2 This file is part of GNUnet.
3 (C) 2013 Christian Grothoff (and other contributing authors)
5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published
7 by the Free Software Foundation; either version 3, or (at your
8 option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 General Public License for more details.
15 You should have received a copy of the GNU General Public License
16 along with GNUnet; see the file COPYING. If not, write to the
17 Free Software Foundation, Inc., 59 Temple Place - Suite 330,
18 Boston, MA 02111-1307, USA.
22 #include "gnunet_util_lib.h"
24 #include "gnunet_signatures.h"
25 #include "gnunet_statistics_service.h"
27 #include "cadet_protocol.h"
28 #include "cadet_path.h"
30 #include "gnunet-service-cadet_tunnel.h"
31 #include "gnunet-service-cadet_connection.h"
32 #include "gnunet-service-cadet_channel.h"
33 #include "gnunet-service-cadet_peer.h"
35 #define LOG(level, ...) GNUNET_log_from(level,"cadet-tun",__VA_ARGS__)
37 #define REKEY_WAIT GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 5)
39 #define CONNECTIONS_PER_TUNNEL 3
41 #if !defined(GNUNET_CULL_LOGGING)
42 #define DUMP_KEYS_TO_STDERR GNUNET_YES
44 #define DUMP_KEYS_TO_STDERR GNUNET_NO
47 /******************************************************************************/
48 /******************************** STRUCTS **********************************/
49 /******************************************************************************/
53 struct CadetTChannel *next;
54 struct CadetTChannel *prev;
55 struct CadetChannel *ch;
60 * Connection list and metadata.
62 struct CadetTConnection
67 struct CadetTConnection *next;
72 struct CadetTConnection *prev;
77 struct CadetConnection *c;
80 * Creation time, to keep oldest connection alive.
82 struct GNUNET_TIME_Absolute created;
85 * Connection throughput, to keep fastest connection alive.
91 * Structure used during a Key eXchange.
93 struct CadetTunnelKXCtx
96 * Encryption ("our") old key, for encrypting traffic sent by us
97 * end before the key exchange is finished or times out.
99 struct GNUNET_CRYPTO_SymmetricSessionKey e_key_old;
102 * Decryption ("their") old key, for decrypting traffic sent by the
103 * other end before the key exchange started.
105 struct GNUNET_CRYPTO_SymmetricSessionKey d_key_old;
108 * Challenge to send in a ping and expect in the pong.
113 * When the rekey started. One minute after this the new key will be used.
115 struct GNUNET_TIME_Absolute rekey_start_time;
118 * Task for delayed destruction of the Key eXchange context, to allow delayed
119 * messages with the old key to be decrypted successfully.
121 GNUNET_SCHEDULER_TaskIdentifier finish_task;
125 * Struct containing all information regarding a tunnel to a peer.
130 * Endpoint of the tunnel.
132 struct CadetPeer *peer;
135 * State of the tunnel connectivity.
137 enum CadetTunnelCState cstate;
140 * State of the tunnel encryption.
142 enum CadetTunnelEState estate;
145 * Key eXchange context.
147 struct CadetTunnelKXCtx *kx_ctx;
150 * Peer's ephemeral key, to recreate @c e_key and @c d_key when own ephemeral
153 struct GNUNET_CRYPTO_EcdhePublicKey peers_ephemeral_key;
156 * Encryption ("our") key.
158 struct GNUNET_CRYPTO_SymmetricSessionKey e_key;
161 * Decryption ("their") key.
163 struct GNUNET_CRYPTO_SymmetricSessionKey d_key;
166 * Task to start the rekey process.
168 GNUNET_SCHEDULER_TaskIdentifier rekey_task;
171 * Paths that are actively used to reach the destination peer.
173 struct CadetTConnection *connection_head;
174 struct CadetTConnection *connection_tail;
177 * Next connection number.
182 * Channels inside this tunnel.
184 struct CadetTChannel *channel_head;
185 struct CadetTChannel *channel_tail;
188 * Channel ID for the next created channel.
190 CADET_ChannelNumber next_chid;
193 * Destroy flag: if true, destroy on last message.
195 GNUNET_SCHEDULER_TaskIdentifier destroy_task;
198 * Queued messages, to transmit once tunnel gets connected.
200 struct CadetTunnelDelayed *tq_head;
201 struct CadetTunnelDelayed *tq_tail;
206 * Struct used to save messages in a non-ready tunnel to send once connected.
208 struct CadetTunnelDelayed
213 struct CadetTunnelDelayed *next;
214 struct CadetTunnelDelayed *prev;
219 struct CadetTunnel *t;
222 * Tunnel queue given to the channel to cancel request. Update on send_queued.
224 struct CadetTunnelQueue *tq;
229 /* struct GNUNET_MessageHeader *msg; */
234 * Handle for messages queued but not yet sent.
236 struct CadetTunnelQueue
239 * Connection queue handle, to cancel if necessary.
241 struct CadetConnectionQueue *cq;
244 * Handle in case message hasn't been given to a connection yet.
246 struct CadetTunnelDelayed *tqd;
249 * Continuation to call once sent.
254 * Closure for @c cont.
260 /******************************************************************************/
261 /******************************* GLOBALS ***********************************/
262 /******************************************************************************/
265 * Global handle to the statistics service.
267 extern struct GNUNET_STATISTICS_Handle *stats;
270 * Local peer own ID (memory efficient handle).
272 extern GNUNET_PEER_Id myid;
275 * Local peer own ID (full value).
277 extern struct GNUNET_PeerIdentity my_full_id;
281 * Don't try to recover tunnels if shutting down.
283 extern int shutting_down;
287 * Set of all tunnels, in order to trigger a new exchange on rekey.
288 * Indexed by peer's ID.
290 static struct GNUNET_CONTAINER_MultiPeerMap *tunnels;
293 * Default TTL for payload packets.
295 static unsigned long long default_ttl;
300 const static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key;
303 * Own ephemeral private key.
305 static struct GNUNET_CRYPTO_EcdhePrivateKey *my_ephemeral_key;
308 * Cached message used to perform a key exchange.
310 static struct GNUNET_CADET_KX_Ephemeral kx_msg;
313 * Task to generate a new ephemeral key.
315 static GNUNET_SCHEDULER_TaskIdentifier rekey_task;
320 static struct GNUNET_TIME_Relative rekey_period;
322 /******************************************************************************/
323 /******************************** STATIC ***********************************/
324 /******************************************************************************/
327 * Get string description for tunnel connectivity state.
329 * @param cs Tunnel state.
331 * @return String representation.
334 cstate2s (enum CadetTunnelCState cs)
340 case CADET_TUNNEL_NEW:
341 return "CADET_TUNNEL_NEW";
342 case CADET_TUNNEL_SEARCHING:
343 return "CADET_TUNNEL_SEARCHING";
344 case CADET_TUNNEL_WAITING:
345 return "CADET_TUNNEL_WAITING";
346 case CADET_TUNNEL_READY:
347 return "CADET_TUNNEL_READY";
350 sprintf (buf, "%u (UNKNOWN STATE)", cs);
358 * Get string description for tunnel encryption state.
360 * @param es Tunnel state.
362 * @return String representation.
365 estate2s (enum CadetTunnelEState es)
371 case CADET_TUNNEL_KEY_UNINITIALIZED:
372 return "CADET_TUNNEL_KEY_UNINITIALIZED";
373 case CADET_TUNNEL_KEY_SENT:
374 return "CADET_TUNNEL_KEY_SENT";
375 case CADET_TUNNEL_KEY_PING:
376 return "CADET_TUNNEL_KEY_PING";
377 case CADET_TUNNEL_KEY_OK:
378 return "CADET_TUNNEL_KEY_OK";
379 case CADET_TUNNEL_KEY_REKEY:
380 return "CADET_TUNNEL_KEY_REKEY";
382 sprintf (buf, "%u (UNKNOWN STATE)", es);
390 * @brief Check if tunnel is ready to send traffic.
392 * Tunnel must be connected and with encryption correctly set up.
394 * @param t Tunnel to check.
396 * @return #GNUNET_YES if ready, #GNUNET_NO otherwise
399 is_ready (struct CadetTunnel *t)
403 GCT_debug (t, GNUNET_ERROR_TYPE_DEBUG);
404 ready = CADET_TUNNEL_READY == t->cstate
405 && (CADET_TUNNEL_KEY_OK == t->estate
406 || CADET_TUNNEL_KEY_REKEY == t->estate);
407 ready = ready || GCT_is_loopback (t);
413 * Ephemeral key message purpose size.
415 * @return Size of the part of the ephemeral key message that must be signed.
418 ephemeral_purpose_size (void)
420 return sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) +
421 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
422 sizeof (struct GNUNET_TIME_AbsoluteNBO) +
423 sizeof (struct GNUNET_CRYPTO_EcdhePublicKey) +
424 sizeof (struct GNUNET_PeerIdentity);
429 * Size of the encrypted part of a ping message.
431 * @return Size of the encrypted part of a ping message.
434 ping_encryption_size (void)
436 return sizeof (struct GNUNET_PeerIdentity) + sizeof (uint32_t);
441 * Get the channel's buffer. ONLY FOR NON-LOOPBACK CHANNELS!!
443 * @param tch Tunnel's channel handle.
445 * @return Amount of messages the channel can still buffer towards the client.
448 get_channel_buffer (const struct CadetTChannel *tch)
452 /* If channel is outgoing, is origin in the FWD direction and fwd is YES */
453 fwd = GCCH_is_origin (tch->ch, GNUNET_YES);
455 return GCCH_get_buffer (tch->ch, fwd);
460 * Get the channel's allowance status.
462 * @param tch Tunnel's channel handle.
464 * @return #GNUNET_YES if we allowed the client to send data to us.
467 get_channel_allowed (const struct CadetTChannel *tch)
471 /* If channel is outgoing, is origin in the FWD direction and fwd is YES */
472 fwd = GCCH_is_origin (tch->ch, GNUNET_YES);
474 return GCCH_get_allowed (tch->ch, fwd);
479 * Get the connection's buffer.
481 * @param tc Tunnel's connection handle.
483 * @return Amount of messages the connection can still buffer.
486 get_connection_buffer (const struct CadetTConnection *tc)
490 /* If connection is outgoing, is origin in the FWD direction and fwd is YES */
491 fwd = GCC_is_origin (tc->c, GNUNET_YES);
493 return GCC_get_buffer (tc->c, fwd);
498 * Get the connection's allowance.
500 * @param tc Tunnel's connection handle.
502 * @return Amount of messages we have allowed the next peer to send us.
505 get_connection_allowed (const struct CadetTConnection *tc)
509 /* If connection is outgoing, is origin in the FWD direction and fwd is YES */
510 fwd = GCC_is_origin (tc->c, GNUNET_YES);
512 return GCC_get_allowed (tc->c, fwd);
517 * Check that a ephemeral key message s well formed and correctly signed.
519 * @param t Tunnel on which the message came.
520 * @param msg The ephemeral key message.
522 * @return GNUNET_OK if message is fine, GNUNET_SYSERR otherwise.
525 check_ephemeral (struct CadetTunnel *t,
526 const struct GNUNET_CADET_KX_Ephemeral *msg)
528 /* Check message size */
529 if (ntohs (msg->header.size) != sizeof (struct GNUNET_CADET_KX_Ephemeral))
530 return GNUNET_SYSERR;
532 /* Check signature size */
533 if (ntohl (msg->purpose.size) != ephemeral_purpose_size ())
534 return GNUNET_SYSERR;
537 if (0 != memcmp (&msg->origin_identity,
538 GCP_get_id (t->peer),
539 sizeof (struct GNUNET_PeerIdentity)))
540 return GNUNET_SYSERR;
542 /* Check signature */
544 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_CADET_KX,
547 &msg->origin_identity.public_key))
548 return GNUNET_SYSERR;
555 * Select the best key to use for encryption (send), based on KX status.
557 * Normally, return the current key. If there is a KX in progress and the old
558 * key is fresh enough, return the old key.
560 * @param t Tunnel to choose the key from.
562 * @return The optimal key to encrypt/hmac outgoing traffic.
564 static const struct GNUNET_CRYPTO_SymmetricSessionKey *
565 select_key (const struct CadetTunnel *t)
567 const struct GNUNET_CRYPTO_SymmetricSessionKey *key;
569 if (NULL != t->kx_ctx
570 && GNUNET_SCHEDULER_NO_TASK == t->kx_ctx->finish_task)
572 struct GNUNET_TIME_Relative age;
574 age = GNUNET_TIME_absolute_get_duration (t->kx_ctx->rekey_start_time);
575 LOG (GNUNET_ERROR_TYPE_DEBUG,
576 " key exchange in progress, started %s ago\n",
577 GNUNET_STRINGS_relative_time_to_string (age, GNUNET_YES));
578 // FIXME make duration of old keys configurable
579 if (age.rel_value_us < GNUNET_TIME_UNIT_MINUTES.rel_value_us)
581 LOG (GNUNET_ERROR_TYPE_DEBUG, " using old key\n");
582 key = &t->kx_ctx->e_key_old;
586 LOG (GNUNET_ERROR_TYPE_DEBUG, " using new key\n");
592 LOG (GNUNET_ERROR_TYPE_DEBUG, " no KX: using current key\n");
602 * @param plaintext Content to HMAC.
603 * @param size Size of @c plaintext.
604 * @param iv Initialization vector for the message.
605 * @param key Key to use.
606 * @param hmac[out] Destination to store the HMAC.
609 t_hmac (const void *plaintext, size_t size,
610 uint32_t iv, const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
611 struct GNUNET_CADET_Hash *hmac)
613 static const char ctx[] = "cadet authentication key";
614 struct GNUNET_CRYPTO_AuthKey auth_key;
615 struct GNUNET_HashCode hash;
617 #if DUMP_KEYS_TO_STDERR
618 LOG (GNUNET_ERROR_TYPE_INFO, " HMAC with key %s\n",
619 GNUNET_h2s ((struct GNUNET_HashCode *) key));
621 GNUNET_CRYPTO_hmac_derive_key (&auth_key, key,
626 /* Two step: CADET_Hash is only 256 bits, HashCode is 512. */
627 GNUNET_CRYPTO_hmac (&auth_key, plaintext, size, &hash);
628 memcpy (hmac, &hash, sizeof (*hmac));
633 * Encrypt daforce_newest_keyta with the tunnel key.
635 * @param t Tunnel whose key to use.
636 * @param dst Destination for the encrypted data.
637 * @param src Source of the plaintext. Can overlap with @c dst.
638 * @param size Size of the plaintext.
639 * @param iv Initialization Vector to use.
640 * @param force_newest_key Force the use of the newest key, otherwise
641 * CADET will use the old key when allowed.
642 * This can happen in the case when a KX is going on
643 * and the old one hasn't expired.
646 t_encrypt (struct CadetTunnel *t, void *dst, const void *src,
647 size_t size, uint32_t iv, int force_newest_key)
649 struct GNUNET_CRYPTO_SymmetricInitializationVector siv;
650 const struct GNUNET_CRYPTO_SymmetricSessionKey *key;
653 LOG (GNUNET_ERROR_TYPE_DEBUG, " t_encrypt start\n");
655 key = GNUNET_YES == force_newest_key ? &t->e_key : select_key (t);
656 #if DUMP_KEYS_TO_STDERR
657 LOG (GNUNET_ERROR_TYPE_INFO, " ENC with key %s\n",
658 GNUNET_h2s ((struct GNUNET_HashCode *) key));
660 GNUNET_CRYPTO_symmetric_derive_iv (&siv, key, &iv, sizeof (iv), NULL);
661 LOG (GNUNET_ERROR_TYPE_DEBUG, " t_encrypt IV derived\n");
662 out_size = GNUNET_CRYPTO_symmetric_encrypt (src, size, key, &siv, dst);
663 LOG (GNUNET_ERROR_TYPE_DEBUG, " t_encrypt end\n");
670 * Decrypt and verify data with the appropriate tunnel key.
672 * @param key Key to use.
673 * @param dst Destination for the plaintext.
674 * @param src Source of the encrypted data. Can overlap with @c dst.
675 * @param size Size of the encrypted data.
676 * @param iv Initialization Vector to use.
678 * @return Size of the decrypted data, -1 if an error was encountered.
681 decrypt (const struct GNUNET_CRYPTO_SymmetricSessionKey *key,
682 void *dst, const void *src, size_t size, uint32_t iv)
684 struct GNUNET_CRYPTO_SymmetricInitializationVector siv;
687 LOG (GNUNET_ERROR_TYPE_DEBUG, " decrypt start\n");
688 LOG (GNUNET_ERROR_TYPE_DEBUG, " decrypt iv\n");
689 GNUNET_CRYPTO_symmetric_derive_iv (&siv, key, &iv, sizeof (iv), NULL);
690 LOG (GNUNET_ERROR_TYPE_DEBUG, " decrypt iv done\n");
691 out_size = GNUNET_CRYPTO_symmetric_decrypt (src, size, key, &siv, dst);
692 LOG (GNUNET_ERROR_TYPE_DEBUG, " decrypt end\n");
699 * Decrypt and verify data with the most recent tunnel key.
701 * @param t Tunnel whose key to use.
702 * @param dst Destination for the plaintext.
703 * @param src Source of the encrypted data. Can overlap with @c dst.
704 * @param size Size of the encrypted data.
705 * @param iv Initialization Vector to use.
707 * @return Size of the decrypted data, -1 if an error was encountered.
710 t_decrypt (struct CadetTunnel *t, void *dst, const void *src,
711 size_t size, uint32_t iv)
715 #if DUMP_KEYS_TO_STDERR
716 LOG (GNUNET_ERROR_TYPE_DEBUG, " t_decrypt with %s\n",
717 GNUNET_h2s ((struct GNUNET_HashCode *) &t->d_key));
719 if (t->estate == CADET_TUNNEL_KEY_UNINITIALIZED)
721 GNUNET_STATISTICS_update (stats, "# non decryptable data", 1, GNUNET_NO);
722 LOG (GNUNET_ERROR_TYPE_WARNING,
723 "got data on %s without a valid key\n",
725 GCT_debug (t, GNUNET_ERROR_TYPE_WARNING);
729 out_size = decrypt (&t->d_key, dst, src, size, iv);
736 * Decrypt and verify data with the appropriate tunnel key and verify that the
737 * data has not been altered since it was sent by the remote peer.
739 * @param t Tunnel whose key to use.
740 * @param dst Destination for the plaintext.
741 * @param src Source of the encrypted data. Can overlap with @c dst.
742 * @param size Size of the encrypted data.
743 * @param iv Initialization Vector to use.
744 * @param msg_hmac HMAC of the message, cannot be NULL.
746 * @return Size of the decrypted data, -1 if an error was encountered.
749 t_decrypt_and_validate (struct CadetTunnel *t,
750 void *dst, const void *src,
751 size_t size, uint32_t iv,
752 const struct GNUNET_CADET_Hash *msg_hmac)
754 struct GNUNET_CRYPTO_SymmetricSessionKey *key;
755 struct GNUNET_CADET_Hash hmac;
758 /* Try primary (newest) key */
760 decrypted_size = decrypt (key, dst, src, size, iv);
761 t_hmac (src, size, iv, key, &hmac);
762 if (0 == memcmp (msg_hmac, &hmac, sizeof (hmac)))
763 return decrypted_size;
765 /* If no key exchange is going on, we just failed */
766 if (NULL == t->kx_ctx)
768 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
769 "Failed checksum validation on tunnel %s with no KX\n",
771 GNUNET_STATISTICS_update (stats, "# wrong HMAC", 1, GNUNET_NO);
775 /* Try secondary (from previous KX period) key */
776 key = &t->kx_ctx->d_key_old;
777 decrypted_size = decrypt (key, dst, src, size, iv);
778 t_hmac (src, size, iv, key, &hmac);
779 if (0 == memcmp (msg_hmac, &hmac, sizeof (hmac)))
780 return decrypted_size;
782 GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
783 "Failed checksum validation on tunnel %s with KX\n",
785 GNUNET_STATISTICS_update (stats, "# wrong HMAC", 1, GNUNET_NO);
791 * Create key material by doing ECDH on the local and remote ephemeral keys.
793 * @param key_material Where to store the key material.
794 * @param ephemeral_key Peer's public ephemeral key.
797 derive_key_material (struct GNUNET_HashCode *key_material,
798 const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral_key)
801 GNUNET_CRYPTO_ecc_ecdh (my_ephemeral_key,
811 * Create a symmetic key from the identities of both ends and the key material
814 * @param key Destination for the generated key.
815 * @param sender ID of the peer that will encrypt with @c key.
816 * @param receiver ID of the peer that will decrypt with @c key.
817 * @param key_material Hash created with ECDH with the ephemeral keys.
820 derive_symmertic (struct GNUNET_CRYPTO_SymmetricSessionKey *key,
821 const struct GNUNET_PeerIdentity *sender,
822 const struct GNUNET_PeerIdentity *receiver,
823 const struct GNUNET_HashCode *key_material)
825 const char salt[] = "CADET kx salt";
827 GNUNET_CRYPTO_kdf (key, sizeof (struct GNUNET_CRYPTO_SymmetricSessionKey),
829 key_material, sizeof (struct GNUNET_HashCode),
830 sender, sizeof (struct GNUNET_PeerIdentity),
831 receiver, sizeof (struct GNUNET_PeerIdentity),
837 * Create a new Key eXchange context for the tunnel.
839 * Initializes the key copies, KX start timestamp and creates a new nonce.
841 * @param t Tunnel for which to create the KX ctx.
844 create_kx_ctx (struct CadetTunnel *t)
846 GNUNET_assert (NULL == t->kx_ctx);
848 LOG (GNUNET_ERROR_TYPE_INFO, " new kx ctx for %s\n", GCT_2s (t));
849 t->kx_ctx = GNUNET_new (struct CadetTunnelKXCtx);
850 t->kx_ctx->challenge = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE,
852 t->kx_ctx->d_key_old = t->d_key;
853 t->kx_ctx->e_key_old = t->e_key;
854 t->kx_ctx->rekey_start_time = GNUNET_TIME_absolute_get ();
859 * Derive the tunnel's keys using our own and the peer's ephemeral keys.
861 * @param t Tunnel for which to create the keys.
864 create_keys (struct CadetTunnel *t)
866 struct GNUNET_HashCode km;
868 derive_key_material (&km, &t->peers_ephemeral_key);
869 derive_symmertic (&t->e_key, &my_full_id, GCP_get_id (t->peer), &km);
870 derive_symmertic (&t->d_key, GCP_get_id (t->peer), &my_full_id, &km);
871 #if DUMP_KEYS_TO_STDERR
872 LOG (GNUNET_ERROR_TYPE_INFO, "ME: %s\n",
873 GNUNET_h2s ((struct GNUNET_HashCode *) &kx_msg.ephemeral_key));
874 LOG (GNUNET_ERROR_TYPE_INFO, "PE: %s\n",
875 GNUNET_h2s ((struct GNUNET_HashCode *) &t->peers_ephemeral_key));
876 LOG (GNUNET_ERROR_TYPE_INFO, "KM: %s\n", GNUNET_h2s (&km));
877 LOG (GNUNET_ERROR_TYPE_INFO, "EK: %s\n",
878 GNUNET_h2s ((struct GNUNET_HashCode *) &t->e_key));
879 LOG (GNUNET_ERROR_TYPE_INFO, "DK: %s\n",
880 GNUNET_h2s ((struct GNUNET_HashCode *) &t->d_key));
886 * Pick a connection on which send the next data message.
888 * @param t Tunnel on which to send the message.
890 * @return The connection on which to send the next message.
892 static struct CadetConnection *
893 tunnel_get_connection (struct CadetTunnel *t)
895 struct CadetTConnection *iter;
896 struct CadetConnection *best;
898 unsigned int lowest_q;
900 LOG (GNUNET_ERROR_TYPE_DEBUG, "tunnel_get_connection %s\n", GCT_2s (t));
903 for (iter = t->connection_head; NULL != iter; iter = iter->next)
905 LOG (GNUNET_ERROR_TYPE_DEBUG, " connection %s: %u\n",
906 GCC_2s (iter->c), GCC_get_state (iter->c));
907 if (CADET_CONNECTION_READY == GCC_get_state (iter->c))
909 qn = GCC_get_qn (iter->c, GCC_is_origin (iter->c, GNUNET_YES));
910 LOG (GNUNET_ERROR_TYPE_DEBUG, " q_n %u, \n", qn);
918 LOG (GNUNET_ERROR_TYPE_DEBUG, " selected: connection %s\n", GCC_2s (best));
924 * Callback called when a queued message is sent.
926 * Calculates the average time and connection packet tracking.
928 * @param cls Closure (TunnelQueue handle).
929 * @param c Connection this message was on.
930 * @param q Connection queue handle (unused).
931 * @param type Type of message sent.
932 * @param fwd Was this a FWD going message?
933 * @param size Size of the message.
936 tun_message_sent (void *cls,
937 struct CadetConnection *c,
938 struct CadetConnectionQueue *q,
939 uint16_t type, int fwd, size_t size)
941 struct CadetTunnelQueue *qt = cls;
942 struct CadetTunnel *t;
944 LOG (GNUNET_ERROR_TYPE_DEBUG, "tun_message_sent\n");
946 GNUNET_assert (NULL != qt->cont);
947 t = NULL == c ? NULL : GCC_get_tunnel (c);
948 qt->cont (qt->cont_cls, t, qt, type, size);
954 count_queued_data (const struct CadetTunnel *t)
956 struct CadetTunnelDelayed *iter;
959 for (count = 0, iter = t->tq_head; iter != NULL; iter = iter->next)
966 * Delete a queued message: either was sent or the channel was destroyed
967 * before the tunnel's key exchange had a chance to finish.
969 * @param tqd Delayed queue handle.
972 unqueue_data (struct CadetTunnelDelayed *tqd)
974 GNUNET_CONTAINER_DLL_remove (tqd->t->tq_head, tqd->t->tq_tail, tqd);
980 * Cache a message to be sent once tunnel is online.
982 * @param t Tunnel to hold the message.
983 * @param msg Message itself (copy will be made).
985 static struct CadetTunnelDelayed *
986 queue_data (struct CadetTunnel *t, const struct GNUNET_MessageHeader *msg)
988 struct CadetTunnelDelayed *tqd;
989 uint16_t size = ntohs (msg->size);
991 LOG (GNUNET_ERROR_TYPE_DEBUG, "queue data on Tunnel %s\n", GCT_2s (t));
993 if (GNUNET_YES == is_ready (t))
999 tqd = GNUNET_malloc (sizeof (struct CadetTunnelDelayed) + size);
1002 memcpy (&tqd[1], msg, size);
1003 GNUNET_CONTAINER_DLL_insert_tail (t->tq_head, t->tq_tail, tqd);
1009 * Sends an already built message on a tunnel, encrypting it and
1010 * choosing the best connection.
1012 * @param message Message to send. Function modifies it.
1013 * @param t Tunnel on which this message is transmitted.
1014 * @param c Connection to use (autoselect if NULL).
1015 * @param force Force the tunnel to take the message (buffer overfill).
1016 * @param cont Continuation to call once message is really sent.
1017 * @param cont_cls Closure for @c cont.
1018 * @param existing_q In case this a transmission of previously queued data,
1019 * this should be TunnelQueue given to the client.
1022 * @return Handle to cancel message. NULL if @c cont is NULL.
1024 static struct CadetTunnelQueue *
1025 send_prebuilt_message (const struct GNUNET_MessageHeader *message,
1026 struct CadetTunnel *t, struct CadetConnection *c,
1027 int force, GCT_sent cont, void *cont_cls,
1028 struct CadetTunnelQueue *existing_q)
1030 struct CadetTunnelQueue *tq;
1031 struct GNUNET_CADET_Encrypted *msg;
1032 size_t size = ntohs (message->size);
1033 char cbuf[sizeof (struct GNUNET_CADET_Encrypted) + size];
1039 LOG (GNUNET_ERROR_TYPE_DEBUG, "GMT Send on Tunnel %s\n", GCT_2s (t));
1041 if (GNUNET_NO == is_ready (t))
1043 struct CadetTunnelDelayed *tqd;
1044 /* A non null existing_q indicates sending of queued data.
1045 * Should only happen after tunnel becomes ready.
1047 GNUNET_assert (NULL == existing_q);
1048 tqd = queue_data (t, message);
1051 tq = GNUNET_new (struct CadetTunnelQueue);
1055 tq->cont_cls = cont_cls;
1059 GNUNET_assert (GNUNET_NO == GCT_is_loopback (t));
1061 iv = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
1062 msg = (struct GNUNET_CADET_Encrypted *) cbuf;
1063 msg->header.type = htons (GNUNET_MESSAGE_TYPE_CADET_ENCRYPTED);
1065 GNUNET_assert (t_encrypt (t, &msg[1], message, size, iv, GNUNET_NO) == size);
1066 t_hmac (&msg[1], size, iv, select_key (t), &msg->hmac);
1067 msg->header.size = htons (sizeof (struct GNUNET_CADET_Encrypted) + size);
1070 c = tunnel_get_connection (t);
1073 if (GNUNET_SCHEDULER_NO_TASK != t->destroy_task
1074 || CADET_TUNNEL_SEARCHING != t->cstate)
1077 GCT_debug (t, GNUNET_ERROR_TYPE_WARNING);
1083 type = ntohs (message->type);
1086 case GNUNET_MESSAGE_TYPE_CADET_DATA:
1087 case GNUNET_MESSAGE_TYPE_CADET_DATA_ACK:
1088 if (GNUNET_MESSAGE_TYPE_CADET_DATA == type)
1089 mid = ntohl (((struct GNUNET_CADET_Data *) message)->mid);
1091 mid = ntohl (((struct GNUNET_CADET_DataACK *) message)->mid);
1093 case GNUNET_MESSAGE_TYPE_CADET_KEEPALIVE:
1094 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_CREATE:
1095 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY:
1096 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_ACK:
1097 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_NACK:
1098 msg->cid = *GCC_get_id (c);
1099 msg->ttl = htonl (default_ttl);
1104 LOG (GNUNET_ERROR_TYPE_DEBUG, "type %s\n", GC_m2s (type));
1106 fwd = GCC_is_origin (c, GNUNET_YES);
1110 GNUNET_break (NULL == GCC_send_prebuilt_message (&msg->header, type, mid, c,
1111 fwd, force, NULL, NULL));
1114 if (NULL == existing_q)
1116 tq = GNUNET_new (struct CadetTunnelQueue); /* FIXME valgrind: leak*/
1123 tq->cq = GCC_send_prebuilt_message (&msg->header, type, mid, c, fwd, force,
1124 &tun_message_sent, tq);
1125 GNUNET_assert (NULL != tq->cq);
1127 tq->cont_cls = cont_cls;
1134 * Send all cached messages that we can, tunnel is online.
1136 * @param t Tunnel that holds the messages. Cannot be loopback.
1139 send_queued_data (struct CadetTunnel *t)
1141 struct CadetTunnelDelayed *tqd;
1142 struct CadetTunnelDelayed *next;
1145 LOG (GNUNET_ERROR_TYPE_DEBUG,
1146 "GCT_send_queued_data on tunnel %s\n",
1149 if (GCT_is_loopback (t))
1155 if (GNUNET_NO == is_ready (t))
1157 LOG (GNUNET_ERROR_TYPE_DEBUG, " not ready yet: %s/%s\n",
1158 estate2s (t->estate), cstate2s (t->cstate));
1162 room = GCT_get_connections_buffer (t);
1163 LOG (GNUNET_ERROR_TYPE_DEBUG, " buffer space: %u\n", room);
1164 LOG (GNUNET_ERROR_TYPE_DEBUG, " tq head: %p\n", t->tq_head);
1165 for (tqd = t->tq_head; NULL != tqd && room > 0; tqd = next)
1167 LOG (GNUNET_ERROR_TYPE_DEBUG, " sending queued data\n");
1170 send_prebuilt_message ((struct GNUNET_MessageHeader *) &tqd[1],
1171 tqd->t, NULL, GNUNET_YES,
1172 NULL != tqd->tq ? tqd->tq->cont : NULL,
1173 NULL != tqd->tq ? tqd->tq->cont_cls : NULL,
1177 LOG (GNUNET_ERROR_TYPE_DEBUG, "GCT_send_queued_data end\n", GCP_2s (t->peer));
1182 * Sends key exchange message on a tunnel, choosing the best connection.
1183 * Should not be called on loopback tunnels.
1185 * @param t Tunnel on which this message is transmitted.
1186 * @param message Message to send. Function modifies it.
1189 send_kx (struct CadetTunnel *t,
1190 const struct GNUNET_MessageHeader *message)
1192 struct CadetConnection *c;
1193 struct GNUNET_CADET_KX *msg;
1194 size_t size = ntohs (message->size);
1195 char cbuf[sizeof (struct GNUNET_CADET_KX) + size];
1199 LOG (GNUNET_ERROR_TYPE_DEBUG, "GMT KX on Tunnel %s\n", GCT_2s (t));
1201 /* Avoid loopback. */
1202 if (GCT_is_loopback (t))
1204 LOG (GNUNET_ERROR_TYPE_DEBUG, " loopback!\n");
1208 type = ntohs (message->type);
1210 /* Even if tunnel is being destroyed, send anyway.
1211 * Could be a response to a rekey initiated by remote peer,
1212 * who is trying to create a new channel!
1215 /* Must have a connection. */
1216 if (NULL == t->connection_head && CADET_TUNNEL_SEARCHING != t->cstate)
1218 LOG (GNUNET_ERROR_TYPE_WARNING, "\n\n\n");
1220 LOG (GNUNET_ERROR_TYPE_WARNING, "sending %s\n", GC_m2s (type));
1221 GCT_debug (t, GNUNET_ERROR_TYPE_WARNING);
1222 GCP_debug (t->peer, GNUNET_ERROR_TYPE_WARNING);
1223 LOG (GNUNET_ERROR_TYPE_WARNING, "\n\n\n");
1227 msg = (struct GNUNET_CADET_KX *) cbuf;
1228 msg->header.type = htons (GNUNET_MESSAGE_TYPE_CADET_KX);
1229 msg->header.size = htons (sizeof (struct GNUNET_CADET_KX) + size);
1230 c = tunnel_get_connection (t);
1233 GNUNET_break (GNUNET_SCHEDULER_NO_TASK != t->destroy_task
1234 || CADET_TUNNEL_READY != t->cstate);
1235 GCT_debug (t, GNUNET_ERROR_TYPE_WARNING);
1240 case GNUNET_MESSAGE_TYPE_CADET_KX_EPHEMERAL:
1241 case GNUNET_MESSAGE_TYPE_CADET_KX_PING:
1242 case GNUNET_MESSAGE_TYPE_CADET_KX_PONG:
1243 memcpy (&msg[1], message, size);
1246 LOG (GNUNET_ERROR_TYPE_DEBUG, "unkown type %s\n",
1251 fwd = GCC_is_origin (t->connection_head->c, GNUNET_YES);
1252 /* TODO save handle and cancel in case of a unneeded retransmission */
1253 GNUNET_assert (NULL == GCC_send_prebuilt_message (&msg->header, type, 0, c,
1260 * Send the ephemeral key on a tunnel.
1262 * @param t Tunnel on which to send the key.
1265 send_ephemeral (struct CadetTunnel *t)
1267 LOG (GNUNET_ERROR_TYPE_INFO, "===> EPHM for %s\n", GCT_2s (t));
1269 kx_msg.sender_status = htonl (t->estate);
1270 send_kx (t, &kx_msg.header);
1274 * Send a ping message on a tunnel.
1276 * @param t Tunnel on which to send the ping.
1279 send_ping (struct CadetTunnel *t)
1281 struct GNUNET_CADET_KX_Ping msg;
1283 LOG (GNUNET_ERROR_TYPE_INFO, "===> PING for %s\n", GCT_2s (t));
1284 msg.header.size = htons (sizeof (msg));
1285 msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_KX_PING);
1286 msg.iv = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
1287 msg.target = *GCP_get_id (t->peer);
1288 msg.nonce = t->kx_ctx->challenge;
1290 LOG (GNUNET_ERROR_TYPE_DEBUG, " sending %u\n", msg.nonce);
1291 LOG (GNUNET_ERROR_TYPE_DEBUG, " towards %s\n", GNUNET_i2s (&msg.target));
1292 t_encrypt (t, &msg.target, &msg.target,
1293 ping_encryption_size(), msg.iv, GNUNET_YES);
1294 LOG (GNUNET_ERROR_TYPE_DEBUG, " e sending %u\n", msg.nonce);
1295 LOG (GNUNET_ERROR_TYPE_DEBUG, " e towards %s\n", GNUNET_i2s (&msg.target));
1297 send_kx (t, &msg.header);
1302 * Send a pong message on a tunnel.
1304 * @param t Tunnel on which to send the pong.
1305 * @param challenge Value sent in the ping that we have to send back.
1308 send_pong (struct CadetTunnel *t, uint32_t challenge)
1310 struct GNUNET_CADET_KX_Pong msg;
1312 LOG (GNUNET_ERROR_TYPE_INFO, "===> PONG for %s\n", GCT_2s (t));
1313 msg.header.size = htons (sizeof (msg));
1314 msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_KX_PONG);
1315 msg.iv = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
1316 msg.nonce = challenge;
1317 LOG (GNUNET_ERROR_TYPE_DEBUG, " sending %u\n", msg.nonce);
1318 t_encrypt (t, &msg.nonce, &msg.nonce,
1319 sizeof (msg.nonce), msg.iv, GNUNET_YES);
1320 LOG (GNUNET_ERROR_TYPE_DEBUG, " e sending %u\n", msg.nonce);
1322 send_kx (t, &msg.header);
1327 * Initiate a rekey with the remote peer.
1329 * @param cls Closure (tunnel).
1330 * @param tc TaskContext.
1333 rekey_tunnel (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1335 struct CadetTunnel *t = cls;
1337 t->rekey_task = GNUNET_SCHEDULER_NO_TASK;
1339 LOG (GNUNET_ERROR_TYPE_INFO, "Re-key Tunnel %s\n", GCT_2s (t));
1340 if (NULL != tc && 0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
1343 if (NULL == t->kx_ctx)
1350 struct GNUNET_TIME_Relative duration;
1352 duration = GNUNET_TIME_absolute_get_duration (t->kx_ctx->rekey_start_time);
1353 LOG (GNUNET_ERROR_TYPE_DEBUG, " kx started %s ago\n",
1354 GNUNET_STRINGS_relative_time_to_string (duration, GNUNET_YES));
1356 // FIXME make duration of old keys configurable
1357 if (duration.rel_value_us >= GNUNET_TIME_UNIT_MINUTES.rel_value_us)
1359 memset (&t->kx_ctx->d_key_old, 0, sizeof (t->kx_ctx->d_key_old));
1360 memset (&t->kx_ctx->e_key_old, 0, sizeof (t->kx_ctx->e_key_old));
1368 case CADET_TUNNEL_KEY_UNINITIALIZED:
1369 t->estate = CADET_TUNNEL_KEY_SENT;
1371 case CADET_TUNNEL_KEY_SENT:
1373 case CADET_TUNNEL_KEY_OK:
1374 t->estate = CADET_TUNNEL_KEY_REKEY;
1376 case CADET_TUNNEL_KEY_PING:
1377 case CADET_TUNNEL_KEY_REKEY:
1381 LOG (GNUNET_ERROR_TYPE_DEBUG, "Unexpected state %u\n", t->estate);
1384 // FIXME exponential backoff
1385 struct GNUNET_TIME_Relative delay;
1387 delay = GNUNET_TIME_relative_divide (rekey_period, 16);
1388 delay = GNUNET_TIME_relative_min (delay, REKEY_WAIT);
1389 LOG (GNUNET_ERROR_TYPE_DEBUG, " next call in %s\n",
1390 GNUNET_STRINGS_relative_time_to_string (delay, GNUNET_YES));
1391 t->rekey_task = GNUNET_SCHEDULER_add_delayed (delay, &rekey_tunnel, t);
1396 * Our ephemeral key has changed, create new session key on all tunnels.
1398 * Each tunnel will start the Key Exchange with a random delay between
1399 * 0 and number_of_tunnels*100 milliseconds, so there are 10 key exchanges
1400 * per second, on average.
1402 * @param cls Closure (size of the hashmap).
1403 * @param key Current public key.
1404 * @param value Value in the hash map (tunnel).
1406 * @return #GNUNET_YES, so we should continue to iterate,
1409 rekey_iterator (void *cls,
1410 const struct GNUNET_PeerIdentity *key,
1413 struct CadetTunnel *t = value;
1414 struct GNUNET_TIME_Relative delay;
1415 long n = (long) cls;
1418 if (GNUNET_SCHEDULER_NO_TASK != t->rekey_task)
1421 if (GNUNET_YES == GCT_is_loopback (t))
1424 r = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, (uint32_t) n * 100);
1425 delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, r);
1426 t->rekey_task = GNUNET_SCHEDULER_add_delayed (delay, &rekey_tunnel, t);
1433 * Create a new ephemeral key and key message, schedule next rekeying.
1435 * @param cls Closure (unused).
1436 * @param tc TaskContext.
1439 rekey (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1441 struct GNUNET_TIME_Absolute time;
1444 rekey_task = GNUNET_SCHEDULER_NO_TASK;
1446 if (0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
1449 GNUNET_free_non_null (my_ephemeral_key);
1450 my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
1452 time = GNUNET_TIME_absolute_get ();
1453 kx_msg.creation_time = GNUNET_TIME_absolute_hton (time);
1454 time = GNUNET_TIME_absolute_add (time, rekey_period);
1455 time = GNUNET_TIME_absolute_add (time, GNUNET_TIME_UNIT_MINUTES);
1456 kx_msg.expiration_time = GNUNET_TIME_absolute_hton (time);
1457 GNUNET_CRYPTO_ecdhe_key_get_public (my_ephemeral_key, &kx_msg.ephemeral_key);
1459 GNUNET_assert (GNUNET_OK ==
1460 GNUNET_CRYPTO_eddsa_sign (my_private_key,
1462 &kx_msg.signature));
1464 n = (long) GNUNET_CONTAINER_multipeermap_size (tunnels);
1465 GNUNET_CONTAINER_multipeermap_iterate (tunnels, &rekey_iterator, (void *) n);
1467 rekey_task = GNUNET_SCHEDULER_add_delayed (rekey_period, &rekey, NULL);
1472 * Called only on shutdown, destroy every tunnel.
1474 * @param cls Closure (unused).
1475 * @param key Current public key.
1476 * @param value Value in the hash map (tunnel).
1478 * @return #GNUNET_YES, so we should continue to iterate,
1481 destroy_iterator (void *cls,
1482 const struct GNUNET_PeerIdentity *key,
1485 struct CadetTunnel *t = value;
1487 LOG (GNUNET_ERROR_TYPE_DEBUG, "GCT_shutdown destroying tunnel at %p\n", t);
1494 * Notify remote peer that we don't know a channel he is talking about,
1495 * probably CHANNEL_DESTROY was missed.
1497 * @param t Tunnel on which to notify.
1498 * @param gid ID of the channel.
1501 send_channel_destroy (struct CadetTunnel *t, unsigned int gid)
1503 struct GNUNET_CADET_ChannelManage msg;
1505 msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY);
1506 msg.header.size = htons (sizeof (msg));
1507 msg.chid = htonl (gid);
1509 LOG (GNUNET_ERROR_TYPE_DEBUG,
1510 "WARNING destroying unknown channel %u on tunnel %s\n",
1512 send_prebuilt_message (&msg.header, t, NULL, GNUNET_YES, NULL, NULL, NULL);
1517 * Demultiplex data per channel and call appropriate channel handler.
1519 * @param t Tunnel on which the data came.
1520 * @param msg Data message.
1521 * @param fwd Is this message fwd? This only is meaningful in loopback channels.
1522 * #GNUNET_YES if message is FWD on the respective channel (loopback)
1523 * #GNUNET_NO if message is BCK on the respective channel (loopback)
1524 * #GNUNET_SYSERR if message on a one-ended channel (remote)
1527 handle_data (struct CadetTunnel *t,
1528 const struct GNUNET_CADET_Data *msg,
1531 struct CadetChannel *ch;
1535 size = ntohs (msg->header.size);
1537 sizeof (struct GNUNET_CADET_Data) +
1538 sizeof (struct GNUNET_MessageHeader))
1543 LOG (GNUNET_ERROR_TYPE_DEBUG, " payload of type %s\n",
1544 GC_m2s (ntohs (msg[1].header.type)));
1547 ch = GCT_get_channel (t, ntohl (msg->chid));
1550 GNUNET_STATISTICS_update (stats, "# data on unknown channel",
1552 LOG (GNUNET_ERROR_TYPE_DEBUG, "WARNING channel 0x%X unknown\n",
1554 send_channel_destroy (t, ntohl (msg->chid));
1558 GCCH_handle_data (ch, msg, fwd);
1563 * Demultiplex data ACKs per channel and update appropriate channel buffer info.
1565 * @param t Tunnel on which the DATA ACK came.
1566 * @param msg DATA ACK message.
1567 * @param fwd Is this message fwd? This only is meaningful in loopback channels.
1568 * #GNUNET_YES if message is FWD on the respective channel (loopback)
1569 * #GNUNET_NO if message is BCK on the respective channel (loopback)
1570 * #GNUNET_SYSERR if message on a one-ended channel (remote)
1573 handle_data_ack (struct CadetTunnel *t,
1574 const struct GNUNET_CADET_DataACK *msg,
1577 struct CadetChannel *ch;
1581 size = ntohs (msg->header.size);
1582 if (size != sizeof (struct GNUNET_CADET_DataACK))
1589 ch = GCT_get_channel (t, ntohl (msg->chid));
1592 GNUNET_STATISTICS_update (stats, "# data ack on unknown channel",
1594 LOG (GNUNET_ERROR_TYPE_DEBUG, "WARNING channel %u unknown\n",
1599 GCCH_handle_data_ack (ch, msg, fwd);
1604 * Handle channel create.
1606 * @param t Tunnel on which the data came.
1607 * @param msg Data message.
1610 handle_ch_create (struct CadetTunnel *t,
1611 const struct GNUNET_CADET_ChannelCreate *msg)
1613 struct CadetChannel *ch;
1617 size = ntohs (msg->header.size);
1618 if (size != sizeof (struct GNUNET_CADET_ChannelCreate))
1625 ch = GCT_get_channel (t, ntohl (msg->chid));
1626 if (NULL != ch && ! GCT_is_loopback (t))
1628 /* Probably a retransmission, safe to ignore */
1629 LOG (GNUNET_ERROR_TYPE_DEBUG, " already exists...\n");
1631 ch = GCCH_handle_create (t, msg);
1633 GCT_add_channel (t, ch);
1639 * Handle channel NACK: check correctness and call channel handler for NACKs.
1641 * @param t Tunnel on which the NACK came.
1642 * @param msg NACK message.
1645 handle_ch_nack (struct CadetTunnel *t,
1646 const struct GNUNET_CADET_ChannelManage *msg)
1648 struct CadetChannel *ch;
1652 size = ntohs (msg->header.size);
1653 if (size != sizeof (struct GNUNET_CADET_ChannelManage))
1660 ch = GCT_get_channel (t, ntohl (msg->chid));
1663 GNUNET_STATISTICS_update (stats, "# channel NACK on unknown channel",
1665 LOG (GNUNET_ERROR_TYPE_DEBUG, "WARNING channel %u unknown\n",
1670 GCCH_handle_nack (ch);
1675 * Handle a CHANNEL ACK (SYNACK/ACK).
1677 * @param t Tunnel on which the CHANNEL ACK came.
1678 * @param msg CHANNEL ACK message.
1679 * @param fwd Is this message fwd? This only is meaningful in loopback channels.
1680 * #GNUNET_YES if message is FWD on the respective channel (loopback)
1681 * #GNUNET_NO if message is BCK on the respective channel (loopback)
1682 * #GNUNET_SYSERR if message on a one-ended channel (remote)
1685 handle_ch_ack (struct CadetTunnel *t,
1686 const struct GNUNET_CADET_ChannelManage *msg,
1689 struct CadetChannel *ch;
1693 size = ntohs (msg->header.size);
1694 if (size != sizeof (struct GNUNET_CADET_ChannelManage))
1701 ch = GCT_get_channel (t, ntohl (msg->chid));
1704 GNUNET_STATISTICS_update (stats, "# channel ack on unknown channel",
1706 LOG (GNUNET_ERROR_TYPE_DEBUG, "WARNING channel %u unknown\n",
1711 GCCH_handle_ack (ch, msg, fwd);
1716 * Handle a channel destruction message.
1718 * @param t Tunnel on which the message came.
1719 * @param msg Channel destroy message.
1720 * @param fwd Is this message fwd? This only is meaningful in loopback channels.
1721 * #GNUNET_YES if message is FWD on the respective channel (loopback)
1722 * #GNUNET_NO if message is BCK on the respective channel (loopback)
1723 * #GNUNET_SYSERR if message on a one-ended channel (remote)
1726 handle_ch_destroy (struct CadetTunnel *t,
1727 const struct GNUNET_CADET_ChannelManage *msg,
1730 struct CadetChannel *ch;
1734 size = ntohs (msg->header.size);
1735 if (size != sizeof (struct GNUNET_CADET_ChannelManage))
1742 ch = GCT_get_channel (t, ntohl (msg->chid));
1745 /* Probably a retransmission, safe to ignore */
1749 GCCH_handle_destroy (ch, msg, fwd);
1754 * The peer's ephemeral key has changed: update the symmetrical keys.
1756 * @param t Tunnel this message came on.
1757 * @param msg Key eXchange message.
1760 handle_ephemeral (struct CadetTunnel *t,
1761 const struct GNUNET_CADET_KX_Ephemeral *msg)
1763 LOG (GNUNET_ERROR_TYPE_INFO, "<=== EPHM for %s\n", GCT_2s (t));
1765 if (GNUNET_OK != check_ephemeral (t, msg))
1767 GNUNET_break_op (0);
1771 if (NULL == t->kx_ctx)
1773 if (0 != memcmp (&t->peers_ephemeral_key, &msg->ephemeral_key,
1774 sizeof (msg->ephemeral_key)))
1776 t->peers_ephemeral_key = msg->ephemeral_key;
1778 if (CADET_TUNNEL_KEY_OK == t->estate)
1780 t->estate = CADET_TUNNEL_KEY_REKEY;
1783 if (CADET_TUNNEL_KEY_SENT == t->estate)
1785 LOG (GNUNET_ERROR_TYPE_DEBUG, " our key was sent, sending ping\n");
1787 t->estate = CADET_TUNNEL_KEY_PING;
1793 * Peer wants to check our symmetrical keys by sending an encrypted challenge.
1794 * Answer with by retransmitting the challenge with the "opposite" key.
1796 * @param t Tunnel this message came on.
1797 * @param msg Key eXchange Ping message.
1800 handle_ping (struct CadetTunnel *t,
1801 const struct GNUNET_CADET_KX_Ping *msg)
1803 struct GNUNET_CADET_KX_Ping res;
1805 if (ntohs (msg->header.size) != sizeof (res))
1807 GNUNET_break_op (0);
1811 LOG (GNUNET_ERROR_TYPE_INFO, "<=== PING for %s\n", GCT_2s (t));
1812 t_decrypt (t, &res.target, &msg->target, ping_encryption_size (), msg->iv);
1813 if (0 != memcmp (&my_full_id, &res.target, sizeof (my_full_id)))
1815 GNUNET_STATISTICS_update (stats, "# malformed PINGs", 1, GNUNET_NO);
1816 LOG (GNUNET_ERROR_TYPE_WARNING, " malformed PING on %s\n", GCT_2s (t));
1817 LOG (GNUNET_ERROR_TYPE_DEBUG, " e got %u\n", msg->nonce);
1818 LOG (GNUNET_ERROR_TYPE_DEBUG, " e towards %s\n", GNUNET_i2s (&msg->target));
1819 LOG (GNUNET_ERROR_TYPE_DEBUG, " got %u\n", res.nonce);
1820 LOG (GNUNET_ERROR_TYPE_DEBUG, " towards %s\n", GNUNET_i2s (&res.target));
1821 if (NULL == t->kx_ctx)
1828 send_pong (t, res.nonce);
1833 * @brief Finish the Key eXchange and destroy the old keys.
1835 * @param cls Closure (Tunnel for which to finish the KX).
1836 * @param tc Task context.
1839 finish_kx (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
1841 struct CadetTunnel *t = cls;
1843 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
1846 LOG (GNUNET_ERROR_TYPE_INFO, "finish KX for %s\n", GCT_2s (t));
1848 GNUNET_free (t->kx_ctx);
1854 * Peer has answer to our challenge.
1855 * If answer is successful, consider the key exchange finished and clean
1856 * up all related state.
1858 * @param t Tunnel this message came on.
1859 * @param msg Key eXchange Pong message.
1862 handle_pong (struct CadetTunnel *t,
1863 const struct GNUNET_CADET_KX_Pong *msg)
1867 LOG (GNUNET_ERROR_TYPE_INFO, "<=== PONG for %s\n", GCT_2s (t));
1868 if (GNUNET_SCHEDULER_NO_TASK == t->rekey_task)
1870 GNUNET_STATISTICS_update (stats, "# duplicate PONG messages", 1, GNUNET_NO);
1873 t_decrypt (t, &challenge, &msg->nonce, sizeof (uint32_t), msg->iv);
1875 if (challenge != t->kx_ctx->challenge)
1877 LOG (GNUNET_ERROR_TYPE_WARNING, "Wrong PONG challenge on %s\n", GCT_2s (t));
1878 LOG (GNUNET_ERROR_TYPE_DEBUG, "PONG: %u (e: %u). Expected: %u.\n",
1879 challenge, msg->nonce, t->kx_ctx->challenge);
1884 GNUNET_SCHEDULER_cancel (t->rekey_task);
1885 t->rekey_task = GNUNET_SCHEDULER_NO_TASK;
1887 /* Don't free the old keys right away, but after a delay.
1888 * Rationale: the KX could have happened over a very fast connection,
1889 * with payload traffic still signed with the old key stuck in a slower
1891 * Don't keep the keys longer than 1/4 the rekey period, and no longer than
1894 if (GNUNET_SCHEDULER_NO_TASK == t->kx_ctx->finish_task)
1896 struct GNUNET_TIME_Relative delay;
1898 delay = GNUNET_TIME_relative_divide (rekey_period, 4);
1899 delay = GNUNET_TIME_relative_min (delay, GNUNET_TIME_UNIT_MINUTES);
1900 t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_delayed (delay, finish_kx, t);
1902 GCT_change_estate (t, CADET_TUNNEL_KEY_OK);
1907 * Demultiplex by message type and call appropriate handler for a message
1908 * towards a channel of a local tunnel.
1910 * @param t Tunnel this message came on.
1911 * @param msgh Message header.
1912 * @param fwd Is this message fwd? This only is meaningful in loopback channels.
1913 * #GNUNET_YES if message is FWD on the respective channel (loopback)
1914 * #GNUNET_NO if message is BCK on the respective channel (loopback)
1915 * #GNUNET_SYSERR if message on a one-ended channel (remote)
1918 handle_decrypted (struct CadetTunnel *t,
1919 const struct GNUNET_MessageHeader *msgh,
1924 type = ntohs (msgh->type);
1925 LOG (GNUNET_ERROR_TYPE_INFO, "<=== %s on %s\n", GC_m2s (type), GCT_2s (t));
1929 case GNUNET_MESSAGE_TYPE_CADET_KEEPALIVE:
1930 /* Do nothing, connection aleady got updated. */
1931 GNUNET_STATISTICS_update (stats, "# keepalives received", 1, GNUNET_NO);
1934 case GNUNET_MESSAGE_TYPE_CADET_DATA:
1935 /* Don't send hop ACK, wait for client to ACK */
1936 handle_data (t, (struct GNUNET_CADET_Data *) msgh, fwd);
1939 case GNUNET_MESSAGE_TYPE_CADET_DATA_ACK:
1940 handle_data_ack (t, (struct GNUNET_CADET_DataACK *) msgh, fwd);
1943 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_CREATE:
1944 handle_ch_create (t,
1945 (struct GNUNET_CADET_ChannelCreate *) msgh);
1948 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_NACK:
1950 (struct GNUNET_CADET_ChannelManage *) msgh);
1953 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_ACK:
1955 (struct GNUNET_CADET_ChannelManage *) msgh,
1959 case GNUNET_MESSAGE_TYPE_CADET_CHANNEL_DESTROY:
1960 handle_ch_destroy (t,
1961 (struct GNUNET_CADET_ChannelManage *) msgh,
1966 GNUNET_break_op (0);
1967 LOG (GNUNET_ERROR_TYPE_WARNING,
1968 "end-to-end message not known (%u)\n",
1969 ntohs (msgh->type));
1970 GCT_debug (t, GNUNET_ERROR_TYPE_WARNING);
1974 /******************************************************************************/
1975 /******************************** API ***********************************/
1976 /******************************************************************************/
1979 * Decrypt and demultiplex by message type. Call appropriate handler
1980 * for every message.
1982 * @param t Tunnel this message came on.
1983 * @param msg Encrypted message.
1986 GCT_handle_encrypted (struct CadetTunnel *t,
1987 const struct GNUNET_CADET_Encrypted *msg)
1989 size_t size = ntohs (msg->header.size);
1990 size_t payload_size = size - sizeof (struct GNUNET_CADET_Encrypted);
1992 char cbuf [payload_size];
1993 struct GNUNET_MessageHeader *msgh;
1996 decrypted_size = t_decrypt_and_validate (t, cbuf, &msg[1], payload_size,
1997 msg->iv, &msg->hmac);
1999 if (-1 == decrypted_size)
2001 GNUNET_break_op (0);
2006 while (off < decrypted_size)
2010 msgh = (struct GNUNET_MessageHeader *) &cbuf[off];
2011 msize = ntohs (msgh->size);
2012 if (msize < sizeof (struct GNUNET_MessageHeader))
2014 GNUNET_break_op (0);
2017 handle_decrypted (t, msgh, GNUNET_SYSERR);
2024 * Demultiplex an encapsulated KX message by message type.
2026 * @param t Tunnel on which the message came.
2027 * @param message Payload of KX message.
2030 GCT_handle_kx (struct CadetTunnel *t,
2031 const struct GNUNET_MessageHeader *message)
2035 type = ntohs (message->type);
2036 LOG (GNUNET_ERROR_TYPE_DEBUG, "kx message received\n", type);
2039 case GNUNET_MESSAGE_TYPE_CADET_KX_EPHEMERAL:
2040 handle_ephemeral (t, (struct GNUNET_CADET_KX_Ephemeral *) message);
2043 case GNUNET_MESSAGE_TYPE_CADET_KX_PING:
2044 handle_ping (t, (struct GNUNET_CADET_KX_Ping *) message);
2047 case GNUNET_MESSAGE_TYPE_CADET_KX_PONG:
2048 handle_pong (t, (struct GNUNET_CADET_KX_Pong *) message);
2052 GNUNET_break_op (0);
2053 LOG (GNUNET_ERROR_TYPE_DEBUG, "kx message not known (%u)\n", type);
2059 * Initialize the tunnel subsystem.
2061 * @param c Configuration handle.
2062 * @param key ECC private key, to derive all other keys and do crypto.
2065 GCT_init (const struct GNUNET_CONFIGURATION_Handle *c,
2066 const struct GNUNET_CRYPTO_EddsaPrivateKey *key)
2068 LOG (GNUNET_ERROR_TYPE_DEBUG, "init\n");
2070 GNUNET_CONFIGURATION_get_value_number (c, "CADET", "DEFAULT_TTL",
2073 GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_WARNING,
2074 "CADET", "DEFAULT_TTL", "USING DEFAULT");
2078 GNUNET_CONFIGURATION_get_value_time (c, "CADET", "REKEY_PERIOD",
2081 rekey_period = GNUNET_TIME_UNIT_DAYS;
2084 my_private_key = key;
2085 kx_msg.header.size = htons (sizeof (kx_msg));
2086 kx_msg.header.type = htons (GNUNET_MESSAGE_TYPE_CADET_KX_EPHEMERAL);
2087 kx_msg.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_CADET_KX);
2088 kx_msg.purpose.size = htonl (ephemeral_purpose_size ());
2089 kx_msg.origin_identity = my_full_id;
2090 rekey_task = GNUNET_SCHEDULER_add_now (&rekey, NULL);
2092 tunnels = GNUNET_CONTAINER_multipeermap_create (128, GNUNET_YES);
2097 * Shut down the tunnel subsystem.
2102 if (GNUNET_SCHEDULER_NO_TASK != rekey_task)
2104 GNUNET_SCHEDULER_cancel (rekey_task);
2105 rekey_task = GNUNET_SCHEDULER_NO_TASK;
2107 GNUNET_CONTAINER_multipeermap_iterate (tunnels, &destroy_iterator, NULL);
2108 GNUNET_CONTAINER_multipeermap_destroy (tunnels);
2115 * @param destination Peer this tunnel is towards.
2117 struct CadetTunnel *
2118 GCT_new (struct CadetPeer *destination)
2120 struct CadetTunnel *t;
2122 t = GNUNET_new (struct CadetTunnel);
2124 t->peer = destination;
2127 GNUNET_CONTAINER_multipeermap_put (tunnels, GCP_get_id (destination), t,
2128 GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_FAST))
2139 * Change the tunnel's connection state.
2141 * @param t Tunnel whose connection state to change.
2142 * @param cstate New connection state.
2145 GCT_change_cstate (struct CadetTunnel* t, enum CadetTunnelCState cstate)
2149 LOG (GNUNET_ERROR_TYPE_DEBUG, "Tunnel %s cstate %s => %s\n",
2150 GCP_2s (t->peer), cstate2s (t->cstate), cstate2s (cstate));
2151 if (myid != GCP_get_short_id (t->peer) &&
2152 CADET_TUNNEL_READY != t->cstate &&
2153 CADET_TUNNEL_READY == cstate)
2156 if (CADET_TUNNEL_KEY_OK == t->estate)
2158 LOG (GNUNET_ERROR_TYPE_DEBUG, " cstate triggered send queued data\n");
2159 send_queued_data (t);
2161 else if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate)
2163 LOG (GNUNET_ERROR_TYPE_DEBUG, " cstate triggered rekey\n");
2164 rekey_tunnel (t, NULL);
2169 if (CADET_TUNNEL_READY == cstate
2170 && CONNECTIONS_PER_TUNNEL <= GCT_count_connections (t))
2172 LOG (GNUNET_ERROR_TYPE_DEBUG, " cstate triggered stop dht\n");
2173 GCP_stop_search (t->peer);
2178 * Change the tunnel encryption state.
2180 * @param t Tunnel whose encryption state to change.
2181 * @param state New encryption state.
2184 GCT_change_estate (struct CadetTunnel* t, enum CadetTunnelEState state)
2188 LOG (GNUNET_ERROR_TYPE_DEBUG,
2189 "Tunnel %s estate was %s\n",
2190 GCP_2s (t->peer), estate2s (t->estate));
2191 LOG (GNUNET_ERROR_TYPE_DEBUG,
2192 "Tunnel %s estate is now %s\n",
2193 GCP_2s (t->peer), estate2s (state));
2194 if (myid != GCP_get_short_id (t->peer) &&
2195 CADET_TUNNEL_KEY_OK != t->estate && CADET_TUNNEL_KEY_OK == state)
2198 send_queued_data (t);
2206 * @brief Check if tunnel has too many connections, and remove one if necessary.
2208 * Currently this means the newest connection, unless it is a direct one.
2209 * Implemented as a task to avoid freeing a connection that is in the middle
2210 * of being created/processed.
2212 * @param cls Closure (Tunnel to check).
2213 * @param tc Task context.
2216 trim_connections (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
2218 struct CadetTunnel *t = cls;
2220 if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
2223 if (GCT_count_connections (t) > 2 * CONNECTIONS_PER_TUNNEL)
2225 struct CadetTConnection *iter;
2226 struct CadetTConnection *c;
2228 for (c = iter = t->connection_head; NULL != iter; iter = iter->next)
2230 if ((NULL == c || iter->created.abs_value_us > c->created.abs_value_us)
2231 && GNUNET_NO == GCC_is_direct (iter->c))
2238 LOG (GNUNET_ERROR_TYPE_DEBUG, "Too many connections on tunnel %s\n",
2240 LOG (GNUNET_ERROR_TYPE_DEBUG, "Destroying connection %s\n",
2253 * Add a connection to a tunnel.
2256 * @param c Connection.
2259 GCT_add_connection (struct CadetTunnel *t, struct CadetConnection *c)
2261 struct CadetTConnection *aux;
2263 GNUNET_assert (NULL != c);
2265 LOG (GNUNET_ERROR_TYPE_DEBUG, "add connection %s\n", GCC_2s (c));
2266 LOG (GNUNET_ERROR_TYPE_DEBUG, " to tunnel %s\n", GCT_2s (t));
2267 for (aux = t->connection_head; aux != NULL; aux = aux->next)
2271 aux = GNUNET_new (struct CadetTConnection);
2273 aux->created = GNUNET_TIME_absolute_get ();
2275 GNUNET_CONTAINER_DLL_insert (t->connection_head, t->connection_tail, aux);
2277 GNUNET_SCHEDULER_add_now (&trim_connections, t);
2282 * Mark a path as no longer valid for this tunnel: has been tried and failed.
2284 * @param t Tunnel to update.
2285 * @param path Invalid path to remove. Is destroyed after removal.
2288 GCT_remove_path (struct CadetTunnel *t, struct CadetPeerPath *path)
2290 GCP_remove_path (t->peer, path);
2295 * Remove a connection from a tunnel.
2298 * @param c Connection.
2301 GCT_remove_connection (struct CadetTunnel *t,
2302 struct CadetConnection *c)
2304 struct CadetTConnection *aux;
2305 struct CadetTConnection *next;
2307 LOG (GNUNET_ERROR_TYPE_DEBUG, "Removing connection %s from tunnel %s\n",
2308 GCC_2s (c), GCT_2s (t));
2309 for (aux = t->connection_head; aux != NULL; aux = next)
2314 GNUNET_CONTAINER_DLL_remove (t->connection_head, t->connection_tail, aux);
2319 /* Start new connections if needed */
2320 if (CONNECTIONS_PER_TUNNEL > GCT_count_connections (t)
2321 && GNUNET_SCHEDULER_NO_TASK == t->destroy_task
2322 && CADET_TUNNEL_SHUTDOWN != t->cstate
2323 && GNUNET_NO == shutting_down)
2325 LOG (GNUNET_ERROR_TYPE_DEBUG, " no more connections, getting new ones\n");
2326 GCT_change_cstate (t, CADET_TUNNEL_SEARCHING);
2327 GCP_connect (t->peer);
2331 /* If not marked as ready, no change is needed */
2332 if (CADET_TUNNEL_READY != t->cstate)
2335 /* Check if any connection is ready to maintain cstate */
2336 for (aux = t->connection_head; aux != NULL; aux = aux->next)
2337 if (CADET_CONNECTION_READY == GCC_get_state (aux->c))
2340 GCT_change_cstate (t, CADET_TUNNEL_WAITING);
2345 * Add a channel to a tunnel.
2348 * @param ch Channel.
2351 GCT_add_channel (struct CadetTunnel *t, struct CadetChannel *ch)
2353 struct CadetTChannel *aux;
2355 GNUNET_assert (NULL != ch);
2357 LOG (GNUNET_ERROR_TYPE_DEBUG, "Adding channel %p to tunnel %p\n", ch, t);
2359 for (aux = t->channel_head; aux != NULL; aux = aux->next)
2361 LOG (GNUNET_ERROR_TYPE_DEBUG, " already there %p\n", aux->ch);
2366 aux = GNUNET_new (struct CadetTChannel);
2368 LOG (GNUNET_ERROR_TYPE_DEBUG, " adding %p to %p\n", aux, t->channel_head);
2369 GNUNET_CONTAINER_DLL_insert_tail (t->channel_head, t->channel_tail, aux);
2371 if (GNUNET_SCHEDULER_NO_TASK != t->destroy_task)
2373 GNUNET_SCHEDULER_cancel (t->destroy_task);
2374 t->destroy_task = GNUNET_SCHEDULER_NO_TASK;
2375 LOG (GNUNET_ERROR_TYPE_DEBUG, " undo destroy!\n");
2381 * Remove a channel from a tunnel.
2384 * @param ch Channel.
2387 GCT_remove_channel (struct CadetTunnel *t, struct CadetChannel *ch)
2389 struct CadetTChannel *aux;
2391 LOG (GNUNET_ERROR_TYPE_DEBUG, "Removing channel %p from tunnel %p\n", ch, t);
2392 for (aux = t->channel_head; aux != NULL; aux = aux->next)
2396 LOG (GNUNET_ERROR_TYPE_DEBUG, " found! %s\n", GCCH_2s (ch));
2397 GNUNET_CONTAINER_DLL_remove (t->channel_head, t->channel_tail, aux);
2406 * Search for a channel by global ID.
2408 * @param t Tunnel containing the channel.
2409 * @param chid Public channel number.
2411 * @return channel handler, NULL if doesn't exist
2413 struct CadetChannel *
2414 GCT_get_channel (struct CadetTunnel *t, CADET_ChannelNumber chid)
2416 struct CadetTChannel *iter;
2421 for (iter = t->channel_head; NULL != iter; iter = iter->next)
2423 if (GCCH_get_id (iter->ch) == chid)
2427 return NULL == iter ? NULL : iter->ch;
2432 * @brief Destroy a tunnel and free all resources.
2434 * Should only be called a while after the tunnel has been marked as destroyed,
2435 * in case there is a new channel added to the same peer shortly after marking
2436 * the tunnel. This way we avoid a new public key handshake.
2438 * @param cls Closure (tunnel to destroy).
2439 * @param tc Task context.
2442 delayed_destroy (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
2444 struct CadetTunnel *t = cls;
2445 struct CadetTConnection *iter;
2447 LOG (GNUNET_ERROR_TYPE_DEBUG, "delayed destroying tunnel %p\n", t);
2448 if (0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
2450 LOG (GNUNET_ERROR_TYPE_WARNING,
2451 "Not destroying tunnel, due to shutdown. "
2452 "Tunnel at %p should have been freed by GCT_shutdown\n", t);
2455 t->destroy_task = GNUNET_SCHEDULER_NO_TASK;
2456 t->cstate = CADET_TUNNEL_SHUTDOWN;
2458 for (iter = t->connection_head; NULL != iter; iter = iter->next)
2460 GCC_send_destroy (iter->c);
2467 * Tunnel is empty: destroy it.
2469 * Notifies all connections about the destruction.
2471 * @param t Tunnel to destroy.
2474 GCT_destroy_empty (struct CadetTunnel *t)
2476 if (GNUNET_YES == shutting_down)
2477 return; /* Will be destroyed immediately anyway */
2479 if (GNUNET_SCHEDULER_NO_TASK != t->destroy_task)
2481 LOG (GNUNET_ERROR_TYPE_WARNING,
2482 "Tunnel %s is already scheduled for destruction. Tunnel debug dump:\n",
2484 GCT_debug (t, GNUNET_ERROR_TYPE_WARNING);
2486 /* should never happen, tunnel can only become empty once, and the
2487 * task identifier should be NO_TASK (cleaned when the tunnel was created
2488 * or became un-empty)
2493 LOG (GNUNET_ERROR_TYPE_DEBUG, "Tunnel %s empty: destroying scheduled\n",
2496 // FIXME make delay a config option
2497 t->destroy_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_MINUTES,
2498 &delayed_destroy, t);
2499 LOG (GNUNET_ERROR_TYPE_DEBUG, "Scheduled destroy of %p as %llX\n",
2500 t, t->destroy_task);
2505 * Destroy tunnel if empty (no more channels).
2507 * @param t Tunnel to destroy if empty.
2510 GCT_destroy_if_empty (struct CadetTunnel *t)
2512 LOG (GNUNET_ERROR_TYPE_DEBUG, "Tunnel %s destroy if empty\n", GCT_2s (t));
2513 if (1 < GCT_count_channels (t))
2516 GCT_destroy_empty (t);
2521 * Destroy the tunnel.
2523 * This function does not generate any warning traffic to clients or peers.
2526 * Cancel messages belonging to this tunnel queued to neighbors.
2527 * Free any allocated resources linked to the tunnel.
2529 * @param t The tunnel to destroy.
2532 GCT_destroy (struct CadetTunnel *t)
2534 struct CadetTConnection *iter_c;
2535 struct CadetTConnection *next_c;
2536 struct CadetTChannel *iter_ch;
2537 struct CadetTChannel *next_ch;
2542 LOG (GNUNET_ERROR_TYPE_DEBUG, "destroying tunnel %s\n", GCP_2s (t->peer));
2544 GNUNET_break (GNUNET_YES ==
2545 GNUNET_CONTAINER_multipeermap_remove (tunnels,
2546 GCP_get_id (t->peer), t));
2548 for (iter_c = t->connection_head; NULL != iter_c; iter_c = next_c)
2550 next_c = iter_c->next;
2551 GCC_destroy (iter_c->c);
2553 for (iter_ch = t->channel_head; NULL != iter_ch; iter_ch = next_ch)
2555 next_ch = iter_ch->next;
2556 GCCH_destroy (iter_ch->ch);
2557 /* Should only happen on shutdown, but it's ok. */
2560 if (GNUNET_SCHEDULER_NO_TASK != t->destroy_task)
2562 LOG (GNUNET_ERROR_TYPE_DEBUG, "cancelling %llX\n", t->destroy_task);
2563 GNUNET_SCHEDULER_cancel (t->destroy_task);
2564 t->destroy_task = GNUNET_SCHEDULER_NO_TASK;
2567 GNUNET_STATISTICS_update (stats, "# tunnels", -1, GNUNET_NO);
2568 GCP_set_tunnel (t->peer, NULL);
2570 if (GNUNET_SCHEDULER_NO_TASK != t->rekey_task)
2572 GNUNET_SCHEDULER_cancel (t->rekey_task);
2573 t->rekey_task = GNUNET_SCHEDULER_NO_TASK;
2575 if (NULL != t->kx_ctx)
2577 if (GNUNET_SCHEDULER_NO_TASK != t->kx_ctx->finish_task)
2578 GNUNET_SCHEDULER_cancel (t->kx_ctx->finish_task);
2579 GNUNET_free (t->kx_ctx);
2586 * @brief Use the given path for the tunnel.
2587 * Update the next and prev hops (and RCs).
2588 * (Re)start the path refresh in case the tunnel is locally owned.
2590 * @param t Tunnel to update.
2591 * @param p Path to use.
2593 * @return Connection created.
2595 struct CadetConnection *
2596 GCT_use_path (struct CadetTunnel *t, struct CadetPeerPath *p)
2598 struct CadetConnection *c;
2599 struct GNUNET_CADET_Hash cid;
2600 unsigned int own_pos;
2602 if (NULL == t || NULL == p)
2608 if (CADET_TUNNEL_SHUTDOWN == t->cstate)
2614 for (own_pos = 0; own_pos < p->length; own_pos++)
2616 if (p->peers[own_pos] == myid)
2619 if (own_pos >= p->length)
2621 GNUNET_break_op (0);
2625 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, &cid, sizeof (cid));
2626 c = GCC_new (&cid, t, p, own_pos);
2629 /* Path was flawed */
2632 GCT_add_connection (t, c);
2638 * Count created connections of a tunnel. Not necessarily ready connections!
2640 * @param t Tunnel on which to count.
2642 * @return Number of connections created, either being established or ready.
2645 GCT_count_connections (struct CadetTunnel *t)
2647 struct CadetTConnection *iter;
2653 for (count = 0, iter = t->connection_head; NULL != iter; iter = iter->next)
2654 if (CADET_CONNECTION_DESTROYED != GCC_get_state (iter->c))
2661 * Count channels of a tunnel.
2663 * @param t Tunnel on which to count.
2665 * @return Number of channels.
2668 GCT_count_channels (struct CadetTunnel *t)
2670 struct CadetTChannel *iter;
2673 for (count = 0, iter = t->channel_head;
2675 iter = iter->next, count++) /* skip */;
2682 * Get the connectivity state of a tunnel.
2686 * @return Tunnel's connectivity state.
2688 enum CadetTunnelCState
2689 GCT_get_cstate (struct CadetTunnel *t)
2694 return (enum CadetTunnelCState) -1;
2701 * Get the encryption state of a tunnel.
2705 * @return Tunnel's encryption state.
2707 enum CadetTunnelEState
2708 GCT_get_estate (struct CadetTunnel *t)
2713 return (enum CadetTunnelEState) -1;
2719 * Get the maximum buffer space for a tunnel towards a local client.
2723 * @return Biggest buffer space offered by any channel in the tunnel.
2726 GCT_get_channels_buffer (struct CadetTunnel *t)
2728 struct CadetTChannel *iter;
2729 unsigned int buffer;
2730 unsigned int ch_buf;
2732 if (NULL == t->channel_head)
2734 /* Probably getting buffer for a channel create/handshake. */
2739 for (iter = t->channel_head; NULL != iter; iter = iter->next)
2741 ch_buf = get_channel_buffer (iter);
2742 if (ch_buf > buffer)
2750 * Get the total buffer space for a tunnel for P2P traffic.
2754 * @return Buffer space offered by all connections in the tunnel.
2757 GCT_get_connections_buffer (struct CadetTunnel *t)
2759 struct CadetTConnection *iter;
2760 unsigned int buffer;
2762 if (GNUNET_NO == is_ready (t))
2764 if (count_queued_data (t) > 3)
2771 for (iter = t->connection_head; NULL != iter; iter = iter->next)
2773 if (GCC_get_state (iter->c) != CADET_CONNECTION_READY)
2777 buffer += get_connection_buffer (iter);
2785 * Get the tunnel's destination.
2789 * @return ID of the destination peer.
2791 const struct GNUNET_PeerIdentity *
2792 GCT_get_destination (struct CadetTunnel *t)
2794 return GCP_get_id (t->peer);
2799 * Get the tunnel's next free global channel ID.
2803 * @return GID of a channel free to use.
2806 GCT_get_next_chid (struct CadetTunnel *t)
2808 CADET_ChannelNumber chid;
2809 CADET_ChannelNumber mask;
2812 /* Set bit 30 depending on the ID relationship. Bit 31 is always 0 for GID.
2813 * If our ID is bigger or loopback tunnel, start at 0, bit 30 = 0
2814 * If peer's ID is bigger, start at 0x4... bit 30 = 1
2816 result = GNUNET_CRYPTO_cmp_peer_identity (&my_full_id, GCP_get_id (t->peer));
2821 t->next_chid |= mask;
2823 while (NULL != GCT_get_channel (t, t->next_chid))
2825 LOG (GNUNET_ERROR_TYPE_DEBUG, "Channel %u exists...\n", t->next_chid);
2826 t->next_chid = (t->next_chid + 1) & ~GNUNET_CADET_LOCAL_CHANNEL_ID_CLI;
2827 t->next_chid |= mask;
2829 chid = t->next_chid;
2830 t->next_chid = (t->next_chid + 1) & ~GNUNET_CADET_LOCAL_CHANNEL_ID_CLI;
2831 t->next_chid |= mask;
2838 * Send ACK on one or more channels due to buffer in connections.
2840 * @param t Channel which has some free buffer space.
2843 GCT_unchoke_channels (struct CadetTunnel *t)
2845 struct CadetTChannel *iter;
2846 unsigned int buffer;
2847 unsigned int channels = GCT_count_channels (t);
2848 unsigned int choked_n;
2849 struct CadetChannel *choked[channels];
2851 LOG (GNUNET_ERROR_TYPE_DEBUG, "GCT_unchoke_channels on %s\n", GCT_2s (t));
2852 LOG (GNUNET_ERROR_TYPE_DEBUG, " head: %p\n", t->channel_head);
2853 if (NULL != t->channel_head)
2854 LOG (GNUNET_ERROR_TYPE_DEBUG, " head ch: %p\n", t->channel_head->ch);
2856 /* Get buffer space */
2857 buffer = GCT_get_connections_buffer (t);
2863 /* Count and remember choked channels */
2865 for (iter = t->channel_head; NULL != iter; iter = iter->next)
2867 if (GNUNET_NO == get_channel_allowed (iter))
2869 choked[choked_n++] = iter->ch;
2873 /* Unchoke random channels */
2874 while (0 < buffer && 0 < choked_n)
2876 unsigned int r = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
2878 GCCH_allow_client (choked[r], GCCH_is_origin (choked[r], GNUNET_YES));
2881 choked[r] = choked[choked_n];
2887 * Send ACK on one or more connections due to buffer space to the client.
2889 * Iterates all connections of the tunnel and sends ACKs appropriately.
2894 GCT_send_connection_acks (struct CadetTunnel *t)
2896 struct CadetTConnection *iter;
2899 uint32_t allow_per_connection;
2901 unsigned int buffer;
2903 LOG (GNUNET_ERROR_TYPE_DEBUG, "Tunnel send connection ACKs on %s\n",
2912 buffer = GCT_get_channels_buffer (t);
2913 LOG (GNUNET_ERROR_TYPE_DEBUG, " buffer %u\n", buffer);
2915 /* Count connections, how many messages are already allowed */
2916 cs = GCT_count_connections (t);
2917 for (allowed = 0, iter = t->connection_head; NULL != iter; iter = iter->next)
2919 allowed += get_connection_allowed (iter);
2921 LOG (GNUNET_ERROR_TYPE_DEBUG, " allowed %u\n", allowed);
2923 /* Make sure there is no overflow */
2924 if (allowed > buffer)
2929 /* Authorize connections to send more data */
2930 to_allow = buffer; /* - allowed; */
2932 for (iter = t->connection_head;
2933 NULL != iter && to_allow > 0;
2936 allow_per_connection = to_allow/cs;
2937 to_allow -= allow_per_connection;
2939 if (get_connection_allowed (iter) > 64 / 3)
2943 GCC_allow (iter->c, allow_per_connection,
2944 GCC_is_origin (iter->c, GNUNET_NO));
2947 GNUNET_break (to_allow == 0);
2952 * Cancel a previously sent message while it's in the queue.
2954 * ONLY can be called before the continuation given to the send function
2955 * is called. Once the continuation is called, the message is no longer in the
2958 * @param q Handle to the queue.
2961 GCT_cancel (struct CadetTunnelQueue *q)
2966 /* tun_message_sent() will be called and free q */
2968 else if (NULL != q->tqd)
2970 unqueue_data (q->tqd);
2972 if (NULL != q->cont)
2973 q->cont (q->cont_cls, NULL, q, 0, 0);
2984 * Sends an already built message on a tunnel, encrypting it and
2985 * choosing the best connection if not provided.
2987 * @param message Message to send. Function modifies it.
2988 * @param t Tunnel on which this message is transmitted.
2989 * @param c Connection to use (autoselect if NULL).
2990 * @param force Force the tunnel to take the message (buffer overfill).
2991 * @param cont Continuation to call once message is really sent.
2992 * @param cont_cls Closure for @c cont.
2994 * @return Handle to cancel message. NULL if @c cont is NULL.
2996 struct CadetTunnelQueue *
2997 GCT_send_prebuilt_message (const struct GNUNET_MessageHeader *message,
2998 struct CadetTunnel *t, struct CadetConnection *c,
2999 int force, GCT_sent cont, void *cont_cls)
3001 return send_prebuilt_message (message, t, c, force, cont, cont_cls, NULL);
3006 * Is the tunnel directed towards the local peer?
3010 * @return #GNUNET_YES if it is loopback.
3013 GCT_is_loopback (const struct CadetTunnel *t)
3015 return (myid == GCP_get_short_id (t->peer));
3020 * Is the tunnel this path already?
3025 * @return #GNUNET_YES a connection uses this path.
3028 GCT_is_path_used (const struct CadetTunnel *t, const struct CadetPeerPath *p)
3030 struct CadetTConnection *iter;
3032 for (iter = t->connection_head; NULL != iter; iter = iter->next)
3033 if (GCC_get_path (iter->c) == p)
3041 * Get a cost of a path for a tunnel considering existing connections.
3044 * @param path Candidate path.
3046 * @return Cost of the path (path length + number of overlapping nodes)
3049 GCT_get_path_cost (const struct CadetTunnel *t,
3050 const struct CadetPeerPath *path)
3052 struct CadetTConnection *iter;
3053 const struct CadetPeerPath *aux;
3054 unsigned int overlap;
3062 GNUNET_assert (NULL != t);
3064 for (i = 0; i < path->length; i++)
3066 for (iter = t->connection_head; NULL != iter; iter = iter->next)
3068 aux = GCC_get_path (iter->c);
3072 for (j = 0; j < aux->length; j++)
3074 if (path->peers[i] == aux->peers[j])
3082 return path->length + overlap;
3087 * Get the static string for the peer this tunnel is directed.
3091 * @return Static string the destination peer's ID.
3094 GCT_2s (const struct CadetTunnel *t)
3099 return GCP_2s (t->peer);
3103 /******************************************************************************/
3104 /***************************** INFO/DEBUG *******************************/
3105 /******************************************************************************/
3108 * Log all possible info about the tunnel state.
3110 * @param t Tunnel to debug.
3111 * @param level Debug level to use.
3114 GCT_debug (const struct CadetTunnel *t, enum GNUNET_ErrorType level)
3116 struct CadetTChannel *iterch;
3117 struct CadetTConnection *iterc;
3119 LOG (level, "TTT DEBUG TUNNEL TOWARDS %s\n", GCT_2s (t));
3120 LOG (level, "TTT cstate %s, estate %s\n",
3121 cstate2s (t->cstate), estate2s (t->estate));
3122 LOG (level, "TTT kx_ctx %p, rekey_task %u\n", t->kx_ctx, t->rekey_task);
3123 LOG (level, "TTT tq_head %p, tq_tail %p\n", t->tq_head, t->tq_tail);
3124 LOG (level, "TTT destroy %u\n", t->destroy_task);
3126 LOG (level, "TTT channels:\n");
3127 for (iterch = t->channel_head; NULL != iterch; iterch = iterch->next)
3129 LOG (level, "TTT - %s\n", GCCH_2s (iterch->ch));
3132 LOG (level, "TTT connections:\n");
3133 for (iterc = t->connection_head; NULL != iterc; iterc = iterc->next)
3135 LOG (level, "TTT - %s [%u] buf: %u/%u (qn %u/%u)\n",
3136 GCC_2s (iterc->c), GCC_get_state (iterc->c),
3137 GCC_get_buffer (iterc->c, GNUNET_YES),
3138 GCC_get_buffer (iterc->c, GNUNET_NO),
3139 GCC_get_qn (iterc->c, GNUNET_YES),
3140 GCC_get_qn (iterc->c, GNUNET_NO));
3143 LOG (level, "TTT DEBUG TUNNEL END\n");
3148 * Iterate all tunnels.
3150 * @param iter Iterator.
3151 * @param cls Closure for @c iter.
3154 GCT_iterate_all (GNUNET_CONTAINER_PeerMapIterator iter, void *cls)
3156 GNUNET_CONTAINER_multipeermap_iterate (tunnels, iter, cls);
3161 * Count all tunnels.
3163 * @return Number of tunnels to remote peers kept by this peer.
3166 GCT_count_all (void)
3168 return GNUNET_CONTAINER_multipeermap_size (tunnels);
3173 * Iterate all connections of a tunnel.
3175 * @param t Tunnel whose connections to iterate.
3176 * @param iter Iterator.
3177 * @param cls Closure for @c iter.
3180 GCT_iterate_connections (struct CadetTunnel *t, GCT_conn_iter iter, void *cls)
3182 struct CadetTConnection *ct;
3184 for (ct = t->connection_head; NULL != ct; ct = ct->next)
3190 * Iterate all channels of a tunnel.
3192 * @param t Tunnel whose channels to iterate.
3193 * @param iter Iterator.
3194 * @param cls Closure for @c iter.
3197 GCT_iterate_channels (struct CadetTunnel *t, GCT_chan_iter iter, void *cls)
3199 struct CadetTChannel *cht;
3201 for (cht = t->channel_head; NULL != cht; cht = cht->next)
3202 iter (cls, cht->ch);