/*
This file is part of GNUnet.
- Copyright (C) 2009-2013 Christian Grothoff (and other contributing authors)
+ Copyright (C) 2009-2013 GNUnet e.V.
GNUnet is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
You should have received a copy of the GNU General Public License
along with GNUnet; see the file COPYING. If not, write to the
- Free Software Foundation, Inc., 59 Temple Place - Suite 330,
- Boston, MA 02111-1307, USA.
+ Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301, USA.
*/
/**
* Task that will retry #send_key() if our previous attempt failed.
*
* @param cls our `struct GSC_KeyExchangeInfo`
- * @param tc scheduler context
*/
static void
-set_key_retry_task (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
+set_key_retry_task (void *cls)
{
struct GSC_KeyExchangeInfo *kx = cls;
struct GNUNET_CRYPTO_SymmetricInitializationVector iv;
pm = &kx->ping;
+ kx->ping_challenge = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK,
+ UINT32_MAX);
pm->header.size = htons (sizeof (struct PingMessage));
pm->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_PING);
pm->iv_seed = calculate_seed (kx);
{
/* peer with "higher" identity starts a delayed KX, if the "lower" peer
* does not start a KX since he sees no reasons to do so */
- kx->retry_set_key_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
- &set_key_retry_task,
- kx);
+ kx->retry_set_key_task
+ = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_SECONDS,
+ &set_key_retry_task,
+ kx);
}
return kx;
}
/**
- * We received a SET_KEY message. Validate and update
- * our key material and status.
+ * We received a #GNUNET_MESSAGE_TYPE_CORE_EPHEMERAL_KEY message.
+ * Validate and update our key material and status.
*
* @param kx key exchange status for the corresponding peer
* @param msg the set key message we received
GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
_("Ephemeral key message from peer `%s' rejected as its validity range does not match our system time (%llu not in [%llu,%llu]).\n"),
GNUNET_i2s (&kx->peer),
- now.abs_value_us,
- start_t.abs_value_us,
- end_t.abs_value_us);
+ (unsigned long long) now.abs_value_us,
+ (unsigned long long) start_t.abs_value_us,
+ (unsigned long long) end_t.abs_value_us);
return;
}
kx->other_ephemeral_key = m->ephemeral_key;
&GSC_my_identity,
sizeof (struct GNUNET_PeerIdentity)))
{
- char sender[9];
- char peer[9];
-
- GNUNET_snprintf (sender, sizeof (sender), "%8s", GNUNET_i2s (&kx->peer));
- GNUNET_snprintf (peer, sizeof (peer), "%8s", GNUNET_i2s (&t.target));
- GNUNET_log (GNUNET_ERROR_TYPE_ERROR,
- _("Received PING from `%s' for different identity: I am `%s', PONG identity: `%s'\n"),
- sender,
- GNUNET_i2s (&GSC_my_identity),
- peer);
+ if (GNUNET_CORE_KX_STATE_REKEY_SENT != kx->status)
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Decryption of PING from peer `%s' failed\n",
+ GNUNET_i2s (&kx->peer));
+ else
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Decryption of PING from peer `%s' failed after rekey (harmless)\n",
+ GNUNET_i2s (&kx->peer));
GNUNET_break_op (0);
return;
}
GNUNET_NO);
GSC_NEIGHBOURS_transmit (&kx->peer,
&tp.header,
- GNUNET_TIME_UNIT_FOREVER_REL /* FIXME: timeout */ );
+ kx->set_key_retry_frequency);
}
* (and we should prevent this by sending a PING).
*
* @param cls the `struct GSC_KeyExchangeInfo`
- * @param tc scheduler context (not used)
*/
static void
-send_keep_alive (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
+send_keep_alive (void *cls)
{
struct GSC_KeyExchangeInfo *kx = cls;
struct GNUNET_TIME_Relative retry;
ph->iv_seed = calculate_seed (kx);
ph->reserved = 0;
ph->timestamp = GNUNET_TIME_absolute_hton (GNUNET_TIME_absolute_get ());
- memcpy (&ph[1], payload, payload_size);
+ memcpy (&ph[1],
+ payload,
+ payload_size);
em = (struct EncryptedMessage *) cbuf;
em->header.size = htons (used);
em->header.type = htons (GNUNET_MESSAGE_TYPE_CORE_ENCRYPTED_MESSAGE);
em->iv_seed = ph->iv_seed;
- derive_iv (&iv, &kx->encrypt_key, ph->iv_seed, &kx->peer);
+ derive_iv (&iv,
+ &kx->encrypt_key,
+ ph->iv_seed,
+ &kx->peer);
GNUNET_assert (GNUNET_OK ==
- do_encrypt (kx, &iv, &ph->sequence_number,
+ do_encrypt (kx,
+ &iv,
+ &ph->sequence_number,
&em->sequence_number,
used - ENCRYPTED_HEADER_SIZE));
- GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "Encrypted %u bytes for %s\n",
- used - ENCRYPTED_HEADER_SIZE, GNUNET_i2s (&kx->peer));
+ GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
+ "Encrypted %u bytes for %s\n",
+ (unsigned int) (used - ENCRYPTED_HEADER_SIZE),
+ GNUNET_i2s (&kx->peer));
derive_auth_key (&auth_key,
&kx->encrypt_key,
ph->iv_seed);
- GNUNET_CRYPTO_hmac (&auth_key, &em->sequence_number,
- used - ENCRYPTED_HEADER_SIZE, &em->hmac);
+ GNUNET_CRYPTO_hmac (&auth_key,
+ &em->sequence_number,
+ used - ENCRYPTED_HEADER_SIZE,
+ &em->hmac);
GSC_NEIGHBOURS_transmit (&kx->peer,
&em->header,
GNUNET_TIME_UNIT_FOREVER_REL);
return;
GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
"Decrypted %u bytes from %s\n",
- size - ENCRYPTED_HEADER_SIZE,
+ (unsigned int) (size - ENCRYPTED_HEADER_SIZE),
GNUNET_i2s (&kx->peer));
pt = (struct EncryptedMessage *) buf;
* Task run to trigger rekeying.
*
* @param cls closure, NULL
- * @param tc scheduler context
*/
static void
-do_rekey (void *cls,
- const struct GNUNET_SCHEDULER_TaskContext *tc)
+do_rekey (void *cls)
{
struct GSC_KeyExchangeInfo *pos;
NULL);
if (NULL != my_ephemeral_key)
GNUNET_free (my_ephemeral_key);
+ GNUNET_log (GNUNET_ERROR_TYPE_INFO,
+ "Rekeying\n");
my_ephemeral_key = GNUNET_CRYPTO_ecdhe_key_create ();
GNUNET_assert (NULL != my_ephemeral_key);
sign_ephemeral_key ();