/*
This file is part of GNUnet.
- Copyright (C) 2013 Christian Grothoff (and other contributing authors)
+ Copyright (C) 2013 GNUnet e.V.
GNUnet is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
* Message key.
*/
struct GNUNET_CRYPTO_SymmetricSessionKey MK;
+
+ /**
+ * Key number for a given HK.
+ */
+ unsigned int Kn;
};
{
GNUNET_free_non_null (t->ax->DHRs);
t->ax->DHRs = GNUNET_CRYPTO_ecdhe_key_create();
+ #if DUMP_KEYS_TO_STDERR
+ {
+ struct GNUNET_CRYPTO_EcdhePublicKey pub;
+ GNUNET_CRYPTO_ecdhe_key_get_public (t->ax->DHRs, &pub);
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " new DHRs generated: pub %s\n",
+ GNUNET_i2s ((struct GNUNET_PeerIdentity *) &pub));
+ }
+ #endif
}
GNUNET_CRYPTO_symmetric_derive_iv (&iv, &MK, NULL, 0, NULL);
#if DUMP_KEYS_TO_STDERR
- LOG (GNUNET_ERROR_TYPE_INFO, " CKs: %s\n",
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " CKs: %s\n",
GNUNET_i2s ((struct GNUNET_PeerIdentity *) &ax->CKs));
LOG (GNUNET_ERROR_TYPE_INFO, " AX_ENC with key %u: %s\n", ax->Ns,
GNUNET_i2s ((struct GNUNET_PeerIdentity *) &MK));
GNUNET_CRYPTO_symmetric_derive_iv (&iv, &MK, NULL, 0, NULL);
#if DUMP_KEYS_TO_STDERR
- LOG (GNUNET_ERROR_TYPE_INFO, " CKr: %s\n",
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " CKr: %s\n",
GNUNET_i2s ((struct GNUNET_PeerIdentity *) &ax->CKr));
LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC with key %u: %s\n", ax->Nr,
GNUNET_i2s ((struct GNUNET_PeerIdentity *) &MK));
GNUNET_assert (AX_HEADER_SIZE == out_size);
- LOG (GNUNET_ERROR_TYPE_DEBUG, " t_ax_decrypt end\n");
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " t_h_decrypt end\n");
}
* @return Size of the decrypted data, -1 if an error was encountered.
*/
static int
-try_old_ax_keys (struct CadetTunnel *t, struct GNUNET_CADET_AX *dst,
+try_old_ax_keys (struct CadetTunnel *t, void *dst,
const struct GNUNET_CADET_AX *src, size_t size)
{
struct CadetTunnelSkippedKey *key;
- struct GNUNET_CADET_Hash hmac;
+ struct GNUNET_CADET_Hash *hmac;
struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
+ struct GNUNET_CADET_AX plaintext_header;
+ struct GNUNET_CRYPTO_SymmetricSessionKey *valid_HK;
+ size_t esize;
size_t res;
size_t len;
+ unsigned int N;
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "Trying old keys\n");
+ hmac = &plaintext_header.hmac;
+ esize = size - sizeof (struct GNUNET_CADET_AX);
+ /* Find a correct Header Key */
for (key = t->ax->skipped_head; NULL != key; key = key->next)
{
- t_hmac (&src->Ns, AX_HEADER_SIZE, 0, &key->HK, &hmac);
- if (0 != memcmp (&hmac, &src->hmac, sizeof (hmac)))
+ #if DUMP_KEYS_TO_STDERR
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " Trying hmac with key %s\n",
+ GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->HK));
+ #endif
+ t_hmac (&src->Ns, AX_HEADER_SIZE + esize, 0, &key->HK, hmac);
+ if (0 == memcmp (hmac, &src->hmac, sizeof (*hmac)))
+ {
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " hmac correct\n");
+ valid_HK = &key->HK;
break;
+ }
}
if (NULL == key)
return -1;
+ /* Should've been checked in -cadet_connection.c handle_cadet_encrypted. */
+ GNUNET_assert (size > sizeof (struct GNUNET_CADET_AX));
+ len = size - sizeof (struct GNUNET_CADET_AX);
+ GNUNET_assert (len >= sizeof (struct GNUNET_MessageHeader));
+
+ /* Decrypt header */
+ GNUNET_CRYPTO_symmetric_derive_iv (&iv, &key->HK, NULL, 0, NULL);
+ res = GNUNET_CRYPTO_symmetric_decrypt (&src->Ns, AX_HEADER_SIZE,
+ &key->HK, &iv, &plaintext_header.Ns);
+ GNUNET_assert (AX_HEADER_SIZE == res);
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " Message %u, previous: %u\n",
+ ntohl (plaintext_header.Ns), ntohl (plaintext_header.PNs));
+
+ /* Find the correct Message Key */
+ N = ntohl (plaintext_header.Ns);
+ while (NULL != key && N != key->Kn)
+ key = key->next;
+ if (NULL == key || 0 != memcmp (&key->HK, valid_HK, sizeof (*valid_HK)))
+ return -1;
+
#if DUMP_KEYS_TO_STDERR
- LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC with skipped key %s\n",
- GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->MK));
+ LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC_H with skipped key %s\n",
+ GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->HK));
+ LOG (GNUNET_ERROR_TYPE_INFO, " AX_DEC with skipped key %u: %s\n",
+ key->Kn, GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->MK));
#endif
- GNUNET_assert (size > sizeof (struct GNUNET_CADET_AX));
- len = size - sizeof (struct GNUNET_CADET_AX);
+ /* Decrypt payload */
GNUNET_CRYPTO_symmetric_derive_iv (&iv, &key->MK, NULL, 0, NULL);
- res = GNUNET_CRYPTO_symmetric_decrypt (&src[1], len, &key->MK, &iv, &dst[1]);
+ res = GNUNET_CRYPTO_symmetric_decrypt (&src[1], len, &key->MK, &iv, dst);
+ /* Remove key */
GNUNET_CONTAINER_DLL_remove (t->ax->skipped_head, t->ax->skipped_tail, key);
t->ax->skipped--;
- GNUNET_free (key);
+ GNUNET_free (key); /* GNUNET_free overwrites memory with 0xbaadf00d */
return res;
}
key = GNUNET_new (struct CadetTunnelSkippedKey);
key->timestamp = GNUNET_TIME_absolute_get ();
+ key->Kn = t->ax->Nr;
+ key->HK = t->ax->HKr;
t_hmac_derive_key (&t->ax->CKr, &key->MK, "0", 1);
#if DUMP_KEYS_TO_STDERR
- LOG (GNUNET_ERROR_TYPE_INFO, " storing MK for Nr %u: %s\n",
- t->ax->Nr, GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->MK));
- LOG (GNUNET_ERROR_TYPE_INFO, " for CKr: %s\n",
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " storing MK for Nr %u: %s\n",
+ key->Kn, GNUNET_i2s ((struct GNUNET_PeerIdentity *) &key->MK));
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " for CKr: %s\n",
GNUNET_i2s ((struct GNUNET_PeerIdentity *) &t->ax->CKr));
#endif
t_hmac_derive_key (&t->ax->CKr, &t->ax->CKr, "1", 1);
* @param t Tunnel where to stage the keys.
* @param HKr Header key.
* @param Np Received meesage number.
+ *
+ * @return GNUNET_OK if keys were stored.
+ * GNUNET_SYSERR if an error ocurred (Np not expected).
*/
-static void
+static int
store_ax_keys (struct CadetTunnel *t,
const struct GNUNET_CRYPTO_SymmetricSessionKey *HKr,
uint32_t Np)
{
int gap;
+
gap = Np - t->ax->Nr;
- if (MAX_KEY_GAP < gap || 0 > gap)
+ LOG (GNUNET_ERROR_TYPE_INFO, "Storing keys [%u, %u)\n", t->ax->Nr, Np);
+ if (MAX_KEY_GAP < gap)
{
/* Avoid DoS (forcing peer to do 2*33 chain HMAC operations) */
/* TODO: start new key exchange on return */
GNUNET_break_op (0);
- return;
+ LOG (GNUNET_ERROR_TYPE_WARNING, "Got message %u, expected %u+\n",
+ Np, t->ax->Nr);
+ return GNUNET_SYSERR;
+ }
+ if (0 > gap)
+ {
+ /* Delayed message: don't store keys, flag to try old keys. */
+ return GNUNET_SYSERR;
}
while (t->ax->Nr < Np)
while (t->ax->skipped > MAX_SKIPPED_KEYS)
delete_skipped_key (t, t->ax->skipped_tail);
+
+ return GNUNET_OK;
}
struct CadetTunnelAxolotl *ax;
struct GNUNET_CADET_Hash msg_hmac;
struct GNUNET_HashCode hmac;
- struct GNUNET_CADET_AX *dstmsg;
+ struct GNUNET_CADET_AX plaintext_header;
uint32_t Np;
uint32_t PNp;
size_t esize;
size_t osize;
ax = t->ax;
- dstmsg = dst;
esize = size - sizeof (struct GNUNET_CADET_AX);
if (NULL == ax)
struct GNUNET_CRYPTO_EcdhePublicKey *DHRp;
/* Try Next HK */
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " trying next HK\n");
t_hmac (&src->Ns, AX_HEADER_SIZE + esize, 0, &ax->NHKr, &msg_hmac);
if (0 != memcmp (&msg_hmac, &src->hmac, sizeof (msg_hmac)))
{
/* Try the skipped keys, if that fails, we're out of luck. */
return try_old_ax_keys (t, dst, src, size);
}
- LOG (GNUNET_ERROR_TYPE_INFO, "next HK\n");
+ LOG (GNUNET_ERROR_TYPE_INFO, "next HK worked\n");
HK = ax->HKr;
ax->HKr = ax->NHKr;
- t_h_decrypt (t, src, dstmsg);
- Np = ntohl (dstmsg->Ns);
- PNp = ntohl (dstmsg->PNs);
- DHRp = &dstmsg->DHRs;
+ t_h_decrypt (t, src, &plaintext_header);
+ Np = ntohl (plaintext_header.Ns);
+ PNp = ntohl (plaintext_header.PNs);
+ DHRp = &plaintext_header.DHRs;
store_ax_keys (t, &HK, PNp);
/* RKp, NHKp, CKp = KDF (HMAC-HASH (RK, DH (DHRp, DHRs))) */
else
{
LOG (GNUNET_ERROR_TYPE_DEBUG, "current HK\n");
- t_h_decrypt (t, src, dstmsg);
- Np = ntohl (dstmsg->Ns);
- PNp = ntohl (dstmsg->PNs);
+ t_h_decrypt (t, src, &plaintext_header);
+ Np = ntohl (plaintext_header.Ns);
+ PNp = ntohl (plaintext_header.PNs);
}
+ LOG (GNUNET_ERROR_TYPE_INFO, " got AX Nr %u\n", Np);
+ if (Np != ax->Nr)
+ if (GNUNET_OK != store_ax_keys (t, &ax->HKr, Np))
+ /* Try the skipped keys, if that fails, we're out of luck. */
+ return try_old_ax_keys (t, dst, src, size);
- if (Np > ax->Nr)
- store_ax_keys (t, &ax->HKr, Np);
-
+ osize = t_ax_decrypt (t, dst, &src[1], esize);
ax->Nr = Np + 1;
- osize = t_ax_decrypt (t, dst, &src[1], esize);
if (osize != esize)
{
GNUNET_break_op (0);
* @brief Finish the Key eXchange and destroy the old keys.
*
* @param cls Closure (Tunnel for which to finish the KX).
- * @param tc Task context.
*/
static void
-finish_kx (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+finish_kx (void *cls)
{
struct CadetTunnel *t = cls;
LOG (GNUNET_ERROR_TYPE_INFO, "finish KX for %s\n", GCT_2s (t));
-
- if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
- {
- LOG (GNUNET_ERROR_TYPE_INFO, " shutdown\n");
- return;
- }
-
GNUNET_free (t->kx_ctx);
t->kx_ctx = NULL;
}
if (is_key_null (&t->kx_ctx->e_key_old))
{
- t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_now (finish_kx, t);
+ t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_now (&finish_kx, t);
return;
}
delay = GNUNET_TIME_relative_divide (rekey_period, 4);
delay = GNUNET_TIME_relative_min (delay, GNUNET_TIME_UNIT_MINUTES);
- t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_delayed (delay, finish_kx, t);
+ t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_delayed (delay,
+ &finish_kx, t);
}
if (NULL == cont)
{
- GNUNET_break (NULL == GCC_send_prebuilt_message (msg, type,
- mid, c, fwd, force, NULL, NULL));
+ GNUNET_break (NULL == GCC_send_prebuilt_message (msg, type, mid, c, fwd,
+ force, NULL, NULL));
return NULL;
}
if (NULL == existing_q)
* @brief Resend the AX KX until we complete the handshake.
*
* @param cls Closure (tunnel).
- * @param tc Task context.
*/
static void
-ax_kx_resend (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+ax_kx_resend (void *cls)
{
struct CadetTunnel *t = cls;
t->rekey_task = NULL;
-
- if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
- return;
-
if (CADET_TUNNEL_KEY_OK == t->estate)
{
/* Should have been canceled on estate change */
return;
}
- GCT_send_ax_kx (t, GNUNET_YES);
+ GCT_send_ax_kx (t, CADET_TUNNEL_KEY_SENT >= t->estate);
}
static void
send_ephemeral (struct CadetTunnel *t)
{
- LOG (GNUNET_ERROR_TYPE_INFO, "===> EPHM for %s\n", GCT_2s (t));
+ LOG (GNUNET_ERROR_TYPE_INFO, "==> EPHM for %s\n", GCT_2s (t));
if (NULL != t->ephm_h)
{
LOG (GNUNET_ERROR_TYPE_INFO, " already queued\n");
{
struct GNUNET_CADET_KX_Pong msg;
- LOG (GNUNET_ERROR_TYPE_INFO, "===> PONG for %s\n", GCT_2s (t));
+ LOG (GNUNET_ERROR_TYPE_INFO, "==> PONG for %s\n", GCT_2s (t));
if (NULL != t->pong_h)
{
LOG (GNUNET_ERROR_TYPE_INFO, " already queued\n");
* Initiate a rekey with the remote peer.
*
* @param cls Closure (tunnel).
- * @param tc TaskContext.
*/
static void
-rekey_tunnel (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+rekey_tunnel (void *cls)
{
struct CadetTunnel *t = cls;
t->rekey_task = NULL;
-
LOG (GNUNET_ERROR_TYPE_INFO, "Re-key Tunnel %s\n", GCT_2s (t));
- if (NULL != tc && 0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
- return;
-
GNUNET_assert (NULL != t->kx_ctx);
struct GNUNET_TIME_Relative duration;
duration = GNUNET_TIME_absolute_get_duration (t->kx_ctx->rekey_start_time);
- LOG (GNUNET_ERROR_TYPE_DEBUG, " kx started %s ago\n",
- GNUNET_STRINGS_relative_time_to_string (duration, GNUNET_YES));
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ " kx started %s ago\n",
+ GNUNET_STRINGS_relative_time_to_string (duration, GNUNET_YES));
// FIXME make duration of old keys configurable
if (duration.rel_value_us >= GNUNET_TIME_UNIT_MINUTES.rel_value_us)
* Create a new ephemeral key and key message, schedule next rekeying.
*
* @param cls Closure (unused).
- * @param tc TaskContext.
*/
static void
-global_otr_rekey (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+global_otr_rekey (void *cls)
{
struct GNUNET_TIME_Absolute time;
long n;
rekey_task = NULL;
-
- if (0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
- return;
-
GNUNET_free_non_null (otr_ephemeral_key);
otr_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
{
struct CadetTunnel *t = value;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "GCT_shutdown destroying tunnel at %p\n", t);
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "GCT_shutdown destroying tunnel at %p\n", t);
GCT_destroy (t);
return GNUNET_YES;
}
}
type = ntohs (msg[1].header.type);
LOG (GNUNET_ERROR_TYPE_DEBUG, " payload of type %s\n", GC_m2s (type));
- sprintf (buf, "# received payload of type %hu", type);
+ SPRINTF (buf, "# received payload of type %hu", type);
GNUNET_STATISTICS_update (stats, buf, 1, GNUNET_NO);
{
GNUNET_STATISTICS_update (stats, "# data on unknown channel",
1, GNUNET_NO);
- LOG (GNUNET_ERROR_TYPE_DEBUG, "WARNING channel 0x%X unknown\n",
- ntohl (msg->chid));
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "channel 0x%X unknown\n", ntohl (msg->chid));
send_channel_destroy (t, ntohl (msg->chid));
return;
}
/**
* Handle channel create.
*
- * @param t Tunnel on which the data came.
- * @param msg Data message.
+ * @param t Tunnel on which the message came.
+ * @param msg ChannelCreate message.
*/
static void
handle_ch_create (struct CadetTunnel *t,
size = ntohs (msg->header.size);
if (size != sizeof (struct GNUNET_CADET_ChannelCreate))
{
- GNUNET_break (0);
+ GNUNET_break_op (0);
return;
}
handle_ephemeral (struct CadetTunnel *t,
const struct GNUNET_CADET_KX_Ephemeral *msg)
{
- LOG (GNUNET_ERROR_TYPE_INFO, "<=== EPHM for %s\n", GCT_2s (t));
+ LOG (GNUNET_ERROR_TYPE_INFO, "<== EPHM for %s\n", GCT_2s (t));
/* Some old versions are still around, don't log as error. */
if (GNUNET_OK != check_ephemeral (t, msg))
GNUNET_break (0);
return;
}
- rekey_tunnel (t, NULL);
+ rekey_tunnel (t);
GNUNET_STATISTICS_update (stats, "# otr-downgrades", -1, GNUNET_NO);
}
}
if (NULL != t->rekey_task)
GNUNET_SCHEDULER_cancel (t->rekey_task);
- t->rekey_task = GNUNET_SCHEDULER_add_now (rekey_tunnel, t);
+ t->rekey_task = GNUNET_SCHEDULER_add_now (&rekey_tunnel, t);
}
if (CADET_TUNNEL_KEY_SENT == t->estate)
{
{
uint32_t challenge;
- LOG (GNUNET_ERROR_TYPE_INFO, "<=== PONG for %s\n", GCT_2s (t));
+ LOG (GNUNET_ERROR_TYPE_INFO, "<== PONG for %s\n", GCT_2s (t));
if (NULL == t->rekey_task)
{
GNUNET_STATISTICS_update (stats, "# duplicate PONG messages", 1, GNUNET_NO);
const struct GNUNET_PeerIdentity *pid;
int am_I_alice;
- LOG (GNUNET_ERROR_TYPE_INFO, "<=== AX_KX on %s\n", GCT_2s (t));
+ LOG (GNUNET_ERROR_TYPE_INFO, "<== { AX_KX} on %s\n", GCT_2s (t));
if (NULL == t->ax)
{
return;
}
- if (GNUNET_CADET_AX_KX_FLAG_FORCE_REPLY ==
- (GNUNET_CADET_AX_KX_FLAG_FORCE_REPLY & ntohl (msg->flags)))
+ if (0 != (GNUNET_CADET_AX_KX_FLAG_FORCE_REPLY & ntohl (msg->flags)))
+ {
+ if (NULL != t->rekey_task)
+ {
+ GNUNET_SCHEDULER_cancel (t->rekey_task);
+ t->rekey_task = NULL;
+ }
GCT_send_ax_kx (t, GNUNET_NO);
+ }
- if (0 == memcmp(&ax->DHRr, &msg->ratchet_key, sizeof(msg->ratchet_key)))
+ if (0 == memcmp (&ax->DHRr, &msg->ratchet_key, sizeof(msg->ratchet_key)))
+ {
+ LOG (GNUNET_ERROR_TYPE_INFO, " known ratchet key, exit\n");
return;
+ }
LOG (GNUNET_ERROR_TYPE_INFO, " is Alice? %s\n", am_I_alice ? "YES" : "NO");
if (GNUNET_YES == am_I_alice)
{
GNUNET_CRYPTO_eddsa_ecdh (id_key, /* A */
- &msg->ephemeral_key, /* B0 */
+ &msg->ephemeral_key, /* B0 */
&key_material[0]);
}
else
else
{
GNUNET_CRYPTO_eddsa_ecdh (id_key, /* A */
- &msg->ephemeral_key, /* B0 */
+ &msg->ephemeral_key, /* B0 */
&key_material[1]);
salt, sizeof (salt),
&key_material, sizeof (key_material), NULL);
+ if (0 == memcmp (&ax->RK, &keys[0], sizeof(ax->RK)))
+ {
+ LOG (GNUNET_ERROR_TYPE_INFO, " known handshake key, exit\n");
+ return;
+ }
ax->RK = keys[0];
if (GNUNET_YES == am_I_alice)
{
ax->ratchet_expiration =
GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get(), ratchet_time);
}
+ ax->PNs = 0;
+ ax->Nr = 0;
+ ax->Ns = 0;
GCT_change_estate (t, CADET_TUNNEL_KEY_PING);
send_queued_data (t);
}
char buf[256];
type = ntohs (msgh->type);
- LOG (GNUNET_ERROR_TYPE_INFO, "<=== %s on %s\n", GC_m2s (type), GCT_2s (t));
- sprintf (buf, "# received encrypted of type %hu (%s)", type, GC_m2s (type));
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "<-- %s on %s\n", GC_m2s (type), GCT_2s (t));
+ SPRINTF (buf, "# received encrypted of type %hu (%s)", type, GC_m2s (type));
GNUNET_STATISTICS_update (stats, buf, 1, GNUNET_NO);
-
switch (type)
{
case GNUNET_MESSAGE_TYPE_CADET_KEEPALIVE:
{
uint16_t size = ntohs (msg->size);
char cbuf [size];
- size_t payload_size;
int decrypted_size;
uint16_t type;
const struct GNUNET_MessageHeader *msgh;
case GNUNET_MESSAGE_TYPE_CADET_ENCRYPTED:
{
const struct GNUNET_CADET_Encrypted *emsg;
+ size_t payload_size;
GNUNET_STATISTICS_update (stats, "# received OTR", 1, GNUNET_NO);
emsg = (const struct GNUNET_CADET_Encrypted *) msg;
this loop may be unaligned, see util's MST for
how to do this right. */
off = 0;
- while (off < decrypted_size)
+ while (off + sizeof (struct GNUNET_MessageHeader) <= decrypted_size)
{
uint16_t msize;
GNUNET_break_op (0);
return;
}
+ if (off + msize < decrypted_size)
+ {
+ GNUNET_break_op (0);
+ return;
+ }
handle_decrypted (t, msgh, GNUNET_SYSERR);
off += msize;
}
void
GCT_shutdown (void)
{
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "Shutting down tunnels\n");
if (NULL != rekey_task)
{
GNUNET_SCHEDULER_cancel (rekey_task);
* of being created/processed.
*
* @param cls Closure (Tunnel to check).
- * @param tc Task context.
*/
static void
-trim_connections (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+trim_connections (void *cls)
{
struct CadetTunnel *t = cls;
t->trim_connections_task = NULL;
-
- if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
- return;
-
if (GCT_count_connections (t) > 2 * CONNECTIONS_PER_TUNNEL)
{
struct CadetTConnection *iter;
/* Start new connections if needed */
if (CONNECTIONS_PER_TUNNEL > conns
- && NULL == t->destroy_task
&& CADET_TUNNEL_SHUTDOWN != t->cstate
&& GNUNET_NO == shutting_down)
{
aux = GNUNET_new (struct CadetTChannel);
aux->ch = ch;
- LOG (GNUNET_ERROR_TYPE_DEBUG, " adding %p to %p\n", aux, t->channel_head);
- GNUNET_CONTAINER_DLL_insert_tail (t->channel_head, t->channel_tail, aux);
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ " adding %p to %p\n", aux, t->channel_head);
+ GNUNET_CONTAINER_DLL_insert_tail (t->channel_head,
+ t->channel_tail,
+ aux);
if (NULL != t->destroy_task)
{
if (aux->ch == ch)
{
LOG (GNUNET_ERROR_TYPE_DEBUG, " found! %s\n", GCCH_2s (ch));
- GNUNET_CONTAINER_DLL_remove (t->channel_head, t->channel_tail, aux);
+ GNUNET_CONTAINER_DLL_remove (t->channel_head,
+ t->channel_tail,
+ aux);
GNUNET_free (aux);
return;
}
* the tunnel. This way we avoid a new public key handshake.
*
* @param cls Closure (tunnel to destroy).
- * @param tc Task context.
*/
static void
-delayed_destroy (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+delayed_destroy (void *cls)
{
struct CadetTunnel *t = cls;
struct CadetTConnection *iter;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "delayed destroying tunnel %p\n", t);
- if (0 != (GNUNET_SCHEDULER_REASON_SHUTDOWN & tc->reason))
- {
- LOG (GNUNET_ERROR_TYPE_WARNING,
- "Not destroying tunnel, due to shutdown. "
- "Tunnel at %p should have been freed by GCT_shutdown\n", t);
- return;
- }
t->destroy_task = NULL;
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "delayed destroying tunnel %p\n",
+ t);
t->cstate = CADET_TUNNEL_SHUTDOWN;
-
for (iter = t->connection_head; NULL != iter; iter = iter->next)
{
GCC_send_destroy (iter->c);
// FIXME make delay a config option
t->destroy_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_MINUTES,
&delayed_destroy, t);
- LOG (GNUNET_ERROR_TYPE_DEBUG, "Scheduled destroy of %p as %llu\n",
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "Scheduled destroy of %p as %p\n",
t, t->destroy_task);
}
if (NULL == t)
return;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "destroying tunnel %s\n", GCP_2s (t->peer));
-
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "destroying tunnel %s\n",
+ GCP_2s (t->peer));
GNUNET_break (GNUNET_YES ==
GNUNET_CONTAINER_multipeermap_remove (tunnels,
GCP_get_id (t->peer), t));
if (NULL != t->destroy_task)
{
- LOG (GNUNET_ERROR_TYPE_DEBUG, "cancelling dest: %llX\n", t->destroy_task);
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "cancelling dest: %p\n",
+ t->destroy_task);
GNUNET_SCHEDULER_cancel (t->destroy_task);
t->destroy_task = NULL;
}
if (NULL != t->trim_connections_task)
{
- LOG (GNUNET_ERROR_TYPE_DEBUG, "cancelling trim: %llX\n",
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "cancelling trim: %p\n",
t->trim_connections_task);
GNUNET_SCHEDULER_cancel (t->trim_connections_task);
t->trim_connections_task = NULL;
* @return Connection created.
*/
struct CadetConnection *
-GCT_use_path (struct CadetTunnel *t, struct CadetPeerPath *p)
+GCT_use_path (struct CadetTunnel *t, struct CadetPeerPath *path)
{
struct CadetConnection *c;
struct GNUNET_CADET_Hash cid;
unsigned int own_pos;
- if (NULL == t || NULL == p)
+ if (NULL == t || NULL == path)
{
GNUNET_break (0);
return NULL;
return NULL;
}
- for (own_pos = 0; own_pos < p->length; own_pos++)
+ for (own_pos = 0; own_pos < path->length; own_pos++)
{
- if (p->peers[own_pos] == myid)
+ if (path->peers[own_pos] == myid)
break;
}
- if (own_pos >= p->length)
+ if (own_pos >= path->length)
{
GNUNET_break_op (0);
return NULL;
}
GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, &cid, sizeof (cid));
- c = GCC_new (&cid, t, p, own_pos);
+ c = GCC_new (&cid, t, path, own_pos);
if (NULL == c)
{
/* Path was flawed */
struct GNUNET_CADET_AX_KX msg;
enum GNUNET_CADET_AX_KX_Flags flags;
- LOG (GNUNET_ERROR_TYPE_INFO, "===> AX_KX for %s\n", GCT_2s (t));
+ LOG (GNUNET_ERROR_TYPE_INFO, "==> { AX_KX} on %s\n", GCT_2s (t));
if (NULL != t->ephm_h)
{
LOG (GNUNET_ERROR_TYPE_INFO, " already queued\n");
GNUNET_CRYPTO_ecdhe_key_get_public (t->ax->DHRs, &msg.ratchet_key);
t->ephm_h = send_kx (t, &msg.header);
- if (CADET_TUNNEL_KEY_OK != t->estate)
+ if (CADET_TUNNEL_KEY_UNINITIALIZED == t->estate)
GCT_change_estate (t, CADET_TUNNEL_KEY_SENT);
}
return;
}
fwd = GCC_is_origin (c, GNUNET_YES);
- GNUNET_break (NULL == GCC_send_prebuilt_message (message, 0, 0, c, fwd,
+ GNUNET_break (NULL == GCC_send_prebuilt_message (message, UINT16_MAX, 0,
+ c, fwd,
GNUNET_YES, NULL, NULL));
}
LOG2 (level, "TTT channels:\n");
for (iterch = t->channel_head; NULL != iterch; iterch = iterch->next)
{
- LOG2 (level, "TTT - %s\n", GCCH_2s (iterch->ch));
+ GCCH_debug (iterch->ch, level);
}
LOG2 (level, "TTT connections:\n");