diff options
author | Dimitri Staessens <[email protected]> | 2020-02-24 22:30:22 +0100 |
---|---|---|
committer | Sander Vrijders <[email protected]> | 2020-02-25 08:21:09 +0100 |
commit | fe6b60909d455abdac7885ceaba1097749e7aeb1 (patch) | |
tree | ffd3f3c6a2f15a1af5b393d8a5c068304b29a636 /src/ipcpd/local/main.c | |
parent | 11fbe2f998a39ca156e2c806fd78f2af781836a4 (diff) | |
download | ouroboros-fe6b60909d455abdac7885ceaba1097749e7aeb1.tar.gz ouroboros-fe6b60909d455abdac7885ceaba1097749e7aeb1.zip |
lib, ipcpd: piggyback ECDHE on flow allocation
The initial implementation for the ECDHE key exchange was doing the
key exchange after a flow was established. The public keys are now
sent allowg on the flow allocation messages, so that an encrypted
tunnel can be created within 1 RTT. The flow allocation steps had to
be extended to pass the opaque data ('piggybacking').
Signed-off-by: Dimitri Staessens <[email protected]>
Signed-off-by: Sander Vrijders <[email protected]>
Diffstat (limited to 'src/ipcpd/local/main.c')
-rw-r--r-- | src/ipcpd/local/main.c | 15 |
1 files changed, 9 insertions, 6 deletions
diff --git a/src/ipcpd/local/main.c b/src/ipcpd/local/main.c index 009a3fde..a2e20017 100644 --- a/src/ipcpd/local/main.c +++ b/src/ipcpd/local/main.c @@ -186,14 +186,15 @@ static int ipcp_local_query(const uint8_t * hash) static int ipcp_local_flow_alloc(int fd, const uint8_t * dst, - qosspec_t qs) + qosspec_t qs, + const void * data, + size_t len) { struct timespec ts = {0, ALLOC_TIMEOUT * MILLION}; struct timespec abstime; int out_fd = -1; log_dbg("Allocating flow to " HASH_FMT " on fd %d.", HASH_VAL(dst), fd); - assert(dst); clock_gettime(PTHREAD_COND_CLOCK, &abstime); @@ -215,7 +216,7 @@ static int ipcp_local_flow_alloc(int fd, assert(ipcpi.alloc_id == -1); - out_fd = ipcp_flow_req_arr(dst, ipcp_dir_hash_len(), qs); + out_fd = ipcp_flow_req_arr(dst, ipcp_dir_hash_len(), qs, data, len); if (out_fd < 0) { pthread_mutex_unlock(&ipcpi.alloc_lock); log_dbg("Flow allocation failed: %d", out_fd); @@ -241,8 +242,10 @@ static int ipcp_local_flow_alloc(int fd, return 0; } -static int ipcp_local_flow_alloc_resp(int fd, - int response) +static int ipcp_local_flow_alloc_resp(int fd, + int response, + const void * data, + size_t len) { struct timespec ts = {0, ALLOC_TIMEOUT * MILLION}; struct timespec abstime; @@ -290,7 +293,7 @@ static int ipcp_local_flow_alloc_resp(int fd, fset_add(local_data.flows, fd); - if ((ret = ipcp_flow_alloc_reply(out_fd, response)) < 0) + if ((ret = ipcp_flow_alloc_reply(out_fd, response, data, len)) < 0) return -1; log_info("Flow allocation completed, fds (%d, %d).", out_fd, fd); |