commit d439823a502e99094d2673825162edbbb29936e8 parent 039482efccb2c7428523457758f3f45a7c2dd8f9 Author: Jacki <jacki@thejackimonster.de> Date: Fri, 6 Mar 2026 18:42:20 +0100 pils: move access to peer identity and hash from key ring struct into service handle Signed-off-by: Jacki <jacki@thejackimonster.de> Diffstat:
35 files changed, 458 insertions(+), 405 deletions(-)
diff --git a/src/include/gnunet_pils_service.h b/src/include/gnunet_pils_service.h @@ -249,6 +249,24 @@ void GNUNET_PILS_cancel (struct GNUNET_PILS_Operation *op); /** + * Return the current peer identity of a given handle. + * + * @param handle handle to the pils service + * @return Peer identity or NULL on failure + */ +const struct GNUNET_PeerIdentity* +GNUNET_PILS_get_identity (const struct GNUNET_PILS_Handle *handle); + +/** + * Return the hash of the current peer identity from a given handle. + * + * @param handle handle to the pils service + * @return Peer identity hash or NULL on failure + */ +const struct GNUNET_HashCode* +GNUNET_PILS_get_identity_hash (const struct GNUNET_PILS_Handle *handle); + +/** * Create a key ring handle to use the current * peer identity key. * @@ -271,24 +289,6 @@ void GNUNET_PILS_destroy_key_ring (struct GNUNET_PILS_KeyRing *key_ring); /** - * Return the current peer identity of a given key ring handle. - * - * @param key_ring key ring handle - * @return Peer identity or NULL on failure - */ -const struct GNUNET_PeerIdentity* -GNUNET_PILS_key_ring_get_identity (const struct GNUNET_PILS_KeyRing *key_ring); - -/** - * Return the hash from the current peer identity of a given key ring handle. - * - * @param key_ring key ring handle - * @return Hash or NULL on failure - */ -const struct GNUNET_HashCode* -GNUNET_PILS_key_ring_get_hash (const struct GNUNET_PILS_KeyRing *key_ring); - -/** * Return the current private key of a given key ring handle. * * @param key_ring key ring handle diff --git a/src/service/cadet/gnunet-service-cadet.c b/src/service/cadet/gnunet-service-cadet.c @@ -129,6 +129,11 @@ struct GNUNET_TRANSPORT_ApplicationHandle *transport; struct GNUNET_PILS_KeyRing *key_ring; /** + * Handle to the pils service. + */ +struct GNUNET_PILS_Handle *pils; + +/** * Signal that shutdown is happening: prevent recovery measures. */ int shutting_down; @@ -413,8 +418,11 @@ shutdown_rest () } GCD_shutdown (); GCH_shutdown (); - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + if (NULL != key_ring) + { + GNUNET_PILS_destroy_key_ring (key_ring); + key_ring = NULL; + } } @@ -485,7 +493,7 @@ handle_port_open (void *cls, GNUNET_h2s (&pmsg->port), GSC_2s (c)); - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); if (! my_identity) return; @@ -1317,7 +1325,7 @@ run (void *cls, GCO_init (c); GNUNET_log (GNUNET_ERROR_TYPE_INFO, "CADET started for peer %s\n", - GNUNET_i2s (GNUNET_PILS_key_ring_get_identity (key_ring))); + GNUNET_i2s (GNUNET_PILS_get_identity (pils))); } diff --git a/src/service/cadet/gnunet-service-cadet.h b/src/service/cadet/gnunet-service-cadet.h @@ -208,6 +208,11 @@ extern struct GNUNET_TRANSPORT_ApplicationHandle *transport; extern struct GNUNET_PILS_KeyRing *key_ring; /** + * Handle to Pils service. + */ +extern struct GNUNET_PILS_Handle *pils; + +/** * All ports clients of this peer have opened. Maps from * a hashed port to a `struct OpenPort`. */ diff --git a/src/service/cadet/gnunet-service-cadet_channel.c b/src/service/cadet/gnunet-service-cadet_channel.c @@ -48,20 +48,20 @@ * How long do we initially wait before retransmitting? */ #define CADET_INITIAL_RETRANSMIT_TIME \ - GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 250) + GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 250) /** * How long do we wait before dropping state about incoming * connection to closed port? */ #define TIMEOUT_CLOSED_PORT \ - GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30) + GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_SECONDS, 30) /** * How long do we wait at least before retransmitting ever? */ #define MIN_RTT_DELAY \ - GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 75) + GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 75) /** * Maximum message ID into the future we accept for out-of-order messages. @@ -667,7 +667,7 @@ GCCH_channel_local_new (struct CadetClient *owner, struct CadetChannel *ch; struct CadetChannelClient *ccco; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); ccco = GNUNET_new (struct CadetChannelClient); @@ -956,10 +956,10 @@ GCCH_bind (struct CadetChannel *ch, GCT_2s (ch->t), GNUNET_h2s (&ch->port), GSC_2s (c)); - - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); - + if (NULL != ch->retry_control_task) { /* there might be a timeout task here */ @@ -1961,7 +1961,7 @@ GCCH_handle_local_ack (struct CadetChannel *ch, #define LOG2(level, ...) \ - GNUNET_log_from_nocheck (level, "cadet-chn", __VA_ARGS__) + GNUNET_log_from_nocheck (level, "cadet-chn", __VA_ARGS__) /** diff --git a/src/service/cadet/gnunet-service-cadet_connection.c b/src/service/cadet/gnunet-service-cadet_connection.c @@ -47,7 +47,7 @@ * TODO: replace by 2 RTT if/once we have connection-level RTT data! */ #define INITIAL_CONNECTION_CREATE_RETRY_DELAY \ - GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 200) + GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MILLISECONDS, 200) /** @@ -596,7 +596,7 @@ set_monotime_sig (struct GNUNET_CADET_ConnectionCreateMessage *msg) GNUNET_SIGNATURE_PURPOSE_CADET_CONNECTION_INITIATOR), .purpose.size = htonl (sizeof(cp)), .monotonic_time = msg->monotime}; - + my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert (my_private_key); @@ -625,7 +625,7 @@ send_create (void *cls) cc->task = NULL; GNUNET_assert (GNUNET_YES == cc->mqm_ready); - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); env = @@ -1049,7 +1049,7 @@ GCC_2s (const struct CadetConnection *cc) #define LOG2(level, ...) \ - GNUNET_log_from_nocheck (level, "cadet-con", __VA_ARGS__) + GNUNET_log_from_nocheck (level, "cadet-con", __VA_ARGS__) /** diff --git a/src/service/cadet/gnunet-service-cadet_core.c b/src/service/cadet/gnunet-service-cadet_core.c @@ -326,8 +326,8 @@ route_message (struct CadetPeer *prev, struct Rung *nxt; struct GNUNET_MQ_Envelope *env; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - if (!my_identity) + my_identity = GNUNET_PILS_get_identity (pils); + if (! my_identity) return; route = get_route (cid); @@ -633,8 +633,8 @@ dir_ready_cb (void *cls, int ready) struct CadetRoute *route = dir->my_route; struct RouteDirection *odir; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - if (!my_identity) + my_identity = GNUNET_PILS_get_identity (pils); + if (! my_identity) return; if (GNUNET_YES == ready) @@ -701,7 +701,7 @@ send_broken_without_mqm ( struct GNUNET_MQ_Envelope *env; struct GNUNET_CADET_ConnectionBrokenMessage *bm; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); env = GNUNET_MQ_msg (bm, GNUNET_MESSAGE_TYPE_CADET_CONNECTION_BROKEN); @@ -735,8 +735,8 @@ handle_connection_create ( unsigned int off; struct CadetTunnel *t; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - if (!my_identity) + my_identity = GNUNET_PILS_get_identity (pils); + if (! my_identity) return; path_length = size / sizeof(struct GNUNET_PeerIdentity); @@ -1226,7 +1226,7 @@ core_init_cb (void *cls, const struct GNUNET_PeerIdentity *identity) { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); if (NULL == my_identity) { GNUNET_break (0); @@ -1324,8 +1324,7 @@ GCO_init (const struct GNUNET_CONFIGURATION_Handle *c) struct GNUNET_CADET_TunnelEncryptedMessage, NULL), GNUNET_MQ_handler_end () }; - const struct GNUNET_CORE_ServiceInfo service_info = - { + const struct GNUNET_CORE_ServiceInfo service_info = { .service = GNUNET_CORE_SERVICE_CADET, .version = { 1, 0 }, .version_max = { 1, 0 }, diff --git a/src/service/cadet/gnunet-service-cadet_dht.c b/src/service/cadet/gnunet-service-cadet_dht.c @@ -153,7 +153,7 @@ announce_id (void*cls) struct GNUNET_TIME_Absolute expiration; struct GNUNET_TIME_Relative next_put; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); hello = GCH_get_mine (); diff --git a/src/service/cadet/gnunet-service-cadet_hello.c b/src/service/cadet/gnunet-service-cadet_hello.c @@ -85,11 +85,6 @@ static struct GNUNET_MessageHeader *mine; static struct GNUNET_PEERSTORE_Handle *peerstore; /** - * Handle to the PILS service. - */ -static struct GNUNET_PILS_Handle *pils; - -/** * Our peerstore notification context. We use notification * to instantly learn about new peers as they are discovered. */ @@ -128,8 +123,8 @@ got_hello (void *cls, struct CadetPeer *peer; struct GNUNET_MessageHeader *hello; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - if (!my_identity) + my_identity = GNUNET_PILS_get_identity (pils); + if (! my_identity) return; if (NULL == record->value) diff --git a/src/service/cadet/gnunet-service-cadet_paths.c b/src/service/cadet/gnunet-service-cadet_paths.c @@ -481,7 +481,7 @@ GCPP_try_path_from_dht (const struct GNUNET_DHT_PathElement *get_path, unsigned int skip; unsigned int total_len; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); /* precompute 'cpath' so we can avoid doing the lookups lots of times */ skip = 0; diff --git a/src/service/cadet/gnunet-service-cadet_tunnels.c b/src/service/cadet/gnunet-service-cadet_tunnels.c @@ -468,7 +468,7 @@ GCT_alice_or_betty (const struct GNUNET_PeerIdentity *other) { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); if (0 > GNUNET_memcmp (my_identity, other)) @@ -1544,7 +1544,7 @@ update_ax_by_kx (struct CadetTunnelAxolotl *ax, const struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key; my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); - if (!my_private_key) + if (! my_private_key) { GNUNET_break_op (0); return GNUNET_SYSERR; @@ -2097,7 +2097,7 @@ get_next_free_ctn (struct CadetTunnel *t) int cmp; uint32_t highbit; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); cmp = GNUNET_memcmp (my_identity, diff --git a/src/service/core/gnunet-service-core.c b/src/service/core/gnunet-service-core.c @@ -115,11 +115,6 @@ struct GSC_Client /** - * Our identity. - */ -struct GNUNET_PILS_KeyRing *GSC_key_ring; - -/** * Our configuration. */ const struct GNUNET_CONFIGURATION_Handle *GSC_cfg; @@ -135,6 +130,11 @@ struct GNUNET_SERVICE_Handle *service_h; struct GNUNET_STATISTICS_Handle *GSC_stats; /** + * For peer identity access. + */ +struct GNUNET_PILS_Handle *GSC_pils; + +/** * Our peer class */ static enum GNUNET_CORE_PeerClass GSC_peer_class; @@ -335,7 +335,7 @@ handle_client_init (void *cls, const struct InitMessage *im) uint16_t msize; const uint16_t *types; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); /* check that we don't have an entry already */ @@ -424,7 +424,7 @@ GSC_CLIENTS_solicit_request (struct GSC_ClientActiveRequest *car) GNUNET_CONTAINER_multipeermap_contains (c->connectmap, &car->target)) { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); /* connection has gone down since, drop request */ GNUNET_assert (0 != @@ -466,7 +466,7 @@ handle_client_send_request (void *cls, const struct SendMessageRequest *req) struct GSC_ClientActiveRequest *car; int is_loopback; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); if (NULL == c->requests) @@ -573,7 +573,7 @@ tokenized_cb (void *cls, const struct GNUNET_MessageHeader *message) struct GSC_ClientActiveRequest *car = tc->car; char buf[92]; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); GNUNET_snprintf (buf, @@ -851,7 +851,7 @@ GSC_complete_initialization_cb (void) const struct GNUNET_PeerIdentity *my_identity; GSC_SESSIONS_init (); GNUNET_SERVICE_resume (service_h); - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); GNUNET_log (GNUNET_ERROR_TYPE_INFO, _ ("Core service of `%s' ready.\n"), diff --git a/src/service/core/gnunet-service-core.h b/src/service/core/gnunet-service-core.h @@ -199,9 +199,9 @@ extern const struct GNUNET_CONFIGURATION_Handle *GSC_cfg; extern struct GNUNET_STATISTICS_Handle *GSC_stats; /** - * Our PILS key ring. + * Our Pils service. */ -extern struct GNUNET_PILS_KeyRing *GSC_key_ring; +extern struct GNUNET_PILS_Handle *GSC_pils; /** * Our peer class diff --git a/src/service/core/gnunet-service-core_kx.c b/src/service/core/gnunet-service-core_kx.c @@ -410,12 +410,6 @@ static struct PilsRequest *pils_requests_tail; /** - * Pils service. - */ -static struct GNUNET_PILS_Handle *pils; - - -/** * Transport service. */ static struct GNUNET_TRANSPORT_CoreHandle *transport; @@ -661,7 +655,7 @@ restart_kx (struct GSC_KeyExchangeInfo *kx) GNUNET_NO); monitor_notify_all (kx); - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GSC_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GSC_pils); GNUNET_assert (NULL != my_identity_hash); GNUNET_CRYPTO_hash (&kx->peer, sizeof(struct GNUNET_PeerIdentity), &h1); if (NULL != kx->transcript_hash_ctx) @@ -708,7 +702,7 @@ handle_transport_notify_connect (void *cls, const struct GNUNET_PeerIdentity *my_identity; struct GSC_KeyExchangeInfo *kx; (void) cls; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); if (0 == memcmp (peer_id, my_identity, sizeof *peer_id)) { @@ -1477,7 +1471,7 @@ handle_initiator_hello_cont (void *cls, const struct GNUNET_ShortHashCode *ss_R) sizeof (struct GNUNET_PeerIdentity)); } - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GSC_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GSC_pils); GNUNET_assert (NULL != my_identity_hash); // We could follow with the rest of the Key Schedule (dES, HS, ...) for now @@ -1581,7 +1575,7 @@ handle_initiator_hello (void *cls, const struct InitiatorHello *ihm_e) kx->status = GNUNET_CORE_KX_STATE_INITIATOR_HELLO_RECEIVED; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GSC_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GSC_pils); GNUNET_assert (NULL != my_identity_hash); // 1. verify type _INITIATOR_HELLO @@ -1612,7 +1606,7 @@ handle_initiator_hello (void *cls, const struct InitiatorHello *ihm_e) pils_requests_tail, initiator_hello_cls->req); initiator_hello_cls->req->op = - GNUNET_PILS_kem_decaps (pils, + GNUNET_PILS_kem_decaps (GSC_pils, &ihm_e->c_R, // encapsulated key &handle_initiator_hello_cont, @@ -2040,7 +2034,7 @@ handle_responder_hello (void *cls, const struct ResponderHello *rhm_e) GNUNET_CONTAINER_DLL_insert (pils_requests_head, pils_requests_tail, req); - req->op = GNUNET_PILS_kem_decaps (pils, + req->op = GNUNET_PILS_kem_decaps (GSC_pils, &rh_ctx->rhp->c_I, // encapsulated key &handle_responder_hello_cont, // continuation rh_ctx); @@ -2612,7 +2606,7 @@ send_initiator_hello (struct GSC_KeyExchangeInfo *kx) enum GNUNET_GenericReturnValue ret; size_t pt_len; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); pt_len = sizeof (*ihmp) + strlen (my_services_info); @@ -2848,7 +2842,7 @@ GSC_KX_encrypt_and_transmit (struct GSC_KeyExchangeInfo *kx, void -GSC_KX_start (GNUNET_UNUSED void *cls) +GSC_KX_start (void) { const struct GNUNET_PeerIdentity *my_identity; struct GNUNET_MQ_MessageHandler handlers[] = { @@ -2871,7 +2865,7 @@ GSC_KX_start (GNUNET_UNUSED void *cls) GNUNET_MQ_handler_end () }; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); GNUNET_assert (NULL != my_identity); nc = GNUNET_notification_context_create (1); @@ -2900,6 +2894,18 @@ GSC_KX_start (GNUNET_UNUSED void *cls) } +void +pid_change_cb (void *cls, + const struct GNUNET_HELLO_Parser *parser, + const struct GNUNET_HashCode *hash) +{ + if (NULL != transport) + return; + + GSC_KX_start (); +} + + /** * Initialize KX subsystem. * @@ -2908,19 +2914,10 @@ GSC_KX_start (GNUNET_UNUSED void *cls) int GSC_KX_init (void) { - GSC_key_ring = GNUNET_PILS_create_key_ring ( - GSC_cfg, &GSC_KX_start, NULL); - - if (NULL == GSC_key_ring) - { - GSC_KX_done (); - return GNUNET_SYSERR; - } - - pils = GNUNET_PILS_connect (GSC_cfg, - NULL, - NULL); - if (NULL == pils) + GSC_pils = GNUNET_PILS_connect (GSC_cfg, + &pid_change_cb, + NULL); + if (NULL == GSC_pils) { GSC_KX_done (); return GNUNET_SYSERR; @@ -2946,15 +2943,10 @@ GSC_KX_done () GNUNET_PILS_cancel (pr->op); GNUNET_free (pr); } - if (NULL != pils) - { - GNUNET_PILS_disconnect (pils); - pils = NULL; - } - if (NULL != GSC_key_ring) + if (NULL != GSC_pils) { - GNUNET_PILS_destroy_key_ring (GSC_key_ring); - GSC_key_ring = NULL; + GNUNET_PILS_disconnect (GSC_pils); + GSC_pils = NULL; } if (NULL != transport) { diff --git a/src/service/core/gnunet-service-core_sessions.c b/src/service/core/gnunet-service-core_sessions.c @@ -367,7 +367,7 @@ GSC_SESSIONS_dequeue_request (struct GSC_ClientActiveRequest *car) { const struct GNUNET_PeerIdentity *my_identity; struct Session *session; - my_identity = GNUNET_PILS_key_ring_get_identity (GSC_key_ring); + my_identity = GNUNET_PILS_get_identity (GSC_pils); if (NULL == my_identity) return; diff --git a/src/service/dht/gnunet-service-dht_clients.c b/src/service/dht/gnunet-service-dht_clients.c @@ -1003,7 +1003,7 @@ forward_reply (void *cls, #if SUPER_REDUNDANT_CHECK { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); GNUNET_break (0 == GNUNET_DHT_verify_path (bd->data, @@ -1090,7 +1090,7 @@ GDS_CLIENTS_handle_reply (const struct GNUNET_DATACACHE_Block *bd, #if SANITY_CHECKS > 1 { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); if (0 != GNUNET_DHT_verify_path (bd->data, diff --git a/src/service/dht/gnunet-service-dht_datacache.c b/src/service/dht/gnunet-service-dht_datacache.c @@ -52,7 +52,7 @@ GDS_DATACACHE_handle_put (const struct GNUNET_DATACACHE_Block *bd) const struct GNUNET_HashCode *my_identity_hash; struct GNUNET_HashCode xor; enum GNUNET_GenericReturnValue r; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); if (NULL == my_identity_hash) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, diff --git a/src/service/dht/gnunet-service-dht_neighbours.c b/src/service/dht/gnunet-service-dht_neighbours.c @@ -481,7 +481,7 @@ find_bucket (const struct GNUNET_HashCode *hc) struct GNUNET_HashCode xor; unsigned int bits; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); GNUNET_assert (NULL != my_identity_hash); GNUNET_CRYPTO_hash_xor (hc, @@ -570,7 +570,7 @@ send_find_peer_message (void *cls) struct GNUNET_BLOCK_Group *bg; struct GNUNET_CONTAINER_BloomFilter *peer_bf; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); GNUNET_assert (NULL != my_identity_hash); bg = GNUNET_BLOCK_group_create (GDS_block_context, @@ -661,7 +661,7 @@ GDS_u_connect (void *cls, struct PeerBucket *bucket; bool do_hold = false; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); /* Check for connect to self message */ @@ -868,7 +868,7 @@ GDS_am_closest_peer (const struct GNUNET_HashCode *key, { const struct GNUNET_HashCode *my_identity_hash; int delta; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); GNUNET_assert (NULL != my_identity_hash); if (0 == GNUNET_memcmp (my_identity_hash, key)) return GNUNET_YES; @@ -958,7 +958,7 @@ select_peer (const struct GNUNET_HashCode *key, { const struct GNUNET_HashCode *my_identity_hash; struct GNUNET_HashCode xor; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); GNUNET_assert (NULL != my_identity_hash); GNUNET_CRYPTO_hash_xor (key, my_identity_hash, @@ -1254,8 +1254,8 @@ GDS_NEIGHBOURS_handle_put (const struct GNUNET_DATACACHE_Block *bd, struct GNUNET_PeerIdentity trunc_peer_out; enum GNUNET_GenericReturnValue ret; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); GNUNET_assert (NULL != my_identity); ret = GDS_helper_put_message_get_size (&msize, @@ -1371,8 +1371,8 @@ GDS_NEIGHBOURS_handle_get (enum GNUNET_BLOCK_Type type, size_t result_filter_size; void *result_filter; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); if (NULL == my_identity_hash) return GNUNET_NO; @@ -1504,7 +1504,7 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi, const struct GNUNET_PeerIdentity *my_identity; unsigned int failure_offset; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); failure_offset @@ -1673,7 +1673,7 @@ GDS_NEIGHBOURS_handle_reply (struct PeerInfo *pi, const struct GNUNET_PeerIdentity *my_identity; struct GNUNET_DHT_PathElement xpaths[get_path_length + 1]; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); memcpy (xpaths, @@ -1924,7 +1924,7 @@ handle_dht_p2p_put (void *cls, #if SANITY_CHECKS { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); /* TODO: might want to eventually implement probabilistic load-based path verification, but for now it is all or nothing */ @@ -2013,7 +2013,7 @@ handle_find_my_hello (struct PeerInfo *pi, struct GNUNET_BLOCK_Group *bg) { const struct GNUNET_HashCode *my_identity_hash; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (GDS_key_ring); + my_identity_hash = GNUNET_PILS_get_identity_hash (GDS_pils); if (NULL == GDS_my_hello) { GNUNET_STATISTICS_update (GDS_stats, @@ -2193,7 +2193,7 @@ handle_dht_p2p_get (void *cls, struct GNUNET_BLOCK_Group *bg; struct GNUNET_CONTAINER_BloomFilter *peer_bf; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); peer_bf = GNUNET_CONTAINER_bloomfilter_init (get->bloomfilter, @@ -2510,7 +2510,7 @@ handle_dht_p2p_result (void *cls, #if SANITY_CHECKS { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); /* TODO: might want to eventually implement probabilistic load-based path verification, but for now it is all or nothing */ @@ -2721,7 +2721,7 @@ GDS_try_connect (void *cls, struct PeerBucket *bucket; (void) cls; - my_identity = GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + my_identity = GNUNET_PILS_get_identity (GDS_pils); GNUNET_assert (NULL != my_identity); if (0 == GNUNET_memcmp (my_identity, pid)) @@ -2833,7 +2833,7 @@ GDS_NEIGHBOURS_done () const struct GNUNET_PeerIdentity * GDS_NEIGHBOURS_get_id () { - return GNUNET_PILS_key_ring_get_identity (GDS_key_ring); + return GNUNET_PILS_get_identity (GDS_pils); } diff --git a/src/service/dht/plugin_dhtu_gnunet.c b/src/service/dht/plugin_dhtu_gnunet.c @@ -167,9 +167,9 @@ struct Plugin struct GNUNET_PEERSTORE_Monitor *peerstore_notify; /** - * PILS key ring. + * Handle to the PILS service. */ - struct GNUNET_PILS_KeyRing *key_ring; + struct GNUNET_PILS_Handle *pils; }; @@ -414,7 +414,7 @@ peerinfo_cb (void *cls, hello = record->value; if (NULL == hello) return; - my_identity = GNUNET_PILS_key_ring_get_identity (plugin->key_ring); + my_identity = GNUNET_PILS_get_identity (plugin->pils); if (! my_identity) return; if (0 != GNUNET_memcmp (&record->peer, my_identity)) @@ -570,8 +570,8 @@ DHTU_gnunet_done (struct GNUNET_DHTU_PluginFunctions *api) if (NULL != plugin->peerstore) GNUNET_PEERSTORE_disconnect (plugin->peerstore); // GPI_plugins_unload (); - if (plugin->key_ring) - GNUNET_PILS_destroy_key_ring (plugin->key_ring); + if (plugin->pils) + GNUNET_PILS_disconnect (plugin->pils); GNUNET_free (plugin); GNUNET_free (api); return NULL; @@ -604,7 +604,7 @@ DHTU_gnunet_init (struct GNUNET_DHTU_PluginEnvironment *env) }; plugin = GNUNET_new (struct Plugin); - plugin->key_ring = GNUNET_PILS_create_key_ring ( + plugin->pils = GNUNET_PILS_connect ( env->cfg, NULL, NULL); plugin->env = env; api = GNUNET_new (struct GNUNET_DHTU_PluginFunctions); diff --git a/src/service/exit/gnunet-daemon-exit.c b/src/service/exit/gnunet-daemon-exit.c @@ -382,9 +382,14 @@ static struct GNUNET_DNS_Advertisement dns_advertisement; static struct GNUNET_HashCode dht_put_key; /** - * PILS key ring. + * The pils service handle. */ -static struct GNUNET_PILS_KeyRing *key_ring; +static struct GNUNET_PILS_Handle *pils; + +/** + * Operation for signing the dns advertisement. + */ +static struct GNUNET_PILS_Operation *sign_op; /** * Port for DNS exit. @@ -3318,10 +3323,15 @@ cleanup (void *cls) GNUNET_DNSSTUB_stop (dnsstub); dnsstub = NULL; } - if (NULL != key_ring) + if (NULL != sign_op) { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + GNUNET_PILS_cancel (sign_op); + sign_op = NULL; + } + if (NULL != pils) + { + GNUNET_PILS_disconnect (pils); + pils = NULL; } if (NULL != dht_task) { @@ -3583,6 +3593,22 @@ dht_put_cont (void *cls) } +static void +sign_dns_advertisement (void *cls, + const struct GNUNET_PeerIdentity *pid, + const struct GNUNET_CRYPTO_EddsaSignature *sig) +{ + GNUNET_assert (sig); + + sign_op = NULL; + + GNUNET_memcpy (&dns_advertisement.signature, sig, + sizeof (dns_advertisement.signature)); + + do_dht_put (cls); +} + + /** * We are running a DNS exit service, advertise it in the * DHT. This task is run periodically to do the DHT PUT. @@ -3601,16 +3627,17 @@ do_dht_put (void *cls) if (GNUNET_TIME_absolute_get_remaining (expiration).rel_value_us < GNUNET_TIME_UNIT_HOURS.rel_value_us) { - const struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key; /* refresh advertisement */ - my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); - GNUNET_assert (my_private_key); expiration = GNUNET_TIME_relative_to_absolute (DNS_ADVERTISEMENT_TIMEOUT); dns_advertisement.expiration_time = GNUNET_TIME_absolute_hton (expiration); - GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign_ (my_private_key, - &dns_advertisement.purpose, - &dns_advertisement.signature)); + + if (NULL != sign_op) + GNUNET_PILS_cancel (sign_op); + + sign_op = GNUNET_PILS_sign_by_peer_identity (pils, &dns_advertisement. + purpose, + &sign_dns_advertisement, cls); + return; } if (NULL != dht_put) GNUNET_DHT_put_cancel (dht_put); @@ -3628,12 +3655,13 @@ do_dht_put (void *cls) static void -do_initial_dht_put (void *cls) +do_initial_dht_put (void *cls, + const struct GNUNET_HELLO_Parser *parser, + const struct GNUNET_HashCode *hash) { const struct GNUNET_PeerIdentity *my_identity; - dht_task = NULL; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_memcpy (&dns_advertisement.peer, @@ -3649,6 +3677,15 @@ do_initial_dht_put (void *cls) strlen ("dns"), &dht_put_key); + if (NULL != sign_op) + { + GNUNET_PILS_cancel (sign_op); + sign_op = NULL; + } + + if (NULL != dht_task) + GNUNET_SCHEDULER_cancel (dht_task); + dht_task = GNUNET_SCHEDULER_add_now (&do_dht_put, NULL); } @@ -3766,7 +3803,8 @@ advertise_dns_exit () /* advertise exit */ dht = GNUNET_DHT_connect (cfg, 1); dht_task = NULL; - key_ring = GNUNET_PILS_create_key_ring (cfg, &do_initial_dht_put, NULL); + pils = GNUNET_PILS_connect (cfg, &do_initial_dht_put, NULL); + sign_op = NULL; GNUNET_free (dns_exit); } diff --git a/src/service/fs/gnunet-service-fs.c b/src/service/fs/gnunet-service-fs.c @@ -289,10 +289,10 @@ struct GNUNET_BLOCK_Context *GSF_block_ctx; struct GNUNET_CORE_Handle *GSF_core; /** - * Pointer to handle of the pils key ring (points to NULL until we've + * Pointer to handle of the pils service (points to NULL until we've * connected to it). */ -struct GNUNET_PILS_KeyRing *GSF_key_ring; +struct GNUNET_PILS_Handle *GSF_pils; /** * Are we introducing randomized delays for better anonymity? @@ -1138,10 +1138,10 @@ shutdown_task (void *cls) GNUNET_CORE_disconnect (GSF_core); GSF_core = NULL; } - if (NULL != GSF_key_ring) + if (NULL != GSF_pils) { - GNUNET_PILS_destroy_key_ring (GSF_key_ring); - GSF_key_ring = NULL; + GNUNET_PILS_disconnect (GSF_pils); + GSF_pils = NULL; } GSF_put_done_ (); GSF_push_done_ (); @@ -1213,8 +1213,8 @@ main_init (const struct GNUNET_CONFIGURATION_Handle *c) "fs", "DISABLE_ANON_TRANSFER") ); - GSF_key_ring = GNUNET_PILS_create_key_ring (GSF_cfg, NULL, NULL); - if (NULL == GSF_key_ring) + GSF_pils = GNUNET_PILS_connect (GSF_cfg, NULL, NULL); + if (NULL == GSF_pils) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, _ ("Failed to connect to `%s' service.\n"), diff --git a/src/service/fs/gnunet-service-fs.h b/src/service/fs/gnunet-service-fs.h @@ -218,9 +218,9 @@ extern struct GNUNET_TIME_Relative GSF_avg_latency; extern struct GNUNET_ATS_PerformanceHandle *GSF_ats; /** - * PILS key ring. + * Handle to PILS service. */ -extern struct GNUNET_PILS_KeyRing *GSF_key_ring; +extern struct GNUNET_PILS_Handle *GSF_pils; /** * Typical priorities we're seeing from other peers right now. Since diff --git a/src/service/fs/gnunet-service-fs_cp.c b/src/service/fs/gnunet-service-fs_cp.c @@ -463,7 +463,7 @@ GSF_peer_connect_handler (void *cls, const struct GNUNET_PeerIdentity *my_identity; struct GSF_ConnectedPeer *cp; - my_identity = GNUNET_PILS_key_ring_get_identity (GSF_key_ring); + my_identity = GNUNET_PILS_get_identity (GSF_pils); GNUNET_assert (my_identity); if (0 == GNUNET_memcmp (my_identity, peer)) diff --git a/src/service/nse/gnunet-service-nse.c b/src/service/nse/gnunet-service-nse.c @@ -318,11 +318,6 @@ static struct GNUNET_TIME_Absolute next_timestamp; static struct GNUNET_TIME_Absolute current_timestamp; /** - * PILS key ring. - */ -static struct GNUNET_PILS_KeyRing *key_ring; - -/** * Proof of work for this peer. */ static uint64_t my_proof; @@ -693,13 +688,11 @@ static void setup_flood_message (unsigned int slot, struct GNUNET_TIME_Absolute ts) { const struct GNUNET_PeerIdentity *my_identity; - const struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key; struct GNUNET_NSE_FloodMessage *fm; uint32_t matching_bits; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); - GNUNET_assert ((my_identity) && (my_private_key)); + my_identity = GNUNET_PILS_get_identity (pils); + GNUNET_assert (my_identity); matching_bits = get_matching_bits (ts, my_identity); fm = &size_estimate_messages[slot]; @@ -715,13 +708,7 @@ setup_flood_message (unsigned int slot, struct GNUNET_TIME_Absolute ts) fm->timestamp = GNUNET_TIME_absolute_hton (ts); fm->origin = *my_identity; fm->proof_of_work = my_proof; - if (nse_work_required > 0) - GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign_ (my_private_key, - &fm->purpose, - &fm->signature)); - else - memset (&fm->signature, 0, sizeof(fm->signature)); + memset (&fm->signature, 0, sizeof(fm->signature)); } @@ -780,7 +767,7 @@ update_flood_message (void *cls) (void) cls; flood_task = NULL; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); if (! my_identity) return; @@ -898,7 +885,7 @@ find_proof (void *cls) (void) cls; proof_task = NULL; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_memcpy (&buf[sizeof(uint64_t)], my_identity, @@ -1042,7 +1029,7 @@ handle_p2p_estimate (void *cls, uint32_t matching_bits; unsigned int idx; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); if (! my_identity) return; @@ -1337,11 +1324,6 @@ shutdown_task (void *cls) GNUNET_CONTAINER_multipeermap_destroy (peers); peers = NULL; } - if (NULL != key_ring) - { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; - } if (NULL != pils) { GNUNET_PILS_disconnect (pils); @@ -1367,18 +1349,33 @@ shutdown_task (void *cls) static void -identity_changed (const struct GNUNET_PeerIdentity *identity) +pils_id_change_cb (void *cls, + const struct GNUNET_HELLO_Parser *parser, + const struct GNUNET_HashCode *addr_hash) { + const struct GNUNET_PeerIdentity *my_identity; struct GNUNET_TIME_Absolute now; struct GNUNET_TIME_Absolute prev_time; - if (NULL == identity) + my_identity = GNUNET_PILS_get_identity (pils); + + if (NULL != proof_task) + { + GNUNET_SCHEDULER_cancel (proof_task); + proof_task = NULL; + } + + if (NULL == my_identity) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "Connection to core FAILED!\n"); GNUNET_SCHEDULER_shutdown (); return; } + proof_task = + GNUNET_SCHEDULER_add_with_priority (GNUNET_SCHEDULER_PRIORITY_IDLE, + &find_proof, + NULL); now = GNUNET_TIME_absolute_get (); current_timestamp.abs_value_us = (now.abs_value_us / gnunet_nse_interval.rel_value_us) @@ -1387,7 +1384,7 @@ identity_changed (const struct GNUNET_PeerIdentity *identity) GNUNET_TIME_absolute_add (current_timestamp, gnunet_nse_interval); estimate_index = HISTORY_SIZE - 1; estimate_count = 0; - if (GNUNET_YES == check_proof_of_work (&(identity->public_key), my_proof)) + if (GNUNET_YES == check_proof_of_work (&(my_identity->public_key), my_proof)) { int idx = (estimate_index + HISTORY_SIZE - 1) % HISTORY_SIZE; prev_time.abs_value_us = @@ -1403,44 +1400,6 @@ identity_changed (const struct GNUNET_PeerIdentity *identity) } -static void -pils_id_change_cb (void *cls, - const struct GNUNET_HELLO_Parser *parser, - const struct GNUNET_HashCode *addr_hash) -{ - const struct GNUNET_PeerIdentity *my_identity; - struct GNUNET_PeerIdentity identity; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - identity = *GNUNET_HELLO_parser_get_id (parser); - GNUNET_assert (0 == GNUNET_memcmp (my_identity, &identity)); - identity_changed (my_identity); -} - - -/** - * Called on core init/fail. - * - * @param cls service closure - * @param identity the public identity of this peer - */ -static void -core_init (void *cls, const struct GNUNET_PeerIdentity *identity) -{ - const struct GNUNET_PeerIdentity *my_identity; - if (identity) - { - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - GNUNET_assert (0 == GNUNET_memcmp (my_identity, identity)); - proof_task = GNUNET_SCHEDULER_add_with_priority ( - GNUNET_SCHEDULER_PRIORITY_IDLE, - &find_proof, NULL); - } - else - my_identity = NULL; - identity_changed (my_identity); -} - - #if ENABLE_NSE_HISTOGRAM /** * Function called with the status of the testbed logger service @@ -1567,14 +1526,10 @@ run (void *cls, #endif GNUNET_SCHEDULER_add_shutdown (&shutdown_task, NULL); - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); - GNUNET_assert (NULL != key_ring); if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "NSE", "PROOFFILE", &proof)) { GNUNET_log_config_missing (GNUNET_ERROR_TYPE_ERROR, "NSE", "PROOFFILE"); - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; GNUNET_SCHEDULER_shutdown (); return; } @@ -1590,7 +1545,7 @@ run (void *cls, core_api = GNUNET_CORE_connect (cfg, /* Main configuration */ NULL, /* Closure passed to functions */ - &core_init, /* Call core_init once connected */ + NULL, /* Call core_init once connected */ &handle_core_connect, /* Handle connects */ &handle_core_disconnect, /* Handle disconnects */ core_handlers, /* Register these handlers */ diff --git a/src/service/pils/pils_api.c b/src/service/pils/pils_api.c @@ -99,7 +99,10 @@ struct GNUNET_PILS_Handle struct GNUNET_MQ_Handle *mq; /* The current peer_id */ - struct GNUNET_PeerIdentity peer_id; + struct GNUNET_PeerIdentity *peer_id; + + /* The current peer id hash */ + struct GNUNET_HashCode peer_hash; /* The hash from the last set of addresses fed to PILS. */ struct GNUNET_HashCode hash; @@ -237,7 +240,15 @@ handle_peer_id (void *cls, const struct PeerIdUpdateMessage *pid_msg) "Error parsing Hello block from PILS!\n"); return; } + + if (NULL == h->peer_id) + h->peer_id = GNUNET_new (struct GNUNET_PeerIdentity); + memcpy (&h->hash, &pid_msg->hash, sizeof (struct GNUNET_HashCode)); + memcpy (h->peer_id, GNUNET_HELLO_parser_get_id (parser), + sizeof (struct GNUNET_PeerIdentity)); + GNUNET_CRYPTO_hash (h->peer_id, sizeof (struct GNUNET_PeerIdentity), + &h->peer_hash); if (NULL != h->pid_change_cb) { @@ -450,6 +461,8 @@ GNUNET_PILS_disconnect (struct GNUNET_PILS_Handle *handle) GNUNET_CONTAINER_DLL_remove (handle->op_head, handle->op_tail, op); GNUNET_free (op); } + if (handle->peer_id) + GNUNET_free (handle->peer_id); GNUNET_free (handle); } @@ -635,6 +648,27 @@ GNUNET_PILS_sign_hello (struct GNUNET_PILS_Handle *handle, } +const struct GNUNET_PeerIdentity* +GNUNET_PILS_get_identity (const struct GNUNET_PILS_Handle *handle) +{ + GNUNET_assert (handle); + + return handle->peer_id; +} + + +const struct GNUNET_HashCode* +GNUNET_PILS_get_identity_hash (const struct GNUNET_PILS_Handle *handle) +{ + GNUNET_assert (handle); + + if (NULL == handle->peer_id) + return NULL; + + return &handle->peer_hash; +} + + void pid_change_cb (void *cls, GNUNET_UNUSED const struct GNUNET_HELLO_Parser *parser, @@ -668,6 +702,10 @@ pid_change_cb (void *cls, sizeof (key_ring->identity), &(key_ring->hash)); + + GNUNET_assert (0 == GNUNET_memcmp (GNUNET_PILS_get_identity (key_ring->pils), + &(key_ring->identity))); + if (GNUNET_YES != initialized) return; @@ -770,30 +808,6 @@ GNUNET_PILS_destroy_key_ring (struct GNUNET_PILS_KeyRing *key_ring) } -const struct GNUNET_PeerIdentity* -GNUNET_PILS_key_ring_get_identity (const struct GNUNET_PILS_KeyRing *key_ring) -{ - GNUNET_assert (key_ring); - - if (NULL == key_ring->private_key) - return NULL; - - return &(key_ring->identity); -} - - -const struct GNUNET_HashCode* -GNUNET_PILS_key_ring_get_hash (const struct GNUNET_PILS_KeyRing *key_ring) -{ - GNUNET_assert (key_ring); - - if (NULL == key_ring->private_key) - return NULL; - - return &(key_ring->hash); -} - - const struct GNUNET_CRYPTO_EddsaPrivateKey* GNUNET_PILS_key_ring_get_private_key (const struct GNUNET_PILS_KeyRing *key_ring ) diff --git a/src/service/regex/gnunet-daemon-regexprofiler.c b/src/service/regex/gnunet-daemon-regexprofiler.c @@ -46,6 +46,11 @@ static int global_ret; static const struct GNUNET_CONFIGURATION_Handle *cfg; /** + * Handle to the pils service. + */ +static struct GNUNET_PILS_Handle *pils_handle; + +/** * Handle to the statistics service. */ static struct GNUNET_STATISTICS_Handle *stats_handle; @@ -96,11 +101,6 @@ static char *rx_with_pfx; */ static unsigned int rounds = 3; -/** - * PILS key ring. - */ -static struct GNUNET_PILS_KeyRing *key_ring; - /** * Task run during shutdown. @@ -127,8 +127,11 @@ shutdown_task (void *cls) GNUNET_DHT_disconnect (dht_handle); dht_handle = NULL; } - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + if (NULL != pils_handle) + { + GNUNET_PILS_disconnect (pils_handle); + pils_handle = NULL; + } GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Daemon for %s shutting down\n", @@ -163,7 +166,7 @@ reannounce_regex (void *cls) "First time, creating regex: %s\n", regex); announce_handle = REGEX_INTERNAL_announce (dht_handle, - key_ring, + pils_handle, regex, (unsigned int) max_path_compression, @@ -256,8 +259,6 @@ run (void *cls, char *const *args GNUNET_UNUSED, cfg = cfg_; - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); - GNUNET_assert (NULL != key_ring); if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_number (cfg, "REGEXPROFILER", "MAX_PATH_COMPRESSION", @@ -316,8 +317,8 @@ run (void *cls, char *const *args GNUNET_UNUSED, GNUNET_TIME_relative_multiply (GNUNET_TIME_UNIT_MINUTES, 10); } + pils_handle = GNUNET_PILS_connect (cfg, NULL, NULL); stats_handle = GNUNET_STATISTICS_create ("regexprofiler", cfg); - dht_handle = GNUNET_DHT_connect (cfg, 1); if (NULL == dht_handle) diff --git a/src/service/regex/gnunet-service-regex.c b/src/service/regex/gnunet-service-regex.c @@ -79,9 +79,9 @@ static struct GNUNET_DHT_Handle *dht; static struct GNUNET_STATISTICS_Handle *stats; /** - * PILS key ring. + * Handle for pils service. */ -static struct GNUNET_PILS_KeyRing *key_ring; +static struct GNUNET_PILS_Handle *pils; /** @@ -92,13 +92,22 @@ static struct GNUNET_PILS_KeyRing *key_ring; static void cleanup_task (void *cls) { - GNUNET_DHT_disconnect (dht); - dht = NULL; - GNUNET_STATISTICS_destroy (stats, - GNUNET_NO); - stats = NULL; - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + if (NULL != dht) + { + GNUNET_DHT_disconnect (dht); + dht = NULL; + } + if (NULL != stats) + { + GNUNET_STATISTICS_destroy (stats, + GNUNET_NO); + stats = NULL; + } + if (NULL != pils) + { + GNUNET_PILS_disconnect (pils); + pils = NULL; + } } @@ -168,7 +177,7 @@ handle_announce (void *cls, GNUNET_STRINGS_relative_time_to_string (ce->frequency, GNUNET_NO)); ce->ah = REGEX_INTERNAL_announce (dht, - key_ring, + pils, regex, ntohs (am->compression), stats); @@ -310,8 +319,8 @@ run (void *cls, const struct GNUNET_CONFIGURATION_Handle *cfg, struct GNUNET_SERVICE_Handle *service) { - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); - if (NULL == key_ring) + pils = GNUNET_PILS_connect (cfg, NULL, NULL); + if (NULL == pils) { GNUNET_SCHEDULER_shutdown (); return; @@ -319,8 +328,8 @@ run (void *cls, dht = GNUNET_DHT_connect (cfg, 1024); if (NULL == dht) { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + GNUNET_PILS_disconnect (pils); + pils = NULL; GNUNET_SCHEDULER_shutdown (); return; } diff --git a/src/service/regex/regex_internal_dht.c b/src/service/regex/regex_internal_dht.c @@ -74,17 +74,60 @@ struct REGEX_INTERNAL_Announcement struct REGEX_INTERNAL_Automaton *dfa; /** - * Our PILS key ring. + * Our PILS service handle. */ - const struct GNUNET_PILS_KeyRing *key_ring; + struct GNUNET_PILS_Handle *pils; /** * Optional statistics handle to report usage. Can be NULL. */ struct GNUNET_STATISTICS_Handle *stats; + + /** + * Accepting block in memory during signature operation. + */ + struct RegexAcceptBlock *ab; + + /** + * Signature operation. + */ + struct GNUNET_PILS_Operation *sign; }; +static void +sign_accept_block (void *cls, + const struct GNUNET_PeerIdentity *pid, + const struct GNUNET_CRYPTO_EddsaSignature *sig) +{ + struct REGEX_INTERNAL_Announcement *h = cls; + size_t size; + + GNUNET_assert ((NULL != h->sign) && (NULL != h->ab)); + + h->sign = NULL; + + GNUNET_memcpy (&(h->ab->signature), sig, sizeof (h->ab->signature)); + size = sizeof(struct RegexAcceptBlock); + + GNUNET_STATISTICS_update (h->stats, "# regex accepting blocks stored", + 1, GNUNET_NO); + GNUNET_STATISTICS_update (h->stats, "# regex accepting block bytes stored", + sizeof(struct RegexAcceptBlock), GNUNET_NO); + (void) + GNUNET_DHT_put (h->dht, &(h->ab->key), + DHT_REPLICATION, + DHT_OPT | GNUNET_DHT_RO_RECORD_ROUTE, + GNUNET_BLOCK_TYPE_REGEX_ACCEPT, + size, + h->ab, + GNUNET_TIME_relative_to_absolute (DHT_TTL), + NULL, NULL); + GNUNET_free (h->ab); + h->ab = NULL; +} + + /** * Regex callback iterator to store own service description in the DHT. * @@ -104,15 +147,13 @@ regex_iterator (void *cls, const struct REGEX_BLOCK_Edge *edges) { const struct GNUNET_PeerIdentity *my_identity; - const struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key; struct REGEX_INTERNAL_Announcement *h = cls; struct RegexBlock *block; size_t size; unsigned int i; - my_identity = GNUNET_PILS_key_ring_get_identity (h->key_ring); - my_private_key = GNUNET_PILS_key_ring_get_private_key (h->key_ring); - if ((! my_identity) || (! my_private_key)) + my_identity = GNUNET_PILS_get_identity (h->pils); + if (NULL == my_identity) return; LOG (GNUNET_ERROR_TYPE_INFO, @@ -130,38 +171,29 @@ regex_iterator (void *cls, } if (GNUNET_YES == accepting) { - struct RegexAcceptBlock ab; + if (NULL != h->sign) + { + GNUNET_PILS_cancel (h->sign); + h->sign = NULL; + } + if (NULL != h->ab) + GNUNET_free (h->ab); + h->ab = GNUNET_new (struct RegexAcceptBlock); LOG (GNUNET_ERROR_TYPE_INFO, "State %s is accepting, putting own id\n", GNUNET_h2s (key)); - size = sizeof(struct RegexAcceptBlock); - ab.purpose.size = ntohl (sizeof(struct GNUNET_CRYPTO_SignaturePurpose) - + sizeof(struct GNUNET_TIME_AbsoluteNBO) - + sizeof(struct GNUNET_HashCode)); - ab.purpose.purpose = ntohl (GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT); - ab.expiration_time = GNUNET_TIME_absolute_hton ( + h->ab->purpose.size = ntohl (sizeof(struct GNUNET_CRYPTO_SignaturePurpose) + + sizeof(struct GNUNET_TIME_AbsoluteNBO) + + sizeof(struct GNUNET_HashCode)); + h->ab->purpose.purpose = ntohl (GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT); + h->ab->expiration_time = GNUNET_TIME_absolute_hton ( GNUNET_TIME_relative_to_absolute (GNUNET_CONSTANTS_DHT_MAX_EXPIRATION)); - ab.key = *key; - GNUNET_memcpy (&(ab.peer), my_identity, + h->ab->key = *key; + GNUNET_memcpy (&(h->ab->peer), my_identity, sizeof (*my_identity)); - GNUNET_assert (GNUNET_OK == - GNUNET_CRYPTO_eddsa_sign_ (my_private_key, - &ab.purpose, - &ab.signature)); - - GNUNET_STATISTICS_update (h->stats, "# regex accepting blocks stored", - 1, GNUNET_NO); - GNUNET_STATISTICS_update (h->stats, "# regex accepting block bytes stored", - sizeof(struct RegexAcceptBlock), GNUNET_NO); - (void) - GNUNET_DHT_put (h->dht, key, - DHT_REPLICATION, - DHT_OPT | GNUNET_DHT_RO_RECORD_ROUTE, - GNUNET_BLOCK_TYPE_REGEX_ACCEPT, - size, - &ab, - GNUNET_TIME_relative_to_absolute (DHT_TTL), - NULL, NULL); + h->sign = GNUNET_PILS_sign_by_peer_identity (h->pils, &(h->ab->purpose), + &sign_accept_block, h); + GNUNET_assert (NULL != h->sign); } block = REGEX_BLOCK_create (proof, num_edges, @@ -197,7 +229,7 @@ regex_iterator (void *cls, * Does not free resources, must call #REGEX_INTERNAL_announce_cancel() for that. * * @param dht An existing and valid DHT service handle. CANNOT be NULL. - * @param key_ring our key ring, must remain valid until the announcement is cancelled + * @param pils our pils service handle, must remain valid until the announcement is cancelled * @param regex Regular expression to announce. * @param compression How many characters per edge can we squeeze? * @param stats Optional statistics handle to report usage. Can be NULL. @@ -206,19 +238,19 @@ regex_iterator (void *cls, */ struct REGEX_INTERNAL_Announcement * REGEX_INTERNAL_announce (struct GNUNET_DHT_Handle *dht, - const struct GNUNET_PILS_KeyRing *key_ring, + struct GNUNET_PILS_Handle *pils, const char *regex, uint16_t compression, struct GNUNET_STATISTICS_Handle *stats) { struct REGEX_INTERNAL_Announcement *h; - GNUNET_assert (NULL != dht); + GNUNET_assert ((NULL != dht) && (NULL != pils)); h = GNUNET_new (struct REGEX_INTERNAL_Announcement); h->regex = regex; h->dht = dht; h->stats = stats; - h->key_ring = key_ring; + h->pils = pils; h->dfa = REGEX_INTERNAL_construct_dfa (regex, strlen (regex), compression); REGEX_INTERNAL_reannounce (h); return h; diff --git a/src/service/regex/regex_internal_lib.h b/src/service/regex/regex_internal_lib.h @@ -174,7 +174,7 @@ struct REGEX_INTERNAL_Search; * Does not free resources, must call #REGEX_INTERNAL_announce_cancel() for that. * * @param dht An existing and valid DHT service handle. CANNOT be NULL. - * @param key_ring our key ring, must remain valid until the announcement is cancelled + * @param pils our pils service handle, must remain valid until the announcement is cancelled * @param regex Regular expression to announce. * @param compression How many characters per edge can we squeeze? * @param stats Optional statistics handle to report usage. Can be NULL. @@ -183,7 +183,7 @@ struct REGEX_INTERNAL_Search; */ struct REGEX_INTERNAL_Announcement * REGEX_INTERNAL_announce (struct GNUNET_DHT_Handle *dht, - const struct GNUNET_PILS_KeyRing *key_ring, + struct GNUNET_PILS_Handle *pils, const char *regex, uint16_t compression, struct GNUNET_STATISTICS_Handle *stats); diff --git a/src/service/revocation/gnunet-service-revocation.c b/src/service/revocation/gnunet-service-revocation.c @@ -108,9 +108,9 @@ static struct GNUNET_CORE_Handle *core_api; static struct GNUNET_CONTAINER_MultiPeerMap *peers; /** - * The pils key ring. + * Handle to the pils service. */ -static struct GNUNET_PILS_KeyRing *key_ring; +static struct GNUNET_PILS_Handle *pils; /** * File handle for the revocation database. @@ -623,11 +623,11 @@ handle_core_connect (void *cls, enum GNUNET_CORE_PeerClass class) { const struct GNUNET_PeerIdentity *my_identity; - const struct GNUNET_HashCode *my_identity_hash; + struct GNUNET_HashCode my_identity_hash; struct PeerEntry *peer_entry; struct GNUNET_HashCode peer_hash; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (NULL != my_identity); if (0 == GNUNET_memcmp (peer, my_identity)) @@ -653,12 +653,13 @@ handle_core_connect (void *cls, } peer_entry = new_peer_entry (peer); peer_entry->mq = mq; - my_identity_hash = GNUNET_PILS_key_ring_get_hash (key_ring); - GNUNET_assert (NULL != my_identity_hash); + GNUNET_CRYPTO_hash (my_identity, + sizeof(*my_identity), + &my_identity_hash); GNUNET_CRYPTO_hash (peer, sizeof(*peer), &peer_hash); - if (0 < GNUNET_CRYPTO_hash_cmp (my_identity_hash, + if (0 < GNUNET_CRYPTO_hash_cmp (&my_identity_hash, &peer_hash)) { GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -689,7 +690,7 @@ handle_core_disconnect (void *cls, const struct GNUNET_PeerIdentity *my_identity; struct PeerEntry *peer_entry = internal_cls; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (NULL != my_identity); if (0 == GNUNET_memcmp (peer, my_identity)) @@ -761,10 +762,10 @@ shutdown_task (void *cls) GNUNET_CORE_disconnect (core_api); core_api = NULL; } - if (NULL != key_ring) + if (NULL != pils) { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + GNUNET_PILS_disconnect (pils); + pils = NULL; } if (NULL != stats) { @@ -798,7 +799,6 @@ static void core_init (void *cls, const struct GNUNET_PeerIdentity *identity) { - const struct GNUNET_PeerIdentity *my_identity; if (NULL == identity) { GNUNET_log (GNUNET_ERROR_TYPE_ERROR, @@ -806,8 +806,6 @@ core_init (void *cls, GNUNET_SCHEDULER_shutdown (); return; } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); - GNUNET_assert (0 == GNUNET_memcmp (identity, my_identity)); } @@ -1023,7 +1021,7 @@ run (void *cls, peers = GNUNET_CONTAINER_multipeermap_create (128, GNUNET_YES); - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); + pils = GNUNET_PILS_connect (cfg, NULL, NULL); /* Connect to core service and register core handlers */ core_api = GNUNET_CORE_connect (cfg, /* Main configuration */ NULL, /* Closure passed to functions */ diff --git a/src/service/transport/gnunet-communicator-http3.c b/src/service/transport/gnunet-communicator-http3.c @@ -80,9 +80,9 @@ static struct GNUNET_CONTAINER_MultiHashMap *addr_map; static const struct GNUNET_CONFIGURATION_Handle *cfg; /** - * PILS key ring. + * Handle to the pils service. */ -static struct GNUNET_PILS_KeyRing *key_ring; +static struct GNUNET_PILS_Handle *pils; /** * IPv6 disabled or not. @@ -2338,7 +2338,7 @@ recv_rx_key_cb (ngtcp2_conn *conn, ngtcp2_encryption_level level, { const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); stream = create_stream (connection, -1); @@ -3188,10 +3188,10 @@ do_shutdown (void *cls) GNUNET_STATISTICS_destroy (stats, GNUNET_YES); stats = NULL; } - if (NULL != key_ring) + if (NULL != pils) { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + GNUNET_PILS_disconnect (pils); + pils = NULL; } if (NULL != is) { @@ -3890,8 +3890,8 @@ run (void *cls, /** * Get our public key for initial packet */ - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); - if (NULL == key_ring) + pils = GNUNET_PILS_connect (cfg, NULL, NULL); + if (NULL == pils) { GNUNET_log ( GNUNET_ERROR_TYPE_ERROR, diff --git a/src/service/transport/gnunet-communicator-quic.c b/src/service/transport/gnunet-communicator-quic.c @@ -124,9 +124,9 @@ static uint16_t my_port; static quiche_config *config = NULL; /** - * PILS key ring. + * Handle to PILS service. */ -struct GNUNET_PILS_KeyRing *key_ring; +struct GNUNET_PILS_Handle *pils; /** * Connection to NAT service. @@ -1196,10 +1196,10 @@ do_shutdown (void *cls) GNUNET_TRANSPORT_application_done (ah); ah = NULL; } - if (NULL != key_ring) + if (NULL != pils) { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + GNUNET_PILS_disconnect (pils); + pils = NULL; } GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "do_shutdown finished\n"); @@ -1458,7 +1458,7 @@ sock_read (void *cls) GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "handshake established with peer, sending our peer id\n"); - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); send_len = quiche_conn_stream_send (peer->conn->conn, STREAMID_BI, @@ -1657,8 +1657,8 @@ run (void *cls, /** * Get our public key for initial packet */ - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); - if (NULL == key_ring) + pils = GNUNET_PILS_connect (cfg, NULL, NULL); + if (NULL == pils) { GNUNET_log ( GNUNET_ERROR_TYPE_ERROR, diff --git a/src/service/transport/gnunet-communicator-tcp.c b/src/service/transport/gnunet-communicator-tcp.c @@ -828,6 +828,11 @@ static unsigned long long max_queue_length; static struct GNUNET_PILS_KeyRing *key_ring; /** + * For PILS. + */ +static struct GNUNET_PILS_Handle *pils; + +/** * For logging statistics. */ static struct GNUNET_STATISTICS_Handle *stats; @@ -1376,7 +1381,7 @@ setup_in_cipher_elligator ( struct GNUNET_CRYPTO_HpkePrivateKey my_hpke_key; struct GNUNET_ShortHashCode k; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert ((my_identity) && (my_private_key)); @@ -1403,7 +1408,7 @@ setup_in_cipher (const struct GNUNET_CRYPTO_HpkeEncapsulation *ephemeral, const struct GNUNET_CRYPTO_EddsaPrivateKey *my_private_key; struct GNUNET_ShortHashCode k; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert ((my_identity) && (my_private_key)); @@ -1426,7 +1431,7 @@ do_rekey (struct Queue *queue, const struct TCPRekey *rekey) const struct GNUNET_PeerIdentity *my_identity; struct TcpRekeySignature thp; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); thp.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_COMMUNICATOR_TCP_REKEY); @@ -1579,7 +1584,7 @@ send_challenge (struct GNUNET_CRYPTO_ChallengeNonceP challenge, struct TCPConfirmationAck tca; struct TcpHandshakeAckSignature thas; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert ((my_identity) && (my_private_key)); @@ -1646,7 +1651,7 @@ inject_rekey (struct Queue *queue) struct TcpRekeySignature thp; struct GNUNET_ShortHashCode k; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert ((my_identity) && (my_private_key)); @@ -2001,7 +2006,7 @@ try_handle_plaintext (struct Queue *queue) return 0; } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); thas.purpose.purpose = htonl ( @@ -2778,7 +2783,7 @@ transmit_kx (struct Queue *queue, struct TcpHandshakeSignature ths; struct TCPConfirmation tc; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert ((my_identity) && (my_private_key)); @@ -2879,7 +2884,7 @@ handshake_monotime_cb (void *cls, pid = &queue->target; GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "tcp handshake with us %s\n", - GNUNET_i2s (GNUNET_PILS_key_ring_get_identity (key_ring))); + GNUNET_i2s (GNUNET_PILS_get_identity (pils))); if (NULL == record) { queue->handshake_monotime_get = NULL; @@ -2943,7 +2948,7 @@ decrypt_and_check_tc (struct Queue *queue, struct TcpHandshakeSignature ths; enum GNUNET_GenericReturnValue ret; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_assert ( @@ -3318,7 +3323,7 @@ try_connection_reversal (void *cls, struct sockaddr *in_addr; (void) cls; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -3695,6 +3700,11 @@ do_shutdown (void *cls) GNUNET_NT_scanner_done (is); is = NULL; } + if (NULL != pils) + { + GNUNET_PILS_disconnect (pils); + pils = NULL; + } if (NULL != key_ring) { GNUNET_PILS_destroy_key_ring (key_ring); @@ -4157,6 +4167,8 @@ run (void *cls, } key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); GNUNET_assert (NULL != key_ring); + pils = GNUNET_PILS_connect (cfg, NULL, NULL); + GNUNET_assert (NULL != pils); peerstore = GNUNET_PEERSTORE_connect (cfg); if (NULL == peerstore) { diff --git a/src/service/transport/gnunet-communicator-udp.c b/src/service/transport/gnunet-communicator-udp.c @@ -761,6 +761,11 @@ struct BroadcastInterface static struct GNUNET_PILS_KeyRing *key_ring; /** + * For PILS. + */ +static struct GNUNET_PILS_Handle *pils; + +/** * The rekey interval */ static struct GNUNET_TIME_Relative rekey_interval; @@ -2015,7 +2020,7 @@ verify_confirmation (const struct GNUNET_CRYPTO_HpkeEncapsulation *enc, const struct GNUNET_PeerIdentity *my_identity; struct UdpHandshakeSignature uhs; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); uhs.purpose.purpose = htonl ( @@ -2438,7 +2443,7 @@ sock_read (void *cls) struct UdpBroadcastSignature uhs; struct GNUNET_PeerIdentity sender; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); addr_verify = GNUNET_memdup (&sa, salen); @@ -2493,7 +2498,7 @@ sock_read (void *cls) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "VerifyingPeer %s is verifying UDPBroadcast\n", - GNUNET_i2s (GNUNET_PILS_key_ring_get_identity (key_ring))); + GNUNET_i2s (GNUNET_PILS_get_identity (pils))); GNUNET_log (GNUNET_ERROR_TYPE_WARNING, "Verifying UDPBroadcast from %s failed\n", GNUNET_i2s (&ub->sender)); @@ -2638,7 +2643,7 @@ send_msg_with_kx (const struct GNUNET_MessageHeader *msg, struct gcry_cipher_hd_t out_cipher; struct SharedSecret *ss; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); GNUNET_assert ((my_identity) && (my_private_key)); @@ -3227,6 +3232,11 @@ do_shutdown (void *cls) GNUNET_TRANSPORT_application_done (ah); ah = NULL; } + if (NULL != pils) + { + GNUNET_PILS_disconnect (pils); + pils = NULL; + } if (NULL != key_ring) { GNUNET_PILS_destroy_key_ring (key_ring); @@ -3469,7 +3479,7 @@ iface_proc (void *cls, (void) cls; (void) netmask; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); my_private_key = GNUNET_PILS_key_ring_get_private_key (key_ring); if ((NULL == my_identity) || (NULL == my_private_key)) @@ -3927,6 +3937,8 @@ run (void *cls, } key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); GNUNET_assert (NULL != key_ring); + pils = GNUNET_PILS_connect (cfg, NULL, NULL); + GNUNET_assert (NULL != pils); nat = GNUNET_NAT_register (cfg, COMMUNICATOR_CONFIG_SECTION, diff --git a/src/service/transport/gnunet-communicator-unix.c b/src/service/transport/gnunet-communicator-unix.c @@ -147,9 +147,9 @@ struct Queue }; /** - * PILS key ring + * PILS handle */ -static struct GNUNET_PILS_KeyRing *key_ring; +static struct GNUNET_PILS_Handle *pils; /** * ID of read task @@ -531,7 +531,7 @@ mq_send (struct GNUNET_MQ_Handle *mq, struct Queue *queue = impl_state; size_t msize = ntohs (msg->size); - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_assert (mq == queue->mq); @@ -957,10 +957,10 @@ do_shutdown (void *cls) GNUNET_TRANSPORT_communicator_disconnect (ch); ch = NULL; } - if (NULL != key_ring) + if (NULL != pils) { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; + GNUNET_PILS_disconnect (pils); + pils = NULL; } if (NULL != stats) { @@ -1015,9 +1015,9 @@ run (void *cls, (void) cls; delivering_messages = 0; - key_ring = GNUNET_PILS_create_key_ring (cfg, NULL, NULL); + pils = GNUNET_PILS_connect (cfg, NULL, NULL); - if (NULL == key_ring) + if (NULL == pils) { GNUNET_log ( GNUNET_ERROR_TYPE_ERROR, diff --git a/src/service/transport/gnunet-service-transport.c b/src/service/transport/gnunet-service-transport.c @@ -3007,11 +3007,6 @@ struct GNUNET_NAT_Handle *nh; static struct GNUNET_PEERSTORE_Handle *peerstore; /** - * PILS key ring - */ -static struct GNUNET_PILS_KeyRing *key_ring; - -/** * Service that manages our peer id */ static struct GNUNET_PILS_Handle *pils; @@ -4360,7 +4355,7 @@ handle_client_start (void *cls, const struct StartMessage *start) struct TransportClient *tc = cls; // uint32_t options; // - // my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + // my_identity = GNUNET_PILS_get_identity (pils); // GNUNET_assert (my_identity); // // FIXME ignore the check of the peer ids for now. @@ -4675,7 +4670,7 @@ handle_communicator_available ( struct TransportClient *tc = cls; uint16_t size; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); size = ntohs (cam->header.size) - sizeof(*cam); @@ -5253,7 +5248,7 @@ encapsulate_for_dv (struct DistanceVector *dv, struct GNUNET_TIME_Relative rtt; struct GNUNET_ShortHashCode km; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); key = GNUNET_new (struct DVKeyState); @@ -6210,7 +6205,7 @@ store_pi (void *cls) char *prefix; unsigned int add_success; - if (NULL == GNUNET_PILS_key_ring_get_identity (key_ring)) + if (NULL == GNUNET_PILS_get_identity (pils)) { ale->st = GNUNET_SCHEDULER_add_delayed (GNUNET_TIME_UNIT_MILLISECONDS, &store_pi, @@ -7440,7 +7435,7 @@ handle_backchannel_encapsulation ( char *sender; char *self; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_asprintf (&sender, @@ -7773,7 +7768,7 @@ learn_dv_path (const struct GNUNET_PeerIdentity *path, return GNUNET_SYSERR; } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); GNUNET_assert (0 == GNUNET_memcmp (my_identity, &path[0])); @@ -7959,7 +7954,7 @@ check_dv_learn (void *cls, const struct TransportDVLearnMessage *dvl) return GNUNET_SYSERR; } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); for (unsigned int i = 0; i < num_hops; i++) @@ -8079,7 +8074,7 @@ forward_dv_learn (const struct GNUNET_PeerIdentity *next_hop, fwd->challenge = msg->challenge; fwd->monotonic_time = msg->monotonic_time; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); dhops = (struct DVPathEntryP *) &fwd[1]; @@ -8503,7 +8498,7 @@ handle_dv_learn (void *cls, const struct TransportDVLearnMessage *dvl) } } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); /* OPTIMIZE-FIXME: asynchronously (!) verify signatures!, @@ -8749,7 +8744,7 @@ check_dv_box (void *cls, const struct TransportDVBoxMessage *dvb) return GNUNET_SYSERR; } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); /* This peer must not be on the path */ @@ -9206,7 +9201,7 @@ decaps_dv_box_cb (void *cls, const struct GNUNET_ShortHashCode *km) const struct GNUNET_PeerIdentity *my_identity; struct EphemeralConfirmationPS ec; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); ec.purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_EPHEMERAL); @@ -9296,7 +9291,7 @@ handle_dv_box (void *cls, const struct TransportDVBoxMessage *dvb) struct DecapsDvBoxCls *decaps_dv_box_cls; const struct GNUNET_PeerIdentity *my_identity; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); if (GNUNET_EXTRA_LOGGING > 0) @@ -9633,7 +9628,7 @@ handle_hello_for_incoming (void *cls, return; } hello = record->value; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); if (0 == GNUNET_memcmp (&record->peer, my_identity)) { @@ -12271,7 +12266,7 @@ sign_dv_init_cb (void *cls, struct LearnLaunchEntry *lle = sign_dv_init_cls->lle; struct QueueQualityContext qqc = sign_dv_init_cls->qqc; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); sign_dv_init_cls->pr->op = NULL; @@ -12377,7 +12372,7 @@ start_dv_learn (void *cls) &lle->challenge.value, lle, GNUNET_CONTAINER_MULTIHASHMAPOPTION_UNIQUE_ONLY)); - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); dvl.header.type = htons (GNUNET_MESSAGE_TYPE_TRANSPORT_DV_LEARN); dvl.header.size = htons (sizeof(dvl)); @@ -13149,7 +13144,7 @@ handle_hello_for_client (void *cls, emsg); return; } - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); if (NULL == my_identity) { GNUNET_log (GNUNET_ERROR_TYPE_WARNING, @@ -13233,7 +13228,7 @@ handle_suggest (void *cls, const struct ExpressPreferenceMessage *msg) GNUNET_i2s (&msg->peer), (int) ntohl (msg->pk), (int) ntohl (msg->bw.value__)); - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); if (0 == GNUNET_memcmp (my_identity, &msg->peer)) { @@ -13529,11 +13524,6 @@ do_shutdown (void *cls) GNUNET_PILS_disconnect (pils); pils = NULL; } - if (NULL != key_ring) - { - GNUNET_PILS_destroy_key_ring (key_ring); - key_ring = NULL; - } if (NULL != peerstore) { GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, @@ -13638,7 +13628,7 @@ pils_pid_change_cb (void *cls, struct GNUNET_HELLO_Builder *nbuilder; struct GNUNET_PeerIdentity npid; - my_identity = GNUNET_PILS_key_ring_get_identity (key_ring); + my_identity = GNUNET_PILS_get_identity (pils); GNUNET_assert (my_identity); if (NULL == GST_my_hello) @@ -13728,13 +13718,6 @@ run (void *cls, GST_my_hello = GNUNET_HELLO_builder_new (); GST_stats = GNUNET_STATISTICS_create ("transport", GST_cfg); GNUNET_SCHEDULER_add_shutdown (&shutdown_task, NULL); - key_ring = GNUNET_PILS_create_key_ring (GST_cfg, NULL, NULL); - if (NULL == key_ring) - { - GNUNET_break (0); - GNUNET_SCHEDULER_shutdown (); - return; - } peerstore = GNUNET_PEERSTORE_connect (GST_cfg); nh = GNUNET_NAT_register (GST_cfg, "transport",