[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r33692 - gnunet/src/cadet
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] r33692 - gnunet/src/cadet |
|
Date: |
Tue, 17 Jun 2014 14:13:33 +0200 |
Author: bartpolot
Date: 2014-06-17 14:13:33 +0200 (Tue, 17 Jun 2014)
New Revision: 33692
Modified:
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
gnunet/src/cadet/gnunet-service-cadet_tunnel.h
Log:
- add rekey state
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2014-06-17 12:13:32 UTC
(rev 33691)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2014-06-17 12:13:33 UTC
(rev 33692)
@@ -400,7 +400,9 @@
int ready;
GCT_debug (t, GNUNET_ERROR_TYPE_DEBUG);
- ready = CADET_TUNNEL3_READY == t->cstate && CADET_TUNNEL3_KEY_OK ==
t->estate;
+ ready = CADET_TUNNEL3_READY == t->cstate
+ && (CADET_TUNNEL3_KEY_OK == t->estate
+ || CADET_TUNNEL3_KEY_REKEY == t->estate);
ready = ready || GCT_is_loopback (t);
return ready;
}
@@ -1294,7 +1296,23 @@
LOG (GNUNET_ERROR_TYPE_DEBUG, " new challenge for %s: %u\n",
GCT_2s (t), t->kx_ctx->challenge);
}
+ else
+ {
+ struct GNUNET_TIME_Relative duration;
+ duration = GNUNET_TIME_absolute_get_duration (t->kx_ctx->rekey_start_time);
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " kx started %s ago\n",
+ GNUNET_STRINGS_relative_time_to_string (duration, GNUNET_YES));
+
+ // FIXME make duration of old keys configurable
+ if (duration.rel_value_us > GNUNET_TIME_UNIT_MINUTES.rel_value_us)
+ {
+ memset (&t->kx_ctx->d_key_old, 0, sizeof (t->kx_ctx->d_key_old));
+ memset (&t->kx_ctx->e_key_old, 0, sizeof (t->kx_ctx->e_key_old));
+ t->estate = CADET_TUNNEL3_KEY_PING;
+ }
+ }
+
send_ephemeral (t);
switch (t->estate)
@@ -1304,10 +1322,12 @@
break;
case CADET_TUNNEL3_KEY_SENT:
break;
+ case CADET_TUNNEL3_KEY_OK:
+ t->estate = CADET_TUNNEL3_KEY_REKEY;
+ /* fall-thru */
case CADET_TUNNEL3_KEY_PING:
- case CADET_TUNNEL3_KEY_OK:
+ case CADET_TUNNEL3_KEY_REKEY:
send_ping (t);
- t->estate = CADET_TUNNEL3_KEY_PING;
break;
default:
LOG (GNUNET_ERROR_TYPE_DEBUG, "Unexpected state %u\n", t->estate);
@@ -1709,6 +1729,10 @@
{
t->peers_ephemeral_key = msg->ephemeral_key;
create_keys (t);
+ if (CADET_TUNNEL3_KEY_OK == t->estate)
+ {
+ t->estate = CADET_TUNNEL3_KEY_REKEY;
+ }
}
if (CADET_TUNNEL3_KEY_SENT == t->estate)
{
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.h
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.h 2014-06-17 12:13:32 UTC
(rev 33691)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.h 2014-06-17 12:13:33 UTC
(rev 33692)
@@ -90,7 +90,8 @@
/**
* New ephemeral key and ping sent, waiting for pong.
* This means that we DO have the peer's ephemeral key, otherwise the
- * state would be KEY_SENT.
+ * state would be KEY_SENT. We DO NOT have a valid session key (either no
+ * previous key or previous key expired).
*/
CADET_TUNNEL3_KEY_PING,
@@ -98,6 +99,13 @@
* Handshake completed: session key available.
*/
CADET_TUNNEL3_KEY_OK,
+
+ /**
+ * New ephemeral key and ping sent, waiting for pong. Opposite to KEY_PING,
+ * we still have a valid session key and therefore we *can* still send
+ * traffic on the tunnel.
+ */
+ CADET_TUNNEL3_KEY_REKEY,
};
/**
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r33692 - gnunet/src/cadet,
gnunet <=