[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: implement hop-by-hop signat
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: implement hop-by-hop signature verification |
Date: |
Sun, 28 Apr 2019 13:59:06 +0200 |
This is an automated email from the git hooks/post-receive script.
grothoff pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new b41480962 implement hop-by-hop signature verification
b41480962 is described below
commit b41480962266720fd2a068cb41284d2d29cc54fd
Author: Christian Grothoff <address@hidden>
AuthorDate: Sun Apr 28 13:58:41 2019 +0200
implement hop-by-hop signature verification
---
src/transport/gnunet-service-tng.c | 26 ++++++++++++++++++++++----
1 file changed, 22 insertions(+), 4 deletions(-)
diff --git a/src/transport/gnunet-service-tng.c
b/src/transport/gnunet-service-tng.c
index b15a62cc4..c2922dd7e 100644
--- a/src/transport/gnunet-service-tng.c
+++ b/src/transport/gnunet-service-tng.c
@@ -24,7 +24,6 @@
*
* TODO:
* Implement next:
- * - dv hop-by-hop signature verification (at least at initiator)
* - change transport-core API to provide proper flow control in both
* directions, allow multiple messages per peer simultaneously (tag
* confirmations with unique message ID), and replace quota-out with
@@ -6421,9 +6420,28 @@ handle_dv_learn (void *cls, const struct
TransportDVLearnMessage *dvl)
n);
}
}
- // FIXME: asynchronously (!) verify hop-by-hop signatures!
- // => if signature verification load too high, implement random drop
- // strategy!?
+ /* OPTIMIZE-FIXME: asynchronously (!) verify signatures!,
+ If signature verification load too high, implement random drop strategy */
+ for (unsigned int i = 0; i < nhops; i++)
+ {
+ struct DvHopPS dhp = {.purpose.purpose =
+ htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_HOP),
+ .purpose.size = htonl (sizeof (dhp)),
+ .pred = (0 == i) ? dvl->initiator : hops[i - 1].hop,
+ .succ = (nhops - 1 == i) ? GST_my_identity
+ : hops[i + 1].hop,
+ .challenge = dvl->challenge};
+
+ if (GNUNET_OK !=
+ GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_DV_HOP,
+ &dhp.purpose,
+ &hops[i].hop_sig,
+ &hops[i].hop.public_key))
+ {
+ GNUNET_break_op (0);
+ return;
+ }
+ }
do_fwd = GNUNET_YES;
if (0 == GNUNET_memcmp (&GST_my_identity, &dvl->initiator))
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: implement hop-by-hop signature verification,
gnunet <=