From fb40065c4ef973b7fee53473c1a383007a0abf50 Mon Sep 17 00:00:00 2001 From: Christian Grothoff Date: Thu, 6 Oct 2011 21:38:21 +0000 Subject: [PATCH] make opaque --- src/core/gnunet-service-core_kx.c | 146 ++++++++++++++++++++++ src/core/gnunet-service-core_kx.h | 141 +-------------------- src/core/gnunet-service-core_neighbours.c | 6 +- src/core/gnunet-service-core_sessions.c | 7 +- src/core/gnunet-service-core_sessions.h | 7 +- 5 files changed, 161 insertions(+), 146 deletions(-) diff --git a/src/core/gnunet-service-core_kx.c b/src/core/gnunet-service-core_kx.c index efc6ca1c2..8f6d19652 100644 --- a/src/core/gnunet-service-core_kx.c +++ b/src/core/gnunet-service-core_kx.c @@ -184,6 +184,152 @@ struct EncryptedMessage }; +/** + * State machine for our P2P encryption handshake. Everyone starts in + * "DOWN", if we receive the other peer's key (other peer initiated) + * we start in state RECEIVED (since we will immediately send our + * own); otherwise we start in SENT. If we get back a PONG from + * within either state, we move up to CONFIRMED (the PONG will always + * be sent back encrypted with the key we sent to the other peer). + */ +enum KxStateMachine +{ + /** + * No handshake yet. + */ + KX_STATE_DOWN, + + /** + * We've sent our session key. + */ + KX_STATE_KEY_SENT, + + /** + * We've received the other peers session key. + */ + KX_STATE_KEY_RECEIVED, + + /** + * The other peer has confirmed our session key with a message + * encrypted with his session key (which we got). Key exchange + * is done. + */ + KX_STATE_UP +}; + + +/** + * Information about the status of a key exchange with another peer. + */ +struct GSC_KeyExchangeInfo +{ + /** + * Identity of the peer. + */ + struct GNUNET_PeerIdentity peer; + + /** + * SetKeyMessage to transmit (initialized the first + * time our status goes past 'KX_STATE_KEY_SENT'). + */ + struct SetKeyMessage skm; + + /** + * PING message we transmit to the other peer. + */ + struct PingMessage ping; + + /** + * SetKeyMessage we received and did not process yet. + */ + struct SetKeyMessage *skm_received; + + /** + * PING message we received from the other peer and + * did not process yet (or NULL). + */ + struct PingMessage *ping_received; + + /** + * PONG message we received from the other peer and + * did not process yet (or NULL). + */ + struct PongMessage *pong_received; + + /** + * Non-NULL if we are currently looking up HELLOs for this peer. + * for this peer. + */ + struct GNUNET_PEERINFO_IteratorContext *pitr; + + /** + * Public key of the neighbour, NULL if we don't have it yet. + */ + struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key; + + /** + * We received a PONG message before we got the "public_key" + * (or the SET_KEY). We keep it here until we have a key + * to decrypt it. NULL if no PONG is pending. + */ + struct PongMessage *pending_pong; + + /** + * Key we use to encrypt our messages for the other peer + * (initialized by us when we do the handshake). + */ + struct GNUNET_CRYPTO_AesSessionKey encrypt_key; + + /** + * Key we use to decrypt messages from the other peer + * (given to us by the other peer during the handshake). + */ + struct GNUNET_CRYPTO_AesSessionKey decrypt_key; + + /** + * At what time did we generate our encryption key? + */ + struct GNUNET_TIME_Absolute encrypt_key_created; + + /** + * At what time did the other peer generate the decryption key? + */ + struct GNUNET_TIME_Absolute decrypt_key_created; + + /** + * When should the session time out (if there are no PONGs)? + */ + struct GNUNET_TIME_Absolute timeout; + + /** + * At what frequency are we currently re-trying SET_KEY messages? + */ + struct GNUNET_TIME_Relative set_key_retry_frequency; + + /** + * ID of task used for re-trying SET_KEY and PING message. + */ + GNUNET_SCHEDULER_TaskIdentifier retry_set_key_task; + + /** + * ID of task used for sending keep-alive pings. + */ + GNUNET_SCHEDULER_TaskIdentifier keep_alive_task; + + /** + * What was our PING challenge number (for this peer)? + */ + uint32_t ping_challenge; + + /** + * What is our connection status? + */ + enum KxStateMachine status; + +}; + + + /** * Handle to peerinfo service. */ diff --git a/src/core/gnunet-service-core_kx.h b/src/core/gnunet-service-core_kx.h index 071665a19..5517001da 100644 --- a/src/core/gnunet-service-core_kx.h +++ b/src/core/gnunet-service-core_kx.h @@ -29,149 +29,10 @@ #include "gnunet_util_lib.h" -/** - * State machine for our P2P encryption handshake. Everyone starts in - * "DOWN", if we receive the other peer's key (other peer initiated) - * we start in state RECEIVED (since we will immediately send our - * own); otherwise we start in SENT. If we get back a PONG from - * within either state, we move up to CONFIRMED (the PONG will always - * be sent back encrypted with the key we sent to the other peer). - */ -enum KxStateMachine -{ - /** - * No handshake yet. - */ - KX_STATE_DOWN, - - /** - * We've sent our session key. - */ - KX_STATE_KEY_SENT, - - /** - * We've received the other peers session key. - */ - KX_STATE_KEY_RECEIVED, - - /** - * The other peer has confirmed our session key with a message - * encrypted with his session key (which we got). Key exchange - * is done. - */ - KX_STATE_UP -}; - - /** * Information about the status of a key exchange with another peer. */ -struct GSC_KeyExchangeInfo -{ - /** - * Identity of the peer. - */ - struct GNUNET_PeerIdentity peer; - - /** - * SetKeyMessage to transmit (initialized the first - * time our status goes past 'KX_STATE_KEY_SENT'). - */ - struct SetKeyMessage skm; - - /** - * PING message we transmit to the other peer. - */ - struct PingMessage ping; - - /** - * SetKeyMessage we received and did not process yet. - */ - struct SetKeyMessage *skm_received; - - /** - * PING message we received from the other peer and - * did not process yet (or NULL). - */ - struct PingMessage *ping_received; - - /** - * PONG message we received from the other peer and - * did not process yet (or NULL). - */ - struct PongMessage *pong_received; - - /** - * Non-NULL if we are currently looking up HELLOs for this peer. - * for this peer. - */ - struct GNUNET_PEERINFO_IteratorContext *pitr; - - /** - * Public key of the neighbour, NULL if we don't have it yet. - */ - struct GNUNET_CRYPTO_RsaPublicKeyBinaryEncoded *public_key; - - /** - * We received a PONG message before we got the "public_key" - * (or the SET_KEY). We keep it here until we have a key - * to decrypt it. NULL if no PONG is pending. - */ - struct PongMessage *pending_pong; - - /** - * Key we use to encrypt our messages for the other peer - * (initialized by us when we do the handshake). - */ - struct GNUNET_CRYPTO_AesSessionKey encrypt_key; - - /** - * Key we use to decrypt messages from the other peer - * (given to us by the other peer during the handshake). - */ - struct GNUNET_CRYPTO_AesSessionKey decrypt_key; - - /** - * At what time did we generate our encryption key? - */ - struct GNUNET_TIME_Absolute encrypt_key_created; - - /** - * At what time did the other peer generate the decryption key? - */ - struct GNUNET_TIME_Absolute decrypt_key_created; - - /** - * When should the session time out (if there are no PONGs)? - */ - struct GNUNET_TIME_Absolute timeout; - - /** - * At what frequency are we currently re-trying SET_KEY messages? - */ - struct GNUNET_TIME_Relative set_key_retry_frequency; - - /** - * ID of task used for re-trying SET_KEY and PING message. - */ - GNUNET_SCHEDULER_TaskIdentifier retry_set_key_task; - - /** - * ID of task used for sending keep-alive pings. - */ - GNUNET_SCHEDULER_TaskIdentifier keep_alive_task; - - /** - * What was our PING challenge number (for this peer)? - */ - uint32_t ping_challenge; - - /** - * What is our connection status? - */ - enum KxStateMachine status; - -}; +struct GSC_KeyExchangeInfo; /** diff --git a/src/core/gnunet-service-core_neighbours.c b/src/core/gnunet-service-core_neighbours.c index d78f696e6..636c24b9f 100644 --- a/src/core/gnunet-service-core_neighbours.c +++ b/src/core/gnunet-service-core_neighbours.c @@ -169,8 +169,8 @@ free_neighbour (struct Neighbour *n) GSC_SESSIONS_end (&n->peer); if (NULL != n->kx) { - GSC_KX_stop (n->kx); - n->kx = NULL; + GSC_KX_stop (n->kxinfo); + n->kxinfo = NULL; } if (n->retry_plaintext_task != GNUNET_SCHEDULER_NO_TASK) { @@ -357,7 +357,7 @@ handle_transport_notify_connect (void *cls, GNUNET_TRANSPORT_set_quota (transport, peer, GNUNET_CONSTANTS_DEFAULT_BW_IN_OUT, GNUNET_CONSTANTS_DEFAULT_BW_IN_OUT); - n->kx = GSC_KX_start (pid); + n->kxinfo = GSC_KX_start (pid); } diff --git a/src/core/gnunet-service-core_sessions.c b/src/core/gnunet-service-core_sessions.c index a2b662252..3f97532bd 100644 --- a/src/core/gnunet-service-core_sessions.c +++ b/src/core/gnunet-service-core_sessions.c @@ -67,7 +67,6 @@ struct Session */ struct GSC_KeyExchangeInfo *kxinfo; - /** * ID of task used for cleaning up dead neighbour entries. */ @@ -1671,9 +1670,13 @@ GSC_SESSIONS_handle_client_request_info (void *cls, struct GNUNET_SERVER_Client /** * Create a session, a key exchange was just completed. + * + * @param peer peer that is now connected + * @param kx key exchange that completed */ void -GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer) +GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer, + struct GSC_KeyExchangeInfo *kx) { { struct GNUNET_MessageHeader *hdr; diff --git a/src/core/gnunet-service-core_sessions.h b/src/core/gnunet-service-core_sessions.h index 781398d44..fa85bc05a 100644 --- a/src/core/gnunet-service-core_sessions.h +++ b/src/core/gnunet-service-core_sessions.h @@ -148,9 +148,14 @@ GSC_SESSIONS_handle_client_request_info (void *cls, struct GNUNET_SERVER_Client /** * Create a session, a key exchange was just completed. + * + * @param peer peer that is now connected + * @param kx key exchange that completed */ void -GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer); +GSC_SESSIONS_create (const struct GNUNET_PeerIdentity *peer, + struct GSC_KeyExchangeInfo *kx); + /** * Update information about a session. -- 2.25.1