper around free.
Time for relative time used by GNUnet, in microseconds.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_NETWORK_Handle * GNUNET_NETWORK_socket_create(int domain, int type, int protocol)
Create a new socket.
Definition: network.c:912
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
const struct sockaddr * address
Address we are looking for.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:966
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
enum GNUNET_NetworkType nt
Which network type does this queue use?