[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: towards decrypting traffic
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: towards decrypting traffic in new CADET |
Date: |
Tue, 17 Jan 2017 19:58:33 +0100 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 7f756511e towards decrypting traffic in new CADET
7f756511e is described below
commit 7f756511ec2bafd5a5a2c3f2c40f7c08f3c39f85
Author: Christian Grothoff <address@hidden>
AuthorDate: Tue Jan 17 19:58:31 2017 +0100
towards decrypting traffic in new CADET
---
src/cadet/gnunet-service-cadet-new_connection.c | 16 ++-
src/cadet/gnunet-service-cadet-new_core.c | 3 +
src/cadet/gnunet-service-cadet-new_tunnels.c | 130 ++++++++++++++++++++++++
src/cadet/gnunet-service-cadet-new_tunnels.h | 24 +++++
4 files changed, 170 insertions(+), 3 deletions(-)
diff --git a/src/cadet/gnunet-service-cadet-new_connection.c
b/src/cadet/gnunet-service-cadet-new_connection.c
index 6b802b69a..ff0579dc2 100644
--- a/src/cadet/gnunet-service-cadet-new_connection.c
+++ b/src/cadet/gnunet-service-cadet-new_connection.c
@@ -25,12 +25,20 @@
* end-to-end routes and transmits messages along the route
* @author Bartlomiej Polot
* @author Christian Grothoff
+ *
+ * TODO:
+ * - congestion control
+ * - GCC_debug()
+ * - keepalive messages
+ * - performance metrics
+ * - back-off reset
*/
#include "platform.h"
#include "gnunet-service-cadet-new_channel.h"
+#include "gnunet-service-cadet-new_connection.h"
#include "gnunet-service-cadet-new_paths.h"
#include "gnunet-service-cadet-new_peer.h"
-#include "gnunet-service-cadet-new_connection.h"
+#include "gnunet-service-cadet-new_tunnels.h"
#include "gnunet_cadet_service.h"
#include "cadet_protocol.h"
@@ -247,7 +255,8 @@ void
GCC_handle_kx (struct CadetConnection *cc,
const struct GNUNET_CADET_KX *msg)
{
- GNUNET_assert (0); // FIXME: not implemented
+ GCT_handle_kx (cc->ct,
+ msg);
}
@@ -261,7 +270,8 @@ void
GCC_handle_encrypted (struct CadetConnection *cc,
const struct GNUNET_CADET_Encrypted *msg)
{
- GNUNET_assert (0); // FIXME: not implemented
+ GCT_handle_encrypted (cc->ct,
+ msg);
}
diff --git a/src/cadet/gnunet-service-cadet-new_core.c
b/src/cadet/gnunet-service-cadet-new_core.c
index 3980f2e2d..943191a0b 100644
--- a/src/cadet/gnunet-service-cadet-new_core.c
+++ b/src/cadet/gnunet-service-cadet-new_core.c
@@ -259,6 +259,8 @@ handle_broken (void *cls,
return;
}
GCC_destroy (cc);
+
+ /* FIXME: also destroy the path up to the specified link! */
return;
}
@@ -268,6 +270,7 @@ handle_broken (void *cls,
&msg->cid,
&msg->header);
destroy_route (route);
+ /* FIXME: also destroy paths we MAY have up to the specified link! */
}
diff --git a/src/cadet/gnunet-service-cadet-new_tunnels.c
b/src/cadet/gnunet-service-cadet-new_tunnels.c
index 01511d65e..7d281022c 100644
--- a/src/cadet/gnunet-service-cadet-new_tunnels.c
+++ b/src/cadet/gnunet-service-cadet-new_tunnels.c
@@ -33,6 +33,7 @@
*/
#include "platform.h"
#include "gnunet_util_lib.h"
+#include "gnunet_statistics_service.h"
#include "gnunet_signatures.h"
#include "cadet_protocol.h"
#include "cadet_path.h"
@@ -1424,6 +1425,135 @@ GCT_remove_channel (struct CadetTunnel *t,
/**
+ * Change the tunnel encryption state.
+ * If the encryption state changes to OK, stop the rekey task.
+ *
+ * @param t Tunnel whose encryption state to change, or NULL.
+ * @param state New encryption state.
+ */
+void
+GCT_change_estate (struct CadetTunnel *t,
+ enum CadetTunnelEState state)
+{
+ enum CadetTunnelEState old = t->estate;
+
+ t->estate = state;
+ LOG (GNUNET_ERROR_TYPE_DEBUG,
+ "Tunnel %s estate changed from %d to %d\n",
+ GCT_2s (t),
+ old,
+ state);
+
+ if ( (CADET_TUNNEL_KEY_OK != old) &&
+ (CADET_TUNNEL_KEY_OK == t->estate) )
+ {
+ if (NULL != t->rekey_task)
+ {
+ GNUNET_SCHEDULER_cancel (t->rekey_task);
+ t->rekey_task = NULL;
+ }
+#if FIXME
+ /* Send queued data if tunnel is not loopback */
+ if (myid != GCP_get_short_id (t->peer))
+ send_queued_data (t);
+#endif
+ }
+}
+
+
+/**
+ * Handle KX message.
+ *
+ * @param ct connection/tunnel combo that received encrypted message
+ * @param msg the key exchange message
+ */
+void
+GCT_handle_kx (struct CadetTConnection *ct,
+ const struct GNUNET_CADET_KX *msg)
+{
+ GNUNET_break (0); // not implemented
+}
+
+
+/**
+ * Handle encrypted message.
+ *
+ * @param ct connection/tunnel combo that received encrypted message
+ * @param msg the encrypted message to decrypt
+ */
+void
+GCT_handle_encrypted (struct CadetTConnection *ct,
+ const struct GNUNET_CADET_Encrypted *msg)
+{
+ struct CadetTunnel *t = ct->t;
+ uint16_t size = ntohs (msg->header.size);
+ char cbuf [size] GNUNET_ALIGN;
+ ssize_t decrypted_size;
+ const struct GNUNET_MessageHeader *msgh;
+ unsigned int off;
+
+ GNUNET_STATISTICS_update (stats,
+ "# received encrypted",
+ 1,
+ GNUNET_NO);
+
+ decrypted_size = t_ax_decrypt_and_validate (t,
+ cbuf,
+ msg,
+ size);
+
+ if (-1 == decrypted_size)
+ {
+ GNUNET_STATISTICS_update (stats,
+ "# unable to decrypt",
+ 1,
+ GNUNET_NO);
+ if (CADET_TUNNEL_KEY_PING <= t->estate)
+ {
+ GNUNET_break_op (0);
+ LOG (GNUNET_ERROR_TYPE_WARNING,
+ "Wrong crypto, tunnel %s\n",
+ GCT_2s (t));
+ GCT_debug (t,
+ GNUNET_ERROR_TYPE_WARNING);
+ }
+ return;
+ }
+
+ GCT_change_estate (t,
+ CADET_TUNNEL_KEY_OK);
+
+#if 0
+ /* FIXME: this is bad, as the structs returned from
+ this loop may be unaligned, see util's MST for
+ how to do this right.
+ => Change MST API to use new MQ-style handlers! */
+ off = 0;
+ while (off + sizeof (struct GNUNET_MessageHeader) <= decrypted_size)
+ {
+ uint16_t msize;
+
+ msgh = (const struct GNUNET_MessageHeader *) &cbuf[off];
+ msize = ntohs (msgh->size);
+ if (msize < sizeof (struct GNUNET_MessageHeader))
+ {
+ GNUNET_break_op (0);
+ return;
+ }
+ if (off + msize < decrypted_size)
+ {
+ GNUNET_break_op (0);
+ return;
+ }
+ handle_decrypted (t,
+ msgh);
+ off += msize;
+ }
+#endif
+}
+
+
+/**
* Sends an already built message on a tunnel, encrypting it and
* choosing the best connection if not provided.
*
diff --git a/src/cadet/gnunet-service-cadet-new_tunnels.h
b/src/cadet/gnunet-service-cadet-new_tunnels.h
index 0abe99f70..c0e179771 100644
--- a/src/cadet/gnunet-service-cadet-new_tunnels.h
+++ b/src/cadet/gnunet-service-cadet-new_tunnels.h
@@ -29,6 +29,8 @@
#define GNUNET_SERVICE_CADET_TUNNELS_H
#include "gnunet-service-cadet-new.h"
+#include "cadet_protocol.h"
+
/**
* How many connections would we like to have per tunnel?
@@ -316,6 +318,28 @@ GCT_get_estate (struct CadetTunnel *t);
/**
+ * Handle KX message.
+ *
+ * @param ct connection/tunnel combo that received encrypted message
+ * @param msg the key exchange message
+ */
+void
+GCT_handle_kx (struct CadetTConnection *ct,
+ const struct GNUNET_CADET_KX *msg);
+
+
+/**
+ * Handle encrypted message.
+ *
+ * @param ct connection/tunnel combo that received encrypted message
+ * @param msg the encrypted message to decrypt
+ */
+void
+GCT_handle_encrypted (struct CadetTConnection *ct,
+ const struct GNUNET_CADET_Encrypted *msg);
+
+
+/**
* Log all possible info about the tunnel state.
*
* @param t Tunnel to debug.
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: towards decrypting traffic in new CADET,
gnunet <=