[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r33903 - gnunet/src/cadet
From: |
gnunet |
Subject: |
[GNUnet-SVN] r33903 - gnunet/src/cadet |
Date: |
Wed, 2 Jul 2014 21:30:50 +0200 |
Author: bartpolot
Date: 2014-07-02 21:30:50 +0200 (Wed, 02 Jul 2014)
New Revision: 33903
Modified:
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
Log:
- destroy kx_ctx created on receipt of an ephemeral key if key is not new
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2014-07-02 19:30:49 UTC
(rev 33902)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2014-07-02 19:30:50 UTC
(rev 33903)
@@ -93,14 +93,14 @@
struct CadetTunnelKXCtx
{
/**
- * Encryption ("our") old key, for encrypting traffic sent by us
+ * Encryption ("our") old "confirmed" key, for encrypting traffic sent by us
* end before the key exchange is finished or times out.
*/
struct GNUNET_CRYPTO_SymmetricSessionKey e_key_old;
/**
- * Decryption ("their") old key, for decrypting traffic sent by the
- * other end before the key exchange started.
+ * Decryption ("their") old "confirmed" key, for decrypting traffic sent by
+ * the other end before the key exchange started.
*/
struct GNUNET_CRYPTO_SymmetricSessionKey d_key_old;
@@ -153,12 +153,12 @@
struct GNUNET_CRYPTO_EcdhePublicKey peers_ephemeral_key;
/**
- * Encryption ("our") key.
+ * Encryption ("our") key. It is only "confirmed" if kx_ctx is NULL.
*/
struct GNUNET_CRYPTO_SymmetricSessionKey e_key;
/**
- * Decryption ("their") key.
+ * Decryption ("their") key. It is only "confirmed" if kx_ctx is NULL.
*/
struct GNUNET_CRYPTO_SymmetricSessionKey d_key;
@@ -864,6 +864,49 @@
/**
+ * @brief Finish the Key eXchange and destroy the old keys.
+ *
+ * @param cls Closure (Tunnel for which to finish the KX).
+ * @param tc Task context.
+ */
+static void
+finish_kx (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
+{
+ struct CadetTunnel *t = cls;
+
+ if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
+ return;
+
+ LOG (GNUNET_ERROR_TYPE_INFO, "finish KX for %s\n", GCT_2s (t));
+
+ GNUNET_free (t->kx_ctx);
+ t->kx_ctx = NULL;
+}
+
+
+/**
+ * Destroy a Key eXchane context for the tunnel. This function only schedules
+ * the destruction, the freeing of the memory (and clearing of old key
material)
+ * happens after a delay!
+ *
+ * @param t Tunnel whose KX ctx to destroy.
+ */
+static void
+destroy_kx_ctx (struct CadetTunnel *t)
+{
+ struct GNUNET_TIME_Relative delay;
+
+ if (NULL == t->kx_ctx || GNUNET_SCHEDULER_NO_TASK != t->kx_ctx->finish_task)
+ return;
+
+ delay = GNUNET_TIME_relative_divide (rekey_period, 4);
+ delay = GNUNET_TIME_relative_min (delay, GNUNET_TIME_UNIT_MINUTES);
+
+ t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_delayed (delay, finish_kx, t);
+}
+
+
+/**
* Derive the tunnel's keys using our own and the peer's ephemeral keys.
*
* @param t Tunnel for which to create the keys.
@@ -1794,6 +1837,10 @@
t->estate = CADET_TUNNEL_KEY_REKEY;
}
}
+ else
+ {
+ destroy_kx_ctx (t);
+ }
if (CADET_TUNNEL_KEY_SENT == t->estate)
{
LOG (GNUNET_ERROR_TYPE_DEBUG, " our key was sent, sending ping\n");
@@ -1843,27 +1890,6 @@
/**
- * @brief Finish the Key eXchange and destroy the old keys.
- *
- * @param cls Closure (Tunnel for which to finish the KX).
- * @param tc Task context.
- */
-static void
-finish_kx (void *cls, const struct GNUNET_SCHEDULER_TaskContext *tc)
-{
- struct CadetTunnel *t = cls;
-
- if (0 != (tc->reason & GNUNET_SCHEDULER_REASON_SHUTDOWN))
- return;
-
- LOG (GNUNET_ERROR_TYPE_INFO, "finish KX for %s\n", GCT_2s (t));
-
- GNUNET_free (t->kx_ctx);
- t->kx_ctx = NULL;
-}
-
-
-/**
* Peer has answer to our challenge.
* If answer is successful, consider the key exchange finished and clean
* up all related state.
@@ -1904,14 +1930,7 @@
* Don't keep the keys longer than 1/4 the rekey period, and no longer than
* one minute.
*/
- if (GNUNET_SCHEDULER_NO_TASK == t->kx_ctx->finish_task)
- {
- struct GNUNET_TIME_Relative delay;
-
- delay = GNUNET_TIME_relative_divide (rekey_period, 4);
- delay = GNUNET_TIME_relative_min (delay, GNUNET_TIME_UNIT_MINUTES);
- t->kx_ctx->finish_task = GNUNET_SCHEDULER_add_delayed (delay, finish_kx,
t);
- }
+ destroy_kx_ctx (t);
GCT_change_estate (t, CADET_TUNNEL_KEY_OK);
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r33903 - gnunet/src/cadet,
gnunet <=