GNUnet  0.11.x
gnunet-communicator-udp.c
Go to the documentation of this file.
1 /*
2  This file is part of GNUnet
3  Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
4 
5  GNUnet is free software: you can redistribute it and/or modify it
6  under the terms of the GNU Affero General Public License as published
7  by the Free Software Foundation, either version 3 of the License,
8  or (at your option) any later version.
9 
10  GNUnet is distributed in the hope that it will be useful, but
11  WITHOUT ANY WARRANTY; without even the implied warranty of
12  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13  Affero General Public License for more details.
14 
15  You should have received a copy of the GNU Affero General Public License
16  along with this program. If not, see <http://www.gnu.org/licenses/>.
17 
18  SPDX-License-Identifier: AGPL3.0-or-later
19  */
20 
40 #include "platform.h"
41 #include "gnunet_util_lib.h"
42 #include "gnunet_protocols.h"
43 #include "gnunet_signatures.h"
44 #include "gnunet_constants.h"
45 #include "gnunet_nt_lib.h"
46 #include "gnunet_nat_service.h"
50 
54 #define DEFAULT_REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
55 
59 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
60 
64 #define BROADCAST_FREQUENCY GNUNET_TIME_UNIT_MINUTES
65 
69 #define INTERFACE_SCAN_FREQUENCY \
70  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 5)
71 
76 #define ADDRESS_VALIDITY_PERIOD GNUNET_TIME_UNIT_HOURS
77 
78 #define WORKING_QUEUE_INTERVALL \
79  GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MICROSECONDS,1)
80 
84 #define AES_KEY_SIZE (256 / 8)
85 
89 #define AES_IV_SIZE (96 / 8)
90 
94 #define GCM_TAG_SIZE (128 / 8)
95 
96 #define GENERATE_AT_ONCE 2
97 
107 #define KCN_THRESHOLD 92
108 
115 #define KCN_TARGET 128
116 
126 #define MAX_SQN_DELTA 160
127 
137 #define MAX_SECRETS 128000
138 
143 #define DEFAULT_REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
144 
149 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
150 
154 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
155 
157 
158 
165 {
170 
175 
180 
185 
191 };
192 
193 
198 struct InitialKX
199 {
204 
209  char gcm_tag[GCM_TAG_SIZE];
210 
214  int rekeying;
215 };
216 
217 
223 {
228 
232  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
233 
238  struct GNUNET_TIME_AbsoluteNBO monotonic_time;
239 
240  /* followed by messages */
241 
242  /* padding may follow actual messages */
243 };
244 
245 
250 struct UDPAck
251 {
255  struct GNUNET_MessageHeader header;
256 
261  uint32_t sequence_max GNUNET_PACKED;
262 
267  uint32_t acks_available GNUNET_PACKED;
268 
272  struct GNUNET_HashCode cmac;
273 };
274 
275 
285 {
290 
295 
299  struct GNUNET_HashCode h_address;
300 };
301 
302 
310 {
315 
320  struct GNUNET_CRYPTO_EddsaSignature sender_sig;
321 };
322 
323 
328 struct UDPBox
329 {
338 
346  char gcm_tag[GCM_TAG_SIZE];
347 
351  int rekeying;
352 };
353 
358 struct UDPRekey
359 {
368 
376  char gcm_tag[GCM_TAG_SIZE];
377 
382 };
383 
385 
389 struct SharedSecret;
390 
391 
397 {
402 
407 
416 
420  struct SharedSecret *ss;
421 
425  uint32_t sequence_number;
426 };
427 
428 
433 struct SenderAddress;
434 
439 struct ReceiverAddress;
440 
445 {
450 
455 
460 
465 
470 
475 
479  struct GNUNET_HashCode master;
480 
484  struct GNUNET_HashCode cmac;
485 
490  uint32_t sequence_used;
491 
498 
502  unsigned int active_kce_count;
503 };
504 
505 
511 {
516 
520  int rekeying;
521 
525  struct GNUNET_PeerIdentity target;
526 
531 
536 
541 
545  struct sockaddr *address;
546 
550  socklen_t address_len;
551 
556 
560  unsigned int num_secrets;
561 
566  unsigned int acks_available;
567 
572 
577 
578 
583 
588 
593 };
594 
595 
601 {
602 
607 
611  unsigned int rekey_acks_available;
612 
617 
621  struct GNUNET_TIME_Absolute rekey_timeout;
622 
626  int rekeying;
627 
632 
636  struct GNUNET_PeerIdentity target;
637 
642 
647 
653 
657  struct sockaddr *address;
658 
662  socklen_t address_len;
663 
668 
673 
678 
683 
688 
693 
697  size_t kx_mtu;
698 
702  size_t d_mtu;
703 
707  unsigned int num_secrets;
708 
713  unsigned int acks_available;
714 
719 
724 };
725 
730 {
735 
740 
745 
749  struct sockaddr *sa;
750 
754  struct sockaddr *ba;
755 
759  struct UDPBroadcast bcm;
760 
765  struct ipv6_mreq mcreq;
766 
770  socklen_t salen;
771 
775  int found;
776 };
777 
782 
786 static unsigned long long rekey_max_bytes;
791 
796 
801 
806 
811 
816 
821 
826 
831 
836 
841 
846 
851 
856 
860 static int have_v6_socket;
861 
866 
871 
875 static const struct GNUNET_CONFIGURATION_Handle *cfg;
876 
881 
886 
890 static struct GNUNET_NAT_Handle *nat;
891 
895 static uint16_t my_port;
896 
897 
903 static void
905 {
906  if (AF_INET6 == bi->sa->sa_family)
907  {
908  /* Leave the multicast group */
910  IPPROTO_IPV6,
911  IPV6_LEAVE_GROUP,
912  &bi->mcreq,
913  sizeof(bi->mcreq)))
914  {
916  }
917  }
918  GNUNET_CONTAINER_DLL_remove (bi_head, bi_tail, bi);
920  GNUNET_free (bi->sa);
921  GNUNET_free (bi->ba);
922  GNUNET_free (bi);
923 }
924 
925 
931 static void
933 {
934 
936 
938  "Disconnecting receiver for peer `%s'\n",
939  GNUNET_i2s (&receiver->target));
940  /*if (NULL != (mq = receiver->kx_mq))
941  {
942  receiver->kx_mq = NULL;
943  GNUNET_MQ_destroy (mq);
944  }*/
945  if (NULL != receiver->kx_qh)
946  {
948  receiver->kx_qh = NULL;
949  receiver->kx_mq = NULL;
950  }
951  /*if (NULL != (mq = receiver->d_mq))
952  {
953  receiver->d_mq = NULL;
954  GNUNET_MQ_destroy (mq);
955  }*/
956  if (NULL != receiver->d_qh)
957  {
959  receiver->d_qh = NULL;
960  }
963  &receiver->target,
964  receiver));
965  GNUNET_assert (receiver == GNUNET_CONTAINER_heap_remove_node (receiver->hn));
966  GNUNET_STATISTICS_set (stats,
967  "# receivers active",
969  GNUNET_NO);
970  GNUNET_free (receiver->address);
971  GNUNET_free (receiver->foreign_addr);
972  GNUNET_free (receiver);
973 }
974 
975 
981 static void
983 {
984  struct SharedSecret *ss = kce->ss;
985 
986  ss->active_kce_count--;
987  ss->sender->acks_available--;
990  &kce->kid,
991  kce));
992  GNUNET_free (kce);
993 }
994 
995 
1003 static void
1004 get_kid (const struct GNUNET_HashCode *msec,
1005  uint32_t serial,
1006  struct GNUNET_ShortHashCode *kid)
1007 {
1008  uint32_t sid = htonl (serial);
1009 
1010  GNUNET_CRYPTO_hkdf (kid,
1011  sizeof(*kid),
1012  GCRY_MD_SHA512,
1013  GCRY_MD_SHA256,
1014  &sid,
1015  sizeof(sid),
1016  msec,
1017  sizeof(*msec),
1018  "UDP-KID",
1019  strlen ("UDP-KID"),
1020  NULL,
1021  0);
1022 }
1023 
1024 
1031 static void
1032 kce_generate (struct SharedSecret *ss, uint32_t seq)
1033 {
1034  struct KeyCacheEntry *kce;
1035 
1036  GNUNET_assert (0 < seq);
1037  kce = GNUNET_new (struct KeyCacheEntry);
1038  kce->ss = ss;
1039  kce->sequence_number = seq;
1040  get_kid (&ss->master, seq, &kce->kid);
1042  ss->active_kce_count++;
1043  ss->sender->acks_available++;
1045  key_cache,
1046  &kce->kid,
1047  kce,
1049  GNUNET_STATISTICS_set (stats,
1050  "# KIDs active",
1052  GNUNET_NO);
1053 }
1054 
1055 
1062 static int
1063 secret_destroy (struct SharedSecret *ss, int withoutKce)
1064 {
1065  struct SenderAddress *sender;
1066  struct ReceiverAddress *receiver;
1067  struct KeyCacheEntry *kce;
1068 
1069  if (withoutKce && (ss->sequence_allowed > 0))
1070  return GNUNET_NO;
1071 
1073  "secret %s destroy %u %u\n",
1074  GNUNET_h2s (&ss->master),
1075  withoutKce,
1076  ss->sequence_allowed);
1077  if (NULL != (sender = ss->sender))
1078  {
1079  GNUNET_CONTAINER_DLL_remove (sender->ss_head, sender->ss_tail, ss);
1080  sender->num_secrets--;
1081  }
1082  if (NULL != (receiver = ss->receiver))
1083  {
1084  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1085  receiver->num_secrets--;
1086  // Uncomment this for alternativ 1 of backchannel functionality
1087  receiver->acks_available -= (ss->sequence_allowed - ss->sequence_used);
1089  "%u receiver->acks_available 3\n",
1090  receiver->acks_available);
1091  // Until here for alternativ 1
1092  }
1093  while (NULL != (kce = ss->kce_head))
1094  kce_destroy (kce);
1095  GNUNET_STATISTICS_update (stats, "# Secrets active", -1, GNUNET_NO);
1096  GNUNET_STATISTICS_set (stats,
1097  "# KIDs active",
1099  GNUNET_NO);
1100  GNUNET_free (ss);
1101  return GNUNET_YES;
1102 }
1103 
1104 
1111 static void
1113 {
1115  GNUNET_assert (
1116  GNUNET_YES ==
1117  GNUNET_CONTAINER_multipeermap_remove (senders, &sender->target, sender));
1118  GNUNET_assert (sender == GNUNET_CONTAINER_heap_remove_node (sender->hn));
1119  GNUNET_STATISTICS_set (stats,
1120  "# senders active",
1122  GNUNET_NO);
1123  GNUNET_free (sender->address);
1124  GNUNET_free (sender);
1125 }
1126 
1127 
1136 static void
1137 get_iv_key (const struct GNUNET_HashCode *msec,
1138  uint32_t serial,
1139  char key[AES_KEY_SIZE],
1140  char iv[AES_IV_SIZE])
1141 {
1142  uint32_t sid = htonl (serial);
1143  char res[AES_KEY_SIZE + AES_IV_SIZE];
1144 
1145  GNUNET_CRYPTO_hkdf (res,
1146  sizeof(res),
1147  GCRY_MD_SHA512,
1148  GCRY_MD_SHA256,
1149  &sid,
1150  sizeof(sid),
1151  msec,
1152  sizeof(*msec),
1153  "UDP-IV-KEY",
1154  strlen ("UDP-IV-KEY"),
1155  NULL,
1156  0);
1157  memcpy (key, res, AES_KEY_SIZE);
1158  memcpy (iv, &res[AES_KEY_SIZE], AES_IV_SIZE);
1159 }
1160 
1161 
1167 static void
1169 {
1170  sender->timeout =
1173 }
1174 
1175 
1181 static void
1183 {
1184  receiver->timeout =
1187  receiver->timeout.abs_value_us);
1188 }
1189 
1190 
1196 static void
1197 check_timeouts (void *cls)
1198 {
1199  struct GNUNET_TIME_Relative st;
1200  struct GNUNET_TIME_Relative rt;
1201  struct GNUNET_TIME_Relative delay;
1202  struct ReceiverAddress *receiver;
1203  struct SenderAddress *sender;
1204 
1205  (void) cls;
1206  timeout_task = NULL;
1208  while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
1209  {
1210  /* if (GNUNET_YES != receiver->receiver_destroy_called) */
1211  /* { */
1213  if (0 != rt.rel_value_us)
1214  break;
1216  "Receiver timed out\n");
1217  receiver_destroy (receiver);
1218  // }
1219  }
1221  while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
1222  {
1223  if (GNUNET_YES != sender->sender_destroy_called)
1224  {
1226  if (0 != st.rel_value_us)
1227  break;
1228  sender_destroy (sender);
1229  }
1230  }
1231  delay = GNUNET_TIME_relative_min (rt, st);
1232  if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
1233  timeout_task = GNUNET_SCHEDULER_add_delayed (delay, &check_timeouts, NULL);
1234 }
1235 
1236 
1242 static void
1244 {
1245  GNUNET_CRYPTO_hkdf (&ss->cmac,
1246  sizeof(ss->cmac),
1247  GCRY_MD_SHA512,
1248  GCRY_MD_SHA256,
1249  "CMAC",
1250  strlen ("CMAC"),
1251  &ss->master,
1252  sizeof(ss->master),
1253  "UDP-CMAC",
1254  strlen ("UDP-CMAC"),
1255  NULL,
1256  0);
1257 }
1258 
1259 
1268 static void
1270  const void *plaintext,
1271  size_t plaintext_len)
1272 {
1273  const struct GNUNET_MessageHeader *hdr = plaintext;
1274  const char *pos = plaintext;
1275 
1276  while (ntohs (hdr->size) < plaintext_len)
1277  {
1278  GNUNET_STATISTICS_update (stats,
1279  "# bytes given to core",
1280  ntohs (hdr->size),
1281  GNUNET_NO);
1283  "Giving %u bytes to TNG\n", ntohs (hdr->size));
1286  &sender->target,
1287  hdr,
1289  NULL /* no flow control possible */
1290  ,
1291  NULL));
1292  /* move on to next message, if any */
1293  plaintext_len -= ntohs (hdr->size);
1294  if (plaintext_len < sizeof(*hdr))
1295  break;
1296  pos += ntohs (hdr->size);
1297  hdr = (const struct GNUNET_MessageHeader *) pos;
1298  // TODO for now..., we do not actually sen >1msg or have a way of telling
1299  // if we are done
1300  break;
1301  }
1302  GNUNET_STATISTICS_update (stats,
1303  "# bytes padding discarded",
1304  plaintext_len,
1305  GNUNET_NO);
1306 }
1307 
1308 
1317 static void
1318 setup_cipher (const struct GNUNET_HashCode *msec,
1319  uint32_t serial,
1320  gcry_cipher_hd_t *cipher)
1321 {
1322  char key[AES_KEY_SIZE];
1323  char iv[AES_IV_SIZE];
1324  int rc;
1325 
1326  GNUNET_assert (0 ==
1327  gcry_cipher_open (cipher,
1328  GCRY_CIPHER_AES256 /* low level: go for speed */,
1329  GCRY_CIPHER_MODE_GCM,
1330  0 /* flags */));
1331  get_iv_key (msec, serial, key, iv);
1332  rc = gcry_cipher_setkey (*cipher, key, sizeof(key));
1333  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1334  rc = gcry_cipher_setiv (*cipher, iv, sizeof(iv));
1335  GNUNET_assert ((0 == rc) || ((char) rc == GPG_ERR_WEAK_KEY));
1336 }
1337 
1338 
1351 static int
1352 try_decrypt (const struct SharedSecret *ss,
1353  const char tag[GCM_TAG_SIZE],
1354  uint32_t serial,
1355  const char *in_buf,
1356  size_t in_buf_size,
1357  char *out_buf)
1358 {
1359  gcry_cipher_hd_t cipher;
1360 
1361  setup_cipher (&ss->master, serial, &cipher);
1362  GNUNET_assert (
1363  0 ==
1364  gcry_cipher_decrypt (cipher, out_buf, in_buf_size, in_buf, in_buf_size));
1365  if (0 != gcry_cipher_checktag (cipher, tag, GCM_TAG_SIZE))
1366  {
1367  gcry_cipher_close (cipher);
1368  GNUNET_STATISTICS_update (stats,
1369  "# AEAD authentication failures",
1370  1,
1371  GNUNET_NO);
1372  return GNUNET_SYSERR;
1373  }
1374  gcry_cipher_close (cipher);
1375  return GNUNET_OK;
1376 }
1377 
1378 
1385 static struct SharedSecret *
1387 {
1388  struct SharedSecret *ss;
1389 
1390  ss = GNUNET_new (struct SharedSecret);
1391  GNUNET_CRYPTO_eddsa_ecdh (my_private_key, ephemeral, &ss->master);
1392  return ss;
1393 }
1394 
1395 
1403 static struct SharedSecret *
1405  struct ReceiverAddress *receiver, int add_to_receiver)
1406 {
1407  struct SharedSecret *ss;
1408 
1409  ss = GNUNET_new (struct SharedSecret);
1410  GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1411  &receiver->target.public_key,
1412  &ss->master);
1413  calculate_cmac (ss);
1414  ss->receiver = receiver;
1415  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1416  receiver->num_secrets++;
1417  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
1418  return ss;
1419 }
1420 
1421 
1429 static void
1431 
1438 static void
1439 destroy_all_secrets (struct SharedSecret *ss, int withoutKce)
1440 {
1441  struct SenderAddress *sender;
1442  struct ReceiverAddress *receiver;
1443  struct SharedSecret *ss_to_destroy;
1444  struct SharedSecret *ss_start;
1445  struct SharedSecret *pos;
1446  int at_least_one_destroyed = GNUNET_NO;
1447 
1449  "Starting destroy all withoutKce: %u.\n",
1450  withoutKce);
1451 
1452  if (NULL != (sender = ss->sender))
1453  {
1454  ss_start = sender->ss_head;
1455  }
1456  else if (NULL != (receiver = ss->receiver))
1457  {
1458  ss_start = receiver->ss_head;
1459  }
1460  else
1461  {
1463  "Shared secret has no sender or receiver!\n");
1464  return;
1465  }
1466 
1467  pos = ss_start;
1468  while (NULL != pos)
1469  {
1470  ss_to_destroy = pos;
1471  pos = pos->next;
1472 
1473  if (ss != ss_to_destroy)
1474  at_least_one_destroyed = secret_destroy (ss_to_destroy, withoutKce);
1475  }
1476 
1477  if ((ss != ss_start) && ! at_least_one_destroyed)
1478  {
1480  "Really destroying all.\n");
1481  destroy_all_secrets (ss_start, GNUNET_NO);
1482  }
1483 
1485  "Finished destroy all.\n");
1486 }
1487 
1488 
1489 static void
1490 add_acks (struct SharedSecret *ss, int acks_to_add)
1491 {
1492 
1493  struct ReceiverAddress *receiver = ss->receiver;
1494 
1495  GNUNET_assert (NULL != ss);
1496  GNUNET_assert (NULL != receiver);
1497  GNUNET_assert (NULL != receiver->d_qh);
1498 
1500  "Tell transport we have %u more acks!\n",
1501  acks_to_add);
1503  "%u kce for rekeying.\n",
1504  receiver->number_rekeying_kce);
1506  receiver->d_qh,
1507  acks_to_add,
1508  1);
1509  // Until here for alternativ 1
1510 
1511  /* move ss to head to avoid discarding it anytime soon! */
1512 
1513  GNUNET_CONTAINER_DLL_remove (receiver->ss_head, receiver->ss_tail, ss);
1514  GNUNET_CONTAINER_DLL_insert (receiver->ss_head, receiver->ss_tail, ss);
1516 }
1517 
1518 
1519 static uint32_t
1521  uint32_t acks_to_add)
1522 {
1523  int needed_for_rekeying;
1524 
1526  "%u kce for rekeying and %u acks_to_add\n",
1527  receiver->number_rekeying_kce,
1528  acks_to_add);
1529 
1530  needed_for_rekeying = (3 - receiver->number_rekeying_kce);
1531  if (acks_to_add <= needed_for_rekeying)
1532  {
1533  receiver->number_rekeying_kce += acks_to_add;
1534  acks_to_add = 0;
1535  }
1536  else
1537  {
1538  acks_to_add -= (3 - receiver->number_rekeying_kce);
1539  receiver->number_rekeying_kce = 3;
1540  }
1541 
1543  "%u kce for rekeying and %u acks_to_add\n",
1544  receiver->number_rekeying_kce,
1545  acks_to_add);
1546  return acks_to_add;
1547 }
1548 
1549 
1550 static void
1552 {
1553  uint32_t acks_to_add = receiver->ss_rekey->sequence_allowed;
1554 
1555  if (receiver->number_rekeying_kce < 3)
1556  acks_to_add = reset_rekey_kces (receiver, acks_to_add);
1557  receiver->acks_available = receiver->ss_rekey->sequence_allowed;
1559  "%u receiver->acks_available 4\n",
1560  receiver->acks_available);
1561  /* add_acks (receiver->ss_rekey, acks_to_add - 3); */
1562  if (0 != acks_to_add)
1563  {
1564  add_acks (receiver->ss_rekey, acks_to_add);
1565  }
1566  receiver->ss_rekey = NULL;
1568  "# rekeying successful\n");
1569  GNUNET_STATISTICS_update (stats,
1570  "# rekeying successful",
1571  1,
1572  GNUNET_NO);
1573 }
1574 
1575 
1586 static int
1587 handle_ack (void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
1588 {
1589  const struct UDPAck *ack = cls;
1590  struct ReceiverAddress *receiver = value;
1591  uint32_t acks_to_add;
1592  uint32_t allowed;
1593  // int needed_for_rekeying;
1594 
1596  "in handle ack with cmac %s\n",
1597  GNUNET_h2s (&ack->cmac));
1598 
1599  if (NULL != receiver->ss_rekey)
1601  "We have rekey secret with cmac %s \n",
1602  GNUNET_h2s (&receiver->ss_rekey->cmac));
1603 
1604  if ((NULL != receiver->ss_rekey) && (0 == memcmp (&ack->cmac,
1605  &receiver->ss_rekey->cmac,
1606  sizeof(struct
1607  GNUNET_HashCode))) )
1608  {
1609  allowed = ntohl (ack->sequence_max);
1610 
1611  if (allowed > receiver->ss_rekey->sequence_allowed)
1612  {
1614  "%u > %u (%u %u) for rekey secrect %s\n", allowed,
1615  receiver->ss_rekey->sequence_allowed,
1616  receiver->acks_available,
1617  ack->acks_available,
1618  GNUNET_h2s (&receiver->ss_rekey->master));
1619 
1620  receiver->ss_rekey->sequence_allowed = allowed;
1621 
1622  if (GNUNET_NO == receiver->rekeying)
1623  add_acks_rekey (receiver);
1624 
1625  return GNUNET_NO;
1626  }
1627  }
1628 
1629  (void) pid;
1630  for (struct SharedSecret *ss = receiver->ss_head; NULL != ss; ss = ss->next)
1631  {
1632  if (0 == memcmp (&ack->cmac, &ss->cmac, sizeof(struct GNUNET_HashCode)))
1633  {
1634 
1636  "Found matching mac\n");
1637 
1638  allowed = ntohl (ack->sequence_max);
1639 
1640  if (allowed > ss->sequence_allowed)
1641  {
1643  "%u > %u (%u %u) for secrect %s\n", allowed,
1644  ss->sequence_allowed,
1645  receiver->acks_available,
1646  ack->acks_available,
1647  GNUNET_h2s (&ss->master));
1648  // Uncomment this for alternativ 1 of backchannel functionality
1649  acks_to_add = (allowed - ss->sequence_allowed);
1650  if ((GNUNET_NO == receiver->rekeying) &&
1651  (receiver->number_rekeying_kce < 3) )
1652  acks_to_add = reset_rekey_kces (receiver, acks_to_add);
1653  /* if ((GNUNET_NO == receiver->rekeying) && */
1654  /* (receiver->number_rekeying_kce < */
1655  /* 3) ) */
1656  /* { */
1657  /* needed_for_rekeying = (3 - receiver->number_rekeying_kce); */
1658  /* if (acks_to_add <= needed_for_rekeying) */
1659  /* { */
1660  /* receiver->number_rekeying_kce += acks_to_add; */
1661  /* acks_to_add = 0; */
1662  /* } */
1663  /* else */
1664  /* { */
1665  /* acks_to_add -= (3 - receiver->number_rekeying_kce); */
1666  /* receiver->number_rekeying_kce = 3; */
1667  /* } */
1668  /* } */
1669  /* GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, */
1670  /* "%u kce for rekeying\n", */
1671  /* receiver->number_rekeying_kce); */
1672 
1673  if ((0 != acks_to_add) && (GNUNET_NO == receiver->rekeying))
1674  {
1675  receiver->acks_available += (allowed - ss->sequence_allowed);
1676  ss->sequence_allowed = allowed;
1678  "%u receiver->acks_available 5\n",
1679  receiver->acks_available);
1680  add_acks (ss, acks_to_add);
1681  }
1682  }
1683  return GNUNET_NO;
1684  }
1685  }
1686  return GNUNET_YES;
1687 }
1688 
1689 
1698 static void
1700  const void *buf,
1701  size_t buf_size)
1702 {
1703  const struct GNUNET_MessageHeader *hdr =
1704  (const struct GNUNET_MessageHeader *) buf;
1705  const struct UDPAck *ack = (const struct UDPAck *) buf;
1706  uint16_t type;
1707 
1708  if (sizeof(*hdr) > buf_size)
1709  return; /* not even a header */
1710  if (ntohs (hdr->size) > buf_size)
1711  return; /* not even a header */
1712  type = ntohs (hdr->type);
1713  switch (type)
1714  {
1716  /* lookup master secret by 'cmac', then update sequence_max */
1718  &sender->target,
1719  &handle_ack,
1720  (void *) ack);
1721  /* There could be more messages after the ACK, handle those as well */
1722  buf += ntohs (hdr->size);
1723  buf_size -= ntohs (hdr->size);
1724  pass_plaintext_to_core (sender, buf, buf_size);
1725  break;
1726 
1728  /* skip padding */
1729  break;
1730 
1731  default:
1732  pass_plaintext_to_core (sender, buf, buf_size);
1733  }
1734 }
1735 
1736 
1737 static void
1738 kce_generate_cb (void *cls)
1739 {
1740  struct SharedSecret *ss = cls;
1741 
1742  ss->sender->kce_task = NULL;
1743 
1744  if (((GNUNET_NO == ss->sender->rekeying) && (ss->sender->acks_available <
1745  KCN_TARGET) ) ||
1746  ((ss->sender->ss_rekey == ss) && (GNUNET_YES == ss->sender->rekeying) &&
1747  (ss->sender->acks_available < 128)))
1748  {
1749 
1751  "Precomputing keys for master %s\n",
1752  GNUNET_h2s (&(ss->master)));
1753 
1754  for (int i = 0; i < GENERATE_AT_ONCE; i++)
1755  kce_generate (ss, ++ss->sequence_allowed);
1756 
1760  ss);
1761  }
1762  else
1763  {
1765  "We have enough keys.\n");
1766  ss_finished = ss;
1768  }
1769 
1770 
1771 }
1772 
1773 
1774 static void
1776 {
1777  struct SharedSecret *ss = cls;
1778 
1779  ss->sender->kce_task_rekey = NULL;
1780 
1781  if (NULL == ss->sender->kce_task)
1782  {
1783 
1785  "Precomputing keys for rekey master %s\n",
1786  GNUNET_h2s (&(ss->master)));
1787 
1788  for (int i = 0; i < GENERATE_AT_ONCE; i++)
1789  kce_generate (ss, ++ss->sequence_allowed);
1790 
1794  ss);
1795  ss->sender->kce_task_rekey = NULL;
1796  }
1797  else
1798  {
1802  ss);
1803  }
1804 }
1805 
1806 
1816 static void
1817 consider_ss_ack (struct SharedSecret *ss, int initial)
1818 {
1819  struct GNUNET_SCHEDULER_Task *kce_task_rekey;
1820  struct GNUNET_SCHEDULER_Task *kce_task;
1821  int kce_task_finished;
1822 
1823  kce_task_rekey = ss->sender->kce_task_rekey;
1824  kce_task_finished = ss->sender->kce_task_finished;
1825  kce_task = ss->sender->kce_task;
1826 
1827  GNUNET_assert (NULL != ss->sender);
1829  "Considering SS UDPAck %s\n",
1830  GNUNET_i2s_full (&ss->sender->target));
1831 
1833  "We have %u acks available.\n",
1834  ss->sender->acks_available);
1835  /* drop ancient KeyCacheEntries */
1836  while ((NULL != ss->kce_head) &&
1837  (MAX_SQN_DELTA <
1839  kce_destroy (ss->kce_tail);
1840 
1841 
1842  if (GNUNET_NO == initial)
1843  kce_generate (ss, ++ss->sequence_allowed);
1844 
1845  /*if (0 == ss->sender->acks_available)
1846  {
1847  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1848  "Generating keys\n");
1849  while (ss->active_kce_count < KCN_TARGET)
1850  kce_generate (ss, ++ss->sequence_allowed);
1851  }*/
1852 
1853  if (((NULL != kce_task) && kce_task_finished) || (GNUNET_NO == initial))
1854  {
1855  struct UDPAck ack;
1856  struct SharedSecret *ss_tell;
1857 
1858  if (GNUNET_NO != initial)
1859  ss_tell = ss_finished;
1860  else
1861  ss_tell = ss;
1862 
1864  ack.header.size = htons (sizeof(ack));
1865  ack.sequence_max = htonl (ss_tell->sequence_allowed);
1867  ack.cmac = ss_tell->cmac;
1869  "Notifying transport of UDPAck %s with initial %u and master %s\n",
1870  GNUNET_i2s_full (&ss_tell->sender->target),
1871  initial,
1872  GNUNET_h2s (&(ss_tell->master)));
1874  &ss_tell->sender->target,
1876  &ack.header);
1877  if (GNUNET_NO != initial)
1878  {
1880  kce_task = NULL;
1881  kce_task_finished = GNUNET_NO;
1882  }
1883  }
1884  else if ((NULL == kce_task) && ((KCN_THRESHOLD >
1885  ss->sender->acks_available) ||
1886  (GNUNET_YES == ss->sender->rekeying) ||
1887  (ss->sender->num_secrets > MAX_SECRETS) ))
1888  {
1889 
1890  // kce_generate (ss, ++ss->sequence_allowed);
1891  // kce_generate (ss, ++ss->sequence_allowed);
1892  // TODO This task must be per sender!
1895  ss);
1896  kce_task_finished = GNUNET_NO;
1897 
1898  }
1899  else if ((NULL == kce_task_rekey) && (GNUNET_YES ==
1900  ss->sender->rekeying) )
1901  {
1904  ss);
1905  }
1906 }
1907 
1908 
1916 static void
1917 decrypt_box (const struct UDPBox *box,
1918  size_t box_len,
1919  struct KeyCacheEntry *kce)
1920 {
1921  struct SharedSecret *ss = kce->ss;
1922  char out_buf[box_len - sizeof(*box)];
1923 
1924  GNUNET_assert (NULL != ss->sender);
1925  if (GNUNET_OK != try_decrypt (ss,
1926  box->gcm_tag,
1927  kce->sequence_number,
1928  (const char *) &box[1],
1929  sizeof(out_buf),
1930  out_buf))
1931  {
1932  GNUNET_STATISTICS_update (stats,
1933  "# Decryption failures with valid KCE",
1934  1,
1935  GNUNET_NO);
1936  kce_destroy (kce);
1937  return;
1938  }
1939  kce_destroy (kce);
1940  GNUNET_STATISTICS_update (stats,
1941  "# bytes decrypted with BOX",
1942  sizeof(out_buf),
1943  GNUNET_NO);
1944  GNUNET_STATISTICS_update (stats,
1945  "# messages decrypted with BOX",
1946  1,
1947  GNUNET_NO);
1949  "decrypted UDPBox with kid %s\n",
1950  GNUNET_sh2s (&box->kid));
1951  try_handle_plaintext (ss->sender, out_buf, sizeof(out_buf));
1952  if ((GNUNET_NO == box->rekeying) && (GNUNET_YES == ss->sender->rekeying))
1953  {
1954  ss->sender->rekeying = GNUNET_NO;
1955  ss->sender->ss_rekey = NULL;
1956  // destroy_all_secrets (ss, GNUNET_NO);
1958  "Receiver stopped rekeying.\n");
1959  }
1960  else if (GNUNET_NO == box->rekeying)
1961  consider_ss_ack (ss, GNUNET_NO);
1962  else
1963  {
1964  ss->sender->rekeying = GNUNET_YES;
1966  "Got Box: Receiver doing rekeying.\n");
1967  }
1968 }
1969 
1970 
1978 static void
1979 decrypt_rekey (const struct UDPRekey *rekey,
1980  size_t rekey_len,
1981  struct KeyCacheEntry *kce,
1982  struct SenderAddress *sender)
1983 {
1984  struct SharedSecret *ss = kce->ss;
1985  struct SharedSecret *ss_rekey;
1986  char out_buf[rekey_len - sizeof(*rekey)];
1987  struct GNUNET_HashCode *master;
1988 
1989 
1991  "decrypt_rekey.\n");
1992 
1993  GNUNET_assert (NULL != ss->sender);
1994  if (GNUNET_OK != try_decrypt (ss,
1995  rekey->gcm_tag,
1996  kce->sequence_number,
1997  (const char *) &rekey[1],
1998  sizeof(out_buf),
1999  out_buf))
2000  {
2001  GNUNET_STATISTICS_update (stats,
2002  "# Decryption failures with valid KCE",
2003  1,
2004  GNUNET_NO);
2006  "Decryption with kid %s failed\n",
2007  GNUNET_sh2s (&rekey->kid));
2008  kce_destroy (kce);
2009  return;
2010  }
2011  kce_destroy (kce);
2012  GNUNET_STATISTICS_update (stats,
2013  "# bytes decrypted with Rekey",
2014  sizeof(out_buf),
2015  GNUNET_NO);
2017  "decrypted UDPRekey with kid %s\n",
2018  GNUNET_sh2s (&rekey->kid));
2019  /*cmac = (struct GNUNET_HashCode *) out_buf;
2020  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2021  "Received secret with cmac %s \n",
2022  GNUNET_h2s (&cmac));*/
2023  // ss_rekey = (struct SharedSecret *) out_buf;
2024  master = (struct GNUNET_HashCode *) out_buf;
2025  ss_rekey = GNUNET_new (struct SharedSecret);
2026  ss_rekey->master = *master;
2027  calculate_cmac (ss_rekey);
2028  ss_rekey->sender = sender;
2029  // ss_rekey->sequence_used = 0;
2030  // ss_rekey->sequence_allowed = 0;
2031  /* ss_rekey->active_kce_count = 0; */
2032  /* ss_rekey->prev = NULL; */
2033  /* ss_rekey->next = NULL; */
2034  /* GNUNET_assert (ss_rekey->prev == NULL && sender->ss_head != ss_rekey); */
2035  /* GNUNET_assert (ss_rekey->next == NULL && sender->ss_tail != ss_rekey); */
2036  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss_rekey);
2037  sender->ss_rekey = ss_rekey;
2038  sender->num_secrets++;
2040  "Received secret with cmac %s\n",
2041  GNUNET_h2s (&(ss_rekey->cmac)));
2043  "Received secret with master %s.\n",
2044  GNUNET_h2s (&(ss_rekey->master)));
2046  "We have %u sequence_allowed.\n",
2047  ss_rekey->sequence_allowed);
2049  "We have a sender %p\n",
2050  ss_rekey->sender);
2052  "We have %u acks available.\n",
2053  ss_rekey->sender->acks_available);
2054  consider_ss_ack (ss_rekey, GNUNET_YES);
2055 
2056 }
2057 
2058 
2062 struct SearchContext
2063 {
2067  const struct sockaddr *address;
2068 
2072  socklen_t address_len;
2073 
2078 };
2079 
2080 
2089 static int
2091  const struct GNUNET_PeerIdentity *key,
2092  void *value)
2093 {
2094  struct SearchContext *sc = cls;
2095  struct SenderAddress *sender = value;
2096 
2097  if ((sender->address_len == sc->address_len) &&
2098  (0 == memcmp (sender->address, sc->address, sender->address_len)))
2099  {
2100  sc->sender = sender;
2101  return GNUNET_NO; /* stop iterating! */
2102  }
2103  return GNUNET_YES;
2104 }
2105 
2106 
2118 static struct SenderAddress *
2120  const struct sockaddr *address,
2121  socklen_t address_len)
2122 {
2123  struct SenderAddress *sender;
2124  struct SearchContext sc = { .address = address,
2125  .address_len = address_len,
2126  .sender = NULL };
2127 
2129  target,
2131  &sc);
2132  if (NULL != sc.sender)
2133  {
2135  return sc.sender;
2136  }
2137  sender = GNUNET_new (struct SenderAddress);
2138  sender->target = *target;
2139  sender->address = GNUNET_memdup (address, address_len);
2140  sender->address_len = address_len;
2142  senders,
2143  &sender->target,
2144  sender,
2146  GNUNET_STATISTICS_set (stats,
2147  "# senders active",
2149  GNUNET_NO);
2150  sender->timeout =
2152  sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
2153  sender,
2154  sender->timeout.abs_value_us);
2155  sender->nt = GNUNET_NT_scanner_get_type (is, address, address_len);
2156  if (NULL == timeout_task)
2157  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
2158  return sender;
2159 }
2160 
2161 
2169 static int
2171  const struct UDPConfirmation *uc)
2172 {
2173  struct UdpHandshakeSignature uhs;
2174 
2176  uhs.purpose.size = htonl (sizeof(uhs));
2177  uhs.sender = uc->sender;
2178  uhs.receiver = my_identity;
2179  uhs.ephemeral = *ephemeral;
2180  uhs.monotonic_time = uc->monotonic_time;
2183  &uhs,
2184  &uc->sender_sig,
2185  &uc->sender.public_key);
2186 }
2187 
2188 
2197 static char *
2198 sockaddr_to_udpaddr_string (const struct sockaddr *address,
2199  socklen_t address_len)
2200 {
2201  char *ret;
2202 
2203  switch (address->sa_family)
2204  {
2205  case AF_INET:
2206  GNUNET_asprintf (&ret,
2207  "%s-%s",
2209  GNUNET_a2s (address, address_len));
2210  break;
2211 
2212  case AF_INET6:
2213  GNUNET_asprintf (&ret,
2214  "%s-%s",
2216  GNUNET_a2s (address, address_len));
2217  break;
2218 
2219  default:
2220  GNUNET_assert (0);
2221  }
2222  return ret;
2223 }
2224 
2225 
2231 static void
2232 sock_read (void *cls)
2233 {
2234  struct sockaddr_storage sa;
2235  socklen_t salen = sizeof(sa);
2236  char buf[UINT16_MAX];
2237  ssize_t rcvd;
2238 
2239  (void) cls;
2241  udp_sock,
2242  &sock_read,
2243  NULL);
2244  rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
2245  buf,
2246  sizeof(buf),
2247  (struct sockaddr *) &sa,
2248  &salen);
2249  if (-1 == rcvd)
2250  {
2252  return;
2253  }
2255  "Read %lu bytes\n", rcvd);
2256 
2257  if (rcvd > sizeof(struct UDPRekey))
2258  {
2259  const struct UDPRekey *rekey;
2260  const struct UDPBox *box;
2261  struct KeyCacheEntry *kce;
2262  struct SenderAddress *sender;
2263  int do_decrypt = GNUNET_NO;
2264 
2265  rekey = (const struct UDPRekey *) buf;
2266  box = (const struct UDPBox *) buf;
2267  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &rekey->kid);
2268 
2269  if ((GNUNET_YES == box->rekeying) || (GNUNET_NO == box->rekeying))
2271  "UDPRekey has rekeying %u\n",
2272  box->rekeying);
2273  else
2274  do_decrypt = GNUNET_YES;
2275 
2276  if ((GNUNET_YES == do_decrypt) && (NULL != kce) && (GNUNET_YES ==
2277  kce->ss->sender->
2278  rekeying))
2279  {
2281  "UDPRekey with kid %s\n",
2282  GNUNET_sh2s (&rekey->kid));
2283  sender = setup_sender (&rekey->sender, (const struct sockaddr *) &sa,
2284  salen);
2285 
2286  if (NULL != sender->ss_rekey)
2287  return;
2288 
2289  decrypt_rekey (rekey, (size_t) rcvd, kce, sender);
2290  return;
2291  }
2292  }
2293 
2294  /* first, see if it is a UDPBox */
2295  if (rcvd > sizeof(struct UDPBox))
2296  {
2297  const struct UDPBox *box;
2298  struct KeyCacheEntry *kce;
2299 
2300  box = (const struct UDPBox *) buf;
2301  kce = GNUNET_CONTAINER_multishortmap_get (key_cache, &box->kid);
2302  if (NULL != kce)
2303  {
2304  decrypt_box (box, (size_t) rcvd, kce);
2305  return;
2306  }
2307  }
2308 
2309  /* next, check if it is a broadcast */
2310  if (sizeof(struct UDPBroadcast) == rcvd)
2311  {
2312  const struct UDPBroadcast *ub;
2313  struct UdpBroadcastSignature uhs;
2314 
2315  ub = (const struct UDPBroadcast *) buf;
2317  uhs.purpose.size = htonl (sizeof(uhs));
2318  uhs.sender = ub->sender;
2319  GNUNET_CRYPTO_hash (&sa, salen, &uhs.h_address);
2320  if (GNUNET_OK ==
2322  &uhs,
2323  &ub->sender_sig,
2324  &ub->sender.public_key))
2325  {
2326  char *addr_s;
2327  enum GNUNET_NetworkType nt;
2328 
2329  addr_s =
2330  sockaddr_to_udpaddr_string ((const struct sockaddr *) &sa, salen);
2331  GNUNET_STATISTICS_update (stats, "# broadcasts received", 1, GNUNET_NO);
2332  /* use our own mechanism to determine network type */
2333  nt =
2334  GNUNET_NT_scanner_get_type (is, (const struct sockaddr *) &sa, salen);
2335  GNUNET_TRANSPORT_application_validate (ah, &ub->sender, nt, addr_s);
2336  GNUNET_free (addr_s);
2337  return;
2338  }
2339  /* continue with KX, mostly for statistics... */
2340  }
2341 
2342 
2343  /* finally, test if it is a KX */
2344  if (rcvd < sizeof(struct UDPConfirmation) + sizeof(struct InitialKX))
2345  {
2346  GNUNET_STATISTICS_update (stats,
2347  "# messages dropped (no kid, too small for KX)",
2348  1,
2349  GNUNET_NO);
2350  return;
2351  }
2353  "Got KX\n");
2354  {
2355  const struct InitialKX *kx;
2356  struct SharedSecret *ss;
2357  char pbuf[rcvd - sizeof(struct InitialKX)];
2358  const struct UDPConfirmation *uc;
2359  struct SenderAddress *sender;
2360 
2361  kx = (const struct InitialKX *) buf;
2362  ss = setup_shared_secret_dec (&kx->ephemeral);
2364  "Before DEC\n");
2365 
2366  if (GNUNET_OK != try_decrypt (ss,
2367  kx->gcm_tag,
2368  0,
2369  &buf[sizeof(*kx)],
2370  sizeof(pbuf),
2371  pbuf))
2372  {
2374  "Unable to decrypt tag, dropping...\n");
2375  GNUNET_free (ss);
2377  stats,
2378  "# messages dropped (no kid, AEAD decryption failed)",
2379  1,
2380  GNUNET_NO);
2381  return;
2382  }
2384  "Before VERIFY\n");
2385 
2386  uc = (const struct UDPConfirmation *) pbuf;
2387  if (GNUNET_OK != verify_confirmation (&kx->ephemeral, uc))
2388  {
2389  GNUNET_break_op (0);
2390  GNUNET_free (ss);
2391  GNUNET_STATISTICS_update (stats,
2392  "# messages dropped (sender signature invalid)",
2393  1,
2394  GNUNET_NO);
2395  return;
2396  }
2398  "Before SETUP_SENDER\n");
2399 
2400  calculate_cmac (ss);
2401  sender = setup_sender (&uc->sender, (const struct sockaddr *) &sa, salen);
2402  ss->sender = sender;
2403  GNUNET_CONTAINER_DLL_insert (sender->ss_head, sender->ss_tail, ss);
2404  sender->num_secrets++;
2405  GNUNET_STATISTICS_update (stats, "# Secrets active", 1, GNUNET_NO);
2406  GNUNET_STATISTICS_update (stats,
2407  "# messages decrypted without BOX",
2408  1,
2409  GNUNET_NO);
2410  try_handle_plaintext (sender, &uc[1], sizeof(pbuf) - sizeof(*uc));
2411  if ((GNUNET_NO == kx->rekeying) && (GNUNET_YES == ss->sender->rekeying))
2412  {
2413  ss->sender->rekeying = GNUNET_NO;
2414  sender->ss_rekey = NULL;
2415  // destroy_all_secrets (ss, GNUNET_NO);
2417  "Receiver stopped rekeying.\n");
2418  }
2419  else if (GNUNET_NO == kx->rekeying)
2421  else
2422  {
2423  ss->sender->rekeying = GNUNET_YES;
2425  "Got KX: Receiver doing rekeying.\n");
2426  }
2427  /*if (sender->num_secrets > MAX_SECRETS)
2428  secret_destroy (sender->ss_tail);*/
2429  }
2430 }
2431 
2432 
2440 static struct sockaddr *
2441 udp_address_to_sockaddr (const char *bindto, socklen_t *sock_len)
2442 {
2443  struct sockaddr *in;
2444  unsigned int port;
2445  char dummy[2];
2446  char *colon;
2447  char *cp;
2448 
2449  if (1 == sscanf (bindto, "%u%1s", &port, dummy))
2450  {
2451  /* interpreting value as just a PORT number */
2452  if (port > UINT16_MAX)
2453  {
2455  "BINDTO specification `%s' invalid: value too large for port\n",
2456  bindto);
2457  return NULL;
2458  }
2459  if ((GNUNET_NO == GNUNET_NETWORK_test_pf (PF_INET6)) ||
2460  (GNUNET_YES ==
2463  "DISABLE_V6")))
2464  {
2465  struct sockaddr_in *i4;
2466 
2467  i4 = GNUNET_malloc (sizeof(struct sockaddr_in));
2468  i4->sin_family = AF_INET;
2469  i4->sin_port = htons ((uint16_t) port);
2470  *sock_len = sizeof(struct sockaddr_in);
2471  in = (struct sockaddr *) i4;
2472  }
2473  else
2474  {
2475  struct sockaddr_in6 *i6;
2476 
2477  i6 = GNUNET_malloc (sizeof(struct sockaddr_in6));
2478  i6->sin6_family = AF_INET6;
2479  i6->sin6_port = htons ((uint16_t) port);
2480  *sock_len = sizeof(struct sockaddr_in6);
2481  in = (struct sockaddr *) i6;
2482  }
2483  return in;
2484  }
2485  cp = GNUNET_strdup (bindto);
2486  colon = strrchr (cp, ':');
2487  if (NULL != colon)
2488  {
2489  /* interpret value after colon as port */
2490  *colon = '\0';
2491  colon++;
2492  if (1 == sscanf (colon, "%u%1s", &port, dummy))
2493  {
2494  /* interpreting value as just a PORT number */
2495  if (port > UINT16_MAX)
2496  {
2498  "BINDTO specification `%s' invalid: value too large for port\n",
2499  bindto);
2500  GNUNET_free (cp);
2501  return NULL;
2502  }
2503  }
2504  else
2505  {
2506  GNUNET_log (
2508  "BINDTO specification `%s' invalid: last ':' not followed by number\n",
2509  bindto);
2510  GNUNET_free (cp);
2511  return NULL;
2512  }
2513  }
2514  else
2515  {
2516  /* interpret missing port as 0, aka pick any free one */
2517  port = 0;
2518  }
2519  {
2520  /* try IPv4 */
2521  struct sockaddr_in v4;
2522  if (1 == inet_pton (AF_INET, cp, &v4.sin_addr))
2523  {
2524  v4.sin_family = AF_INET;
2525  v4.sin_port = htons ((uint16_t) port);
2526 #if HAVE_SOCKADDR_IN_SIN_LEN
2527  v4.sin_len = sizeof(struct sockaddr_in);
2528 #endif
2529  in = GNUNET_memdup (&v4, sizeof(struct sockaddr_in));
2530  *sock_len = sizeof(struct sockaddr_in);
2531  GNUNET_free (cp);
2532  return in;
2533  }
2534  }
2535  {
2536  /* try IPv6 */
2537  struct sockaddr_in6 v6;
2538  const char *start;
2539 
2540  start = cp;
2541  if (('[' == *cp) && (']' == cp[strlen (cp) - 1]))
2542  {
2543  start++; /* skip over '[' */
2544  cp[strlen (cp) - 1] = '\0'; /* eat ']' */
2545  }
2546  if (1 == inet_pton (AF_INET6, start, &v6.sin6_addr))
2547  {
2548  v6.sin6_family = AF_INET6;
2549  v6.sin6_port = htons ((uint16_t) port);
2550 #if HAVE_SOCKADDR_IN_SIN_LEN
2551  v6.sin6_len = sizeof(sizeof(struct sockaddr_in6));
2552 #endif
2553  in = GNUNET_memdup (&v6, sizeof(v6));
2554  *sock_len = sizeof(v6);
2555  GNUNET_free (cp);
2556  return in;
2557  }
2558  }
2559  /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
2560  GNUNET_free (cp);
2561  return NULL;
2562 }
2563 
2564 
2572 static void
2573 do_pad (gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
2574 {
2575  char pad[pad_size];
2576 
2578  if (sizeof(pad) > sizeof(struct GNUNET_MessageHeader))
2579  {
2580  struct GNUNET_MessageHeader hdr =
2581  { .size = htons (sizeof(pad)),
2582  .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD) };
2583 
2584  memcpy (pad, &hdr, sizeof(hdr));
2585  }
2586  GNUNET_assert (
2587  0 ==
2588  gcry_cipher_encrypt (out_cipher, dgram, sizeof(pad), pad, sizeof(pad)));
2589 }
2590 
2591 
2600 static void
2602  const struct GNUNET_MessageHeader *msg,
2603  void *impl_state)
2604 {
2605  struct ReceiverAddress *receiver = impl_state;
2606  uint16_t msize = ntohs (msg->size);
2607  struct UdpHandshakeSignature uhs;
2608  struct UDPConfirmation uc;
2609  struct InitialKX kx;
2610  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2611  char dgram[receiver->kx_mtu + sizeof(uc) + sizeof(kx)];
2612  size_t dpos;
2613  gcry_cipher_hd_t out_cipher;
2614  struct SharedSecret *ss;
2615 
2616  GNUNET_assert (mq == receiver->kx_mq);
2617  if (msize > receiver->kx_mtu)
2618  {
2619  GNUNET_break (0);
2620  if (GNUNET_YES != receiver->receiver_destroy_called)
2621  receiver_destroy (receiver);
2622  return;
2623  }
2624  reschedule_receiver_timeout (receiver);
2625 
2626  /* setup key material */
2628 
2629  ss = setup_shared_secret_enc (&epriv, receiver, GNUNET_YES);
2630 
2631  if (receiver->num_secrets > MAX_SECRETS)
2632  {
2634  }
2635 
2636  setup_cipher (&ss->master, 0, &out_cipher);
2637  /* compute 'uc' */
2638  uc.sender = my_identity;
2639  uc.monotonic_time =
2642  uhs.purpose.size = htonl (sizeof(uhs));
2643  uhs.sender = my_identity;
2644  uhs.receiver = receiver->target;
2646  uhs.monotonic_time = uc.monotonic_time;
2647  GNUNET_CRYPTO_eddsa_sign (my_private_key,
2648  &uhs,
2649  &uc.sender_sig);
2650  /* Leave space for kx */
2651  dpos = sizeof(kx);
2652  /* Append encrypted uc to dgram */
2653  GNUNET_assert (0 == gcry_cipher_encrypt (out_cipher,
2654  &dgram[dpos],
2655  sizeof(uc),
2656  &uc,
2657  sizeof(uc)));
2658  dpos += sizeof(uc);
2659  /* Append encrypted payload to dgram */
2660  GNUNET_assert (
2661  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2662  dpos += msize;
2663  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2664  /* Datagram starts with kx */
2665  kx.ephemeral = uhs.ephemeral;
2666  GNUNET_assert (
2667  0 == gcry_cipher_gettag (out_cipher, kx.gcm_tag, sizeof(kx.gcm_tag)));
2668  gcry_cipher_close (out_cipher);
2669  if (GNUNET_NO == receiver->rekeying)
2670  kx.rekeying = GNUNET_NO;
2671  else
2672  kx.rekeying = GNUNET_YES;
2673  memcpy (dgram, &kx, sizeof(kx));
2674  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2675  dgram,
2676  sizeof(dgram),
2677  receiver->address,
2678  receiver->address_len))
2681  "Sending KX to %s\n", GNUNET_a2s (receiver->address,
2682  receiver->address_len));
2684 }
2685 
2686 
2687 static void
2688 check_for_rekeying (struct ReceiverAddress *receiver, struct UDPBox *box)
2689 {
2690 
2691  struct GNUNET_TIME_Relative rt;
2692 
2694  "Timeout is %lu\n.",
2695  receiver->rekey_timeout.abs_value_us);
2696 
2697  if (0 == receiver->rekey_timeout.abs_value_us)
2698  {
2700  rekey_interval);
2701  }
2702  else
2703  {
2706  "Relative time is %lu and timeout is %lu\n.",
2707  rt.rel_value_us,
2708  receiver->rekey_timeout.abs_value_us);
2709 
2710  if ((0 == rt.rel_value_us) || (receiver->rekey_send_bytes >
2711  rekey_max_bytes) )
2712  {
2714  "Bytes send %lu greater than %llu max bytes\n.",
2715  receiver->rekey_send_bytes,
2716  rekey_max_bytes);
2718  "Relative time is %lu and timeout is %lu\n.",
2719  rt.rel_value_us,
2720  receiver->rekey_timeout.abs_value_us);
2721 
2722  receiver->rekey_timeout.abs_value_us = 0;
2723  receiver->rekey_send_bytes = 0;
2724  receiver->ss_rekey = NULL;
2725  // destroy_all_secrets (ss, GNUNET_NO);
2726  receiver->rekeying = GNUNET_YES;
2727  receiver->rekey_acks_available = receiver->acks_available;
2728  box->rekeying = GNUNET_YES;
2730  "Sender started rekeying.\n");
2731  if (GNUNET_YES == box->rekeying)
2733  "Sending rekeying with kid %s\n",
2734  GNUNET_sh2s (&box->kid));
2735  }
2736  }
2737 }
2738 
2739 
2740 static void
2741 send_UDPRekey (struct ReceiverAddress *receiver, struct SharedSecret *ss)
2742 {
2743  uint8_t is_ss_rekey_sequence_allowed_zero = GNUNET_NO;
2744  uint8_t is_acks_available_below = GNUNET_NO;
2745  uint8_t send_rekey = GNUNET_NO;
2746  uint16_t not_below;
2747  struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
2748  struct UDPRekey *rekey;
2749  size_t dpos;
2750 
2751  char rekey_dgram[sizeof(struct UDPRekey) + receiver->d_mtu];
2752 
2753  if (NULL != receiver->ss_rekey)
2754  {
2755  not_below = (receiver->rekey_acks_available
2756  - (receiver->rekey_acks_available % 3)) / 3;
2757  is_ss_rekey_sequence_allowed_zero = (0 ==
2758  receiver->ss_rekey->sequence_allowed);
2759  is_acks_available_below = (receiver->acks_available >= not_below);
2760  send_rekey = (0 == (receiver->acks_available - not_below) % not_below) &&
2761  is_acks_available_below && is_ss_rekey_sequence_allowed_zero;
2763  "send_rekey: %u, %u, %u\n",
2764  send_rekey,
2765  receiver->rekey_acks_available,
2766  receiver->acks_available);
2767  }
2768  else if (NULL == receiver->ss_rekey)
2769  {
2770  /* setup key material */
2772  receiver->ss_rekey = setup_shared_secret_enc (&epriv, receiver,
2773  GNUNET_NO);
2774  receiver->ss_rekey->sequence_allowed = 0;
2776  "Setup secret with cmac %s\n",
2777  GNUNET_h2s (&(receiver->ss_rekey->cmac)));
2779  "Setup secret with master %s.\n",
2780  GNUNET_h2s (&(receiver->ss_rekey->master)));
2781  }
2782 
2783  if (send_rekey)
2784  {
2785  GNUNET_assert (0 != receiver->number_rekeying_kce);
2786  gcry_cipher_hd_t rekey_out_cipher;
2787 
2788  while (NULL != ss && ss->sequence_used >= ss->sequence_allowed)
2789  {
2790  ss = ss->prev;
2791  }
2792 
2793  if (NULL != ss)
2794  {
2795  rekey = (struct UDPRekey *) rekey_dgram;
2796  rekey->sender = my_identity;
2797  ss->sequence_used++;
2798  get_kid (&ss->master, ss->sequence_used, &rekey->kid);
2799  receiver->number_rekeying_kce--;
2800  setup_cipher (&ss->master, ss->sequence_used, &rekey_out_cipher);
2801  /* Append encrypted payload to dgram */
2802  dpos = sizeof(struct UDPRekey);
2803 
2804  GNUNET_assert (
2805  0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos],
2806  sizeof(receiver->ss_rekey->master),
2807  &(receiver->ss_rekey->master),
2808  sizeof(receiver->ss_rekey->master)));
2809  dpos += sizeof(receiver->ss_rekey->master);
2810  /* GNUNET_assert ( */
2811  /* 0 == gcry_cipher_encrypt (rekey_out_cipher, &rekey_dgram[dpos], */
2812  /* /\*sizeof(receiver->ss_rekey->cmac), */
2813  /* &(receiver->ss_rekey->cmac), */
2814  /* sizeof(receiver->ss_rekey->cmac))); */
2815  /* dpos += sizeof(receiver->ss_rekey->cmac);*\/ */
2816  /* sizeof(receiver->ss_rekey), */
2817  /* receiver->ss_rekey, */
2818  /* sizeof(receiver->ss_rekey))); */
2819  /* dpos += sizeof(receiver->ss_rekey); */
2820  do_pad (rekey_out_cipher, &rekey_dgram[dpos], sizeof(rekey_dgram)
2821  - dpos);
2822  GNUNET_assert (0 == gcry_cipher_gettag (rekey_out_cipher,
2823  rekey->gcm_tag,
2824  sizeof(rekey->gcm_tag)));
2825  gcry_cipher_close (rekey_out_cipher);
2826 
2828  "Sending rekey with kid %s and master %s\n",
2829  GNUNET_sh2s (&rekey->kid),
2830  GNUNET_h2s (&(receiver->ss_rekey->master)));
2832  "Sending rekey with cmac %s\n",
2833  GNUNET_h2s (&(receiver->ss_rekey->cmac)));
2835  "%u rekey kces left.\n",
2836  receiver->number_rekeying_kce);
2837 
2838  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2839  rekey_dgram,
2840  sizeof(rekey_dgram),
2841  receiver->address,
2842  receiver->address_len))
2844 
2845  receiver->acks_available--;
2847  "%u receiver->acks_available 1\n",
2848  receiver->acks_available);
2850  "Sending UDPRekey to %s\n", GNUNET_a2s (receiver->address,
2851  receiver->
2852  address_len));
2853  }
2854  }
2855 }
2856 
2857 
2866 static void
2868  const struct GNUNET_MessageHeader *msg,
2869  void *impl_state)
2870 {
2871  struct ReceiverAddress *receiver = impl_state;
2872  uint16_t msize = ntohs (msg->size);
2873 
2874  GNUNET_assert (mq == receiver->d_mq);
2875  if ((msize > receiver->d_mtu) ||
2876  (0 == receiver->acks_available))
2877  {
2879  "msize: %u, mtu: %lu, acks: %u\n",
2880  msize,
2881  receiver->d_mtu,
2882  receiver->acks_available);
2883 
2884  GNUNET_break (0);
2885  if (GNUNET_YES != receiver->receiver_destroy_called)
2886  receiver_destroy (receiver);
2887  return;
2888  }
2889  reschedule_receiver_timeout (receiver);
2890 
2891  /* begin "BOX" encryption method, scan for ACKs from tail! */
2892  for (struct SharedSecret *ss = receiver->ss_tail; NULL != ss; ss = ss->prev)
2893  {
2894  if (0 < ss->sequence_used)
2896  "Trying to send UDPBox with shared secrect %s sequence_used %u and ss->sequence_allowed %u\n",
2897  GNUNET_h2s (&ss->master),
2898  ss->sequence_used,
2899  ss->sequence_allowed);
2900  // Uncomment this for alternativ 1 of backchannel functionality
2901  if (ss->sequence_used >= ss->sequence_allowed)
2902  // Until here for alternativ 1
2903  // Uncomment this for alternativ 2 of backchannel functionality
2904  // if (0 == ss->sequence_allowed)
2905  // Until here for alternativ 2
2906  {
2907  continue;
2908  }
2909  char dgram[sizeof(struct UDPBox) + receiver->d_mtu];
2910  struct UDPBox *box;
2911  gcry_cipher_hd_t out_cipher;
2912  size_t dpos;
2913 
2914  box = (struct UDPBox *) dgram;
2915  ss->sequence_used++;
2916  get_kid (&ss->master, ss->sequence_used, &box->kid);
2917  setup_cipher (&ss->master, ss->sequence_used, &out_cipher);
2918  /* Append encrypted payload to dgram */
2919  dpos = sizeof(struct UDPBox);
2920  GNUNET_assert (
2921  0 == gcry_cipher_encrypt (out_cipher, &dgram[dpos], msize, msg, msize));
2922  dpos += msize;
2923  do_pad (out_cipher, &dgram[dpos], sizeof(dgram) - dpos);
2924  GNUNET_assert (0 == gcry_cipher_gettag (out_cipher,
2925  box->gcm_tag,
2926  sizeof(box->gcm_tag)));
2927  gcry_cipher_close (out_cipher);
2928 
2929  receiver->rekey_send_bytes += sizeof(struct UDPBox) + receiver->d_mtu;
2930 
2931  if (GNUNET_NO == receiver->rekeying)
2932  box->rekeying = GNUNET_NO;
2933  else
2934  box->rekeying = GNUNET_YES;
2935 
2936  if (-1 == GNUNET_NETWORK_socket_sendto (udp_sock,
2937  dgram,
2938  sizeof(dgram),
2939  receiver->address,
2940  receiver->address_len))
2943  "Sending UDPBox %u acks left\n",
2944  receiver->acks_available);
2946  receiver->acks_available--;
2948  "%u receiver->acks_available 2\n",
2949  receiver->acks_available);
2950  check_for_rekeying (receiver, box);
2951  if (0 == receiver->acks_available - receiver->number_rekeying_kce)
2952  {
2953  /* We have no more ACKs */
2955  "No more acks\n");
2956  if (GNUNET_YES == receiver->rekeying)
2957  {
2958  receiver->rekeying = GNUNET_NO;
2960  "Sender stopped rekeying\n");
2961 
2962  if ((NULL != receiver->ss_rekey) && (0 <
2963  receiver->ss_rekey->
2964  sequence_allowed) )
2965  add_acks_rekey (receiver);
2966  }
2967  }
2968  else if ((GNUNET_YES == receiver->rekeying) )
2969  {
2970  send_UDPRekey (receiver, ss);
2971  }
2972 
2973  return;
2974  }
2975 }
2976 
2977 
2986 static void
2987 mq_destroy_d (struct GNUNET_MQ_Handle *mq, void *impl_state)
2988 {
2989  struct ReceiverAddress *receiver = impl_state;
2991  "Default MQ destroyed\n");
2992  if (mq == receiver->d_mq)
2993  {
2994  receiver->d_mq = NULL;
2995  if (GNUNET_YES != receiver->receiver_destroy_called)
2996  receiver_destroy (receiver);
2997  }
2998 }
2999 
3000 
3009 static void
3010 mq_destroy_kx (struct GNUNET_MQ_Handle *mq, void *impl_state)
3011 {
3012  struct ReceiverAddress *receiver = impl_state;
3014  "KX MQ destroyed\n");
3015  if (mq == receiver->kx_mq)
3016  {
3017  receiver->kx_mq = NULL;
3018  if (GNUNET_YES != receiver->receiver_destroy_called)
3019  receiver_destroy (receiver);
3020  }
3021 }
3022 
3023 
3030 static void
3031 mq_cancel (struct GNUNET_MQ_Handle *mq, void *impl_state)
3032 {
3033  /* Cancellation is impossible with UDP; bail */
3034  GNUNET_assert (0);
3035 }
3036 
3037 
3047 static void
3048 mq_error (void *cls, enum GNUNET_MQ_Error error)
3049 {
3050  struct ReceiverAddress *receiver = cls;
3051 
3053  "MQ error in queue to %s: %d\n",
3054  GNUNET_i2s (&receiver->target),
3055  (int) error);
3056  receiver_destroy (receiver);
3057 }
3058 
3059 
3067 static void
3069 {
3070  size_t base_mtu;
3071 
3072  /*if (NULL != receiver->kx_qh)
3073  {
3074  GNUNET_TRANSPORT_communicator_mq_del (receiver->kx_qh);
3075  receiver->kx_qh = NULL;
3076  }
3077  if (NULL != receiver->d_qh)
3078  {
3079  GNUNET_TRANSPORT_communicator_mq_del (receiver->d_qh);
3080  receiver->d_qh = NULL;
3081  }*/
3082  // GNUNET_assert (NULL == receiver->mq);
3083  switch (receiver->address->sa_family)
3084  {
3085  case AF_INET:
3086  base_mtu = 1480 /* Ethernet MTU, 1500 - Ethernet header - VLAN tag */
3087  - sizeof(struct GNUNET_TUN_IPv4Header) /* 20 */
3088  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
3089  break;
3090 
3091  case AF_INET6:
3092  base_mtu = 1280 /* Minimum MTU required by IPv6 */
3093  - sizeof(struct GNUNET_TUN_IPv6Header) /* 40 */
3094  - sizeof(struct GNUNET_TUN_UdpHeader) /* 8 */;
3095  break;
3096 
3097  default:
3098  GNUNET_assert (0);
3099  break;
3100  }
3101  /* MTU based on full KX messages */
3102  receiver->kx_mtu = base_mtu - sizeof(struct InitialKX) /* 48 */
3103  - sizeof(struct UDPConfirmation); /* 104 */
3104  /* MTU based on BOXed messages */
3105  receiver->d_mtu = base_mtu - sizeof(struct UDPBox);
3106 
3108  "Setting up MQs and QHs\n");
3109  /* => Effective MTU for CORE will range from 1080 (IPv6 + KX) to
3110  1404 (IPv4 + Box) bytes, depending on circumstances... */
3111  if (NULL == receiver->kx_mq)
3113  &mq_destroy_kx,
3114  &mq_cancel,
3115  receiver,
3116  NULL,
3117  &mq_error,
3118  receiver);
3119  if (NULL == receiver->d_mq)
3121  &mq_destroy_d,
3122  &mq_cancel,
3123  receiver,
3124  NULL,
3125  &mq_error,
3126  receiver);
3127 
3128  receiver->kx_qh =
3130  &receiver->target,
3131  receiver->foreign_addr,
3132  receiver->kx_mtu,
3134  0, /* Priority */
3135  receiver->nt,
3137  receiver->kx_mq);
3138  receiver->d_qh =
3140  &receiver->target,
3141  receiver->foreign_addr,
3142  receiver->d_mtu,
3143  0, /* Initialize with 0 acks */
3144  1, /* Priority */
3145  receiver->nt,
3147  receiver->d_mq);
3148 
3149 }
3150 
3151 
3170 static int
3171 mq_init (void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
3172 {
3173  struct ReceiverAddress *receiver;
3174  const char *path;
3175  struct sockaddr *in;
3176  socklen_t in_len;
3177 
3178  if (0 != strncmp (address,
3180  strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
3181  {
3182  GNUNET_break_op (0);
3183  return GNUNET_SYSERR;
3184  }
3185  path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
3186  in = udp_address_to_sockaddr (path, &in_len);
3187 
3188  receiver = GNUNET_new (struct ReceiverAddress);
3189  receiver->address = in;
3190  receiver->address_len = in_len;
3191  receiver->target = *peer;
3192  receiver->nt = GNUNET_NT_scanner_get_type (is, in, in_len);
3194  receivers,
3195  &receiver->target,
3196  receiver,
3199  "Added %s to receivers\n",
3200  GNUNET_i2s_full (&receiver->target));
3201  receiver->timeout =
3203  receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
3204  receiver,
3205  receiver->timeout.abs_value_us);
3206  GNUNET_STATISTICS_set (stats,
3207  "# receivers active",
3209  GNUNET_NO);
3210  receiver->foreign_addr =
3211  sockaddr_to_udpaddr_string (receiver->address, receiver->address_len);
3212  setup_receiver_mq (receiver);
3213  if (NULL == timeout_task)
3214  timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts, NULL);
3215  return GNUNET_OK;
3216 }
3217 
3218 
3227 static int
3229  const struct GNUNET_PeerIdentity *target,
3230  void *value)
3231 {
3232  struct ReceiverAddress *receiver = value;
3233 
3234  (void) cls;
3235  (void) target;
3236  receiver_destroy (receiver);
3237  return GNUNET_OK;
3238 }
3239 
3240 
3249 static int
3251  const struct GNUNET_PeerIdentity *target,
3252  void *value)
3253 {
3254  struct SenderAddress *sender = value;
3255 
3256  (void) cls;
3257  (void) target;
3258 
3259  if (NULL != sender->kce_task_rekey)
3260  {
3262  sender->kce_task_rekey = NULL;
3263  }
3264  if (NULL != sender->kce_task)
3265  {
3267  sender->kce_task = NULL;
3268  }
3269 
3270  sender_destroy (sender);
3271  return GNUNET_OK;
3272 }
3273 
3274 
3280 static void
3281 do_shutdown (void *cls)
3282 {
3284  "do_shutdown\n");
3285  if (NULL != nat)
3286  {
3287  GNUNET_NAT_unregister (nat);
3288  nat = NULL;
3289  }
3290  while (NULL != bi_head)
3291  bi_destroy (bi_head);
3292  if (NULL != broadcast_task)
3293  {
3294  GNUNET_SCHEDULER_cancel (broadcast_task);
3295  broadcast_task = NULL;
3296  }
3297  if (NULL != timeout_task)
3298  {
3299  GNUNET_SCHEDULER_cancel (timeout_task);
3300  timeout_task = NULL;
3301  }
3302  if (NULL != read_task)
3303  {
3304  GNUNET_SCHEDULER_cancel (read_task);
3305  read_task = NULL;
3306  }
3307  if (NULL != udp_sock)
3308  {
3310  GNUNET_NETWORK_socket_close (udp_sock));
3311  udp_sock = NULL;
3312  }
3315  NULL);
3319  NULL);
3322  GNUNET_CONTAINER_heap_destroy (senders_heap);
3323  GNUNET_CONTAINER_heap_destroy (receivers_heap);
3324  if (NULL != timeout_task)
3325  {
3326  GNUNET_SCHEDULER_cancel (timeout_task);
3327  timeout_task = NULL;
3328  }
3329  if (NULL != ch)
3330  {
3332  ch = NULL;
3333  }
3334  if (NULL != ah)
3335  {
3337  ah = NULL;
3338  }
3339  if (NULL != stats)
3340  {
3342  stats = NULL;
3343  }
3344  if (NULL != my_private_key)
3345  {
3346  GNUNET_free (my_private_key);
3347  my_private_key = NULL;
3348  }
3349  if (NULL != is)
3350  {
3352  is = NULL;
3353  }
3355  "do_shutdown finished\n");
3356 }
3357 
3358 
3368 static void
3369 enc_notify_cb (void *cls,
3370  const struct GNUNET_PeerIdentity *sender,
3371  const struct GNUNET_MessageHeader *msg)
3372 {
3373  const struct UDPAck *ack;
3374 
3375  (void) cls;
3377  "Storing UDPAck received from backchannel from %s\n",
3378  GNUNET_i2s_full (sender));
3379  if ((ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
3380  (ntohs (msg->size) != sizeof(struct UDPAck)))
3381  {
3382  GNUNET_break_op (0);
3383  return;
3384  }
3385  ack = (const struct UDPAck *) msg;
3387  sender,
3388  &handle_ack,
3389  (void *) ack);
3390 }
3391 
3392 
3406 static void
3407 nat_address_cb (void *cls,
3408  void **app_ctx,
3409  int add_remove,
3411  const struct sockaddr *addr,
3412  socklen_t addrlen)
3413 {
3414  char *my_addr;
3416 
3417  if (GNUNET_YES == add_remove)
3418  {
3419  enum GNUNET_NetworkType nt;
3420 
3421  GNUNET_asprintf (&my_addr,
3422  "%s-%s",
3424  GNUNET_a2s (addr, addrlen));
3425  nt = GNUNET_NT_scanner_get_type (is, addr, addrlen);
3426  ai =
3428  my_addr,
3429  nt,
3431  GNUNET_free (my_addr);
3432  *app_ctx = ai;
3433  }
3434  else
3435  {
3436  ai = *app_ctx;
3438  *app_ctx = NULL;
3439  }
3440 }
3441 
3442 
3448 static void
3449 ifc_broadcast (void *cls)
3450 {
3451  struct BroadcastInterface *bi = cls;
3452  struct GNUNET_TIME_Relative delay;
3453 
3454  delay = BROADCAST_FREQUENCY;
3455  delay.rel_value_us =
3457  bi->broadcast_task =
3459 
3460  switch (bi->sa->sa_family)
3461  {
3462  case AF_INET: {
3463  static int yes = 1;
3464  static int no = 0;
3465  ssize_t sent;
3466 
3467  if (GNUNET_OK !=
3469  SOL_SOCKET,
3470  SO_BROADCAST,
3471  &yes,
3472  sizeof(int)))
3474  "setsockopt");
3475  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
3476  &bi->bcm,
3477  sizeof(bi->bcm),
3478  bi->ba,
3479  bi->salen);
3480  if (-1 == sent)
3482  "sendto");
3484  SOL_SOCKET,
3485  SO_BROADCAST,
3486  &no,
3487  sizeof(int)))
3489  "setsockopt");
3490  break;
3491  }
3492 
3493  case AF_INET6: {
3494  ssize_t sent;
3495  struct sockaddr_in6 dst;
3496 
3497  dst.sin6_family = AF_INET6;
3498  dst.sin6_port = htons (my_port);
3499  dst.sin6_addr = bi->mcreq.ipv6mr_multiaddr;
3500  dst.sin6_scope_id = ((struct sockaddr_in6 *) bi->ba)->sin6_scope_id;
3501 
3502  sent = GNUNET_NETWORK_socket_sendto (udp_sock,
3503  &bi->bcm,
3504  sizeof(bi->bcm),
3505  (const struct sockaddr *) &dst,
3506  sizeof(dst));
3507  if (-1 == sent)
3509  break;
3510  }
3511 
3512  default:
3513  GNUNET_break (0);
3514  break;
3515  }
3516 }
3517 
3518 
3533 static int
3534 iface_proc (void *cls,
3535  const char *name,
3536  int isDefault,
3537  const struct sockaddr *addr,
3538  const struct sockaddr *broadcast_addr,
3539  const struct sockaddr *netmask,
3540  socklen_t addrlen)
3541 {
3542  struct BroadcastInterface *bi;
3543  enum GNUNET_NetworkType network;
3544  struct UdpBroadcastSignature ubs;
3545 
3546  (void) cls;
3547  (void) netmask;
3548  if (NULL == addr)
3549  return GNUNET_YES; /* need to know our address! */
3550  network = GNUNET_NT_scanner_get_type (is, addr, addrlen);
3551  if (GNUNET_NT_LOOPBACK == network)
3552  {
3553  /* Broadcasting on loopback does not make sense */
3554  return GNUNET_YES;
3555  }
3556  for (bi = bi_head; NULL != bi; bi = bi->next)
3557  {
3558  if ((bi->salen == addrlen) && (0 == memcmp (addr, bi->sa, addrlen)))
3559  {
3560  bi->found = GNUNET_YES;
3561  return GNUNET_OK;
3562  }
3563  }
3564 
3565  if ((AF_INET6 == addr->sa_family) && (NULL == broadcast_addr))
3566  return GNUNET_OK; /* broadcast_addr is required for IPv6! */
3567  if ((AF_INET6 == addr->sa_family) && (GNUNET_YES != have_v6_socket))
3568  return GNUNET_OK; /* not using IPv6 */
3569 
3570  bi = GNUNET_new (struct BroadcastInterface);
3571  bi->sa = GNUNET_memdup (addr,
3572  addrlen);
3573  if ( (NULL != broadcast_addr) &&
3574  (addrlen == sizeof (struct sockaddr_in)) )
3575  {
3576  struct sockaddr_in *ba;
3577 
3578  ba = GNUNET_memdup (broadcast_addr,
3579  addrlen);
3580  ba->sin_port = htons (2086); /* always GNUnet port, ignore configuration! */
3581  bi->ba = (struct sockaddr *) ba;
3582  }
3583  bi->salen = addrlen;
3584  bi->found = GNUNET_YES;
3585  bi->bcm.sender = my_identity;
3587  ubs.purpose.size = htonl (sizeof(ubs));
3588  ubs.sender = my_identity;
3589  GNUNET_CRYPTO_hash (addr, addrlen, &ubs.h_address);
3590  GNUNET_CRYPTO_eddsa_sign (my_private_key,
3591  &ubs,
3592  &bi->bcm.sender_sig);
3593  if (NULL != bi->ba)
3594  {
3596  GNUNET_CONTAINER_DLL_insert (bi_head, bi_tail, bi);
3597  }
3598  if ((AF_INET6 == addr->sa_family) && (NULL != broadcast_addr))
3599  {
3600  /* Create IPv6 multicast request */
3601  const struct sockaddr_in6 *s6 =
3602  (const struct sockaddr_in6 *) broadcast_addr;
3603 
3604  GNUNET_assert (
3605  1 == inet_pton (AF_INET6, "FF05::13B", &bi->mcreq.ipv6mr_multiaddr));
3606 
3607  /* http://tools.ietf.org/html/rfc2553#section-5.2:
3608  *
3609  * IPV6_JOIN_GROUP
3610  *
3611  * Join a multicast group on a specified local interface. If the
3612  * interface index is specified as 0, the kernel chooses the local
3613  * interface. For example, some kernels look up the multicast
3614  * group in the normal IPv6 routing table and using the resulting
3615  * interface; we do this for each interface, so no need to use
3616  * zero (anymore...).
3617  */bi->mcreq.ipv6mr_interface = s6->sin6_scope_id;
3618 
3619  /* Join the multicast group */
3621  IPPROTO_IPV6,
3622  IPV6_JOIN_GROUP,
3623  &bi->mcreq,
3624  sizeof(bi->mcreq)))
3625  {
3627  }
3628  }
3629  return GNUNET_OK;
3630 }
3631 
3632 
3638 static void
3639 do_broadcast (void *cls)
3640 {
3641  struct BroadcastInterface *bin;
3642 
3643  (void) cls;
3644  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bi->next)
3645  bi->found = GNUNET_NO;
3647  for (struct BroadcastInterface *bi = bi_head; NULL != bi; bi = bin)
3648  {
3649  bin = bi->next;
3650  if (GNUNET_NO == bi->found)
3651  bi_destroy (bi);
3652  }
3654  &do_broadcast,
3655  NULL);
3656 }
3657 
3658 
3667 static void
3668 run (void *cls,
3669  char *const *args,
3670  const char *cfgfile,
3671  const struct GNUNET_CONFIGURATION_Handle *c)
3672 {
3673  char *bindto;
3674  struct sockaddr *in;
3675  socklen_t in_len;
3676  struct sockaddr_storage in_sto;
3677  socklen_t sto_len;
3678 
3679  (void) cls;
3680  cfg = c;
3681  if (GNUNET_OK !=
3684  "BINDTO",
3685  &bindto))
3686  {
3689  "BINDTO");
3690  return;
3691  }
3692 
3693  if (GNUNET_OK !=
3696  "REKEY_INTERVAL",
3697  &rekey_interval))
3699 
3700  if (GNUNET_OK !=
3703  "REKEY_MAX_BYTES",
3704  &rekey_max_bytes))
3706 
3707  in = udp_address_to_sockaddr (bindto, &in_len);
3708  if (NULL == in)
3709  {
3711  "Failed to setup UDP socket address with path `%s'\n",
3712  bindto);
3713  GNUNET_free (bindto);
3714  return;
3715  }
3716  udp_sock =
3717  GNUNET_NETWORK_socket_create (in->sa_family,
3718  SOCK_DGRAM,
3719  IPPROTO_UDP);
3720  if (NULL == udp_sock)
3721  {
3723  GNUNET_free (in);
3724  GNUNET_free (bindto);
3725  return;
3726  }
3727  if (AF_INET6 == in->sa_family)
3729  if (GNUNET_OK !=
3730  GNUNET_NETWORK_socket_bind (udp_sock,
3731  in,
3732  in_len))
3733  {
3735  "bind",
3736  bindto);
3737  GNUNET_NETWORK_socket_close (udp_sock);
3738  udp_sock = NULL;
3739  GNUNET_free (in);
3740  GNUNET_free (bindto);
3741  return;
3742  }
3743 
3744  /* We might have bound to port 0, allowing the OS to figure it out;
3745  thus, get the real IN-address from the socket */
3746  sto_len = sizeof(in_sto);
3747  if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
3748  (struct sockaddr *) &in_sto,
3749  &sto_len))
3750  {
3751  memcpy (&in_sto, in, in_len);
3752  sto_len = in_len;
3753  }
3754  GNUNET_free (in);
3755  GNUNET_free (bindto);
3756  in = (struct sockaddr *) &in_sto;
3757  in_len = sto_len;
3759  "Bound to `%s'\n",
3760  GNUNET_a2s ((const struct sockaddr *) &in_sto, sto_len));
3761  switch (in->sa_family)
3762  {
3763  case AF_INET:
3764  my_port = ntohs (((struct sockaddr_in *) in)->sin_port);
3765  break;
3766 
3767  case AF_INET6:
3768  my_port = ntohs (((struct sockaddr_in6 *) in)->sin6_port);
3769  break;
3770 
3771  default:
3772  GNUNET_break (0);
3773  my_port = 0;
3774  }
3775  stats = GNUNET_STATISTICS_create ("C-UDP", cfg);
3779  receivers_heap =
3783  is = GNUNET_NT_scanner_init ();
3785  if (NULL == my_private_key)
3786  {
3787  GNUNET_log (
3789  _ (
3790  "Transport service is lacking key configuration settings. Exiting.\n"));
3792  return;
3793  }
3795  /* start reading */
3797  udp_sock,
3798  &sock_read,
3799  NULL);
3804  &mq_init,
3805  NULL,
3806  &enc_notify_cb,
3807  NULL);
3808  if (NULL == ch)
3809  {
3810  GNUNET_break (0);
3812  return;
3813  }
3815  if (NULL == ah)
3816  {
3817  GNUNET_break (0);
3819  return;
3820  }
3821  /* start broadcasting */
3822  if (GNUNET_YES !=
3825  "DISABLE_BROADCAST"))
3826  {
3827  broadcast_task = GNUNET_SCHEDULER_add_now (&do_broadcast, NULL);
3828  }
3829  nat = GNUNET_NAT_register (cfg,
3831  IPPROTO_UDP,
3832  1 /* one address */,
3833  (const struct sockaddr **) &in,
3834  &in_len,
3835  &nat_address_cb,
3836  NULL /* FIXME: support reversal: #5529 */,
3837  NULL /* closure */);
3838 }
3839 
3840 
3848 int
3849 main (int argc, char *const *argv)
3850 {
3851  static const struct GNUNET_GETOPT_CommandLineOption options[] = {
3853  };
3854  int ret;
3855 
3856  if (GNUNET_OK != GNUNET_STRINGS_get_utf8_args (argc, argv, &argc, &argv))
3857  return 2;
3858 
3859  ret = (GNUNET_OK == GNUNET_PROGRAM_run (argc,
3860  argv,
3861  "gnunet-communicator-udp",
3862  _ ("GNUnet UDP communicator"),
3863  options,
3864  &run,
3865  NULL))
3866  ? 0
3867  : 1;
3868  GNUNET_free_nz ((void *) argv);
3869  return ret;
3870 }
3871 
3872 
3873 /* end of gnunet-communicator-udp.c */
#define GNUNET_CONTAINER_DLL_remove(head, tail, element)
Remove an element from a DLL.
struct GNUNET_TIME_Absolute rekey_timeout
Timeout for this receiver address.
static void mq_send_d(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
struct KeyCacheEntry * next
Kept in a DLL.
Handle to the interface scanner.
Definition: nt.c:110
int GNUNET_NETWORK_socket_setsockopt(struct GNUNET_NETWORK_Handle *fd, int level, int option_name, const void *option_value, socklen_t option_len)
Set socket option.
Definition: network.c:880
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD
UDP communicator padding.
int GNUNET_NETWORK_get_fd(const struct GNUNET_NETWORK_Handle *desc)
Return file descriptor for this network handle.
Definition: network.c:1077
#define COMMUNICATOR_CONFIG_SECTION
Configuration section used by the communicator.
enum GNUNET_NetworkType GNUNET_NT_scanner_get_type(struct GNUNET_NT_InterfaceScanner *is, const struct sockaddr *addr, socklen_t addrlen)
Returns where the address is located: loopback, LAN or WAN.
Definition: nt.c:314
static void mq_destroy_d(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
const char * GNUNET_sh2s(const struct GNUNET_ShortHashCode *shc)
Convert a short hash value to a string (for printing debug messages).
void GNUNET_CONTAINER_heap_update_cost(struct GNUNET_CONTAINER_HeapNode *node, GNUNET_CONTAINER_HeapCostType new_cost)
Updates the cost of any node in the tree.
static struct BroadcastInterface * bi_tail
Broadcast interface tasks.
struct SharedSecret * ss_tail
Shared secrets we used with target, last used is tail.
Handle for active NAT registrations.
Definition: nat_api.c:71
struct GNUNET_MessageHeader header
Type is GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
#define BROADCAST_FREQUENCY
How often do we broadcast our presence on the LAN?
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP connection (UDP client).
int main(int argc, char *const *argv)
The main function for the UNIX communicator.
static void add_acks(struct SharedSecret *ss, int acks_to_add)
struct KeyCacheEntry * prev
Kept in a DLL.
int found
Was this interface found in the last iface_proc() scan?
static void do_broadcast(void *cls)
Scan interfaces to broadcast our presence on the LAN.
struct GNUNET_MessageHeader * msg
Definition: 005.c:2
static struct GNUNET_TRANSPORT_ApplicationHandle * ah
Our handle to report addresses for validation to TRANSPORT.
enum GNUNET_GenericReturnValue GNUNET_PROGRAM_run(int argc, char *const *argv, const char *binaryName, const char *binaryHelp, const struct GNUNET_GETOPT_CommandLineOption *options, GNUNET_PROGRAM_Main task, void *task_cls)
Run a standard GNUnet command startup sequence (initialize loggers and configuration, parse options).
Definition: program.c:363
GNUNET_NAT_AddressClass
Some addresses contain sensitive information or are not suitable for global distribution.
uint64_t rel_value_us
The actual value.
#define GNUNET_CRYPTO_eddsa_sign(priv, ps, sig)
EdDSA sign a given block.
struct GNUNET_PeerIdentity sender
Sender&#39;s peer identity.
struct KeyCacheEntry * kce_head
Kept in a DLL, sorted by sequence number.
#define GNUNET_CONTAINER_DLL_insert(head, tail, element)
Insert an element at the head of a DLL.
static uint16_t my_port
Port number to which we are actually bound.
Broadcast by peer in LAN announcing its presence.
unsigned int GNUNET_CONTAINER_multishortmap_size(const struct GNUNET_CONTAINER_MultiShortmap *map)
Get the number of key-value pairs in the map.
static struct SenderAddress * setup_sender(const struct GNUNET_PeerIdentity *target, const struct sockaddr *address, socklen_t address_len)
Create sender address for target.
#define GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK
UDP KX acknowledgement.
struct GNUNET_PeerIdentity receiver
Presumed identity of the target of the UDP connection (UDP server)
static struct GNUNET_NAT_Handle * nat
Connection to NAT service.
struct GNUNET_CONTAINER_HeapNode * GNUNET_CONTAINER_heap_insert(struct GNUNET_CONTAINER_Heap *heap, void *element, GNUNET_CONTAINER_HeapCostType cost)
Inserts a new element into the heap.
static void consider_ss_ack(struct SharedSecret *ss, int initial)
We established a shared secret with a sender.
static void run(void *cls, char *const *args, const char *cfgfile, const struct GNUNET_CONFIGURATION_Handle *c)
Setup communicator and launch network interactions.
uint32_t purpose
What does this signature vouch for? This must contain a GNUNET_SIGNATURE_PURPOSE_XXX constant (from g...
char gcm_tag[(128/8)]
HMAC for the following encrypted message, using GCM.
#define KCN_TARGET
How many KCNs do we keep around after we hit the KCN_THRESHOLD? Should be larger than KCN_THRESHOLD s...
struct GNUNET_TRANSPORT_AddressIdentifier * GNUNET_TRANSPORT_communicator_address_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const char *address, enum GNUNET_NetworkType nt, struct GNUNET_TIME_Relative expiration)
Notify transport service about an address that this communicator provides for this peer...
static struct GNUNET_PeerIdentity my_identity
Our public key.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
struct GNUNET_HashCode cmac
CMAC is used to identify master in ACKs.
static struct SharedSecret * setup_shared_secret_dec(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
Setup shared secret for decryption.
GNUNET_MQ_Error
Error codes for the queue.
uint64_t GNUNET_CRYPTO_random_u64(enum GNUNET_CRYPTO_Quality mode, uint64_t max)
Random on unsigned 64-bit values.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_shutdown(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run on shutdown, that is when a CTRL-C signal is received, or when GNUNET_SCHEDULER_shutdown() is being invoked.
Definition: scheduler.c:1331
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
socklen_t address_len
Number of bytes in address.
struct GNUNET_STATISTICS_Handle * GNUNET_STATISTICS_create(const char *subsystem, const struct GNUNET_CONFIGURATION_Handle *cfg)
Get handle for the statistics service.
static int start
Set if we are to start default services (including ARM).
Definition: gnunet-arm.c:39
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
int GNUNET_STRINGS_get_utf8_args(int argc, char *const *argv, int *u8argc, char *const **u8argv)
Returns utf-8 encoded arguments.
Definition: strings.c:1459
void GNUNET_TRANSPORT_application_validate(struct GNUNET_TRANSPORT_ApplicationHandle *ch, const struct GNUNET_PeerIdentity *peer, enum GNUNET_NetworkType nt, const char *addr)
An application (or a communicator) has received a HELLO (or other address data of another peer) and w...
static struct sockaddr * udp_address_to_sockaddr(const char *bindto, socklen_t *sock_len)
Convert UDP bind specification to a struct sockaddr *
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key for KX.
struct GNUNET_TIME_Absolute GNUNET_TIME_relative_to_absolute(struct GNUNET_TIME_Relative rel)
Convert relative time to an absolute time in the future.
Definition: time.c:181
#define GNUNET_assert(cond)
Use this for fatal errors that cannot be handled.
Bandwidth allocation API for applications to interact with.
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
static unsigned long long rekey_max_bytes
How often we do rekey based on number of bytes transmitted.
static void send_UDPRekey(struct ReceiverAddress *receiver, struct SharedSecret *ss)
static struct GNUNET_CONTAINER_MultiShortmap * key_cache
Cache of pre-generated key IDs.
static struct BroadcastInterface * bi_head
Broadcast interface tasks.
uint32_t sequence_allowed
Up to which sequence number did the other peer allow us to use this key, or up to which number did we...
socklen_t address_len
Length of the address.
struct sockaddr * address
Address of the other peer.
int GNUNET_NETWORK_socket_bind(struct GNUNET_NETWORK_Handle *desc, const struct sockaddr *address, socklen_t address_len)
Bind a socket to a particular address.
Definition: network.c:485
static struct GNUNET_FS_UnindexContext * uc
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
#define WORKING_QUEUE_INTERVALL
#define DEFAULT_REKEY_TIME_INTERVAL
How often do we rekey based on time (at least)
unsigned int num_secrets
Length of the DLL at ss_head.
int GNUNET_CONTAINER_multishortmap_remove(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, const void *value)
Remove the given key-value pair from the map.
int sender_destroy_called
sender_destroy already called on sender.
static struct GNUNET_NT_InterfaceScanner * is
Network scanner to determine network types.
static int ret
Return value of the commandline.
Definition: gnunet-abd.c:81
struct SharedSecret * ss
Corresponding shared secret.
int GNUNET_CONTAINER_multipeermap_remove(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, const void *value)
Remove the given key-value pair from the map.
const char * GNUNET_i2s_full(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
#define GNUNET_memdup(buf, size)
Allocate and initialize a block of memory.
const char * GNUNET_h2s(const struct GNUNET_HashCode *hc)
Convert a hash value to a string (for printing debug messages).
Standard IPv4 header.
static void kce_destroy(struct KeyCacheEntry *kce)
Free memory used by key cache entry.
#define GNUNET_new(type)
Allocate a struct or union of the given type.
Definition of a command line option.
struct SenderAddress * sender
Sender we use this shared secret with, or NULL.
void GNUNET_OS_network_interfaces_list(GNUNET_OS_NetworkInterfaceProcessor proc, void *proc_cls)
Enumerate all network interfaces.
Definition: os_network.c:396
static int iface_proc(void *cls, const char *name, int isDefault, const struct sockaddr *addr, const struct sockaddr *broadcast_addr, const struct sockaddr *netmask, socklen_t addrlen)
Callback function invoked for each interface found.
static int have_v6_socket
GNUNET_YES if udp_sock supports IPv6.
#define GCM_TAG_SIZE
Size of the GCM tag.
struct GNUNET_TIME_Absolute timeout
Timeout for this sender.
static int handle_ack(void *cls, const struct GNUNET_PeerIdentity *pid, void *value)
We received an ACK for pid.
uint16_t size
The length of the struct (in bytes, including the length field itself), in big-endian format...
Encrypted continuation of UDP initial handshake, followed by message header with payload.
void GNUNET_STATISTICS_destroy(struct GNUNET_STATISTICS_Handle *h, int sync_first)
Destroy a handle (free all state associated with it).
void GNUNET_STATISTICS_update(struct GNUNET_STATISTICS_Handle *handle, const char *name, int64_t delta, int make_persistent)
Set statistic value for the peer.
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
Signature used by UDP communicator handshake.
void GNUNET_SCHEDULER_shutdown(void)
Request the shutdown of a scheduler.
Definition: scheduler.c:531
struct GNUNET_CONTAINER_MultiPeerMap * GNUNET_CONTAINER_multipeermap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
Handle for the service.
#define GNUNET_CRYPTO_eddsa_verify(purp, ps, sig, pub)
Verify EdDSA signature.
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_string(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, char **value)
Get a configuration value that should be a string.
int rekeying
A flag indicating, if the sender is doing rekeying.
#define GNUNET_strdup(a)
Wrapper around GNUNET_xstrdup_.
Time for absolute time used by GNUnet, in microseconds and in network byte order. ...
void GNUNET_TRANSPORT_application_done(struct GNUNET_TRANSPORT_ApplicationHandle *ch)
Shutdown TRANSPORT application client.
static char * sockaddr_to_udpaddr_string(const struct sockaddr *address, socklen_t address_len)
Converts address to the address string format used by this communicator in HELLOs.
uint64_t abs_value_us
The actual value.
static void reschedule_sender_timeout(struct SenderAddress *sender)
Increment sender timeout due to activity.
static void bi_destroy(struct BroadcastInterface *bi)
An interface went away, stop broadcasting on it.
GNUNET_NetworkType
Types of networks (with separate quotas) we support.
Definition: gnunet_nt_lib.h:35
#define GNUNET_break(cond)
Use this for internal assertion violations that are not fatal (can be handled) but should not occur...
uint32_t sequence_number
Sequence number used to derive this entry from master key.
struct GNUNET_SCHEDULER_Task * kce_task
ID of kce working queue task.
"Plaintext" header at beginning of KX message.
static void setup_cipher(const struct GNUNET_HashCode *msec, uint32_t serial, gcry_cipher_hd_t *cipher)
Setup cipher based on shared secret msec and serial number serial.
struct GNUNET_GETOPT_CommandLineOption GNUNET_GETOPT_OPTION_END
Definition: 002.c:13
#define GNUNET_NETWORK_STRUCT_BEGIN
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32.
void GNUNET_CONTAINER_multipeermap_destroy(struct GNUNET_CONTAINER_MultiPeerMap *map)
Destroy a hash map.
static uint32_t reset_rekey_kces(struct ReceiverAddress *receiver, uint32_t acks_to_add)
A 256-bit hashcode.
Opaque handle to the transport service for communicators.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
#define _(String)
GNU gettext support macro.
Definition: platform.h:178
void GNUNET_TRANSPORT_communicator_disconnect(struct GNUNET_TRANSPORT_CommunicatorHandle *ch)
Disconnect from the transport service.
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
struct sockaddr * ba
Broadcast address to use on the interface.
header of what an ECC signature signs this must be followed by "size - 8" bytes of the actual signed ...
static void enc_notify_cb(void *cls, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg)
Function called when the transport service has received a backchannel message for this communicator (...
struct GNUNET_ShortHashCode kid
Key and IV identification code.
struct GNUNET_SCHEDULER_Task * kce_task_rekey
ID of kce rekey working queue task.
static void ifc_broadcast(void *cls)
Broadcast our presence on one of our interfaces.
struct SharedSecret * ss_head
Shared secrets we used with target, first used is head.
void GNUNET_TRANSPORT_communicator_mq_del(struct GNUNET_TRANSPORT_QueueHandle *qh)
Notify transport service that an MQ became unavailable due to a disconnect or timeout.
struct GNUNET_PeerIdentity target
To whom are we talking to.
struct GNUNET_TRANSPORT_QueueHandle * d_qh
handle for default queue with the ch.
#define GNUNET_log_strerror(level, cmd)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
char * foreign_addr
Address of the receiver in the human-readable format with the COMMUNICATOR_ADDRESS_PREFIX.
void GNUNET_CRYPTO_ecdhe_key_create(struct GNUNET_CRYPTO_EcdhePrivateKey *pk)
Create a new private key.
Definition: crypto_ecc.c:435
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_delayed(struct GNUNET_TIME_Relative delay, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay.
Definition: scheduler.c:1269
static int do_decrypt(struct GSC_KeyExchangeInfo *kx, const struct GNUNET_CRYPTO_SymmetricInitializationVector *iv, const void *in, void *out, size_t size)
Decrypt size bytes from in and write the result to out.
static struct GNUNET_CONTAINER_MultiPeerMap * receivers
Receivers (map from peer identity to struct ReceiverAddress)
static struct GNUNET_TIME_Relative rekey_interval
The rekey interval.
uint16_t type
The type of the message (GNUNET_MESSAGE_TYPE_XXXX), in big-endian format.
uint64_t rekey_send_bytes
Send bytes for this receiver address.
Pre-generated "kid" code (key and IV identification code) to quickly derive master key for a struct U...
static struct GNUNET_SCHEDULER_Task * broadcast_task
ID of master broadcast task.
uint32_t sequence_used
Up to which sequence number did we use this master already? (for encrypting only) ...
static struct GNUNET_TIME_Relative timeout
Desired timeout for the lookup (default is no timeout).
Definition: gnunet-abd.c:61
struct GNUNET_MQ_Handle * GNUNET_MQ_queue_for_callbacks(GNUNET_MQ_SendImpl send, GNUNET_MQ_DestroyImpl destroy, GNUNET_MQ_CancelImpl cancel, void *impl_state, const struct GNUNET_MQ_MessageHandler *handlers, GNUNET_MQ_ErrorHandler error_handler, void *cls)
Create a message queue for the specified handlers.
Definition: mq.c:565
void GNUNET_log_config_missing(enum GNUNET_ErrorType kind, const char *section, const char *option)
Log error message about missing configuration option.
static char * value
Value of the record to add/remove.
static int get_sender_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all senders to clean up.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_ecdh_eddsa(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, const struct GNUNET_CRYPTO_EddsaPublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a EdDSA public key and a private ECDH key.
Definition: crypto_ecc.c:758
static int verify_confirmation(const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral, const struct UDPConfirmation *uc)
Check signature from uc against ephemeral.
#define GNUNET_log_strerror_file(level, cmd, filename)
Log an error message at log-level &#39;level&#39; that indicates a failure of the command &#39;cmd&#39; with the mess...
#define GNUNET_break_op(cond)
Use this for assertion violations caused by other peers (i.e.
void GNUNET_CRYPTO_hash(const void *block, size_t size, struct GNUNET_HashCode *ret)
Compute hash of a given block.
Definition: crypto_hash.c:41
struct GNUNET_HashCode master
Master shared secret.
enum GNUNET_NetworkType nt
Which network type does this queue use?
#define GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
Signature used by UDP broadcasts.
struct GNUNET_MQ_Handle * kx_mq
KX message queue we are providing for the ch.
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_now(GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run as soon as possible.
Definition: scheduler.c:1296
static void add_acks_rekey(struct ReceiverAddress *receiver)
struct KeyCacheEntry * kce_tail
Kept in a DLL, sorted by sequence number.
#define MAX_SECRETS
How many shared master secrets do we keep around at most per sender? Should be large enough so that w...
#define AES_IV_SIZE
AES (GCM) IV size.
void * GNUNET_CONTAINER_heap_peek(const struct GNUNET_CONTAINER_Heap *heap)
Get element stored at the root of heap.
static void pass_plaintext_to_core(struct SenderAddress *sender, const void *plaintext, size_t plaintext_len)
We received plaintext_len bytes of plaintext from a sender.
struct SharedSecret * ss_tail
Shared secrets we received with target, last used is tail.
size_t kx_mtu
MTU we allowed transport for this receiver&#39;s KX queue.
static void check_timeouts(void *cls)
Task run to check #receiver_heap and #sender_heap for timeouts.
static void kce_generate_rekey_cb(void *cls)
ssize_t GNUNET_NETWORK_socket_sendto(const struct GNUNET_NETWORK_Handle *desc, const void *message, size_t length, const struct sockaddr *dest_addr, socklen_t dest_len)
Send data to a particular destination (always non-blocking).
Definition: network.c:846
struct GNUNET_CRYPTO_EccSignaturePurpose purpose
Purpose must be GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE.
static char buf[2048]
#define COMMUNICATOR_ADDRESS_PREFIX
Address prefix used by the communicator.
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this sender.
struct GNUNET_TRANSPORT_CommunicatorHandle * GNUNET_TRANSPORT_communicator_connect(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section_name, const char *addr_prefix, enum GNUNET_TRANSPORT_CommunicatorCharacteristics cc, GNUNET_TRANSPORT_CommunicatorMqInit mq_init, void *mq_init_cls, GNUNET_TRANSPORT_CommunicatorNotify notify_cb, void *notify_cb_cls)
Connect to the transport service.
int GNUNET_CONTAINER_multishortmap_put(struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
unsigned int rekey_acks_available
Acks available when we started rekeying.
#define GNUNET_TIME_UNIT_FOREVER_REL
Constant used to specify "forever".
Handle to a node in a heap.
struct GNUNET_PeerIdentity sender
Identity of the inititor of the UDP broadcast.
UDP message box.
const char * GNUNET_a2s(const struct sockaddr *addr, socklen_t addrlen)
Convert a "struct sockaddr*" (IPv4 or IPv6 address) to a string (for printing debug messages)...
static struct GNUNET_CRYPTO_EddsaPrivateKey * my_private_key
Our private key.
struct sockaddr * address
Address of the other peer.
uint32_t size
How many bytes does this signature sign? (including this purpose header); in network byte order (!)...
Internal representation of the hash map.
struct GNUNET_CONTAINER_MultiShortmap * GNUNET_CONTAINER_multishortmap_create(unsigned int len, int do_not_copy_keys)
Create a multi peer map (hash map for public keys of peers).
#define GENERATE_AT_ONCE
Heap with the minimum cost at the root.
void GNUNET_STATISTICS_set(struct GNUNET_STATISTICS_Handle *handle, const char *name, uint64_t value, int make_persistent)
Set statistic value for the peer.
UDP message box.
void GNUNET_CONTAINER_heap_destroy(struct GNUNET_CONTAINER_Heap *heap)
Destroys the heap.
struct sockaddr * sa
Sender&#39;s address of the interface.
A 512-bit hashcode.
socklen_t salen
Number of bytes in sa.
static void mq_destroy_kx(struct GNUNET_MQ_Handle *mq, void *impl_state)
Signature of functions implementing the destruction of a message queue.
static void sock_read(void *cls)
Socket read task.
static void mq_cancel(struct GNUNET_MQ_Handle *mq, void *impl_state)
Implementation function that cancels the currently sent message.
static void setup_receiver_mq(struct ReceiverAddress *receiver)
Setup the MQ for the receiver.
int receiver_destroy_called
receiver_destroy already called on receiver.
static int res
static void kce_generate_cb(void *cls)
struct SharedSecret * next
Kept in a DLL.
Information we track per receiving address we have recently been in contact with (encryption to recei...
static struct GNUNET_NAT_AUTO_Test * nt
Handle to a NAT test operation.
void GNUNET_NT_scanner_done(struct GNUNET_NT_InterfaceScanner *is)
Terminate interface scanner.
Definition: nt.c:433
int int GNUNET_asprintf(char **buf, const char *format,...) __attribute__((format(printf
Like asprintf, just portable.
size_t d_mtu
MTU we allowed transport for this receiver&#39;s default queue.
struct GNUNET_HashCode cmac
CMAC of the base key being acknowledged.
Node in the heap.
Private ECC key encoded for transmission.
void GNUNET_NAT_unregister(struct GNUNET_NAT_Handle *nh)
Stop port redirection and public IP address detection for the given handle.
Definition: nat_api.c:692
static void try_handle_plaintext(struct SenderAddress *sender, const void *buf, size_t buf_size)
Test if we have received a valid message in plaintext.
#define GNUNET_free_nz(ptr)
Wrapper around free.
Shared secret we generated for a particular sender or receiver.
struct GNUNET_TIME_AbsoluteNBO monotonic_time
Monotonic time of sender, to possibly help detect replay attacks (if receiver persists times by sende...
void GNUNET_TRANSPORT_communicator_address_remove(struct GNUNET_TRANSPORT_AddressIdentifier *ai)
Notify transport service about an address that this communicator no longer provides for this peer...
unsigned int num_secrets
Length of the DLL at ss_head.
struct GNUNET_TIME_Relative GNUNET_TIME_relative_min(struct GNUNET_TIME_Relative t1, struct GNUNET_TIME_Relative t2)
Return the minimum of two relative time values.
Definition: time.c:200
struct GNUNET_CRYPTO_EddsaSignature sender_sig
Sender&#39;s signature of type GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST.
struct GNUNET_TESTBED_Peer * peer
The peer associated with this model.
struct GNUNET_HashCode key
The key used in the DHT.
Internal representation of the hash map.
static int mq_init(void *cls, const struct GNUNET_PeerIdentity *peer, const char *address)
Function called by the transport service to initialize a message queue given address information abou...
static struct GNUNET_TRANSPORT_AddressIdentifier * ai
Handle to the operation that publishes our address.
void GNUNET_CRYPTO_ecdhe_key_get_public(const struct GNUNET_CRYPTO_EcdhePrivateKey *priv, struct GNUNET_CRYPTO_EcdhePublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:213
static int get_receiver_delete_it(void *cls, const struct GNUNET_PeerIdentity *target, void *value)
Iterator over all receivers to clean up.
static struct GNUNET_CONTAINER_Heap * senders_heap
Expiration heap for senders (contains struct SenderAddress)
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_size(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, unsigned long long *size)
Get a configuration value that should be a size in bytes.
static struct SharedSecret * setup_shared_secret_enc(const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral, struct ReceiverAddress *receiver, int add_to_receiver)
Setup shared secret for encryption.
struct GNUNET_NAT_Handle * GNUNET_NAT_register(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *config_section, uint8_t proto, unsigned int num_addrs, const struct sockaddr **addrs, const socklen_t *addrlens, GNUNET_NAT_AddressCallback address_callback, GNUNET_NAT_ReversalCallback reversal_callback, void *callback_cls)
Attempt to enable port redirection and detect public IP address contacting UPnP or NAT-PMP routers on...
Definition: nat_api.c:378
static struct GNUNET_MQ_Envelope * ac
Handle to current GNUNET_PEERINFO_add_peer() operation.
struct GNUNET_NT_InterfaceScanner * GNUNET_NT_scanner_init(void)
Initialize the address characterization client handle.
Definition: nt.c:412
struct GNUNET_HashCode h_address
Hash of the sender&#39;s UDP address.
static void get_kid(const struct GNUNET_HashCode *msec, uint32_t serial, struct GNUNET_ShortHashCode *kid)
Compute kid.
struct GNUNET_TRANSPORT_QueueHandle * GNUNET_TRANSPORT_communicator_mq_add(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *peer, const char *address, uint32_t mtu, uint64_t q_len, uint32_t priority, enum GNUNET_NetworkType nt, enum GNUNET_TRANSPORT_ConnectionStatus cs, struct GNUNET_MQ_Handle *mq)
Notify transport service that a MQ became available due to an "inbound" connection or because the com...
static struct GNUNET_FS_SearchContext * sc
Definition: gnunet-search.c:37
Loopback (same host).
Definition: gnunet_nt_lib.h:45
static struct GNUNET_NETWORK_Handle * udp_sock
Our socket.
static void do_pad(gcry_cipher_hd_t out_cipher, char *dgram, size_t pad_size)
Pad dgram by pad_size using out_cipher.
unsigned int active_kce_count
Number of active KCN entries.
struct SharedSecret * prev
Kept in a DLL.
struct GNUNET_TIME_Absolute GNUNET_TIME_absolute_get_monotonic(const struct GNUNET_CONFIGURATION_Handle *cfg)
Obtain the current time and make sure it is monotonically increasing.
Definition: time.c:590
static struct GNUNET_CONTAINER_MultiPeerMap * senders
Senders (map from peer identity to struct SenderAddress)
int GNUNET_TRANSPORT_communicator_receive(struct GNUNET_TRANSPORT_CommunicatorHandle *handle, const struct GNUNET_PeerIdentity *sender, const struct GNUNET_MessageHeader *msg, struct GNUNET_TIME_Relative expected_addr_validity, GNUNET_TRANSPORT_MessageCompletedCallback cb, void *cb_cls)
Notify transport service that the communicator has received a message.
struct UDPBroadcast bcm
Message we broadcast on this interface.
static void decrypt_box(const struct UDPBox *box, size_t box_len, struct KeyCacheEntry *kce)
We received a box with matching kce.
void GNUNET_CONTAINER_multishortmap_destroy(struct GNUNET_CONTAINER_MultiShortmap *map)
Destroy a hash map.
struct GNUNET_CONTAINER_Heap * GNUNET_CONTAINER_heap_create(enum GNUNET_CONTAINER_HeapOrder order)
Create a new heap.
an ECC signature using EdDSA.
void GNUNET_CRYPTO_eddsa_key_get_public(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, struct GNUNET_CRYPTO_EddsaPublicKey *pub)
Extract the public key for the given private key.
Definition: crypto_ecc.c:197
Standard IPv6 header.
static struct GNUNET_CONTAINER_Heap * receivers_heap
Expiration heap for receivers (contains struct ReceiverAddress)
static struct in_addr dummy
Target "dummy" address of the packet we pretend to respond to.
#define KCN_THRESHOLD
If we fall below this number of available KCNs, we generate additional ACKs until we reach KCN_TARGET...
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
Allow multiple values with the same key.
#define GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT
After how long do we consider a connection to a peer dead if we don&#39;t receive messages from the peer...
Handle to a message queue.
Definition: mq.c:85
unsigned int acks_available
Number of BOX keys from ACKs we have currently available for this receiver.
int GNUNET_CONTAINER_multipeermap_put(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, void *value, enum GNUNET_CONTAINER_MultiHashMapOption opt)
Store a key-value pair in the map.
#define GNUNET_NETWORK_STRUCT_END
Define as empty, GNUNET_PACKED should suffice, but this won&#39;t work on W32;.
struct GNUNET_CONTAINER_HeapNode * hn
Entry in sender expiration heap.
Private ECC key encoded for transmission.
int GNUNET_CONTAINER_multipeermap_iterate(struct GNUNET_CONTAINER_MultiPeerMap *map, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map.
struct GNUNET_PeerIdentity sender
Sender&#39;s identity.
uint32_t sequence_max
Sequence acknowledgement limit.
struct ipv6_mreq mcreq
If this is an IPv6 interface, this is the request we use to join/leave the group. ...
The identity of the host (wraps the signing key of the peer).
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_eddsa_ecdh(const struct GNUNET_CRYPTO_EddsaPrivateKey *priv, const struct GNUNET_CRYPTO_EcdhePublicKey *pub, struct GNUNET_HashCode *key_material)
Derive key material from a ECDH public key and a private EdDSA key.
Definition: crypto_ecc.c:718
#define AES_KEY_SIZE
AES key size.
int kce_task_finished
Is the kce_task finished?
static void reschedule_receiver_timeout(struct ReceiverAddress *receiver)
Increment receiver timeout due to activity.
struct ReceiverAddress * receiver
Receiver we use this shared secret with, or NULL.
int rekeying
A flag indicating, if the sender is doing rekeying.
Context information to be used while searching for operation contexts.
Definition: testbed_api.c:225
static void get_iv_key(const struct GNUNET_HashCode *msec, uint32_t serial, char key[(256/8)], char iv[(96/8)])
Compute key and iv.
struct GNUNET_TRANSPORT_ApplicationHandle * GNUNET_TRANSPORT_application_init(const struct GNUNET_CONFIGURATION_Handle *cfg)
Initialize the TRANSPORT application client handle.
#define GNUNET_PACKED
gcc-ism to get packed structs.
#define GNUNET_TRANSPORT_QUEUE_LENGTH_UNLIMITED
Queue length.
static uint16_t port
Port number.
Definition: gnunet-bcd.c:83
configuration data
Definition: configuration.c:84
void * GNUNET_CONTAINER_multishortmap_get(const struct GNUNET_CONTAINER_MultiShortmap *map, const struct GNUNET_ShortHashCode *key)
Given a key find a value in the map matching the key.
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_time(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option, struct GNUNET_TIME_Relative *time)
Get a configuration value that should be a relative time.
static int secret_destroy(struct SharedSecret *ss, int withoutKce)
Destroy ss and associated key cache entries.
socklen_t address_len
Length of the address.
const char * name
this is an outbound connection (transport initiated)
#define ADDRESS_VALIDITY_PERIOD
How long do we believe our addresses to remain up (before the other peer should revalidate).
struct SharedSecret * ss_finished
Shared secret we finished the last kce working queue for.
Information we track per sender address we have recently been in contact with (we decrypt messages fr...
Signature we use to verify that the broadcast was really made by the peer that claims to have made it...
#define INTERFACE_SCAN_FREQUENCY
How often do we scan for changes to our network interfaces?
void GNUNET_TRANSPORT_communicator_notify(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_PeerIdentity *pid, const char *comm, const struct GNUNET_MessageHeader *header)
The communicator asks the transport service to route a message via a different path to another commun...
Public ECC key (always for Curve25519) encoded in a format suitable for network transmission and encr...
struct GNUNET_MQ_Handle * mq
Definition: 003.c:5
static void receiver_destroy(struct ReceiverAddress *receiver)
Destroys a receiving state due to timeout or shutdown.
#define GNUNET_log(kind,...)
UDP key acknowledgement.
Entry in list of pending tasks.
Definition: scheduler.c:134
struct GNUNET_ShortHashCode kid
Key and IV identification code.
static struct GNUNET_STATISTICS_Handle * stats
For logging statistics.
#define DEFAULT_REKEY_MAX_BYTES
Default value for how often we do rekey based on number of bytes transmitted? (additionally randomize...
Signature we use to verify that the ephemeral key was really chosen by the specified sender...
static struct GNUNET_SCHEDULER_Task * read_task
ID of read task.
handle to a socket
Definition: network.c:52
static void nat_address_cb(void *cls, void **app_ctx, int add_remove, enum GNUNET_NAT_AddressClass ac, const struct sockaddr *addr, socklen_t addrlen)
Signature of the callback passed to GNUNET_NAT_register() for a function to call whenever our set of ...
enum GNUNET_GenericReturnValue GNUNET_CONFIGURATION_get_value_yesno(const struct GNUNET_CONFIGURATION_Handle *cfg, const char *section, const char *option)
Get a configuration value that should be in a set of "YES" or "NO".
void GNUNET_CRYPTO_random_block(enum GNUNET_CRYPTO_Quality mode, void *buffer, size_t length)
Fill block with a random values.
char gcm_tag[(128/8)]
128-bit authentication tag for the following encrypted message, from GCM.
struct GNUNET_CRYPTO_EddsaPrivateKey * GNUNET_CRYPTO_eddsa_key_create_from_configuration(const struct GNUNET_CONFIGURATION_Handle *cfg)
Create a new private key by reading our peer&#39;s key from the file specified in the configuration...
struct GNUNET_SCHEDULER_Task * broadcast_task
Task for this broadcast interface.
struct GNUNET_TIME_Relative GNUNET_TIME_absolute_get_remaining(struct GNUNET_TIME_Absolute future)
Given a timestamp in the future, how much time remains until then?
Definition: time.c:232
static void calculate_cmac(struct SharedSecret *ss)
Calculate cmac from master in ss.
enum GNUNET_TESTBED_UnderlayLinkModelType type
the type of this model
Header for all communications.
static int find_sender_by_address(void *cls, const struct GNUNET_PeerIdentity *key, void *value)
Find existing struct SenderAddress by matching addresses.
Time for absolute times used by GNUnet, in microseconds.
static void mq_error(void *cls, enum GNUNET_MQ_Error error)
Generic error handler, called with the appropriate error code and the same closure specified at the c...
struct GNUNET_SCHEDULER_Task * GNUNET_SCHEDULER_add_read_net(struct GNUNET_TIME_Relative delay, struct GNUNET_NETWORK_Handle *rfd, GNUNET_SCHEDULER_TaskCallback task, void *task_cls)
Schedule a new task to be run with a specified delay or when the specified file descriptor is ready f...
Definition: scheduler.c:1517
struct SenderAddress * sender
Return value to set if we found a match.
enum GNUNET_GenericReturnValue GNUNET_CRYPTO_hkdf(void *result, size_t out_len, int xtr_algo, int prf_algo, const void *xts, size_t xts_len, const void *skm, size_t skm_len,...)
Derive key.
Definition: crypto_hkdf.c:320
unsigned int GNUNET_CONTAINER_multipeermap_size(const struct GNUNET_CONTAINER_MultiPeerMap *map)
Get the number of key-value pairs in the map.
#define MAX_SQN_DELTA
What is the maximum delta between KCN sequence numbers that we allow.
static void check_for_rekeying(struct ReceiverAddress *receiver, struct UDPBox *box)
static void decrypt_rekey(const struct UDPRekey *rekey, size_t rekey_len, struct KeyCacheEntry *kce, struct SenderAddress *sender)
We received a rekey with matching kce.
struct GNUNET_CRYPTO_EcdhePublicKey ephemeral
Ephemeral key used by the sender.
int number_rekeying_kce
Number of kce we retain for sending the rekeying shared secret.
static struct GNUNET_TRANSPORT_CommunicatorHandle * ch
Our environment.
struct GNUNET_PeerIdentity target
To whom are we talking to.
uint32_t acks_available
Sequence acknowledgement limit.
static struct GNUNET_PeerIdentity pid
Identity of the peer we transmit to / connect to.
static void mq_send_kx(struct GNUNET_MQ_Handle *mq, const struct GNUNET_MessageHeader *msg, void *impl_state)
Signature of functions implementing the sending functionality of a message queue. ...
ssize_t GNUNET_NETWORK_socket_recvfrom(const struct GNUNET_NETWORK_Handle *desc, void *buffer, size_t length, struct sockaddr *src_addr, socklen_t *addrlen)
Read data from a socket (always non-blocking).
Definition: network.c:754
struct GNUNET_TIME_Absolute timeout
Timeout for this receiver address.
static void kce_generate(struct SharedSecret *ss, uint32_t seq)
Setup key cache entry for sequence number seq and shared secret ss.
void * GNUNET_CONTAINER_heap_remove_node(struct GNUNET_CONTAINER_HeapNode *node)
Removes a node from the heap.
static void do_shutdown(void *cls)
Shutdown the UNIX communicator.
static void destroy_all_secrets(struct SharedSecret *ss, int withoutKce)
Destroying all secrets.
Interface we broadcast our presence on.
Handle to the TRANSPORT subsystem for application management.
struct GNUNET_TIME_AbsoluteNBO GNUNET_TIME_absolute_hton(struct GNUNET_TIME_Absolute a)
Convert absolute time to network byte order.
Definition: time.c:464
static char * address
GNS address for this phone.
void GNUNET_MQ_impl_send_continue(struct GNUNET_MQ_Handle *mq)
Call the send implementation for the next queued message, if any.
Definition: mq.c:499
struct GNUNET_TRANSPORT_QueueHandle * kx_qh
handle for KX queue with the ch.
const char * GNUNET_i2s(const struct GNUNET_PeerIdentity *pid)
Convert a peer identity to a string (for printing debug messages).
struct BroadcastInterface * prev
Kept in a DLL.
static const struct GNUNET_CONFIGURATION_Handle * cfg
Our configuration.
static void sender_destroy(struct SenderAddress *sender)
Functions with this signature are called whenever we need to close a sender&#39;s state due to timeout...
Handle returned to identify the internal data structure the transport API has created to manage a mes...
int GNUNET_NETWORK_socket_close(struct GNUNET_NETWORK_Handle *desc)
Close a socket.
Definition: network.c:560
int GNUNET_CONTAINER_multipeermap_get_multiple(struct GNUNET_CONTAINER_MultiPeerMap *map, const struct GNUNET_PeerIdentity *key, GNUNET_CONTAINER_PeerMapIterator it, void *it_cls)
Iterate over all entries in the map that match a particular key.
int rekeying
Flag indicating sender is initiated rekeying for this receiver.
No good quality of the operation is needed (i.e., random numbers can be pseudo-random).
#define GNUNET_malloc(size)
Wrapper around malloc.
void GNUNET_TRANSPORT_communicator_mq_update(struct GNUNET_TRANSPORT_CommunicatorHandle *ch, const struct GNUNET_TRANSPORT_QueueHandle *u_qh, uint64_t q_len, uint32_t priority)
Notify transport service that an MQ was updated.
int GNUNET_NETWORK_test_pf(int pf)
Test if the given protocol family is supported by this system.
Definition: network.c:85
struct BroadcastInterface * next
Kept in a DLL.
Internal representation of an address a communicator is currently providing for the transport service...
#define GNUNET_free(ptr)
Wrapper around free.
struct SharedSecret * ss_rekey
Shared secret we use with target for rekeying.
Time for relative time used by GNUnet, in microseconds.
struct GNUNET_CRYPTO_EddsaPublicKey public_key
struct GNUNET_NETWORK_Handle * GNUNET_NETWORK_socket_create(int domain, int type, int protocol)
Create a new socket.
Definition: network.c:909
struct SharedSecret * ss_head
Shared secrets we received from target, first used is head.
static struct GNUNET_SCHEDULER_Task * timeout_task
ID of timeout task.
const struct sockaddr * address
Address we are looking for.
void * GNUNET_SCHEDULER_cancel(struct GNUNET_SCHEDULER_Task *task)
Cancel the task with the specified identifier.
Definition: scheduler.c:972
static int try_decrypt(const struct SharedSecret *ss, const char tag[(128/8)], uint32_t serial, const char *in_buf, size_t in_buf_size, char *out_buf)
Try to decrypt buf using shared secret ss and key/iv derived using serial.
struct GNUNET_MQ_Handle * d_mq
Default message queue we are providing for the ch.
enum GNUNET_NetworkType nt
Which network type does this queue use?