#define REKEY_WAIT GNUNET_TIME_relative_multiply(GNUNET_TIME_UNIT_SECONDS, 5)
+#define CONNECTIONS_PER_TUNNEL 3
+
/******************************************************************************/
/******************************** STRUCTS **********************************/
/******************************************************************************/
struct MeshChannel *ch;
};
+
+/**
+ * Connection list and metadata.
+ */
struct MeshTConnection
{
+ /**
+ * Next in DLL.
+ */
struct MeshTConnection *next;
+
+ /**
+ * Prev in DLL.
+ */
struct MeshTConnection *prev;
+
+ /**
+ * Connection handle.
+ */
struct MeshConnection *c;
+
+ /**
+ * Creation time, to keep oldest connection alive.
+ */
+ struct GNUNET_TIME_Absolute created;
+
+ /**
+ * Connection throughput, to keep fastest connection alive.
+ */
+ uint32_t throughput;
};
/**
unsigned int qn;
unsigned int lowest_q;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "tunnel_get_connection %s\n", GMP_2s (t->peer));
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "tunnel_get_connection %s\n", GMT_2s (t));
best = NULL;
lowest_q = UINT_MAX;
for (iter = t->connection_head; NULL != iter; iter = iter->next)
}
+/**
+ * Calculate HMAC.
+ *
+ * @param t Tunnel to get keys from.
+ * @param plaintext Content to HMAC.
+ * @param size Size of @c plaintext.
+ * @param iv Initialization vector for the message.
+ * @param outgoing Is this an outgoing message that we encrypted?
+ * @param hmac Destination to store the HMAC.
+ */
+static void
+t_hmac (struct MeshTunnel3 *t, const void *plaintext, size_t size, uint32_t iv,
+ int outgoing, struct GNUNET_MeshHash *hmac)
+{
+ struct GNUNET_CRYPTO_AuthKey auth_key;
+ static const char ctx[] = "mesh authentication key";
+ struct GNUNET_CRYPTO_SymmetricSessionKey *key;
+ struct GNUNET_HashCode hash;
+
+ key = outgoing ? &t->e_key : &t->d_key;
+ GNUNET_CRYPTO_hmac_derive_key (&auth_key, key,
+ &iv, sizeof (iv),
+ key, sizeof (*key),
+ ctx, sizeof (ctx),
+ NULL);
+ GNUNET_CRYPTO_hmac (&auth_key, plaintext, size, &hash);
+ memcpy (hmac, &hash, sizeof (*hmac));
+}
+
/**
* Sends an already built message on a tunnel, encrypting it and
*
* @param message Message to send. Function modifies it.
* @param t Tunnel on which this message is transmitted.
+ * @param c Connection to use (autoselect if NULL).
* @param force Force the tunnel to take the message (buffer overfill).
* @param cont Continuation to call once message is really sent.
* @param cont_cls Closure for @c cont.
*/
static struct MeshTunnel3Queue *
send_prebuilt_message (const struct GNUNET_MessageHeader *message,
- struct MeshTunnel3 *t, int force,
- GMT_sent cont, void *cont_cls,
+ struct MeshTunnel3 *t, struct MeshConnection *c,
+ int force, GMT_sent cont, void *cont_cls,
struct MeshTunnel3Queue *existing_q)
{
struct MeshTunnel3Queue *tq;
- struct MeshConnection *c;
struct GNUNET_MESH_Encrypted *msg;
size_t size = ntohs (message->size);
char cbuf[sizeof (struct GNUNET_MESH_Encrypted) + size];
msg->header.type = htons (GNUNET_MESSAGE_TYPE_MESH_ENCRYPTED);
msg->iv = iv;
GNUNET_assert (t_encrypt (t, &msg[1], message, size, iv) == size);
+ t_hmac (t, &msg[1], size, iv, GNUNET_YES, &msg->hmac);
msg->header.size = htons (sizeof (struct GNUNET_MESH_Encrypted) + size);
- c = tunnel_get_connection (t);
+
+ if (NULL == c)
+ c = tunnel_get_connection (t);
if (NULL == c)
{
if (GNUNET_SCHEDULER_NO_TASK != t->destroy_task
}
return NULL;
}
+
type = ntohs (message->type);
switch (type)
{
+ case GNUNET_MESSAGE_TYPE_MESH_KEEPALIVE:
case GNUNET_MESSAGE_TYPE_MESH_DATA:
case GNUNET_MESSAGE_TYPE_MESH_DATA_ACK:
case GNUNET_MESSAGE_TYPE_MESH_CHANNEL_CREATE:
next = tqd->next;
room--;
send_prebuilt_message ((struct GNUNET_MessageHeader *) &tqd[1],
- tqd->t, GNUNET_YES,
+ tqd->t, NULL, GNUNET_YES,
NULL != tqd->tq ? tqd->tq->cont : NULL,
NULL != tqd->tq ? tqd->tq->cont_cls : NULL,
tqd->tq);
case GNUNET_MESSAGE_TYPE_MESH_KX_EPHEMERAL:
case GNUNET_MESSAGE_TYPE_MESH_KX_PING:
case GNUNET_MESSAGE_TYPE_MESH_KX_PONG:
- msg->reserved = htonl (0);
memcpy (&msg[1], message, size);
break;
default:
static void
send_ephemeral (struct MeshTunnel3 *t)
{
- LOG (GNUNET_ERROR_TYPE_DEBUG, "%s()\n", __FUNCTION__);
+ LOG (GNUNET_ERROR_TYPE_INFO, "=> EPHM for %s\n", GMT_2s (t));
kx_msg.sender_status = htonl (t->estate);
send_kx (t, &kx_msg.header);
{
struct GNUNET_MESH_KX_Ping msg;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "%s()\n", __FUNCTION__);
+ LOG (GNUNET_ERROR_TYPE_INFO, "=> PING for %s\n", GMT_2s (t));
msg.header.size = htons (sizeof (msg));
msg.header.type = htons (GNUNET_MESSAGE_TYPE_MESH_KX_PING);
msg.iv = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
{
struct GNUNET_MESH_KX_Pong msg;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "%s()\n", __FUNCTION__);
+ LOG (GNUNET_ERROR_TYPE_INFO, "=> PONG for %s\n", GMT_2s (t));
msg.header.size = htons (sizeof (msg));
msg.header.type = htons (GNUNET_MESSAGE_TYPE_MESH_KX_PONG);
msg.iv = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_NONCE, UINT32_MAX);
if (GNUNET_SCHEDULER_NO_TASK != t->rekey_task)
return GNUNET_YES;
+ if (GNUNET_YES == GMT_is_loopback (t))
+ return GNUNET_YES;
+
r = GNUNET_CRYPTO_random_u32 (GNUNET_CRYPTO_QUALITY_WEAK, (uint32_t) n * 100);
delay = GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, r);
t->rekey_task = GNUNET_SCHEDULER_add_delayed (delay, &rekey_tunnel, t);
LOG (GNUNET_ERROR_TYPE_DEBUG,
"WARNING destroying unknown channel %u on tunnel %s\n",
gid, GMT_2s (t));
- send_prebuilt_message (&msg.header, t, GNUNET_YES, NULL, NULL, NULL);
+ send_prebuilt_message (&msg.header, t, NULL, GNUNET_YES, NULL, NULL, NULL);
}
const struct GNUNET_MESH_KX_Ephemeral *msg)
{
struct GNUNET_HashCode km;
- LOG (GNUNET_ERROR_TYPE_DEBUG, " ephemeral key message\n");
+ LOG (GNUNET_ERROR_TYPE_INFO, "<= EPHM for %s\n", GMT_2s (t));
if (GNUNET_OK != check_ephemeral (t, msg))
{
return;
}
- LOG (GNUNET_ERROR_TYPE_DEBUG, " ping message\n");
+ LOG (GNUNET_ERROR_TYPE_INFO, "<= PING for %s\n", GMT_2s (t));
t_decrypt (t, &res.target, &msg->target, ping_encryption_size (), msg->iv);
if (0 != memcmp (&my_full_id, &res.target, sizeof (my_full_id)))
{
{
uint32_t challenge;
- LOG (GNUNET_ERROR_TYPE_DEBUG, "PONG received\n");
+ LOG (GNUNET_ERROR_TYPE_INFO, "<= PONG for %s\n", GMT_2s (t));
if (GNUNET_SCHEDULER_NO_TASK == t->rekey_task)
{
GNUNET_STATISTICS_update (stats, "# duplicate PONG messages", 1, GNUNET_NO);
uint16_t type;
type = ntohs (msgh->type);
- LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Got a %s message!\n",
- GM_m2s (type));
+ LOG (GNUNET_ERROR_TYPE_INFO, "<= %s on %s\n", GM_m2s (type), GMT_2s (t));
switch (type)
{
+ case GNUNET_MESSAGE_TYPE_MESH_KEEPALIVE:
+ /* Do nothing, connection aleady got updated. */
+ GNUNET_STATISTICS_update (stats, "# keepalives received", 1, GNUNET_NO);
+ break;
+
case GNUNET_MESSAGE_TYPE_MESH_DATA:
/* Don't send hop ACK, wait for client to ACK */
handle_data (t, (struct GNUNET_MESH_Data *) msgh, fwd);
default:
GNUNET_break_op (0);
- LOG (GNUNET_ERROR_TYPE_DEBUG,
+ LOG (GNUNET_ERROR_TYPE_WARNING,
"end-to-end message not known (%u)\n",
ntohs (msgh->type));
GMT_debug (t);
char cbuf [payload_size];
struct GNUNET_MessageHeader *msgh;
unsigned int off;
+ struct GNUNET_MeshHash hmac;
decrypted_size = t_decrypt (t, cbuf, &msg[1], payload_size, msg->iv);
+ t_hmac (t, &msg[1], payload_size, msg->iv, GNUNET_NO, &hmac);
+ if (0 != memcmp (&hmac, &msg->hmac, sizeof (hmac)))
+ {
+ /* checksum failed */
+ GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+ "Failed checksum validation for a message on tunnel `%s'\n",
+ GMT_2s (t));
+ GNUNET_STATISTICS_update (stats, "# wrong HMAC", 1, GNUNET_NO);
+ return;
+ }
off = 0;
while (off < decrypted_size)
{
{
if (NULL == t)
return;
- LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Tunnel %s cstate was %s\n",
- GMP_2s (t->peer), cstate2s (t->cstate));
- LOG (GNUNET_ERROR_TYPE_DEBUG,
- "Tunnel %s cstate is now %s\n",
- GMP_2s (t->peer), cstate2s (cstate));
+ LOG (GNUNET_ERROR_TYPE_DEBUG, "Tunnel %s cstate %s => %s\n",
+ GMP_2s (t->peer), cstate2s (t->cstate), cstate2s (cstate));
if (myid != GMP_get_short_id (t->peer) &&
MESH_TUNNEL3_READY != t->cstate &&
MESH_TUNNEL3_READY == cstate)
t->cstate = cstate;
if (MESH_TUNNEL3_KEY_OK == t->estate)
{
- LOG (GNUNET_ERROR_TYPE_DEBUG, " triggered send queued data\n");
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " cstate triggered send queued data\n");
send_queued_data (t);
}
else if (MESH_TUNNEL3_KEY_UNINITIALIZED == t->estate)
{
- LOG (GNUNET_ERROR_TYPE_DEBUG, " triggered rekey\n");
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " cstate triggered rekey\n");
rekey_tunnel (t, NULL);
}
}
t->cstate = cstate;
- if (MESH_TUNNEL3_READY == cstate && 3 <= GMT_count_connections (t))
+ if (MESH_TUNNEL3_READY == cstate
+ && CONNECTIONS_PER_TUNNEL <= GMT_count_connections (t))
{
+ LOG (GNUNET_ERROR_TYPE_DEBUG, " cstate triggered stop dht\n");
GMP_stop_search (t->peer);
}
}
}
+/**
+ * Check that the tunnel doesn't have too many connections,
+ * remove one if necessary.
+ *
+ * For the time being, this means the newest connection.
+ *
+ * @param t Tunnel to check.
+ */
+static void
+check_connection_count (struct MeshTunnel3 *t)
+{
+ if (GMT_count_connections (t) > CONNECTIONS_PER_TUNNEL)
+ {
+ struct MeshTConnection *iter;
+ struct MeshTConnection *c;
+
+ for (iter = t->connection_head; NULL != iter; iter = iter->next)
+ {
+ if (NULL == c || iter->created.abs_value_us > c->created.abs_value_us)
+ {
+ c = iter;
+ }
+ }
+ if (NULL != c)
+ GMC_destroy (c->c);
+ else
+ GNUNET_break (0);
+ }
+}
+
/**
* Add a connection to a tunnel.
*
aux = GNUNET_new (struct MeshTConnection);
aux->c = c;
- GNUNET_CONTAINER_DLL_insert_tail (t->connection_head, t->connection_tail, aux);
+ aux->created = GNUNET_TIME_absolute_get ();
+
+ GNUNET_CONTAINER_DLL_insert (t->connection_head, t->connection_tail, aux);
+
+ check_connection_count (t);
}
/* Start new connections if needed */
if (NULL == t->connection_head
&& GNUNET_SCHEDULER_NO_TASK == t->destroy_task
+ && MESH_TUNNEL3_SHUTDOWN != t->cstate
&& GNUNET_NO == shutting_down)
{
LOG (GNUNET_ERROR_TYPE_DEBUG, " no more connections, getting new ones\n");
- GMP_connect (t->peer);
t->cstate = MESH_TUNNEL3_SEARCHING;
+ GMP_connect (t->peer);
return;
}
* @param tc Task context.
*/
static void
-tunnel_destroy (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+delayed_destroy (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
{
struct MeshTunnel3 *t = cls;
+ struct MeshTConnection *iter;
+
+ t->destroy_task = GNUNET_SCHEDULER_NO_TASK;
+ t->cstate = MESH_TUNNEL3_SHUTDOWN;
+ for (iter = t->connection_head; NULL != iter; iter = iter->next)
+ {
+ GMC_send_destroy (iter->c);
+ }
GMT_destroy (t);
}
void
GMT_destroy_empty (struct MeshTunnel3 *t)
{
- struct MeshTConnection *iter;
+ if (GNUNET_SCHEDULER_NO_TASK != t->destroy_task)
+ {
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Tunnel %s is already scheduled for destruction\n",
+ GMT_2s (t));
+ GNUNET_break (0);
+ /* should never happen, tunnel can only become empty once, and the
+ * task identifier should be NO_TASK (cleaned when the tunnel was created
+ * or became un-empty)
+ */
+ return;
+ }
LOG (GNUNET_ERROR_TYPE_DEBUG, "Tunnel %s empty: destroying scheduled\n",
GMT_2s (t));
- for (iter = t->connection_head; NULL != iter; iter = iter->next)
- {
- GMC_send_destroy (iter->c);
- }
- if (GNUNET_SCHEDULER_NO_TASK != t->rekey_task)
- {
- t->estate = MESH_TUNNEL3_KEY_UNINITIALIZED;
- GNUNET_SCHEDULER_cancel (t->rekey_task);
- t->rekey_task = GNUNET_SCHEDULER_NO_TASK;
- GNUNET_free (t->kx_ctx);
- t->kx_ctx = NULL;
- }
- t->cstate = MESH_TUNNEL3_NEW;
t->destroy_task = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_MINUTES,
- &tunnel_destroy, t);
+ &delayed_destroy, t);
}
GMP_set_tunnel (t->peer, NULL);
if (GNUNET_SCHEDULER_NO_TASK != t->rekey_task)
+ {
GNUNET_SCHEDULER_cancel (t->rekey_task);
+ t->rekey_task = GNUNET_SCHEDULER_NO_TASK;
+ if (NULL != t->kx_ctx)
+ GNUNET_free (t->kx_ctx);
+ else
+ GNUNET_break (0);
+ }
GNUNET_free (t);
}
GMT_use_path (struct MeshTunnel3 *t, struct MeshPeerPath *p)
{
struct MeshConnection *c;
- struct GNUNET_HashCode cid;
+ struct GNUNET_MeshHash cid;
unsigned int own_pos;
if (NULL == t || NULL == p)
return NULL;
}
+ if (MESH_TUNNEL3_SHUTDOWN == t->cstate)
+ {
+ GNUNET_break (0);
+ return NULL;
+ }
+
for (own_pos = 0; own_pos < p->length; own_pos++)
{
if (p->peers[own_pos] == myid)
break;
}
- if (own_pos > p->length - 1)
+ if (own_pos >= p->length)
{
GNUNET_break_op (0);
return NULL;
}
- GNUNET_CRYPTO_hash_create_random (GNUNET_CRYPTO_QUALITY_NONCE, &cid);
+ GNUNET_CRYPTO_random_block (GNUNET_CRYPTO_QUALITY_NONCE, &cid, sizeof (cid));
c = GMC_new (&cid, t, p, own_pos);
if (NULL == c)
{
/**
* Sends an already built message on a tunnel, encrypting it and
- * choosing the best connection.
+ * choosing the best connection if not provided.
*
* @param message Message to send. Function modifies it.
* @param t Tunnel on which this message is transmitted.
+ * @param c Connection to use (autoselect if NULL).
* @param force Force the tunnel to take the message (buffer overfill).
* @param cont Continuation to call once message is really sent.
* @param cont_cls Closure for @c cont.
*/
struct MeshTunnel3Queue *
GMT_send_prebuilt_message (const struct GNUNET_MessageHeader *message,
- struct MeshTunnel3 *t, int force,
- GMT_sent cont, void *cont_cls)
+ struct MeshTunnel3 *t, struct MeshConnection *c,
+ int force, GMT_sent cont, void *cont_cls)
{
- return send_prebuilt_message (message, t, force, cont, cont_cls, NULL);
+ return send_prebuilt_message (message, t, c, force, cont, cont_cls, NULL);
}
}
}
}
- return (path->length + overlap) * (path->score * -1);
+ return path->length + overlap;
}
/**
- * Log all possible info about the tunnel state.
+ * Log all possible info about the tunnel state to stderr.
*
* @param t Tunnel to debug.
*/
}
+/**
+ * Iterate all tunnels.
+ *
+ * @param iter Iterator.
+ * @param cls Closure for @c iter.
+ */
void
-GMT_iterate_all (void *cls, GNUNET_CONTAINER_PeerMapIterator iter)
+GMT_iterate_all (GNUNET_CONTAINER_PeerMapIterator iter, void *cls)
{
GNUNET_CONTAINER_multipeermap_iterate (tunnels, iter, cls);
}
+
+/**
+ * Count all tunnels.
+ *
+ * @return Number of tunnels to remote peers kept by this peer.
+ */
unsigned int
GMT_count_all (void)
{
return GNUNET_CONTAINER_multipeermap_size (tunnels);
}
+
+
+/**
+ * Iterate all connections of a tunnel.
+ *
+ * @param t Tunnel whose connections to iterate.
+ * @param iter Iterator.
+ * @param cls Closure for @c iter.
+ */
+void
+GMT_iterate_connections (struct MeshTunnel3 *t, GMT_conn_iter iter, void *cls)
+{
+ struct MeshTConnection *ct;
+
+ for (ct = t->connection_head; NULL != ct; ct = ct->next)
+ iter (cls, ct->c);
+}
+
+
+/**
+ * Iterate all channels of a tunnel.
+ *
+ * @param t Tunnel whose channels to iterate.
+ * @param iter Iterator.
+ * @param cls Closure for @c iter.
+ */
+void
+GMT_iterate_channels (struct MeshTunnel3 *t, GMT_chan_iter iter, void *cls)
+{
+ struct MeshTChannel *cht;
+
+ for (cht = t->channel_head; NULL != cht; cht = cht->next)
+ iter (cls, cht->ch);
+}