2 This file is part of GNUnet
3 Copyright (C) 2010-2014, 2018, 2019 GNUnet e.V.
5 GNUnet is free software: you can redistribute it and/or modify it
6 under the terms of the GNU Affero General Public License as published
7 by the Free Software Foundation, either version 3 of the License,
8 or (at your option) any later version.
10 GNUnet is distributed in the hope that it will be useful, but
11 WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Affero General Public License for more details.
15 You should have received a copy of the GNU Affero General Public License
16 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 SPDX-License-Identifier: AGPL3.0-or-later
22 * @file transport/gnunet-communicator-udp.c
23 * @brief Transport plugin using UDP.
24 * @author Christian Grothoff
27 * - main BOXed sending logic
28 * - figure out what to do with MTU: 1280 for IPv6 is obvious;
29 * what for IPv4? 1500? Also, consider differences in
30 * headers for with/without box: need to give MIN of both
31 * to TNG (as TNG expects a fixed MTU!), or maybe
32 * we create a FRESH MQ while we have available BOXes SQNs?
33 * (otherwise padding will REALLY hurt)
34 * - support DNS names in BINDTO option (#5528)
35 * - support NAT connection reversal method (#5529)
36 * - support other UDP-specific NAT traversal methods
39 #include "gnunet_util_lib.h"
40 #include "gnunet_protocols.h"
41 #include "gnunet_signatures.h"
42 #include "gnunet_constants.h"
43 #include "gnunet_nt_lib.h"
44 #include "gnunet_nat_service.h"
45 #include "gnunet_statistics_service.h"
46 #include "gnunet_transport_communication_service.h"
49 * How many messages do we keep at most in the queue to the
50 * transport service before we start to drop (default,
51 * can be changed via the configuration file).
52 * Should be _below_ the level of the communicator API, as
53 * otherwise we may read messages just to have them dropped
54 * by the communicator API.
56 #define DEFAULT_MAX_QUEUE_LENGTH 8
59 * How often do we rekey based on time (at least)
61 #define REKEY_TIME_INTERVAL GNUNET_TIME_UNIT_DAYS
64 * How long do we wait until we must have received the initial KX?
66 #define PROTO_QUEUE_TIMEOUT GNUNET_TIME_UNIT_MINUTES
69 * If we fall below this number of available KCNs,
70 * we generate additional ACKs until we reach
72 * Should be large enough that we don't generate ACKs all
73 * the time and still have enough time for the ACK to
74 * arrive before the sender runs out. So really this
75 * should ideally be based on the RTT.
77 #define KCN_THRESHOLD 92
80 * How many KCNs do we keep around *after* we hit
81 * the #KCN_THRESHOLD? Should be larger than
82 * #KCN_THRESHOLD so we do not generate just one
85 #define KCN_TARGET 128
88 * What is the maximum delta between KCN sequence numbers
89 * that we allow. Used to expire 'ancient' KCNs that likely
90 * were dropped by the network. Must be larger than
91 * KCN_TARGET (otherwise we generate new KCNs all the time),
92 * but not too large (otherwise packet loss may cause
93 * sender to fall back to KX needlessly when sender runs
94 * out of ACK'ed KCNs due to losses).
96 #define MAX_SQN_DELTA 160
99 * How often do we rekey based on number of bytes transmitted?
100 * (additionally randomized).
102 #define REKEY_MAX_BYTES (1024LLU * 1024 * 1024 * 4LLU)
105 * Address prefix used by the communicator.
107 #define COMMUNICATOR_ADDRESS_PREFIX "udp"
110 * Configuration section used by the communicator.
112 #define COMMUNICATOR_CONFIG_SECTION "communicator-udp"
114 GNUNET_NETWORK_STRUCT_BEGIN
118 * Signature we use to verify that the ephemeral key was really chosen by
119 * the specified sender. If possible, the receiver should respond with
120 * a `struct UDPAck` (possibly via backchannel).
122 struct UdpHandshakeSignature
125 * Purpose must be #GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
127 struct GNUNET_CRYPTO_EccSignaturePurpose purpose;
130 * Identity of the inititor of the UDP connection (UDP client).
132 struct GNUNET_PeerIdentity sender;
135 * Presumed identity of the target of the UDP connection (UDP server)
137 struct GNUNET_PeerIdentity receiver;
140 * Ephemeral key used by the @e sender.
142 struct GNUNET_CRYPTO_EcdhePublicKey ephemeral;
145 * Monotonic time of @e sender, to possibly help detect replay attacks
146 * (if receiver persists times by sender).
148 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
153 * "Plaintext" header at beginning of KX message. Followed
154 * by encrypted `struct UDPConfirmation`.
160 * Ephemeral key for KX.
162 struct GNUNET_CRYPT_EddsaPublicKey ephemeral;
165 * HMAC for the following encrypted message, using GCM. HMAC uses
166 * key derived from the handshake with sequence number zero.
168 uint8_t gcm_tag[128/8];
174 * Encrypted continuation of UDP initial handshake, followed
175 * by message header with payload.
177 struct UDPConfirmation
182 struct GNUNET_PeerIdentity sender;
185 * Sender's signature of type #GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE
187 struct GNUNET_CRYPTO_EddsaSignature sender_sig;
190 * Monotonic time of @e sender, to possibly help detect replay attacks
191 * (if receiver persists times by sender).
193 struct GNUNET_TIME_AbsoluteNBO monotonic_time;
195 /* followed by messages */
197 /* padding may follow actual messages */
202 * UDP key acknowledgement. May be sent via backchannel. Allows the
203 * sender to use `struct UDPBox` with the acknowledge key henceforth.
209 * Type is #GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK.
211 struct GNUNET_MessageHeader header;
214 * Sequence acknowledgement limit. Specifies current maximum sequence
215 * number supported by receiver.
217 uint32_t sequence_max GNUNET_PACKED;
220 * CMAC of the base key being acknowledged.
222 struct GNUNET_HashCode cmac;
228 * UDP message box. Always sent encrypted, only allowed after
229 * the receiver sent a `struct UDPAck` for the base key!
235 * Key and IV identification code. KDF applied to an acknowledged
236 * base key and a sequence number. Sequence numbers must be used
237 * monotonically increasing up to the maximum specified in
238 * `struct UDPAck`. Without further `struct UDPAck`s, the sender
239 * must fall back to sending handshakes!
241 struct GNUNET_ShortHashCode kid;
244 * 128-bit authentication tag for the following encrypted message,
245 * from GCM. MAC starts at the @e body_start that follows and
246 * extends until the end of the UDP payload. If the @e hmac is
247 * wrong, the receiver should check if the message might be a
248 * `struct UdpHandshakeSignature`.
250 uint8_t gcm_tag[128/8];
256 GNUNET_NETWORK_STRUCT_END
259 * Shared secret we generated for a particular sender or receiver.
265 * Pre-generated "kid" code (key and IV identification code) to
266 * quickly derive master key for a `struct UDPBox`.
274 struct KeyCacheEntry *next;
279 struct KeyCacheEntry *prev;
282 * Key and IV identification code. KDF applied to an acknowledged
283 * base key and a sequence number. Sequence numbers must be used
284 * monotonically increasing up to the maximum specified in
285 * `struct UDPAck`. Without further `struct UDPAck`s, the sender
286 * must fall back to sending handshakes!
288 struct GNUNET_ShortHashCode kid;
291 * Corresponding shared secret.
293 struct SharedSecret *ss;
296 * Sequence number used to derive this entry from master key.
298 uint32_t sequence_number;
303 * Information we track per sender address we have recently been
304 * in contact with (decryption from sender).
306 struct SenderAddress;
309 * Information we track per receiving address we have recently been
310 * in contact with (encryption to receiver).
312 struct ReceiverAddress;
315 * Shared secret we generated for a particular sender or receiver.
322 struct SharedSecret *next;
327 struct SharedSecret *prev;
330 * Kept in a DLL, sorted by sequence number. Only if we are decrypting.
332 struct KeyCacheEntry *kce_head;
335 * Kept in a DLL, sorted by sequence number. Only if we are decrypting.
337 struct KeyCacheEntry *kce_tail;
340 * Sender we use this shared secret with, or NULL.
342 struct SenderAddress *sender;
345 * Receiver we use this shared secret with, or NULL.
347 struct ReceiverAddress *receiver;
350 * Master shared secret.
352 struct GNUNET_HashCode master;
355 * CMAC is used to identify @e master in ACKs.
357 struct GNUNET_HashCode cmac;
360 * Up to which sequence number did we use this @e master already?
361 * (for sending or receiving)
363 uint32_t sequence_used;
366 * Up to which sequence number did the other peer allow us to use
367 * this key, or up to which number did we allow the other peer to
370 uint32_t sequence_allowed;
373 * Number of active KCN entries.
375 unsigned int active_kce_count;
380 * Information we track per sender address we have recently been
381 * in contact with (we decrypt messages from the sender).
387 * To whom are we talking to.
389 struct GNUNET_PeerIdentity target;
392 * Entry in sender expiration heap.
394 struct GNUNET_CONTAINER_HeapNode *hn;
397 * Shared secrets we used with @e target, first used is head.
399 struct SharedSecret *ss_head;
402 * Shared secrets we used with @e target, last used is tail.
404 struct SharedSecret *ss_tail;
407 * Address of the other peer.
409 struct sockaddr *address;
412 * Length of the address.
414 socklen_t address_len;
417 * Timeout for this sender.
419 struct GNUNET_TIME_Absolute timeout;
422 * Length of the DLL at @a ss_head.
424 unsigned int num_secrets;
427 * Which network type does this queue use?
429 enum GNUNET_NetworkType nt;
435 * Information we track per receiving address we have recently been
436 * in contact with (encryption to receiver).
438 struct ReceiverAddress
442 * To whom are we talking to.
444 struct GNUNET_PeerIdentity target;
447 * Shared secrets we received from @e target, first used is head.
449 struct SharedSecret *ss_head;
452 * Shared secrets we received with @e target, last used is tail.
454 struct SharedSecret *ss_tail;
457 * Address of the other peer.
459 struct sockaddr *address;
462 * Length of the address.
464 socklen_t address_len;
467 * Message queue we are providing for the #ch.
469 struct GNUNET_MQ_Handle *mq;
472 * handle for this queue with the #ch.
474 struct GNUNET_TRANSPORT_QueueHandle *qh;
477 * Timeout for this receiver address.
479 struct GNUNET_TIME_Absolute timeout;
482 * Length of the DLL at @a ss_head.
484 unsigned int num_secrets;
487 * Which network type does this queue use?
489 enum GNUNET_NetworkType nt;
495 * Cache of pre-generated key IDs.
497 static struct GNUNET_CONTINER_MultiShortMap *key_cache;
502 static struct GNUNET_SCHEDULER_Task *read_task;
507 static struct GNUNET_SCHEDULER_Task *timeout_task;
510 * For logging statistics.
512 static struct GNUNET_STATISTICS_Handle *stats;
517 static struct GNUNET_TRANSPORT_CommunicatorHandle *ch;
520 * Receivers (map from peer identity to `struct ReceiverAddress`)
522 static struct GNUNET_CONTAINER_MultiPeerMap *receivers;
525 * Senders (map from peer identity to `struct SenderAddress`)
527 static struct GNUNET_CONTAINER_MultiPeerMap *senders;
530 * Expiration heap for senders (contains `struct SenderAddress`)
532 static struct GNUNET_CONTAINER_Heap *senders_heap;
535 * Expiration heap for receivers (contains `struct ReceiverAddress`)
537 static struct GNUNET_CONTAINER_Heap *receivers_heap;
542 static struct GNUNET_NETWORK_Handle *udp_sock;
547 static struct GNUNET_PeerIdentity my_identity;
552 static struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key;
557 static const struct GNUNET_CONFIGURATION_Handle *cfg;
560 * Network scanner to determine network types.
562 static struct GNUNET_NT_InterfaceScanner *is;
565 * Connection to NAT service.
567 static struct GNUNET_NAT_Handle *nat;
571 * Functions with this signature are called whenever we need
572 * to close a receiving state due to timeout.
574 * @param receiver entity to close down
577 receiver_destroy (struct ReceiverAddress *receiver)
579 struct GNUNET_MQ_Handle *mq;
581 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
582 "Disconnecting receiver for peer `%s'\n",
583 GNUNET_i2s (&receiver->target));
584 if (NULL != (mq = receiver->mq))
587 GNUNET_MQ_destroy (mq);
589 GNUNET_assert (GNUNET_YES ==
590 GNUNET_CONTAINER_multipeermap_remove (receivers,
593 GNUNET_assert (sender ==
594 GNUNET_CONTAINER_heap_remove_node (receivers_heap,
596 GNUNET_STATISTICS_set (stats,
597 "# receivers active",
598 GNUNET_CONTAINER_multipeermap_size (receivers),
600 GNUNET_free (receiver->address);
601 GNUNET_free (receiver);
606 * Free memory used by key cache entry.
608 * @param kce the key cache entry
611 kce_destroy (struct KeyCacheEntry *kce)
613 struct SharedSecret *ss = kce->ss;
615 ss->active_kce_count--;
616 GNUNET_CONTAINER_DLL_remove (ss->kce_head,
619 GNUNET_assert (GNUNET_YES ==
620 GNUNET_CONTAINER_multishortmap_remove (key_cache,
630 * @param msec master secret for HMAC calculation
631 * @param serial number for the @a smac calculation
632 * @param kid[out] where to write the key ID
635 get_kid (const struct GNUNET_HashCode *msec,
637 struct GNUNET_ShortHashCode *kid)
639 uint32_t sid = htonl (serial);
641 GNUNET_CRYPTO_hkdf (kid,
656 * Setup key cache entry for sequence number @a seq and shared secret @a ss.
658 * @param ss shared secret
659 * @param seq sequence number for the key cache entry
662 kce_generate (struct SharedSecret *ss,
665 struct KeyCacheEntry *kce;
667 GNUNET_assert (0 < seq);
668 kce = GNUNET_new (struct KeyCacheEntry);
670 kce->sequence_number = seq;
671 get_kid (&ss->master,
674 GNUNET_CONTAINER_DLL_insert (ss->kce_head,
677 ss->active_kce_count++;
678 (void) GNUNET_CONTAINER_multishortmap_put (key_cache,
681 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
682 GNUNET_STATISTICS_set (stats,
684 GNUNET_CONTAINER_multipeermap_size (key_cache),
690 * Destroy @a ss and associated key cache entries.
692 * @param ss shared secret to destroy
695 secret_destroy (struct SharedSecret *ss)
697 struct SenderAddress *sender;
698 struct ReceiverAddress *receiver;
699 struct KeyCacheEntry *kce;
701 if (NULL != (sender = ss->sender))
703 GNUNET_CONTAINER_DLL_remove (sender->ss_head,
706 sender->num_secrets--;
708 if (NULL != (receiver = ss->receiver))
710 GNUNET_CONTAINER_DLL_remove (receiver->ss_head,
713 receiver->num_secrets--;
715 while (NULL != (kce = ss->kce_head))
717 GNUNET_STATISTICS_update (stats,
721 GNUNET_STATISTICS_set (stats,
723 GNUNET_CONTAINER_multipeermap_size (key_cache),
730 * Functions with this signature are called whenever we need
731 * to close a sender's state due to timeout.
733 * @param sender entity to close down
736 sender_destroy (struct SenderAddress *sender)
738 GNUNET_assert (GNUNET_YES ==
739 GNUNET_CONTAINER_multipeermap_remove (senders,
742 GNUNET_assert (sender ==
743 GNUNET_CONTAINER_heap_remove_node (senders_heap,
745 GNUNET_STATISTICS_set (stats,
747 GNUNET_CONTAINER_multipeermap_size (senders),
749 GNUNET_free (sender->address);
750 GNUNET_free (sender);
755 * Compute @a smac over @a buf.
757 * @param msec master secret for HMAC calculation
758 * @param serial number for the @a smac calculation
759 * @param buf buffer to MAC
760 * @param buf_size number of bytes in @a buf
761 * @param smac[out] where to write the HMAC
764 get_hmac (const struct GNUNET_HashCode *msec,
768 struct GNUNET_ShortHashCode *smac)
770 uint32_t sid = htonl (serial);
772 GNUNET_CRYPTO_hkdf (smac,
787 * Compute @a key and @a iv.
789 * @param msec master secret for calculation
790 * @param serial number for the @a smac calculation
791 * @param key[out] where to write the decrption key
792 * @param iv[out] where to write the IV
795 get_iv_key (const struct GNUNET_HashCode *msec,
800 uint32_t sid = htonl (serial);
801 char res[sizeof(key) + sizeof (iv)];
803 GNUNET_CRYPTO_hkdf (res,
812 strlen ("UDP-IV-KEY"),
824 * Increment sender timeout due to activity.
826 * @param sender address for which the timeout should be rescheduled
829 reschedule_sender_timeout (struct SenderAddress *sender)
832 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
833 GNUNET_CONTAINER_heap_update_cost (sender->hn,
834 sender.timeout.abs_value_us);
839 * Increment receiver timeout due to activity.
841 * @param receiver address for which the timeout should be rescheduled
844 reschedule_receiver_timeout (struct ReceiverAddress *receiver)
847 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
848 GNUNET_CONTAINER_heap_update_cost (receiver->hn,
849 receiver.timeout.abs_value_us);
854 * Task run to check #receiver_heap and #sender_heap for timeouts.
856 * @param cls unused, NULL
859 check_timeouts (void *cls)
861 struct GNUNET_TIME_Relative st;
862 struct GNUNET_TIME_Relative rt;
863 struct GNUNET_TIME_Relative delay;
864 struct ReceiverAddress *receiver;
865 struct SenderAddress *sender;
869 rt = GNUNET_TIME_UNIT_FOREVER_REL;
870 while (NULL != (receiver = GNUNET_CONTAINER_heap_peek (receivers_heap)))
872 rt = GNUNET_TIME_absolute_get_remaining (receiver->timeout);
873 if (0 != rt.rel_value_us)
875 receiver_destroy (receiver);
877 st = GNUNET_TIME_UNIT_FOREVER_REL;
878 while (NULL != (sender = GNUNET_CONTAINER_heap_peek (senders_heap)))
880 st = GNUNET_TIME_absolute_get_remaining (receiver->timeout);
881 if (0 != st.rel_value_us)
883 sender_destroy (sender);
885 delay = GNUNET_TIME_relative_min (rt,
887 if (delay.rel_value_us < GNUNET_TIME_UNIT_FOREVER_REL.rel_value_us)
888 timeout_task = GNUNET_SCHEDULER_add_delayed (delay,
895 * Calcualte cmac from master in @a ss.
897 * @param ss[in,out] data structure to complete
900 calculate_cmac (struct SharedSecret *ss)
902 GNUNET_CRYPTO_hkdf (&ss->cmac,
917 * We received @a plaintext_len bytes of @a plaintext from a @a sender.
918 * Pass it on to CORE.
920 * @param queue the queue that received the plaintext
921 * @param plaintext the plaintext that was received
922 * @param plaintext_len number of bytes of plaintext received
925 pass_plaintext_to_core (struct SenderAddress *sender,
926 const void *plaintext,
927 size_t plaintext_len)
929 const struct GNUNET_MessageHeader *hdr = plaintext;
931 while (ntohs (hdr->size) < plaintext_len)
933 GNUNET_STATISTICS_update (stats,
934 "# bytes given to core",
937 (void) GNUNET_TRANSPORT_communicator_receive (ch,
940 NULL /* no flow control possible */,
942 /* move on to next message, if any */
943 plaintext_len -= ntohs (hdr->size);
944 if (plaintext_len < sizeof (*hdr))
946 hdr = plaintext + ntohs (hdr->size);
948 GNUNET_STATISTICS_update (stats,
949 "# bytes padding discarded",
956 * Setup @a cipher based on shared secret @a msec and
957 * serial number @a serial.
959 * @param msec master shared secret
960 * @param serial serial number of cipher to set up
961 * @param cipher[out] cipher to initialize
964 setup_cipher (const struct GNUNET_HashCode *msec,
966 gcry_cipher_hd_t *cipher)
971 gcry_cipher_open (cipher,
972 GCRY_CIPHER_AES256 /* low level: go for speed */,
973 GCRY_CIPHER_MODE_GCM,
979 gcry_cipher_setkey (*cipher,
982 gcry_cipher_setiv (*cipher,
989 * Try to decrypt @a buf using shared secret @a ss and key/iv
990 * derived using @a serial.
992 * @param ss shared secret
993 * @param tag GCM authentication tag
994 * @param serial serial number to use
995 * @param in_buf input buffer to decrypt
996 * @param in_buf_size number of bytes in @a in_buf and available in @a out_buf
997 * @param out_buf where to write the result
998 * @return #GNUNET_OK on success
1001 try_decrypt (const struct SharedSecret *ss,
1008 gcry_cipher_hd_t cipher;
1010 setup_cipher (&ss->master,
1014 gcry_cipher_decrypt (cipher,
1020 gcry_cipher_checktag (cipher,
1024 gcry_cipher_close (cipher);
1025 GNUNET_STATISTICS_update (stats,
1026 "# AEAD authentication failures",
1029 return GNUNET_SYSERR;
1031 gcry_cipher_close (cipher);
1037 * Setup shared secret for decryption.
1039 * @param ephemeral ephemeral key we received from the other peer
1040 * @return new shared secret
1042 static struct SharedSecret *
1043 setup_shared_secret_dec (const struct GNUNET_CRYPTO_EcdhePublicKey *ephemeral)
1045 struct SharedSecret *ss;
1047 ss = GNUNET_new (struct SharedSecret);
1048 GNUNET_CRYPTO_eddsa_ecdh (my_private_key,
1056 * Setup shared secret for encryption.
1058 * @param ephemeral ephemeral key we are sending to the other peer
1059 * @param receiver[in,out] queue to initialize encryption key for
1060 * @return new shared secret
1062 static struct SharedSecret *
1063 setup_shared_secret_enc (const struct GNUNET_CRYPTO_EcdhePrivateKey *ephemeral,
1064 struct ReceiverAddress *receiver)
1066 struct SharedSecret *ss;
1068 ss = GNUNET_new (struct SharedSecret);
1069 GNUNET_CRYPTO_ecdh_eddsa (ephemeral,
1070 &receiver->target.public_key,
1072 calculcate_cmac (ss);
1073 ss->receiver = receiver;
1074 GNUNET_CONTAINER_DLL_insert (receiver->ss_head,
1077 receiver->num_secrets++;
1078 GNUNET_STATISTICS_update (stats,
1087 * We received an ACK for @a pid. Check if it is for
1088 * the receiver in @a value and if so, handle it and
1089 * return #GNUNET_NO. Otherwise, return #GNUNET_YES.
1091 * @param cls a `const struct UDPAck`
1092 * @param pid peer the ACK is from
1093 * @param value a `struct ReceiverAddress`
1094 * @return #GNUNET_YES to continue to iterate
1097 handle_ack (void *cls,
1098 const struct GNUNET_PeerIdentity *pid,
1101 const struct UDPAck *ack = cls;
1102 struct ReceiverAddress *receiver = value;
1105 for (struct SharedSecret *ss = receiver->ss_head;
1109 if (0 == memcmp (&ack->cmac,
1111 sizeof (struct GNUNET_HashCode)))
1113 ss->sequence_allowed = GNUNET_MAX (ss->sequence_allowed,
1114 ntohl (ack->sequence_max));
1115 /* move ss to head to avoid discarding it anytime soon! */
1116 GNUNET_CONTAINER_DLL_remove (sender->ss_head,
1119 GNUNET_CONTAINER_DLL_insert (sender->ss_head,
1122 /* FIXME: if this changed sequence_allowed,
1123 update MTU / MQ of 'receiver'! */
1132 * Test if we have received a valid message in plaintext.
1135 * @param sender peer to process inbound plaintext for
1136 * @param buf buffer we received
1137 * @param buf_size number of bytes in @a buf
1140 try_handle_plaintext (struct SenderAddress *sender,
1144 const struct GNUNET_MessageHeader *hdr
1145 = (const struct GNUNET_MessageHeader *) queue->pread_buf;
1146 const struct UDPAck *ack
1147 = (const struct UDPAck *) queue->pread_buf;
1150 if (sizeof (*hdr) > buf_size)
1151 return; /* not even a header */
1152 if (ntohs (hdr->size) > buf_size)
1153 return 0; /* not even a header */
1154 type = ntohs (hdr->type);
1157 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK:
1158 /* lookup master secret by 'cmac', then update sequence_max */
1159 GNUNET_CONTAINER_multihashmap_get_multiple (receivers,
1163 /* There could be more messages after the ACK, handle those as well */
1164 buf += ntohs (hdr->size);
1165 buf_size -= ntohs (hdr->size);
1166 pass_plaintext_to_core (sender,
1170 case GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD:
1174 pass_plaintext_to_core (sender,
1182 * We established a shared secret with a sender. We should try to send
1183 * the sender an `struct UDPAck` at the next opportunity to allow the
1184 * sender to use @a ss longer (assuming we did not yet already
1187 * @param ss shared secret to generate ACKs for
1190 consider_ss_ack (struct SharedSecret *ss)
1192 GNUNET_assert (NULL != ss->sender);
1193 /* drop ancient KeyCacheEntries */
1194 while ( (NULL != ss->kce_head) &&
1195 (MAX_SQN_DELTA < ss->kce_head->sequence_number - ss->kce_tail->sequence_number) )
1196 kce_destroy (ss->kce_tail);
1197 if (ss->active_kce_count < KCN_THRESHOLD)
1201 while (ss->active_kce_count < KCN_TARGET)
1203 ++ss->sequence_used);
1204 ack.header.type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK);
1205 ack.header.size = htons (sizeof (ack));
1206 ack.sequence_max = htonl (ss->sequence_max);
1207 ack.cmac = ss->cmac;
1208 GNUNET_TRANSPORT_communicator_notify (ch,
1209 &ss->sender->target,
1210 COMMUNICATOR_ADDRESS_PREFIX,
1217 * We received a @a box with matching @a kce. Decrypt and process it.
1219 * @param box the data we received
1220 * @param box_len number of bytes in @a box
1221 * @param kce key index to decrypt @a box
1224 decrypt_box (const struct UDPBox *box,
1226 struct KeyCacheEntry *kce)
1228 struct SharedSecret *ss = kce->ss;
1229 gcry_cipher_hd_t cipher;
1230 char out_buf[box_len - sizeof (*box)];
1232 GNUNET_assert (NULL != ss->sender);
1236 kce->sequence_number,
1237 box_len - sizeof (*box),
1241 GNUNET_STATISTICS_update (stats,
1242 "# Decryption failures with valid KCE",
1249 GNUNET_STATISTICS_update (stats,
1250 "# bytes decrypted with BOX",
1253 try_handle_plaintext (ss->sender,
1256 consider_ss_ack (ss);
1261 * Closure for #find_sender_by_address()
1263 struct SearchContext
1266 * Address we are looking for.
1268 const struct sockaddr *address;
1271 * Number of bytes in @e address.
1273 socklen_t address_len;
1276 * Return value to set if we found a match.
1278 struct SenderAddress *sender;
1283 * Find existing `struct SenderAddress` by matching addresses.
1285 * @param cls a `struct SearchContext`
1286 * @param key ignored, must match already
1287 * @param value a `struct SenderAddress`
1288 * @return #GNUNET_YES if not found (continue to search), #GNUNET_NO if found
1291 find_sender_by_address (void *cls,
1292 const struct GNUNET_PeerIdentity *key,
1295 struct SearchContext *sc = cls;
1296 struct SenderAddress *sender = value;
1298 if ( (sender->address_len == sc->address_len) &&
1299 (0 == memcmp (sender->address,
1301 sender->address_len)) )
1303 sc->sender = sender;
1304 return GNUNET_NO; /* stop iterating! */
1311 * Create sender address for @a target. Note that we
1312 * might already have one, so a fresh one is only allocated
1313 * if one does not yet exist for @a address.
1315 * @param target peer to generate address for
1316 * @param address target address
1317 * @param address_len number of bytes in @a address
1318 * @return data structure to keep track of key material for
1319 * decrypting data from @a target
1321 static struct SenderAddress *
1322 setup_sender (const struct GNUNET_PeerIdentity *target,
1323 const struct sockaddr *address,
1324 socklen_t address_len)
1326 struct SenderAddress *sender;
1327 struct SearchContext sc = {
1329 .address_len = address_len,
1333 GNUNET_CONTAINER_multihashmap_get_multiple (senders,
1335 &find_sender_by_address,
1337 if (NULL != sc.sender)
1339 reschedule_sender_timeout (sc.sender);
1342 sender = GNUNET_new (struct SenderAddress);
1343 sender->target = *target;
1344 sender->address = GNUNET_memdup (address,
1346 sender->address_len = address_len;
1347 (void) GNUNET_CONTAINER_multihashmap_put (senders,
1350 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1351 GNUNET_STATISTICS_set (stats,
1353 GNUNET_CONTAINER_multipeermap_size (receivers),
1356 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1357 sender->hn = GNUNET_CONTAINER_heap_insert (senders_heap,
1359 sender.timeout.abs_value_us);
1360 sender->nt = GNUNET_NT_scanner_get_type (is,
1363 if (NULL == timeout_task)
1364 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts,
1376 sock_read (void *cls)
1378 struct sockaddr_storage sa;
1379 socklen_t salen = sizeof (sa);
1380 char buf[UINT16_MAX];
1385 = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
1389 rcvd = GNUNET_NETWORK_socket_recvfrom (udp_sock,
1392 (struct sockaddr *) &sa,
1396 GNUNET_log_strerror (GNUNET_ERROR_TYPE_DEBUG,
1400 /* first, see if it is a UDPBox */
1401 if (rcvd > sizeof (struct UDPBox))
1403 const struct UDPBox *box;
1404 struct KeyCacheEntry *kce;
1406 box = (const struct UDPBox *) buf;
1407 kce = GNUNET_CONTAINER_multihashmap_get (key_cache,
1417 /* next, test if it is a KX */
1418 if (rcvd < sizeof (struct UDPConfirmation) + sizeof (struct InitialKX))
1420 GNUNET_STATISTICS_update (stats,
1421 "# messages dropped (no kid, too small for KX)",
1428 const struct InitialKX *kx;
1429 struct SharedSecret *ss;
1430 char pbuf[rcvd - sizeof (struct InitialKX)];
1431 const struct UDPConfirmation *uc;
1432 struct SenderAddress *sender;
1434 kx = (const struct InitialKX *) buf;
1435 ss = setup_shared_secret_dec (&kx->ephemral);
1441 (const struct GNUNET_CRYPTO_EcdhePublicKey *) buf,
1445 GNUNET_STATISTICS_update (stats,
1446 "# messages dropped (no kid, AEAD decryption failed)",
1451 uc = (const struct UDPConfirmation *) pbuf;
1453 verify_confirmation (&kx->ephemeral,
1456 GNUNET_break_op (0);
1458 GNUNET_STATISTICS_update (stats,
1459 "# messages dropped (sender signature invalid)",
1464 calculcate_cmac (ss);
1465 sender = setup_sender (&uc->sender,
1466 (const struct sockaddr *) &sa,
1468 ss->sender = sender;
1469 GNUNET_CONTAINER_DLL_insert (sender->ss_head,
1472 sender->num_secrets++;
1473 GNUNET_STATISTICS_update (stats,
1477 GNUNET_STATISTICS_update (stats,
1478 "# messages decrypted without BOX",
1481 try_handle_plaintext (sender,
1483 sizeof (pbuf) - sizeof (*uc));
1484 consider_ss_ack (ss);
1485 if (sender->num_secrets > MAX_SECRETS)
1486 secret_destroy (sender->ss_tail);
1492 * Convert UDP bind specification to a `struct sockaddr *`
1494 * @param bindto bind specification to convert
1495 * @param[out] sock_len set to the length of the address
1496 * @return converted bindto specification
1498 static struct sockaddr *
1499 udp_address_to_sockaddr (const char *bindto,
1500 socklen_t *sock_len)
1502 struct sockaddr *in;
1508 if (1 == SSCANF (bindto,
1513 /* interpreting value as just a PORT number */
1514 if (port > UINT16_MAX)
1516 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1517 "BINDTO specification `%s' invalid: value too large for port\n",
1522 GNUNET_CONFIGURATION_get_value_yesno (cfg,
1523 COMMUNICATOR_CONFIG_SECTION,
1526 struct sockaddr_in *i4;
1528 i4 = GNUNET_malloc (sizeof (struct sockaddr_in));
1529 i4->sin_family = AF_INET;
1530 i4->sin_port = htons ((uint16_t) port);
1531 *sock_len = sizeof (struct sockaddr_in);
1532 in = (struct sockaddr *) i4;
1536 struct sockaddr_in6 *i6;
1538 i6 = GNUNET_malloc (sizeof (struct sockaddr_in6));
1539 i6->sin6_family = AF_INET6;
1540 i6->sin6_port = htons ((uint16_t) port);
1541 *sock_len = sizeof (struct sockaddr_in6);
1542 in = (struct sockaddr *) i6;
1546 cp = GNUNET_strdup (bindto);
1547 colon = strrchr (cp, ':');
1550 /* interpet value after colon as port */
1553 if (1 == SSCANF (colon,
1558 /* interpreting value as just a PORT number */
1559 if (port > UINT16_MAX)
1561 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1562 "BINDTO specification `%s' invalid: value too large for port\n",
1570 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1571 "BINDTO specification `%s' invalid: last ':' not followed by number\n",
1579 /* interpret missing port as 0, aka pick any free one */
1584 struct sockaddr_in v4;
1586 if (1 == inet_pton (AF_INET,
1590 v4.sin_port = htons ((uint16_t) port);
1591 in = GNUNET_memdup (&v4,
1593 *sock_len = sizeof (v4);
1600 struct sockaddr_in6 v6;
1604 if ( ('[' == *cp) &&
1605 (']' == cp[strlen (cp)-1]) )
1607 start++; /* skip over '[' */
1608 cp[strlen (cp) -1] = '\0'; /* eat ']' */
1610 if (1 == inet_pton (AF_INET6,
1614 v6.sin6_port = htons ((uint16_t) port);
1615 in = GNUNET_memdup (&v6,
1617 *sock_len = sizeof (v6);
1622 /* #5528 FIXME (feature!): maybe also try getnameinfo()? */
1629 * Signature of functions implementing the sending functionality of a
1632 * @param mq the message queue
1633 * @param msg the message to send
1634 * @param impl_state our `struct ReceiverAddress`
1637 mq_send (struct GNUNET_MQ_Handle *mq,
1638 const struct GNUNET_MessageHeader *msg,
1641 struct ReceiverAddress *receiver = impl_state;
1642 uint16_t msize = ntohs (msg->size);
1644 GNUNET_assert (mq == receiver->mq);
1645 if (msize > receiver->mtu)
1648 receiver_destroy (receiver);
1652 // FIXME: add support for BOX encryption method!
1654 /* KX encryption method */
1656 struct UdpHandshakeSignature uhs;
1657 struct UdpConfirmation uc;
1658 struct InitialKX kx;
1659 struct GNUNET_CRYPTO_EcdhePrivateKey epriv;
1660 char dgram[receiver->mtu +
1665 GNUNET_assert (GNUNET_OK ==
1666 GNUNET_CRYPTO_ecdhe_key_create2 (&epriv));
1668 uc.sender = my_identity;
1669 uc.monotonic_time = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get_monotonic (cfg));
1670 uhs.purpose.purpose = htonl (GNUNET_SIGNATURE_COMMUNICATOR_UDP_HANDSHAKE);
1671 uhs.purpose.size = htonl (sizeof (uhs));
1672 uhs.sender = my_identity;
1673 uhs.receiver = receiver->target;
1674 GNUNET_CRYPTO_ecdhe_key_get_public (&epriv,
1676 uhs.monotonic_time = uc.monotonic_time;
1677 GNUNET_assert (GNUNET_OK ==
1678 GNUNET_CRYPTO_eddsa_sign (my_private_key,
1681 /* Leave space for kx */
1682 dpos = sizeof (struct GNUNET_CRYPTO_EcdhePublicKey);
1683 /* Append encrypted uc to dgram */
1685 gcry_cipher_encrypt (out_cipher,
1690 dpos += sizeof (uc);
1691 /* Append encrypted payload to dgram */
1693 gcry_cipher_encrypt (out_cipher,
1701 char pad[sizeof (dgram) - pos];
1703 GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_WEAK,
1706 if (sizeof (pad) > sizeof (struct GNUNET_MessageHeader))
1708 struct GNUNET_MessageHeader hdr = {
1709 .size = htons (sizeof (pad)),
1710 .type = htons (GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_PAD)
1717 gcry_cipher_encrypt (out_cipher,
1724 /* Datagram starts with kx */
1725 kx.ephemeral = uhs.ephemeral;
1727 gcry_cipher_gettag (out_cipher,
1729 sizeof (kx.gcm_tag)));
1734 GNUNET_NETWORK_socket_sendto (udp_sock,
1738 receiver->address_len))
1739 GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
1741 GNUNET_MQ_impl_send_continue (mq);
1742 } /* End of KX encryption method */
1747 * Signature of functions implementing the destruction of a message
1748 * queue. Implementations must not free @a mq, but should take care
1751 * @param mq the message queue to destroy
1752 * @param impl_state our `struct ReceiverAddress`
1755 mq_destroy (struct GNUNET_MQ_Handle *mq,
1758 struct ReceiverAddress *receiver = impl_state;
1760 if (mq == receiver->mq)
1762 receiver->mq = NULL;
1763 receiver_destroy (receiver);
1769 * Implementation function that cancels the currently sent message.
1771 * @param mq message queue
1772 * @param impl_state our `struct RecvierAddress`
1775 mq_cancel (struct GNUNET_MQ_Handle *mq,
1778 /* Cancellation is impossible with UDP; bail */
1784 * Generic error handler, called with the appropriate
1785 * error code and the same closure specified at the creation of
1786 * the message queue.
1787 * Not every message queue implementation supports an error handler.
1789 * @param cls our `struct ReceiverAddress`
1790 * @param error error code
1793 mq_error (void *cls,
1794 enum GNUNET_MQ_Error error)
1796 struct ReceiverAddress *receiver = cls;
1798 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
1799 "MQ error in queue to %s: %d\n",
1800 GNUNET_i2s (&receiver->target),
1802 receiver_destroy (receiver);
1807 * Setup a receiver for transmission. Setup the MQ processing and
1808 * inform transport that the queue is ready.
1812 static struct ReceiverAddress *
1813 receiver_setup (const struct GNUNET_PeerIdentity *target,
1814 const struct sockddr *address,
1815 socklen_t address_len)
1817 struct ReceiverAddress *receiver;
1819 receiver = GNUNET_new (struct ReceiverAddress);
1820 receiver->address = GNUNET_memdup (address,
1822 receiver->address_len = address_len;
1823 receiver->target = *target;
1824 receiver->nt = GNUNET_NT_scanner_get_type (is,
1827 (void) GNUNET_CONTAINER_multipeermap_put (receivers,
1830 GNUNET_CONTAINER_MULTIHASHMAPOPTION_MULTIPLE);
1832 = GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_IDLE_CONNECTION_TIMEOUT);
1833 receiver->hn = GNUNET_CONTAINER_heap_insert (receivers_heap,
1835 receiver.timeout.abs_value_us);
1837 = GNUNET_MQ_queue_for_callbacks (&mq_send,
1844 receiver->mtu = 1200 /* FIXME: MTU OK? */;
1845 if (NULL == timeout_task)
1846 timeout_task = GNUNET_SCHEDULER_add_now (&check_timeouts,
1848 GNUNET_STATISTICS_set (stats,
1849 "# receivers active",
1850 GNUNET_CONTAINER_multipeermap_size (receivers),
1855 switch (address->sa_family)
1858 GNUNET_asprintf (&foreign_addr,
1860 COMMUNICATOR_ADDRESS_PREFIX,
1861 GNUNET_a2s(queue->address,
1862 queue->address_len));
1865 GNUNET_asprintf (&foreign_addr,
1867 COMMUNICATOR_ADDRESS_PREFIX,
1868 GNUNET_a2s(queue->address,
1869 queue->address_len));
1875 = GNUNET_TRANSPORT_communicator_mq_add (ch,
1880 GNUNET_TRANSPORT_CS_OUTBOUND,
1882 GNUNET_free (foreign_addr);
1888 * Function called by the transport service to initialize a
1889 * message queue given address information about another peer.
1890 * If and when the communication channel is established, the
1891 * communicator must call #GNUNET_TRANSPORT_communicator_mq_add()
1892 * to notify the service that the channel is now up. It is
1893 * the responsibility of the communicator to manage sane
1894 * retries and timeouts for any @a peer/@a address combination
1895 * provided by the transport service. Timeouts and retries
1896 * do not need to be signalled to the transport service.
1898 * @param cls closure
1899 * @param peer identity of the other peer
1900 * @param address where to send the message, human-readable
1901 * communicator-specific format, 0-terminated, UTF-8
1902 * @return #GNUNET_OK on success, #GNUNET_SYSERR if the provided address is invalid
1906 const struct GNUNET_PeerIdentity *peer,
1907 const char *address)
1909 struct ReceiverAddress *receiver;
1911 struct sockaddr *in;
1914 if (0 != strncmp (address,
1915 COMMUNICATOR_ADDRESS_PREFIX "-",
1916 strlen (COMMUNICATOR_ADDRESS_PREFIX "-")))
1918 GNUNET_break_op (0);
1919 return GNUNET_SYSERR;
1921 path = &address[strlen (COMMUNICATOR_ADDRESS_PREFIX "-")];
1922 in = udp_address_to_sockaddr (path,
1924 receiver = receiver_setup (peer,
1932 * Iterator over all receivers to clean up.
1935 * @param target unused
1936 * @param value the queue to destroy
1937 * @return #GNUNET_OK to continue to iterate
1940 get_receiver_delete_it (void *cls,
1941 const struct GNUNET_PeerIdentity *target,
1944 struct ReceiverAddress *receiver = value;
1948 receiver_destroy (receiver);
1954 * Iterator over all senders to clean up.
1957 * @param target unused
1958 * @param value the queue to destroy
1959 * @return #GNUNET_OK to continue to iterate
1962 get_receiver_delete_it (void *cls,
1963 const struct GNUNET_PeerIdentity *target,
1966 struct SenderAddress *sender = value;
1970 sender_destroy (sender);
1976 * Shutdown the UNIX communicator.
1978 * @param cls NULL (always)
1981 do_shutdown (void *cls)
1985 GNUNET_NAT_unregister (nat);
1988 if (NULL != read_task)
1990 GNUNET_SCHEDULER_cancel (read_task);
1993 if (NULL != udp_sock)
1995 GNUNET_break (GNUNET_OK ==
1996 GNUNET_NETWORK_socket_close (udp_sock));
1999 GNUNET_CONTAINER_multipeermap_iterate (receivers,
2000 &get_receiver_delete_it,
2002 GNUNET_CONTAINER_multipeermap_destroy (receivers);
2003 GNUNET_CONTAINER_multipeermap_iterate (senders,
2004 &get_sender_delete_it,
2006 GNUNET_CONTAINER_multipeermap_destroy (senders);
2007 GNUNET_CONTAINER_multishortmap_destroy (key_cache);
2008 GNUNET_CONTAINER_heap_destroy (senders_heap);
2009 GNUNET_CONTAINER_heap_destroy (receivers_heap);
2012 GNUNET_TRANSPORT_communicator_disconnect (ch);
2017 GNUNET_STATISTICS_destroy (stats,
2021 if (NULL != my_private_key)
2023 GNUNET_free (my_private_key);
2024 my_private_key = NULL;
2028 GNUNET_NT_scanner_done (is);
2035 * Function called when the transport service has received a
2036 * backchannel message for this communicator (!) via a different return
2037 * path. Should be an acknowledgement.
2039 * @param cls closure, NULL
2040 * @param sender which peer sent the notification
2041 * @param msg payload
2044 enc_notify_cb (void *cls,
2045 const struct GNUNET_PeerIdentity *sender,
2046 const struct GNUNET_MessageHeader *msg)
2048 const struct UDPAck *ack;
2051 if ( (ntohs (msg->type) != GNUNET_MESSAGE_TYPE_COMMUNICATOR_UDP_ACK) ||
2052 (ntohs (msg->size) != sizeof (struct UDPAck)) )
2054 GNUNET_break_op (0);
2057 ack = (const struct UDPAck *) msg;
2058 GNUNET_CONTAINER_multihashmap_get_multiple (receivers,
2066 * Signature of the callback passed to #GNUNET_NAT_register() for
2067 * a function to call whenever our set of 'valid' addresses changes.
2069 * @param cls closure
2070 * @param app_ctx[in,out] location where the app can store stuff
2071 * on add and retrieve it on remove
2072 * @param add_remove #GNUNET_YES to add a new public IP address,
2073 * #GNUNET_NO to remove a previous (now invalid) one
2074 * @param ac address class the address belongs to
2075 * @param addr either the previous or the new public IP address
2076 * @param addrlen actual length of the @a addr
2079 nat_address_cb (void *cls,
2082 enum GNUNET_NAT_AddressClass ac,
2083 const struct sockaddr *addr,
2087 struct GNUNET_TRANSPORT_AddressIdentifier *ai;
2089 if (GNUNET_YES == add_remove)
2091 enum GNUNET_NetworkType nt;
2093 GNUNET_asprintf (&my_addr,
2095 COMMUNICATOR_ADDRESS_PREFIX,
2098 nt = GNUNET_NT_scanner_get_type (is,
2101 ai = GNUNET_TRANSPORT_communicator_address_add (ch,
2104 GNUNET_TIME_UNIT_FOREVER_REL);
2105 GNUNET_free (my_addr);
2111 GNUNET_TRANSPORT_communicator_address_remove (ai);
2118 * Setup communicator and launch network interactions.
2120 * @param cls NULL (always)
2121 * @param args remaining command-line arguments
2122 * @param cfgfile name of the configuration file used (for saving, can be NULL!)
2123 * @param c configuration
2128 const char *cfgfile,
2129 const struct GNUNET_CONFIGURATION_Handle *c)
2132 struct sockaddr *in;
2134 struct sockaddr_storage in_sto;
2140 GNUNET_CONFIGURATION_get_value_filename (cfg,
2141 COMMUNICATOR_CONFIG_SECTION,
2145 GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR,
2146 COMMUNICATOR_CONFIG_SECTION,
2151 GNUNET_CONFIGURATION_get_value_number (cfg,
2152 COMMUNICATOR_CONFIG_SECTION,
2155 max_queue_length = DEFAULT_MAX_QUEUE_LENGTH;
2157 in = udp_address_to_sockaddr (bindto,
2161 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2162 "Failed to setup UDP socket address with path `%s'\n",
2164 GNUNET_free (bindto);
2167 udp_sock = GNUNET_NETWORK_socket_create (in->sa_family,
2170 if (NULL == udp_sock)
2172 GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
2175 GNUNET_free (bindto);
2179 GNUNET_NETWORK_socket_bind (udp_sock,
2183 GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
2186 GNUNET_NETWORK_socket_close (udp_sock);
2189 GNUNET_free (bindto);
2192 /* We might have bound to port 0, allowing the OS to figure it out;
2193 thus, get the real IN-address from the socket */
2194 sto_len = sizeof (in_sto);
2195 if (0 != getsockname (GNUNET_NETWORK_get_fd (udp_sock),
2196 (struct sockaddr *) &in_sto,
2205 GNUNET_free (bindto);
2206 in = (struct sockaddr *) &in_sto;
2208 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
2210 GNUNET_a2s ((const struct sockaddr *) &in_sto,
2212 stats = GNUNET_STATISTICS_create ("C-UDP",
2214 senders = GNUNET_CONTAINER_multipeermap_create (32,
2216 receivers = GNUNET_CONTAINER_multipeermap_create (32,
2218 senders_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2219 receivers_heap = GNUNET_CONTAINER_heap_create (GNUNET_CONTAINER_HEAP_ORDER_MIN);
2220 key_cache = GNUNET_CONTAINER_multishortmap_create (1024,
2222 GNUNET_SCHEDULER_add_shutdown (&do_shutdown,
2224 is = GNUNET_NT_scanner_init ();
2225 my_private_key = GNUNET_CRYPTO_eddsa_key_create_from_configuration (cfg);
2226 if (NULL == my_private_key)
2228 GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
2229 _("Transport service is lacking key configuration settings. Exiting.\n"));
2230 GNUNET_SCHEDULER_shutdown ();
2233 GNUNET_CRYPTO_eddsa_key_get_public (my_private_key,
2234 &my_identity.public_key);
2235 /* start listening */
2236 read_task = GNUNET_SCHEDULER_add_read_net (GNUNET_TIME_UNIT_FOREVER_REL,
2240 ch = GNUNET_TRANSPORT_communicator_connect (cfg,
2241 COMMUNICATOR_CONFIG_SECTION,
2242 COMMUNICATOR_ADDRESS_PREFIX,
2243 GNUNET_TRANSPORT_CC_UNRELIABLE,
2251 GNUNET_SCHEDULER_shutdown ();
2254 nat = GNUNET_NAT_register (cfg,
2255 COMMUNICATOR_CONFIG_SECTION,
2257 1 /* one address */,
2258 (const struct sockaddr **) &in,
2261 NULL /* FIXME: support reversal: #5529 */,
2262 NULL /* closure */);
2267 * The main function for the UNIX communicator.
2269 * @param argc number of arguments from the command line
2270 * @param argv command line arguments
2271 * @return 0 ok, 1 on error
2277 static const struct GNUNET_GETOPT_CommandLineOption options[] = {
2278 GNUNET_GETOPT_OPTION_END
2283 GNUNET_STRINGS_get_utf8_args (argc, argv,
2289 GNUNET_PROGRAM_run (argc, argv,
2290 "gnunet-communicator-udp",
2291 _("GNUnet UDP communicator"),
2295 GNUNET_free ((void*) argv);
2300 /* end of gnunet-communicator-udp.c */