/**
- * All the connectivity states a tunnel can be in.
+ * All the encryption states a tunnel can be in.
*/
-enum CadetTunnelCState
+enum CadetTunnelEState
{
/**
- * Uninitialized status, should never appear in operation.
- */
- CADET_TUNNEL_NEW,
-
- /**
- * No path to the peer known yet.
- */
- CADET_TUNNEL_SEARCHING,
-
- /**
- * Request sent, not yet answered.
- */
- CADET_TUNNEL_WAITING,
-
- /**
- * Peer connected and ready to accept data.
+ * Uninitialized status, we need to send KX. We will stay
+ * in this state until the first connection is up.
*/
- CADET_TUNNEL_READY,
+ CADET_TUNNEL_KEY_UNINITIALIZED,
/**
- * Tunnel being shut down, don't try to keep it alive.
+ * KX message sent, waiting for other peer's KX_AUTH.
*/
- CADET_TUNNEL_SHUTDOWN
-};
-
+ CADET_TUNNEL_KEY_AX_SENT,
-
-/**
- * All the encryption states a tunnel can be in.
- */
-enum CadetTunnelEState
-{
/**
- * Uninitialized status, should never appear in operation.
+ * KX message received, trying to send back KX_AUTH.
*/
- CADET_TUNNEL_KEY_UNINITIALIZED,
+ CADET_TUNNEL_KEY_AX_RECV,
/**
- * Ephemeral key sent, waiting for peer's key.
+ * KX message sent and received, trying to send back KX_AUTH.
*/
- CADET_TUNNEL_KEY_SENT,
+ CADET_TUNNEL_KEY_AX_SENT_AND_RECV,
/**
- * In OTR: New ephemeral key and ping sent, waiting for pong.
- *
- * This means that we DO have the peer's ephemeral key, otherwise the
- * state would be KEY_SENT. We DO NOT have a valid session key (either no
- * previous key or previous key expired).
- *
+ * KX received and we sent KX_AUTH back, but we got no traffic yet,
+ * so we're waiting for either KX_AUTH or ENCRYPED traffic from
+ * the other peer.
*
- * In Axolotl: Key sent and received but no deciphered traffic yet.
- *
- * This means that we can send traffic (otherwise we would never complete
- * the handshake), but we don't have complete confirmation. Since the first
- * traffic MUST be a complete channel creation 3-way handshake, no payload
- * will be sent before confirmation.
+ * We will not yet send traffic, as this might have been a replay.
+ * The other (initiating) peer should send a CHANNEL_OPEN next
+ * anyway, and then we are in business!
*/
- CADET_TUNNEL_KEY_PING,
+ CADET_TUNNEL_KEY_AX_AUTH_SENT,
/**
* Handshake completed: session key available.
*/
- CADET_TUNNEL_KEY_OK,
-
- /**
- * New ephemeral key and ping sent, waiting for pong. Unlike KEY_PING,
- * we still have a valid session key and therefore we *can* still send
- * traffic on the tunnel.
- */
- CADET_TUNNEL_KEY_REKEY
-};
-
+ CADET_TUNNEL_KEY_OK
-/**
- * Number uniquely identifying a channel within a tunnel.
- */
-struct GCT_ChannelTunnelNumber
-{
- uint32_t channel_in_tunnel GNUNET_PACKED;
};
GCT_create_tunnel (struct CadetPeer *destination);
+/**
+ * Destroys the tunnel @a t now, without delay. Used during shutdown.
+ *
+ * @param t tunnel to destroy
+ */
+void
+GCT_destroy_tunnel_now (struct CadetTunnel *t);
+
+
+/**
+ * Add a @a connection to the @a tunnel.
+ *
+ * @param t a tunnel
+ * @param cid connection identifer to use for the connection
+ * @param path path to use for the connection
+ * @return #GNUNET_OK on success,
+ * #GNUNET_SYSERR on failure (duplicate connection)
+ */
+int
+GCT_add_inbound_connection (struct CadetTunnel *t,
+ const struct GNUNET_CADET_ConnectionTunnelIdentifier *cid,
+ struct CadetPeerPath *path);
+
+
+/**
+ * We lost a connection, remove it from our list and clean up
+ * the connection object itself.
+ *
+ * @param ct binding of connection to tunnel of the connection that was lost.
+ */
+void
+GCT_connection_lost (struct CadetTConnection *ct);
+
+
/**
* Return the peer to which this tunnel goes.
*
* @param ch Channel
* @return unique number identifying @a ch within @a t
*/
-struct GCT_ChannelTunnelNumber
+struct GNUNET_CADET_ChannelTunnelNumber
GCT_add_channel (struct CadetTunnel *t,
struct CadetChannel *ch);
*
* @param t Tunnel.
* @param ch Channel
- * @param gid unique number identifying @a ch within @a t
+ * @param ctn unique number identifying @a ch within @a t
*/
void
GCT_remove_channel (struct CadetTunnel *t,
struct CadetChannel *ch,
- struct GCT_ChannelTunnelNumber gid);
+ struct GNUNET_CADET_ChannelTunnelNumber ctn);
+
+
+/**
+ * Send a DESTROY message via the tunnel.
+ *
+ * @param t the tunnel to transmit over
+ * @param ctn ID of the channel to destroy
+ */
+void
+GCT_send_channel_destroy (struct CadetTunnel *t,
+ struct GNUNET_CADET_ChannelTunnelNumber ctn);
/**
* @param t Tunnel on which this message is transmitted.
* @param cont Continuation to call once message is really sent.
* @param cont_cls Closure for @c cont.
- * @return Handle to cancel message. NULL if @c cont is NULL.
+ * @return Handle to cancel message.
*/
struct CadetTunnelQueueEntry *
GCT_send (struct CadetTunnel *t,
* @return number of connections available for the tunnel
*/
unsigned int
-GCT_count_any_connections (struct CadetTunnel *t);
+GCT_count_any_connections (const struct CadetTunnel *t);
/**
* Iterator over connections.
*
* @param cls closure
- * @param c one of the connections
+ * @param ct one of the connections
*/
typedef void
(*GCT_ConnectionIterator) (void *cls,
- struct CadetConnection *c);
+ struct CadetTConnection *ct);
/**
void *iter_cls);
-/**
- * Get the connectivity state of a tunnel.
- *
- * @param t Tunnel.
- *
- * @return Tunnel's connectivity state.
- */
-enum CadetTunnelCState
-GCT_get_cstate (struct CadetTunnel *t);
-
-
/**
* Get the encryption state of a tunnel.
*
const struct GNUNET_CADET_TunnelKeyExchangeMessage *msg);
+/**
+ * Handle KX_AUTH message.
+ *
+ * @param ct connection/tunnel combo that received encrypted message
+ * @param msg the key exchange message
+ */
+void
+GCT_handle_kx_auth (struct CadetTConnection *ct,
+ const struct GNUNET_CADET_TunnelKeyExchangeAuthMessage *msg);
+
+
/**
* Handle encrypted message.
*