2 This file is part of GNUnet
3 Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 SPDX-License-Identifier: AGPL3.0-or-later
22 * @file transport/gnunet-communicator-udp.c
23 * @brief Transport plugin using UDP.
24 * @author Christian Grothoff
27 * - implement main BOXed sending logic
28 * - figure out what to do with MTU: 1280 for IPv6 is obvious;
29 * what for IPv4? 1500? Also, consider differences in
30 * headers for with/without box: need to give MIN of both
31 * to TNG (as TNG expects a fixed MTU!), or maybe
32 * we create a FRESH MQ while we have available BOXes SQNs?
33 * (otherwise padding will REALLY hurt)
34 * - add and use util/ check for IPv6 availability (#V6)
35 * - consider imposing transmission limits in the absence
36 * of ACKs; or: maybe this should be done at TNG service level?
37 * - support broadcasting for neighbour discovery (#)
38 * (think: what was the story again on address validation?
39 * where is the API for that!?!)
40 * - support DNS names in BINDTO option (#5528)
41 * - support NAT connection reversal method (#5529)
42 * - support other UDP-specific NAT traversal methods (#)
45 #include "gnunet_util_lib.h"
46 #include "gnunet_protocols.h"
47 #include "gnunet_signatures.h"
48 #include "gnunet_constants.h"
49 #include "gnunet_nt_lib.h"
50 #include "gnunet_nat_service.h"
51 #include "gnunet_statistics_service.h"
52 #include "gnunet_transport_communication_service.h"
55 * How often do we rekey based on time (at least)
57 #define REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
60 * How long do we wait until we must have received the initial KX?
62 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
67 #define AES_KEY_SIZE (256/8)
72 #define AES_IV_SIZE (96/8)
75 * Size of the GCM tag.
77 #define GCM_TAG_SIZE (128/8)
80 * If we fall below this number of available KCNs,
81 * we generate additional ACKs until we reach
83 * Should be large enough that we don't generate ACKs all
84 * the time and still have enough time for the ACK to
85 * arrive before the sender runs out. So really this
86 * should ideally be based on the RTT.
88 #define KCN_THRESHOLD 92
91 * How many KCNs do we keep around *after* we hit
92 * the #KCN_THRESHOLD? Should be larger than
93 * #KCN_THRESHOLD so we do not generate just one
96 #define KCN_TARGET 128
99 * What is the maximum delta between KCN sequence numbers
100 * that we allow. Used to expire 'ancient' KCNs that likely
101 * were dropped by the network. Must be larger than
102 * KCN_TARGET (otherwise we generate new KCNs all the time),
103 * but not too large (otherwise packet loss may cause
104 * sender to fall back to KX needlessly when sender runs
105 * out of ACK'ed KCNs due to losses).
107 #define MAX_SQN_DELTA 160
110 * How many shared master secrets do we keep around
111 * at most per sender? Should be large enough so
112 * that we generally have a chance of sending an ACK
113 * before the sender already rotated out the master
114 * secret. Generally values around #KCN_TARGET make
115 * sense. Might make sense to adapt to RTT if we had
116 * a good measurement...
118 #define MAX_SECRETS 128
121 * How often do we rekey based on number of bytes transmitted?
122 * (additionally randomized).
124 #define REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
127 * Address prefix used by the communicator.
130 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
133 * Configuration section used by the communicator.
135 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
137 GNUNET_NETWORK_STRUCT_BEGIN
141 * Signature we use to verify that the ephemeral key was really chosen by
142 * the specified sender. If possible, the receiver should respond with
143 * a `struct UDPAck` (possibly via backchannel).
145 struct UdpHandshakeSignature
148 * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
150 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
153 * Identity of the inititor of the UDP connection (UDP client).
155 struct GNUNET_PeerIdentity sender;
158 * Presumed identity of the target of the UDP connection (UDP server)
160 struct GNUNET_PeerIdentity receiver;
163 * Ephemeral key used by the @e sender.
165 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral;
168 * Monotonic time of @e sender, to possibly help detect replay attacks
169 * (if receiver persists times by sender).
171 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
176 * "Plaintext" header at beginning of KX message. Followed
177 * by encrypted `struct UDPConfirmation`.
183 * Ephemeral key for KX.
185 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral;
188 * HMAC for the following encrypted message, using GCM. HMAC uses
189 * key derived from the handshake with sequence number zero.
191 char gcm_tag[GCM_TAG_SIZE];
197 * Encrypted continuation of UDP initial handshake, followed
198 * by message header with payload.
200 struct UDPConfirmation
205 struct GNUNET_PeerIdentity sender;
208 * Sender's signature of type #GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
210 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
213 * Monotonic time of @e sender, to possibly help detect replay attacks
214 * (if receiver persists times by sender).
216 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
218 /* followed by messages */
220 /* padding may follow actual messages */
225 * UDP key acknowledgement. May be sent via backchannel. Allows the
226 * sender to use `struct UDPBox` with the acknowledge key henceforth.
232 * Type is #GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
234 struct GNUNET_MessageHeader header;
237 * Sequence acknowledgement limit. Specifies current maximum sequence
238 * number supported by receiver.
240 uint32_t sequence_max GNUNET_PACKED;
243 * CMAC of the base key being acknowledged.
245 struct GNUNET_HashCode cmac;
251 * Signature we use to verify that the broadcast was really made by
252 * the peer that claims to have made it. Basically, affirms that the
253 * peer is really using this IP address (albeit possibly not in _our_
254 * LAN). Makes it difficult for peers in the LAN to claim to
255 * be just any global peer -- an attacker must have at least
256 * shared a LAN with the peer they're pretending to be here.
258 struct UdpBroadcastSignature
261 * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
263 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
266 * Identity of the inititor of the UDP broadcast.
268 struct GNUNET_PeerIdentity sender;
271 * Hash of the sender's UDP address.
273 struct GNUNET_HashCode h_address;
278 * Broadcast by peer in LAN announcing its presence. Unusual in that
279 * we don't pad these to full MTU, as we cannot prevent being
280 * recognized in LAN as GNUnet peers if this feature is enabled
281 * anyway. Also, the entire message is in cleartext.
287 * Sender's peer identity.
289 struct GNUNET_PeerIdentity sender;
292 * Sender's signature of type
293 * #GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST
295 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
301 * UDP message box. Always sent encrypted, only allowed after
302 * the receiver sent a `struct UDPAck` for the base key!
308 * Key and IV identification code. KDF applied to an acknowledged
309 * base key and a sequence number. Sequence numbers must be used
310 * monotonically increasing up to the maximum specified in
311 * `struct UDPAck`. Without further `struct UDPAck`s, the sender
312 * must fall back to sending handshakes!
314 struct GNUNET_ShortHashCode kid;
317 * 128-bit authentication tag for the following encrypted message,
318 * from GCM. MAC starts at the @e body_start that follows and
319 * extends until the end of the UDP payload. If the @e hmac is
320 * wrong, the receiver should check if the message might be a
321 * `struct UdpHandshakeSignature`.
323 char gcm_tag[GCM_TAG_SIZE];
328 GNUNET_NETWORK_STRUCT_END
331 * Shared secret we generated for a particular sender or receiver.
337 * Pre-generated "kid" code (key and IV identification code) to
338 * quickly derive master key for a `struct UDPBox`.
346 struct KeyCacheEntry *next;
351 struct KeyCacheEntry *prev;
354 * Key and IV identification code. KDF applied to an acknowledged
355 * base key and a sequence number. Sequence numbers must be used
356 * monotonically increasing up to the maximum specified in
357 * `struct UDPAck`. Without further `struct UDPAck`s, the sender
358 * must fall back to sending handshakes!
360 struct GNUNET_ShortHashCode kid;
363 * Corresponding shared secret.
365 struct SharedSecret *ss;
368 * Sequence number used to derive this entry from master key.
370 uint32_t sequence_number;
375 * Information we track per sender address we have recently been
376 * in contact with (decryption from sender).
378 struct SenderAddress;
381 * Information we track per receiving address we have recently been
382 * in contact with (encryption to receiver).
384 struct ReceiverAddress;
387 * Shared secret we generated for a particular sender or receiver.
394 struct SharedSecret *next;
399 struct SharedSecret *prev;
402 * Kept in a DLL, sorted by sequence number. Only if we are decrypting.
404 struct KeyCacheEntry *kce_head;
407 * Kept in a DLL, sorted by sequence number. Only if we are decrypting.
409 struct KeyCacheEntry *kce_tail;
412 * Sender we use this shared secret with, or NULL.
414 struct SenderAddress *sender;
417 * Receiver we use this shared secret with, or NULL.
419 struct ReceiverAddress *receiver;
422 * Master shared secret.
424 struct GNUNET_HashCode master;
427 * CMAC is used to identify @e master in ACKs.
429 struct GNUNET_HashCode cmac;
432 * Up to which sequence number did we use this @e master already?
433 * (for encrypting only)
435 uint32_t sequence_used;
438 * Up to which sequence number did the other peer allow us to use
439 * this key, or up to which number did we allow the other peer to
442 uint32_t sequence_allowed;
445 * Number of active KCN entries.
447 unsigned int active_kce_count;
452 * Information we track per sender address we have recently been
453 * in contact with (we decrypt messages from the sender).
459 * To whom are we talking to.
461 struct GNUNET_PeerIdentity target;
464 * Entry in sender expiration heap.
466 struct GNUNET_CONTAINER_HeapNode *hn;
469 * Shared secrets we used with @e target, first used is head.
471 struct SharedSecret *ss_head;
474 * Shared secrets we used with @e target, last used is tail.
476 struct SharedSecret *ss_tail;
479 * Address of the other peer.
481 struct sockaddr *address;
484 * Length of the address.
486 socklen_t address_len;
489 * Timeout for this sender.
491 struct GNUNET_TIME_Absolute timeout;
494 * Length of the DLL at @a ss_head.
496 unsigned int num_secrets;
499 * Which network type does this queue use?
501 enum GNUNET_NetworkType nt;
507 * Information we track per receiving address we have recently been
508 * in contact with (encryption to receiver).
510 struct ReceiverAddress
514 * To whom are we talking to.
516 struct GNUNET_PeerIdentity target;
519 * Shared secrets we received from @e target, first used is head.
521 struct SharedSecret *ss_head;
524 * Shared secrets we received with @e target, last used is tail.
526 struct SharedSecret *ss_tail;
529 * Address of the other peer.
531 struct sockaddr *address;
534 * Length of the address.
536 socklen_t address_len;
539 * Entry in sender expiration heap.
541 struct GNUNET_CONTAINER_HeapNode *hn;
544 * Message queue we are providing for the #ch.
546 struct GNUNET_MQ_Handle *mq;
549 * handle for this queue with the #ch.
551 struct GNUNET_TRANSPORT_QueueHandle *qh;
554 * Timeout for this receiver address.
556 struct GNUNET_TIME_Absolute timeout;
559 * MTU we allowed transport for this receiver right now.
564 * Length of the DLL at @a ss_head.
566 unsigned int num_secrets;
569 * Which network type does this queue use?
571 enum GNUNET_NetworkType nt;
577 * Cache of pre-generated key IDs.
579 static struct GNUNET_CONTAINER_MultiShortmap *key_cache;
584 static struct GNUNET_SCHEDULER_Task *read_task;
589 static struct GNUNET_SCHEDULER_Task *timeout_task;
592 * For logging statistics.
594 static struct GNUNET_STATISTICS_Handle *stats;
599 static struct GNUNET_TRANSPORT_CommunicatorHandle *ch;
602 * Receivers (map from peer identity to `struct ReceiverAddress`)
604 static struct GNUNET_CONTAINER_MultiPeerMap *receivers;
607 * Senders (map from peer identity to `struct SenderAddress`)
609 static struct GNUNET_CONTAINER_MultiPeerMap *senders;
612 * Expiration heap for senders (contains `struct SenderAddress`)
614 static struct GNUNET_CONTAINER_Heap *senders_heap;
617 * Expiration heap for receivers (contains `struct ReceiverAddress`)
619 static struct GNUNET_CONTAINER_Heap *receivers_heap;
624 static struct GNUNET_NETWORK_Handle *udp_sock;
629 static struct GNUNET_PeerIdentity my_identity;
634 static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key;
639 static const struct GNUNET_CONFIGURATION_Handle *cfg;
642 * Network scanner to determine network types.
644 static struct GNUNET_NT_InterfaceScanner *is;
647 * Connection to NAT service.
649 static struct GNUNET_NAT_Handle *nat;
653 * Functions with this signature are called whenever we need
654 * to close a receiving state due to timeout.
656 * @param receiver entity to close down
659 receiver_destroy (struct ReceiverAddress *receiver)
661 struct GNUNET_MQ_Handle *mq;
663 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
664 "Disconnecting receiver for peer `%s'\n",
665 GNUNET_i2s (&receiver->target));
666 if (NULL != (mq = receiver->mq))
669 GNUNET_MQ_destroy (mq);
671 GNUNET_assert (GNUNET_YES ==
672 GNUNET_CONTAINER_multipeermap_remove (receivers,
675 GNUNET_assert (receiver ==
676 GNUNET_CONTAINER_heap_remove_node (receiver->hn));
677 GNUNET_STATISTICS_set (stats,
678 "# receivers active",
679 GNUNET_CONTAINER_multipeermap_size (receivers),
681 GNUNET_free (receiver->address);
682 GNUNET_free (receiver);
687 * Free memory used by key cache entry.
689 * @param kce the key cache entry
692 kce_destroy (struct KeyCacheEntry *kce)
694 struct SharedSecret *ss = kce->ss;
696 ss->active_kce_count--;
697 GNUNET_CONTAINER_DLL_remove (ss->kce_head,
700 GNUNET_assert (GNUNET_YES ==
701 GNUNET_CONTAINER_multishortmap_remove (key_cache,
711 * @param msec master secret for HMAC calculation
712 * @param serial number for the @a smac calculation
713 * @param kid[out] where to write the key ID
716 get_kid (const struct GNUNET_HashCode *msec,
718 struct GNUNET_ShortHashCode *kid)
720 uint32_t sid = htonl (serial);
722 GNUNET_CRYPTO_hkdf (kid,
737 * Setup key cache entry for sequence number @a seq and shared secret @a ss.
739 * @param ss shared secret
740 * @param seq sequence number for the key cache entry
743 kce_generate (struct SharedSecret *ss,
746 struct KeyCacheEntry *kce;
748 GNUNET_assert (0 < seq);
749 kce = GNUNET_new (struct KeyCacheEntry);
751 kce->sequence_number = seq;
752 get_kid (&ss->master,
755 GNUNET_CONTAINER_DLL_insert (ss->kce_head,
758 ss->active_kce_count++;
759 (void) GNUNET_CONTAINER_multishortmap_put (key_cache,
762 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
763 GNUNET_STATISTICS_set (stats,
765 GNUNET_CONTAINER_multishortmap_size (key_cache),
771 * Destroy @a ss and associated key cache entries.
773 * @param ss shared secret to destroy
776 secret_destroy (struct SharedSecret *ss)
778 struct SenderAddress *sender;
779 struct ReceiverAddress *receiver;
780 struct KeyCacheEntry *kce;
782 if (NULL != (sender = ss->sender))
784 GNUNET_CONTAINER_DLL_remove (sender->ss_head,
787 sender->num_secrets--;
789 if (NULL != (receiver = ss->receiver))
791 GNUNET_CONTAINER_DLL_remove (receiver->ss_head,
794 receiver->num_secrets--;
796 while (NULL != (kce = ss->kce_head))
798 GNUNET_STATISTICS_update (stats,
802 GNUNET_STATISTICS_set (stats,
804 GNUNET_CONTAINER_multishortmap_size (key_cache),
811 * Functions with this signature are called whenever we need
812 * to close a sender's state due to timeout.
814 * @param sender entity to close down
817 sender_destroy (struct SenderAddress *sender)
819 GNUNET_assert (GNUNET_YES ==
820 GNUNET_CONTAINER_multipeermap_remove (senders,
823 GNUNET_assert (sender ==
824 GNUNET_CONTAINER_heap_remove_node (sender->hn));
825 GNUNET_STATISTICS_set (stats,
827 GNUNET_CONTAINER_multipeermap_size (senders),
829 GNUNET_free (sender->address);
830 GNUNET_free (sender);
835 * Compute @a key and @a iv.
837 * @param msec master secret for calculation
838 * @param serial number for the @a smac calculation
839 * @param key[out] where to write the decrption key
840 * @param iv[out] where to write the IV
843 get_iv_key (const struct GNUNET_HashCode *msec,
845 char key[AES_KEY_SIZE],
846 char iv[AES_IV_SIZE])
848 uint32_t sid = htonl (serial);
849 char res[AES_KEY_SIZE + AES_IV_SIZE];
851 GNUNET_CRYPTO_hkdf (res,
860 strlen ("UDP-IV-KEY"),
872 * Increment sender timeout due to activity.
874 * @param sender address for which the timeout should be rescheduled
877 reschedule_sender_timeout (struct SenderAddress *sender)
880 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
881 GNUNET_CONTAINER_heap_update_cost (sender->hn,
882 sender->timeout.abs_value_us);
887 * Increment receiver timeout due to activity.
889 * @param receiver address for which the timeout should be rescheduled
892 reschedule_receiver_timeout (struct ReceiverAddress *receiver)
895 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
896 GNUNET_CONTAINER_heap_update_cost (receiver->hn,
897 receiver->timeout.abs_value_us);
902 * Task run to check #receiver_heap and #sender_heap for timeouts.
904 * @param cls unused, NULL
907 check_timeouts (void *cls)
909 struct GNUNET_TIME_Relative st;
910 struct GNUNET_TIME_Relative rt;
911 struct GNUNET_TIME_Relative delay;
912 struct ReceiverAddress *receiver;
913 struct SenderAddress *sender;
917 rt = GNUNET_TIME_UNIT_FOREVER_REL;
918 while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
920 rt = GNUNET_TIME_absolute_get_remaining (receiver->timeout);
921 if (0 != rt.rel_value_us)
923 receiver_destroy (receiver);
925 st = GNUNET_TIME_UNIT_FOREVER_REL;
926 while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
928 st = GNUNET_TIME_absolute_get_remaining (receiver->timeout);
929 if (0 != st.rel_value_us)
931 sender_destroy (sender);
933 delay = GNUNET_TIME_relative_min (rt,
935 if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
936 timeout_task = GNUNET_SCHEDULER_add_delayed (delay,
943 * Calcualte cmac from master in @a ss.
945 * @param ss[in,out] data structure to complete
948 calculate_cmac (struct SharedSecret *ss)
950 GNUNET_CRYPTO_hkdf (&ss->cmac,
965 * We received @a plaintext_len bytes of @a plaintext from a @a sender.
966 * Pass it on to CORE.
968 * @param queue the queue that received the plaintext
969 * @param plaintext the plaintext that was received
970 * @param plaintext_len number of bytes of plaintext received
973 pass_plaintext_to_core (struct SenderAddress *sender,
974 const void *plaintext,
975 size_t plaintext_len)
977 const struct GNUNET_MessageHeader *hdr = plaintext;
979 while (ntohs (hdr->size) < plaintext_len)
981 GNUNET_STATISTICS_update (stats,
982 "# bytes given to core",
985 (void) GNUNET_TRANSPORT_communicator_receive (ch,
988 NULL /* no flow control possible */,
990 /* move on to next message, if any */
991 plaintext_len -= ntohs (hdr->size);
992 if (plaintext_len < sizeof (*hdr))
994 hdr = plaintext + ntohs (hdr->size);
996 GNUNET_STATISTICS_update (stats,
997 "# bytes padding discarded",
1004 * Setup @a cipher based on shared secret @a msec and
1005 * serial number @a serial.
1007 * @param msec master shared secret
1008 * @param serial serial number of cipher to set up
1009 * @param cipher[out] cipher to initialize
1012 setup_cipher (const struct GNUNET_HashCode *msec,
1014 gcry_cipher_hd_t *cipher)
1016 char key[AES_KEY_SIZE];
1017 char iv[AES_IV_SIZE];
1019 gcry_cipher_open (cipher,
1020 GCRY_CIPHER_AES256 /* low level: go for speed */,
1021 GCRY_CIPHER_MODE_GCM,
1027 gcry_cipher_setkey (*cipher,
1030 gcry_cipher_setiv (*cipher,
1037 * Try to decrypt @a buf using shared secret @a ss and key/iv
1038 * derived using @a serial.
1040 * @param ss shared secret
1041 * @param tag GCM authentication tag
1042 * @param serial serial number to use
1043 * @param in_buf input buffer to decrypt
1044 * @param in_buf_size number of bytes in @a in_buf and available in @a out_buf
1045 * @param out_buf where to write the result
1046 * @return #GNUNET_OK on success
1049 try_decrypt (const struct SharedSecret *ss,
1050 const char tag[GCM_TAG_SIZE],
1056 gcry_cipher_hd_t cipher;
1058 setup_cipher (&ss->master,
1062 gcry_cipher_decrypt (cipher,
1068 gcry_cipher_checktag (cipher,
1072 gcry_cipher_close (cipher);
1073 GNUNET_STATISTICS_update (stats,
1074 "# AEAD authentication failures",
1077 return GNUNET_SYSERR;
1079 gcry_cipher_close (cipher);
1085 * Setup shared secret for decryption.
1087 * @param ephemeral ephemeral key we received from the other peer
1088 * @return new shared secret
1090 static struct SharedSecret *
1091 setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
1093 struct SharedSecret *ss;
1095 ss = GNUNET_new (struct SharedSecret);
1096 GNUNET_CRYPTO_eddsa_ecdh (my_private_key,
1104 * Setup shared secret for encryption.
1106 * @param ephemeral ephemeral key we are sending to the other peer
1107 * @param receiver[in,out] queue to initialize encryption key for
1108 * @return new shared secret
1110 static struct SharedSecret *
1111 setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral,
1112 struct ReceiverAddress *receiver)
1114 struct SharedSecret *ss;
1116 ss = GNUNET_new (struct SharedSecret);
1117 GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1118 &receiver->target.public_key,
1120 calculate_cmac (ss);
1121 ss->receiver = receiver;
1122 GNUNET_CONTAINER_DLL_insert (receiver->ss_head,
1125 receiver->num_secrets++;
1126 GNUNET_STATISTICS_update (stats,
1135 * We received an ACK for @a pid. Check if it is for
1136 * the receiver in @a value and if so, handle it and
1137 * return #GNUNET_NO. Otherwise, return #GNUNET_YES.
1139 * @param cls a `const struct UDPAck`
1140 * @param pid peer the ACK is from
1141 * @param value a `struct ReceiverAddress`
1142 * @return #GNUNET_YES to continue to iterate
1145 handle_ack (void *cls,
1146 const struct GNUNET_PeerIdentity *pid,
1149 const struct UDPAck *ack = cls;
1150 struct ReceiverAddress *receiver = value;
1153 for (struct SharedSecret *ss = receiver->ss_head;
1157 if (0 == memcmp (&ack->cmac,
1159 sizeof (struct GNUNET_HashCode)))
1161 ss->sequence_allowed = GNUNET_MAX (ss->sequence_allowed,
1162 ntohl (ack->sequence_max));
1163 /* move ss to head to avoid discarding it anytime soon! */
1164 GNUNET_CONTAINER_DLL_remove (receiver->ss_head,
1167 GNUNET_CONTAINER_DLL_insert (receiver->ss_head,
1170 /* FIXME: if this changed sequence_allowed,
1171 update MTU / MQ of 'receiver'! */
1180 * Test if we have received a valid message in plaintext.
1183 * @param sender peer to process inbound plaintext for
1184 * @param buf buffer we received
1185 * @param buf_size number of bytes in @a buf
1188 try_handle_plaintext (struct SenderAddress *sender,
1192 const struct GNUNET_MessageHeader *hdr
1193 = (const struct GNUNET_MessageHeader *) buf;
1194 const struct UDPAck *ack
1195 = (const struct UDPAck *) buf;
1198 if (sizeof (*hdr) > buf_size)
1199 return; /* not even a header */
1200 if (ntohs (hdr->size) > buf_size)
1201 return; /* not even a header */
1202 type = ntohs (hdr->type);
1205 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK:
1206 /* lookup master secret by 'cmac', then update sequence_max */
1207 GNUNET_CONTAINER_multipeermap_get_multiple (receivers,
1211 /* There could be more messages after the ACK, handle those as well */
1212 buf += ntohs (hdr->size);
1213 buf_size -= ntohs (hdr->size);
1214 pass_plaintext_to_core (sender,
1218 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD:
1222 pass_plaintext_to_core (sender,
1230 * We established a shared secret with a sender. We should try to send
1231 * the sender an `struct UDPAck` at the next opportunity to allow the
1232 * sender to use @a ss longer (assuming we did not yet already
1235 * @param ss shared secret to generate ACKs for
1238 consider_ss_ack (struct SharedSecret *ss)
1240 GNUNET_assert (NULL != ss->sender);
1241 /* drop ancient KeyCacheEntries */
1242 while ( (NULL != ss->kce_head) &&
1243 (MAX_SQN_DELTA < ss->kce_head->sequence_number - ss->kce_tail->sequence_number) )
1244 kce_destroy (ss->kce_tail);
1245 if (ss->active_kce_count < KCN_THRESHOLD)
1249 while (ss->active_kce_count < KCN_TARGET)
1251 ++ss->sequence_allowed);
1252 ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK);
1253 ack.header.size = htons (sizeof (ack));
1254 ack.sequence_max = htonl (ss->sequence_allowed);
1255 ack.cmac = ss->cmac;
1256 GNUNET_TRANSPORT_communicator_notify (ch,
1257 &ss->sender->target,
1258 COMMUNICATOR_ADDRESS_PREFIX,
1265 * We received a @a box with matching @a kce. Decrypt and process it.
1267 * @param box the data we received
1268 * @param box_len number of bytes in @a box
1269 * @param kce key index to decrypt @a box
1272 decrypt_box (const struct UDPBox *box,
1274 struct KeyCacheEntry *kce)
1276 struct SharedSecret *ss = kce->ss;
1277 char out_buf[box_len - sizeof (*box)];
1279 GNUNET_assert (NULL != ss->sender);
1283 kce->sequence_number,
1284 (const char *) &box[1],
1288 GNUNET_STATISTICS_update (stats,
1289 "# Decryption failures with valid KCE",
1296 GNUNET_STATISTICS_update (stats,
1297 "# bytes decrypted with BOX",
1300 try_handle_plaintext (ss->sender,
1303 consider_ss_ack (ss);
1308 * Closure for #find_sender_by_address()
1310 struct SearchContext
1313 * Address we are looking for.
1315 const struct sockaddr *address;
1318 * Number of bytes in @e address.
1320 socklen_t address_len;
1323 * Return value to set if we found a match.
1325 struct SenderAddress *sender;
1330 * Find existing `struct SenderAddress` by matching addresses.
1332 * @param cls a `struct SearchContext`
1333 * @param key ignored, must match already
1334 * @param value a `struct SenderAddress`
1335 * @return #GNUNET_YES if not found (continue to search), #GNUNET_NO if found
1338 find_sender_by_address (void *cls,
1339 const struct GNUNET_PeerIdentity *key,
1342 struct SearchContext *sc = cls;
1343 struct SenderAddress *sender = value;
1345 if ( (sender->address_len == sc->address_len) &&
1346 (0 == memcmp (sender->address,
1348 sender->address_len)) )
1350 sc->sender = sender;
1351 return GNUNET_NO; /* stop iterating! */
1358 * Create sender address for @a target. Note that we
1359 * might already have one, so a fresh one is only allocated
1360 * if one does not yet exist for @a address.
1362 * @param target peer to generate address for
1363 * @param address target address
1364 * @param address_len number of bytes in @a address
1365 * @return data structure to keep track of key material for
1366 * decrypting data from @a target
1368 static struct SenderAddress *
1369 setup_sender (const struct GNUNET_PeerIdentity *target,
1370 const struct sockaddr *address,
1371 socklen_t address_len)
1373 struct SenderAddress *sender;
1374 struct SearchContext sc = {
1376 .address_len = address_len,
1380 GNUNET_CONTAINER_multipeermap_get_multiple (senders,
1382 &find_sender_by_address,
1384 if (NULL != sc.sender)
1386 reschedule_sender_timeout (sc.sender);
1389 sender = GNUNET_new (struct SenderAddress);
1390 sender->target = *target;
1391 sender->address = GNUNET_memdup (address,
1393 sender->address_len = address_len;
1394 (void) GNUNET_CONTAINER_multipeermap_put (senders,
1397 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1398 GNUNET_STATISTICS_set (stats,
1400 GNUNET_CONTAINER_multipeermap_size (receivers),
1403 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1404 sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1406 sender->timeout.abs_value_us);
1407 sender->nt = GNUNET_NT_scanner_get_type (is,
1410 if (NULL == timeout_task)
1411 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts,
1418 * Check signature from @a uc against @a ephemeral.
1420 * @param ephermal key that is signed
1421 * @param uc signature of claimant
1422 * @return #GNUNET_OK if signature is valid
1425 verify_confirmation (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral,
1426 const struct UDPConfirmation *uc)
1428 struct UdpHandshakeSignature uhs;
1430 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE);
1431 uhs.purpose.size = htonl (sizeof (uhs));
1432 uhs.sender = uc->sender;
1433 uhs.receiver = my_identity;
1434 uhs.ephemeral = *ephemeral;
1435 uhs.monotonic_time = uc->monotonic_time;
1436 return GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE,
1439 &uc->sender.public_key);
1449 sock_read (void *cls)
1451 struct sockaddr_storage sa;
1452 socklen_t salen = sizeof (sa);
1453 char buf[UINT16_MAX];
1458 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1462 rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1465 (struct sockaddr *) &sa,
1469 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG,
1474 /* first, see if it is a UDPBox */
1475 if (rcvd > sizeof (struct UDPBox))
1477 const struct UDPBox *box;
1478 struct KeyCacheEntry *kce;
1480 box = (const struct UDPBox *) buf;
1481 kce = GNUNET_CONTAINER_multishortmap_get (key_cache,
1492 /* next, check if it is a broadcast */
1493 if (sizeof (struct UDPBroadcast) == rcvd)
1495 const struct UDPBroadcast *ub;
1496 struct UdpBroadcastSignature uhs;
1498 ub = (const struct UDPBroadcast *) buf;
1499 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST);
1500 uhs.purpose.size = htonl (sizeof (uhs));
1501 uhs.sender = ub->sender;
1502 GNUNET_CRYPTO_hash (&sa,
1506 GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_COMMUNICATOR_UDP_BROADCAST,
1509 &ub->sender.public_key))
1511 GNUNET_STATISTICS_update (stats,
1512 "# broadcasts received",
1515 // FIXME: we effectively just got a HELLO!
1516 // trigger verification NOW!
1519 /* continue with KX, mostly for statistics... */
1523 /* finally, test if it is a KX */
1524 if (rcvd < sizeof (struct UDPConfirmation) + sizeof (struct InitialKX))
1526 GNUNET_STATISTICS_update (stats,
1527 "# messages dropped (no kid, too small for KX)",
1534 const struct InitialKX *kx;
1535 struct SharedSecret *ss;
1536 char pbuf[rcvd - sizeof (struct InitialKX)];
1537 const struct UDPConfirmation *uc;
1538 struct SenderAddress *sender;
1540 kx = (const struct InitialKX *) buf;
1541 ss = setup_shared_secret_dec (&kx->ephemeral);
1551 GNUNET_STATISTICS_update (stats,
1552 "# messages dropped (no kid, AEAD decryption failed)",
1557 uc = (const struct UDPConfirmation *) pbuf;
1559 verify_confirmation (&kx->ephemeral,
1562 GNUNET_break_op (0);
1564 GNUNET_STATISTICS_update (stats,
1565 "# messages dropped (sender signature invalid)",
1570 calculate_cmac (ss);
1571 sender = setup_sender (&uc->sender,
1572 (const struct sockaddr *) &sa,
1574 ss->sender = sender;
1575 GNUNET_CONTAINER_DLL_insert (sender->ss_head,
1578 sender->num_secrets++;
1579 GNUNET_STATISTICS_update (stats,
1583 GNUNET_STATISTICS_update (stats,
1584 "# messages decrypted without BOX",
1587 try_handle_plaintext (sender,
1589 sizeof (pbuf) - sizeof (*uc));
1590 consider_ss_ack (ss);
1591 if (sender->num_secrets > MAX_SECRETS)
1592 secret_destroy (sender->ss_tail);
1598 * Convert UDP bind specification to a `struct sockaddr *`
1600 * @param bindto bind specification to convert
1601 * @param[out] sock_len set to the length of the address
1602 * @return converted bindto specification
1604 static struct sockaddr *
1605 udp_address_to_sockaddr (const char *bindto,
1606 socklen_t *sock_len)
1608 struct sockaddr *in;
1614 if (1 == SSCANF (bindto,
1619 /* interpreting value as just a PORT number */
1620 if (port > UINT16_MAX)
1622 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1623 "BINDTO specification `%s' invalid: value too large for port\n",
1627 /* FIXME #V6: add test to util/ for IPv6 availability,
1628 and depending on the result, go directly for v4-only */
1630 GNUNET_CONFIGURATION_get_value_yesno (cfg,
1631 COMMUNICATOR_CONFIG_SECTION,
1634 struct sockaddr_in *i4;
1636 i4 = GNUNET_malloc (sizeof (struct sockaddr_in));
1637 i4->sin_family = AF_INET;
1638 i4->sin_port = htons ((uint16_t) port);
1639 *sock_len = sizeof (struct sockaddr_in);
1640 in = (struct sockaddr *) i4;
1644 struct sockaddr_in6 *i6;
1646 i6 = GNUNET_malloc (sizeof (struct sockaddr_in6));
1647 i6->sin6_family = AF_INET6;
1648 i6->sin6_port = htons ((uint16_t) port);
1649 *sock_len = sizeof (struct sockaddr_in6);
1650 in = (struct sockaddr *) i6;
1654 cp = GNUNET_strdup (bindto);
1655 colon = strrchr (cp, ':');
1658 /* interpet value after colon as port */
1661 if (1 == SSCANF (colon,
1666 /* interpreting value as just a PORT number */
1667 if (port > UINT16_MAX)
1669 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1670 "BINDTO specification `%s' invalid: value too large for port\n",
1678 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1679 "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1687 /* interpret missing port as 0, aka pick any free one */
1692 struct sockaddr_in v4;
1694 if (1 == inet_pton (AF_INET,
1698 v4.sin_port = htons ((uint16_t) port);
1699 in = GNUNET_memdup (&v4,
1701 *sock_len = sizeof (v4);
1708 struct sockaddr_in6 v6;
1712 if ( ('[' == *cp) &&
1713 (']' == cp[strlen (cp)-1]) )
1715 start++; /* skip over '[' */
1716 cp[strlen (cp) -1] = '\0'; /* eat ']' */
1718 if (1 == inet_pton (AF_INET6,
1722 v6.sin6_port = htons ((uint16_t) port);
1723 in = GNUNET_memdup (&v6,
1725 *sock_len = sizeof (v6);
1730 /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
1737 * Signature of functions implementing the sending functionality of a
1740 * @param mq the message queue
1741 * @param msg the message to send
1742 * @param impl_state our `struct ReceiverAddress`
1745 mq_send (struct GNUNET_MQ_Handle *mq,
1746 const struct GNUNET_MessageHeader *msg,
1749 struct ReceiverAddress *receiver = impl_state;
1750 uint16_t msize = ntohs (msg->size);
1752 GNUNET_assert (mq == receiver->mq);
1753 if (msize > receiver->mtu)
1756 receiver_destroy (receiver);
1759 reschedule_receiver_timeout (receiver);
1761 // FIXME: add support for BOX encryption method!
1763 /* KX encryption method */
1765 struct UdpHandshakeSignature uhs;
1766 struct UDPConfirmation uc;
1767 struct InitialKX kx;
1768 struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
1769 char dgram[receiver->mtu +
1773 gcry_cipher_hd_t out_cipher;
1774 struct SharedSecret *ss;
1776 /* setup key material */
1777 GNUNET_assert (GNUNET_OK ==
1778 GNUNET_CRYPTO_ecdhe_key_create2 (&epriv));
1780 ss = setup_shared_secret_enc (&epriv,
1782 setup_cipher (&ss->master,
1786 uc.sender = my_identity;
1787 uc.monotonic_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
1788 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE);
1789 uhs.purpose.size = htonl (sizeof (uhs));
1790 uhs.sender = my_identity;
1791 uhs.receiver = receiver->target;
1792 GNUNET_CRYPTO_ecdhe_key_get_public (&epriv,
1794 uhs.monotonic_time = uc.monotonic_time;
1795 GNUNET_assert (GNUNET_OK ==
1796 GNUNET_CRYPTO_eddsa_sign (my_private_key,
1799 /* Leave space for kx */
1800 dpos = sizeof (struct GNUNET_CRYPTO_EcdhePublicKey);
1801 /* Append encrypted uc to dgram */
1803 gcry_cipher_encrypt (out_cipher,
1808 dpos += sizeof (uc);
1809 /* Append encrypted payload to dgram */
1811 gcry_cipher_encrypt (out_cipher,
1819 char pad[sizeof (dgram) - dpos];
1821 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1824 if (sizeof (pad) > sizeof (struct GNUNET_MessageHeader))
1826 struct GNUNET_MessageHeader hdr = {
1827 .size = htons (sizeof (pad)),
1828 .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD)
1835 gcry_cipher_encrypt (out_cipher,
1842 /* Datagram starts with kx */
1843 kx.ephemeral = uhs.ephemeral;
1845 gcry_cipher_gettag (out_cipher,
1847 sizeof (kx.gcm_tag)));
1848 gcry_cipher_close (out_cipher);
1853 GNUNET_NETWORK_socket_sendto (udp_sock,
1857 receiver->address_len))
1858 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
1860 GNUNET_MQ_impl_send_continue (mq);
1861 } /* End of KX encryption method */
1866 * Signature of functions implementing the destruction of a message
1867 * queue. Implementations must not free @a mq, but should take care
1870 * @param mq the message queue to destroy
1871 * @param impl_state our `struct ReceiverAddress`
1874 mq_destroy (struct GNUNET_MQ_Handle *mq,
1877 struct ReceiverAddress *receiver = impl_state;
1879 if (mq == receiver->mq)
1881 receiver->mq = NULL;
1882 receiver_destroy (receiver);
1888 * Implementation function that cancels the currently sent message.
1890 * @param mq message queue
1891 * @param impl_state our `struct RecvierAddress`
1894 mq_cancel (struct GNUNET_MQ_Handle *mq,
1897 /* Cancellation is impossible with UDP; bail */
1903 * Generic error handler, called with the appropriate
1904 * error code and the same closure specified at the creation of
1905 * the message queue.
1906 * Not every message queue implementation supports an error handler.
1908 * @param cls our `struct ReceiverAddress`
1909 * @param error error code
1912 mq_error (void *cls,
1913 enum GNUNET_MQ_Error error)
1915 struct ReceiverAddress *receiver = cls;
1917 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1918 "MQ error in queue to %s: %d\n",
1919 GNUNET_i2s (&receiver->target),
1921 receiver_destroy (receiver);
1926 * Setup a receiver for transmission. Setup the MQ processing and
1927 * inform transport that the queue is ready.
1931 static struct ReceiverAddress *
1932 receiver_setup (const struct GNUNET_PeerIdentity *target,
1933 const struct sockaddr *address,
1934 socklen_t address_len)
1936 struct ReceiverAddress *receiver;
1938 receiver = GNUNET_new (struct ReceiverAddress);
1939 receiver->address = GNUNET_memdup (address,
1941 receiver->address_len = address_len;
1942 receiver->target = *target;
1943 receiver->nt = GNUNET_NT_scanner_get_type (is,
1946 (void) GNUNET_CONTAINER_multipeermap_put (receivers,
1949 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1951 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1952 receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
1954 receiver->timeout.abs_value_us);
1956 = GNUNET_MQ_queue_for_callbacks (&mq_send,
1963 receiver->mtu = 1200 /* FIXME: MTU OK? */;
1964 if (NULL == timeout_task)
1965 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts,
1967 GNUNET_STATISTICS_set (stats,
1968 "# receivers active",
1969 GNUNET_CONTAINER_multipeermap_size (receivers),
1974 switch (address->sa_family)
1977 GNUNET_asprintf (&foreign_addr,
1979 COMMUNICATOR_ADDRESS_PREFIX,
1980 GNUNET_a2s (receiver->address,
1981 receiver->address_len));
1984 GNUNET_asprintf (&foreign_addr,
1986 COMMUNICATOR_ADDRESS_PREFIX,
1987 GNUNET_a2s (receiver->address,
1988 receiver->address_len));
1994 = GNUNET_TRANSPORT_communicator_mq_add (ch,
1999 GNUNET_TRANSPORT_CS_OUTBOUND,
2001 GNUNET_free (foreign_addr);
2008 * Function called by the transport service to initialize a
2009 * message queue given address information about another peer.
2010 * If and when the communication channel is established, the
2011 * communicator must call #GNUNET_TRANSPORT_communicator_mq_add()
2012 * to notify the service that the channel is now up. It is
2013 * the responsibility of the communicator to manage sane
2014 * retries and timeouts for any @a peer/@a address combination
2015 * provided by the transport service. Timeouts and retries
2016 * do not need to be signalled to the transport service.
2018 * @param cls closure
2019 * @param peer identity of the other peer
2020 * @param address where to send the message, human-readable
2021 * communicator-specific format, 0-terminated, UTF-8
2022 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is invalid
2026 const struct GNUNET_PeerIdentity *peer,
2027 const char *address)
2029 struct ReceiverAddress *receiver;
2031 struct sockaddr *in;
2034 if (0 != strncmp (address,
2035 COMMUNICATOR_ADDRESS_PREFIX "-",
2036 strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
2038 GNUNET_break_op (0);
2039 return GNUNET_SYSERR;
2041 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
2042 in = udp_address_to_sockaddr (path,
2044 receiver = receiver_setup (peer,
2053 * Iterator over all receivers to clean up.
2056 * @param target unused
2057 * @param value the queue to destroy
2058 * @return #GNUNET_OK to continue to iterate
2061 get_receiver_delete_it (void *cls,
2062 const struct GNUNET_PeerIdentity *target,
2065 struct ReceiverAddress *receiver = value;
2069 receiver_destroy (receiver);
2075 * Iterator over all senders to clean up.
2078 * @param target unused
2079 * @param value the queue to destroy
2080 * @return #GNUNET_OK to continue to iterate
2083 get_sender_delete_it (void *cls,
2084 const struct GNUNET_PeerIdentity *target,
2087 struct SenderAddress *sender = value;
2091 sender_destroy (sender);
2097 * Shutdown the UNIX communicator.
2099 * @param cls NULL (always)
2102 do_shutdown (void *cls)
2106 GNUNET_NAT_unregister (nat);
2109 if (NULL != read_task)
2111 GNUNET_SCHEDULER_cancel (read_task);
2114 if (NULL != udp_sock)
2116 GNUNET_break (GNUNET_OK ==
2117 GNUNET_NETWORK_socket_close (udp_sock));
2120 GNUNET_CONTAINER_multipeermap_iterate (receivers,
2121 &get_receiver_delete_it,
2123 GNUNET_CONTAINER_multipeermap_destroy (receivers);
2124 GNUNET_CONTAINER_multipeermap_iterate (senders,
2125 &get_sender_delete_it,
2127 GNUNET_CONTAINER_multipeermap_destroy (senders);
2128 GNUNET_CONTAINER_multishortmap_destroy (key_cache);
2129 GNUNET_CONTAINER_heap_destroy (senders_heap);
2130 GNUNET_CONTAINER_heap_destroy (receivers_heap);
2133 GNUNET_TRANSPORT_communicator_disconnect (ch);
2138 GNUNET_STATISTICS_destroy (stats,
2142 if (NULL != my_private_key)
2144 GNUNET_free (my_private_key);
2145 my_private_key = NULL;
2149 GNUNET_NT_scanner_done (is);
2156 * Function called when the transport service has received a
2157 * backchannel message for this communicator (!) via a different return
2158 * path. Should be an acknowledgement.
2160 * @param cls closure, NULL
2161 * @param sender which peer sent the notification
2162 * @param msg payload
2165 enc_notify_cb (void *cls,
2166 const struct GNUNET_PeerIdentity *sender,
2167 const struct GNUNET_MessageHeader *msg)
2169 const struct UDPAck *ack;
2172 if ( (ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2173 (ntohs (msg->size) != sizeof (struct UDPAck)) )
2175 GNUNET_break_op (0);
2178 ack = (const struct UDPAck *) msg;
2179 GNUNET_CONTAINER_multipeermap_get_multiple (receivers,
2187 * Signature of the callback passed to #GNUNET_NAT_register() for
2188 * a function to call whenever our set of 'valid' addresses changes.
2190 * @param cls closure
2191 * @param app_ctx[in,out] location where the app can store stuff
2192 * on add and retrieve it on remove
2193 * @param add_remove #GNUNET_YES to add a new public IP address,
2194 * #GNUNET_NO to remove a previous (now invalid) one
2195 * @param ac address class the address belongs to
2196 * @param addr either the previous or the new public IP address
2197 * @param addrlen actual length of the @a addr
2200 nat_address_cb (void *cls,
2203 enum GNUNET_NAT_AddressClass ac,
2204 const struct sockaddr *addr,
2208 struct GNUNET_TRANSPORT_AddressIdentifier *ai;
2210 if (GNUNET_YES == add_remove)
2212 enum GNUNET_NetworkType nt;
2214 GNUNET_asprintf (&my_addr,
2216 COMMUNICATOR_ADDRESS_PREFIX,
2219 nt = GNUNET_NT_scanner_get_type (is,
2222 ai = GNUNET_TRANSPORT_communicator_address_add (ch,
2225 GNUNET_TIME_UNIT_FOREVER_REL);
2226 GNUNET_free (my_addr);
2232 GNUNET_TRANSPORT_communicator_address_remove (ai);
2239 * Setup communicator and launch network interactions.
2241 * @param cls NULL (always)
2242 * @param args remaining command-line arguments
2243 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
2244 * @param c configuration
2249 const char *cfgfile,
2250 const struct GNUNET_CONFIGURATION_Handle *c)
2253 struct sockaddr *in;
2255 struct sockaddr_storage in_sto;
2261 GNUNET_CONFIGURATION_get_value_filename (cfg,
2262 COMMUNICATOR_CONFIG_SECTION,
2266 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
2267 COMMUNICATOR_CONFIG_SECTION,
2272 in = udp_address_to_sockaddr (bindto,
2276 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2277 "Failed to setup UDP socket address with path `%s'\n",
2279 GNUNET_free (bindto);
2282 udp_sock = GNUNET_NETWORK_socket_create (in->sa_family,
2285 if (NULL == udp_sock)
2287 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
2290 GNUNET_free (bindto);
2294 GNUNET_NETWORK_socket_bind (udp_sock,
2298 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
2301 GNUNET_NETWORK_socket_close (udp_sock);
2304 GNUNET_free (bindto);
2307 /* We might have bound to port 0, allowing the OS to figure it out;
2308 thus, get the real IN-address from the socket */
2309 sto_len = sizeof (in_sto);
2310 if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
2311 (struct sockaddr *) &in_sto,
2320 GNUNET_free (bindto);
2321 in = (struct sockaddr *) &in_sto;
2323 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2325 GNUNET_a2s ((const struct sockaddr *) &in_sto,
2327 stats = GNUNET_STATISTICS_create ("C-UDP",
2329 senders = GNUNET_CONTAINER_multipeermap_create (32,
2331 receivers = GNUNET_CONTAINER_multipeermap_create (32,
2333 senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2334 receivers_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2335 key_cache = GNUNET_CONTAINER_multishortmap_create (1024,
2337 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
2339 is = GNUNET_NT_scanner_init ();
2340 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg);
2341 if (NULL == my_private_key)
2343 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2344 _("Transport service is lacking key configuration settings. Exiting.\n"));
2345 GNUNET_SCHEDULER_shutdown ();
2348 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key,
2349 &my_identity.public_key);
2351 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2355 ch = GNUNET_TRANSPORT_communicator_connect (cfg,
2356 COMMUNICATOR_CONFIG_SECTION,
2357 COMMUNICATOR_ADDRESS_PREFIX,
2358 GNUNET_TRANSPORT_CC_UNRELIABLE,
2366 GNUNET_SCHEDULER_shutdown ();
2369 nat = GNUNET_NAT_register (cfg,
2370 COMMUNICATOR_CONFIG_SECTION,
2372 1 /* one address */,
2373 (const struct sockaddr **) &in,
2376 NULL /* FIXME: support reversal: #5529 */,
2377 NULL /* closure */);
2382 * The main function for the UNIX communicator.
2384 * @param argc number of arguments from the command line
2385 * @param argv command line arguments
2386 * @return 0 ok, 1 on error
2392 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2393 GNUNET_GETOPT_OPTION_END
2398 GNUNET_STRINGS_get_utf8_args (argc, argv,
2404 GNUNET_PROGRAM_run (argc, argv,
2405 "gnunet-communicator-udp",
2406 _("GNUnet UDP communicator"),
2410 GNUNET_free ((void*) argv);
2415 /* end of gnunet-communicator-udp.c */
projects / oweals / gnunet.git / blob