[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r35649 - gnunet/src/cadet
From: |
gnunet |
Subject: |
[GNUnet-SVN] r35649 - gnunet/src/cadet |
Date: |
Mon, 27 Apr 2015 21:15:54 +0200 |
Author: bartpolot
Date: 2015-04-27 21:15:54 +0200 (Mon, 27 Apr 2015)
New Revision: 35649
Modified:
gnunet/src/cadet/cadet.conf.in
gnunet/src/cadet/gnunet-service-cadet_tunnel.c
gnunet/src/cadet/test_cadet.c
Log:
only ratchet after a certain amount of messages or time has passed
Modified: gnunet/src/cadet/cadet.conf.in
===================================================================
--- gnunet/src/cadet/cadet.conf.in 2015-04-27 19:15:52 UTC (rev 35648)
+++ gnunet/src/cadet/cadet.conf.in 2015-04-27 19:15:54 UTC (rev 35649)
@@ -1,5 +1,4 @@
[cadet]
-# PREFIX = valgrind
FORCESTART = YES
AUTOSTART = @AUTOSTART@
@address@hidden = 2096
@@ -10,6 +9,7 @@
UNIXPATH = $GNUNET_RUNTIME_DIR/gnunet-service-cadet.sock
UNIX_MATCH_UID = YES
UNIX_MATCH_GID = YES
+
REFRESH_CONNECTION_TIME = 5 min
ID_ANNOUNCE_TIME = 1 h
CONNECT_TIMEOUT = 30 s
@@ -20,3 +20,5 @@
MAX_MSGS_QUEUE = 10000
MAX_PEERS = 1000
REKEY_PERIOD = 12 h
+RATCHET_TIME = 1 h
+RATCHET_MESSAGES = 64
Modified: gnunet/src/cadet/gnunet-service-cadet_tunnel.c
===================================================================
--- gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-04-27 19:15:52 UTC
(rev 35648)
+++ gnunet/src/cadet/gnunet-service-cadet_tunnel.c 2015-04-27 19:15:54 UTC
(rev 35649)
@@ -281,9 +281,28 @@
uint32_t PNs;
/**
- * True (#GNUNET_YES) if the party will send a new ratchet key in next msg.
+ * True (#GNUNET_YES) if we have to send a new ratchet key in next msg.
*/
int ratchet_flag;
+
+ /**
+ * Number of messages recieved since our last ratchet advance.
+ * - If this counter = 0, we cannot send a new ratchet key in next msg.
+ * - If this counter > 0, we can (but don't yet have to) send a new key.
+ */
+ unsigned int ratchet_allowed;
+
+ /**
+ * Number of messages recieved since our last ratchet advance.
+ * - If this counter = 0, we cannot send a new ratchet key in next msg.
+ * - If this counter > 0, we can (but don't yet have to) send a new key.
+ */
+ unsigned int ratchet_counter;
+
+ /**
+ * When does this ratchet expire and a new one is triggered.
+ */
+ struct GNUNET_TIME_Absolute ratchet_expiration;
};
/**
@@ -506,12 +525,12 @@
*/
static unsigned long long default_ttl;
-
/**
* Own Peer ID private key.
*/
const static struct GNUNET_CRYPTO_EddsaPrivateKey *id_key;
+
/******************************** AXOLOTL
************************************/
static struct GNUNET_CRYPTO_EcdhePrivateKey *ax_key;
@@ -521,9 +540,19 @@
*/
static struct CadetAxolotlSignedKey ax_identity;
+/**
+ * How many messages are needed to trigger a ratchet advance.
+ */
+static unsigned long long ratchet_messages;
+
+/**
+ * How long until we trigger a ratched advance.
+ */
+static struct GNUNET_TIME_Relative ratchet_time;
+
+
/******************************** OTR ***********************************/
-
/**
* Own global OTR ephemeral private key.
*/
@@ -995,6 +1024,14 @@
ax = t->ax;
+ ax->ratchet_counter++;
+ if (GNUNET_YES == ax->ratchet_allowed
+ && (ratchet_messages <= ax->ratchet_counter
+ || 0 == GNUNET_TIME_absolute_get_remaining
(ax->ratchet_expiration).rel_value_us))
+ {
+ ax->ratchet_flag = GNUNET_YES;
+ }
+
if (GNUNET_YES == ax->ratchet_flag)
{
/* Advance ratchet */
@@ -1018,6 +1055,10 @@
ax->PNs = ax->Ns;
ax->Ns = 0;
ax->ratchet_flag = GNUNET_NO;
+ ax->ratchet_allowed = GNUNET_NO;
+ ax->ratchet_counter = 0;
+ ax->ratchet_expiration =
+ GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get(), ratchet_time);
}
t_hmac_derive_key (&ax->CKs, &MK, "0", 1);
@@ -1445,7 +1486,7 @@
ax->CKr = keys[2];
ax->DHRr = *DHRp;
ax->Nr = 0;
- ax->ratchet_flag = GNUNET_YES;
+ ax->ratchet_allowed = GNUNET_YES;
}
else
{
@@ -2871,6 +2912,10 @@
ax->NHKs = keys[3];
ax->CKs = keys[4];
ax->ratchet_flag = GNUNET_NO;
+ ax->ratchet_allowed = GNUNET_NO;
+ ax->ratchet_counter = 0;
+ ax->ratchet_expiration =
+ GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get(), ratchet_time);
}
GCT_change_estate (t, CADET_TUNNEL_KEY_OK);
}
@@ -3070,7 +3115,24 @@
{
rekey_period = GNUNET_TIME_UNIT_DAYS;
}
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_number (c, "CADET", "RATCHET_MESSAGES",
+ &ratchet_messages))
+ {
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_WARNING,
+ "CADET", "RATCHET_MESSAGES", "USING DEFAULT");
+ ratchet_messages = 64;
+ }
+ if (GNUNET_OK !=
+ GNUNET_CONFIGURATION_get_value_time (c, "CADET", "RATCHET_TIME",
+ &ratchet_time))
+ {
+ GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_WARNING,
+ "CADET", "RATCHET_TIME", "USING DEFAULT");
+ ratchet_time = GNUNET_TIME_UNIT_HOURS;
+ }
+
id_key = key;
otr_kx_msg.header.size = htons (sizeof (otr_kx_msg));
Modified: gnunet/src/cadet/test_cadet.c
===================================================================
--- gnunet/src/cadet/test_cadet.c 2015-04-27 19:15:52 UTC (rev 35648)
+++ gnunet/src/cadet/test_cadet.c 2015-04-27 19:15:54 UTC (rev 35649)
@@ -33,7 +33,7 @@
/**
* How many messages to send
*/
-#define TOTAL_PACKETS 200
+#define TOTAL_PACKETS 50
/**
* How long until we give up on connecting the peers?
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r35649 - gnunet/src/cadet,
gnunet <=