[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r35578 - gnunet/src/cadet
From: |
gnunet |
Subject: |
[GNUnet-SVN] r35578 - gnunet/src/cadet |
Date: |
Mon, 27 Apr 2015 21:14:13 +0200 |
Author: bartpolot
Date: 2015-04-27 21:14:13 +0200 (Mon, 27 Apr 2015)
New Revision: 35578
Modified:
gnunet/src/cadet/cadet_protocol.h
gnunet/src/cadet/gnunet-service-cadet_connection.c
gnunet/src/cadet/gnunet-service-cadet_peer.c
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
Log:
- refactor kx handling
Modified: gnunet/src/cadet/cadet_protocol.h
===================================================================
--- gnunet/src/cadet/cadet_protocol.h 2015-04-27 19:14:12 UTC (rev 35577)
+++ gnunet/src/cadet/cadet_protocol.h 2015-04-27 19:14:13 UTC (rev 35578)
@@ -72,6 +72,7 @@
/* struct GNUNET_PeerIdentity peers[path_length]; */
};
+
/**
* Message for ack'ing a connection
*/
@@ -109,7 +110,27 @@
};
+
/**
+ * Message for encapsulation of a Key eXchange message in a connection.
+ */
+struct GNUNET_CADET_AX_KX
+{
+ /**
+ * Type: GNUNET_MESSAGE_TYPE_CADET_AX_KX.
+ */
+ struct GNUNET_MessageHeader header;
+
+ /**
+ * Ephemeral public ECC key (always for NIST P-521) encoded in a format
+ * suitable for network transmission as created using 'gcry_sexp_sprint'.
+ */
+ struct GNUNET_CRYPTO_EcdhePublicKey ephemeral_key;
+
+};
+
+
+/**
* Message transmitted with the signed ephemeral key of a peer. The
* session key is then derived from the two ephemeral keys (ECDHE).
*
Modified: gnunet/src/cadet/gnunet-service-cadet_connection.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_connection.c 2015-04-27 19:14:12 UTC
(rev 35577)
+++ gnunet/src/cadet/gnunet-service-cadet_connection.c 2015-04-27 19:14:13 UTC
(rev 35578)
@@ -2296,72 +2296,21 @@
*/
static int
handle_cadet_kx (const struct GNUNET_PeerIdentity *peer,
- const struct GNUNET_CADET_KX *msg)
+ const struct GNUNET_CADET_KX *msg)
{
+ const struct GNUNET_CADET_Hash* cid;
struct CadetConnection *c;
- struct CadetPeer *neighbor;
- GNUNET_PEER_Id peer_id;
- size_t size;
+ size_t expected_size;
int fwd;
- log_message (&msg->header, peer, &msg->cid);
+ cid = &msg->cid;
+ log_message (&msg->header, peer, cid);
- /* Check size */
- size = ntohs (msg->header.size);
- if (size <
- sizeof (struct GNUNET_CADET_KX) +
- sizeof (struct GNUNET_MessageHeader))
- {
- GNUNET_break_op (0);
- return GNUNET_OK;
- }
+ expected_size = sizeof (struct GNUNET_CADET_KX)
+ + sizeof (struct GNUNET_MessageHeader);
+ c = connection_get (cid);
+ fwd = check_message (&msg->header, expected_size, cid, c, peer, 0);
- /* Check connection */
- c = connection_get (&msg->cid);
- if (NULL == c)
- {
- GNUNET_STATISTICS_update (stats, "# unknown connection", 1, GNUNET_NO);
- LOG (GNUNET_ERROR_TYPE_DEBUG, "kx on unknown connection %s\n",
- GNUNET_h2s (GC_h2hc (&msg->cid)));
- send_broken_unknown (&msg->cid, &my_full_id, NULL, peer);
- return GNUNET_OK;
- }
- LOG (GNUNET_ERROR_TYPE_DEBUG, " on connection %s\n", GCC_2s (c));
-
- /* Check if origin is as expected */
- neighbor = get_prev_hop (c);
- peer_id = GNUNET_PEER_search (peer);
- if (peer_id == GCP_get_short_id (neighbor))
- {
- fwd = GNUNET_YES;
- }
- else
- {
- neighbor = get_next_hop (c);
- if (peer_id == GCP_get_short_id (neighbor))
- {
- fwd = GNUNET_NO;
- }
- else
- {
- /* Unexpected peer sending traffic on a connection. */
- GNUNET_break_op (0);
- return GNUNET_OK;
- }
- }
-
- /* Count as connection confirmation. */
- if (CADET_CONNECTION_SENT == c->state || CADET_CONNECTION_ACK == c->state)
- {
- connection_change_state (c, CADET_CONNECTION_READY);
- if (NULL != c->t)
- {
- if (CADET_TUNNEL_WAITING == GCT_get_cstate (c->t))
- GCT_change_cstate (c->t, CADET_TUNNEL_READY);
- }
- }
- connection_reset_timeout (c, fwd);
-
/* Is this message for us? */
if (GCC_is_terminal (c, fwd))
{
@@ -2423,93 +2372,6 @@
/**
- * Core handler for axolotl key exchange traffic.
- *
- * @param cls Closure (unused).
- * @param message Message received.
- * @param peer Neighbor who sent the message.
- *
- * @return GNUNET_OK, to keep the connection open.
- */
-int
-GCC_handle_ax_kx (void *cls, const struct GNUNET_PeerIdentity *peer,
- const struct GNUNET_MessageHeader *message)
-{
- const struct GNUNET_CADET_AX *msg;
- struct CadetConnection *c;
- size_t expected_size;
- uint32_t pid;
- uint32_t ttl;
- int fwd;
-
- msg = (struct GNUNET_CADET_AX *) message;
- log_message (message, peer, &msg->cid);
-
- expected_size = sizeof (struct GNUNET_CADET_AX)
- + sizeof (struct GNUNET_MessageHeader);
- c = connection_get (&msg->cid);
- pid = ntohl (msg->pid);
- fwd = check_message (message, expected_size, c, peer, pid);
-
- /* If something went wrong, discard message. */
- if (GNUNET_SYSERR == fwd)
- return GNUNET_OK;
-
- /* Is this message for us? */
- if (GCC_is_terminal (c, fwd))
- {
- GNUNET_STATISTICS_update (stats, "# messages received", 1, GNUNET_NO);
-
- if (NULL == c->t)
- {
- GNUNET_break (GNUNET_NO != c->destroy);
- return GNUNET_OK;
- }
- GCT_handle_encrypted (c->t, message);
- GCC_send_ack (c, fwd, GNUNET_NO);
- return GNUNET_OK;
- }
-
- /* Message not for us: forward to next hop */
- ttl = ntohl (msg->ttl);
- LOG (GNUNET_ERROR_TYPE_DEBUG, " forwarding, ttl: %u\n", ttl);
- if (ttl == 0)
- {
- GNUNET_STATISTICS_update (stats, "# TTL drops", 1, GNUNET_NO);
- LOG (GNUNET_ERROR_TYPE_WARNING, " TTL is 0, DROPPING!\n");
- GCC_send_ack (c, fwd, GNUNET_NO);
- return GNUNET_OK;
- }
-
- GNUNET_STATISTICS_update (stats, "# messages forwarded", 1, GNUNET_NO);
- GNUNET_assert (NULL == GCC_send_prebuilt_message (&msg->header, 0, 0, c, fwd,
- GNUNET_NO, NULL, NULL));
-
-
-
- return GNUNET_OK;
-}
-
-
-
-/**
- * Core handler for axolotl encrypted cadet network traffic.
- *
- * @param cls Closure (unused).
- * @param message Message received.
- * @param peer Neighbor who sent the message.
- *
- * @return GNUNET_OK, to keep the connection open.
- */
-int
-GCC_handle_ax (void *cls, const struct GNUNET_PeerIdentity *peer,
- struct GNUNET_MessageHeader *message)
-{
- return handle_cadet_encrypted (peer, message);
-}
-
-
-/**
* Core handler for cadet network traffic point-to-point acks.
*
* @param cls closure
Modified: gnunet/src/cadet/gnunet-service-cadet_peer.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_peer.c 2015-04-27 19:14:12 UTC
(rev 35577)
+++ gnunet/src/cadet/gnunet-service-cadet_peer.c 2015-04-27 19:14:13 UTC
(rev 35578)
@@ -483,9 +483,7 @@
{&GCC_handle_poll, GNUNET_MESSAGE_TYPE_CADET_POLL,
sizeof (struct GNUNET_CADET_Poll)},
{&GCC_handle_kx, GNUNET_MESSAGE_TYPE_CADET_KX, 0},
- {&GCC_handle_encrypted, GNUNET_MESSAGE_TYPE_CADET_ENCRYPTED, 0},
- {&GCC_handle_ax_kx, GNUNET_MESSAGE_TYPE_CADET_AX_KX, 0}, {NULL, 0, 0},
- {&GCC_handle_ax, GNUNET_MESSAGE_TYPE_CADET_AX, 0}
+ {&GCC_handle_encrypted, GNUNET_MESSAGE_TYPE_CADET_ENCRYPTED, 0}
};
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-04-27 19:14:12 UTC
(rev 35577)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-04-27 19:14:13 UTC
(rev 35578)
@@ -135,7 +135,22 @@
struct GNUNET_SCHEDULER_Task * finish_task;
};
+/**
+ * Encryption systems possible.
+ */
+enum CadetTunnelEncryption
+{
+ /**
+ * Default Axolotl system.
+ */
+ CADET_Axolotl,
+ /**
+ * Fallback OTR-style encryption.
+ */
+ CADET_Fallback
+};
+
struct CadetTunnelSkippedKey
{
struct CadetTunnelSkippedKey *next;
@@ -177,14 +192,24 @@
*/
struct CadetTunnel
{
- /**
- * Endpoint of the tunnel.
- */
+ /**
+ * Endpoint of the tunnel.
+ */
struct CadetPeer *peer;
- /**
- * State of the tunnel connectivity.
- */
+ /**
+ * Type of encryption used in the tunnel.
+ */
+ enum CadetTunnelEncryption enc_type;
+
+ /**
+ * Axolotl info.
+ */
+ struct CadetTunnelAxolotl *ax;
+
+ /**
+ * State of the tunnel connectivity.
+ */
enum CadetTunnelCState cstate;
/**
@@ -899,6 +924,13 @@
void *dst, const void *src, size_t size,
const struct GNUNET_CADET_Hash *msg_hmac)
{
+ struct CadetTunnelAxolotl *ax;
+
+ ax = t->ax;
+
+ if (NULL == ax)
+ return -1;
+
return 0;
}
@@ -2005,6 +2037,14 @@
return;
}
+ /* If we get a proper OTR-style ephemeral, fallback to old crypto. */
+ if (NULL != t->ax)
+ {
+ GNUNET_free (t->ax);
+ t->ax = NULL;
+ t->enc_type = CADET_Fallback;
+ }
+
/**
* If the key is different from what we know, derive the new E/D keys.
* Else destroy the rekey ctx (duplicate EPHM after successful KX).
@@ -2099,6 +2139,23 @@
/**
+ * .
+ *
+ * @param t Tunnel this message came on.
+ * @param msg Key eXchange Pong message.
+ */
+static void
+handle_kx_ax (struct CadetTunnel *t, const struct GNUNET_CADET_AX_KX *msg)
+{
+
+ if (NULL == t->ax)
+ {
+ t->ax = GNUNET_new (struct CadetTunnelAxolotl);
+ }
+}
+
+
+/**
* Demultiplex by message type and call appropriate handler for a message
* towards a channel of a local tunnel.
*
@@ -2255,9 +2312,13 @@
handle_pong (t, (const struct GNUNET_CADET_KX_Pong *) message);
break;
+ case GNUNET_MESSAGE_TYPE_CADET_AX_KX:
+ handle_kx_ax (t, (const struct GNUNET_CADET_AX_KX *) message);
+ break;
+
default:
GNUNET_break_op (0);
- LOG (GNUNET_ERROR_TYPE_DEBUG, "kx message not known (%u)\n", type);
+ LOG (GNUNET_ERROR_TYPE_WARNING, "kx message %s unknown\n", GC_m2s
(type));
}
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r35578 - gnunet/src/cadet,
gnunet <=