diff options
| author | Dimitri Staessens <dimitri@ouroboros.rocks> | 2020-02-24 22:30:22 +0100 |
|---|---|---|
| committer | Sander Vrijders <sander@ouroboros.rocks> | 2020-02-25 08:21:09 +0100 |
| commit | fe6b60909d455abdac7885ceaba1097749e7aeb1 (patch) | |
| tree | ffd3f3c6a2f15a1af5b393d8a5c068304b29a636 /src/irmd/ipcp.c | |
| parent | 11fbe2f998a39ca156e2c806fd78f2af781836a4 (diff) | |
| download | ouroboros-fe6b60909d455abdac7885ceaba1097749e7aeb1.tar.gz ouroboros-fe6b60909d455abdac7885ceaba1097749e7aeb1.zip | |
lib, ipcpd: piggyback ECDHE on flow allocation
The initial implementation for the ECDHE key exchange was doing the
key exchange after a flow was established. The public keys are now
sent allowg on the flow allocation messages, so that an encrypted
tunnel can be created within 1 RTT. The flow allocation steps had to
be extended to pass the opaque data ('piggybacking').
Signed-off-by: Dimitri Staessens <dimitri@ouroboros.rocks>
Signed-off-by: Sander Vrijders <sander@ouroboros.rocks>
Diffstat (limited to 'src/irmd/ipcp.c')
| -rw-r--r-- | src/irmd/ipcp.c | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/src/irmd/ipcp.c b/src/irmd/ipcp.c index 85698ec1..78408185 100644 --- a/src/irmd/ipcp.c +++ b/src/irmd/ipcp.c @@ -441,7 +441,9 @@ static int __ipcp_flow_alloc(pid_t pid, const uint8_t * dst, size_t len, qosspec_t qs, - bool join) + bool join, + const void * data, + size_t dlen) { ipcp_msg_t msg = IPCP_MSG__INIT; qosspec_msg_t qs_msg; @@ -450,10 +452,8 @@ static int __ipcp_flow_alloc(pid_t pid, assert(dst); - if (join) - msg.code = IPCP_MSG_CODE__IPCP_FLOW_JOIN; - else - msg.code = IPCP_MSG_CODE__IPCP_FLOW_ALLOC; + msg.code = join ? IPCP_MSG_CODE__IPCP_FLOW_JOIN + : IPCP_MSG_CODE__IPCP_FLOW_ALLOC; msg.has_flow_id = true; msg.flow_id = flow_id; msg.has_pid = true; @@ -463,6 +463,9 @@ static int __ipcp_flow_alloc(pid_t pid, msg.hash.data = (uint8_t *) dst; qs_msg = spec_to_msg(&qs); msg.qosspec = &qs_msg; + msg.has_pk = true; + msg.pk.data = (uint8_t *) data; + msg.pk.len = (uint32_t) dlen; recv_msg = send_recv_ipcp_msg(pid, &msg); if (recv_msg == NULL) @@ -484,9 +487,12 @@ int ipcp_flow_alloc(pid_t pid, pid_t n_pid, const uint8_t * dst, size_t len, - qosspec_t qs) + qosspec_t qs, + const void * data, + size_t dlen) { - return __ipcp_flow_alloc(pid, flow_id, n_pid, dst, len, qs, false); + return __ipcp_flow_alloc(pid, flow_id, n_pid, dst, len, qs, false, + data, dlen); } int ipcp_flow_join(pid_t pid, @@ -496,13 +502,16 @@ int ipcp_flow_join(pid_t pid, size_t len, qosspec_t qs) { - return __ipcp_flow_alloc(pid, flow_id, n_pid, dst, len, qs, true); + return __ipcp_flow_alloc(pid, flow_id, n_pid, dst, len, qs, true, + NULL, 0); } -int ipcp_flow_alloc_resp(pid_t pid, - int flow_id, - pid_t n_pid, - int response) +int ipcp_flow_alloc_resp(pid_t pid, + int flow_id, + pid_t n_pid, + int response, + const void * data, + size_t len) { ipcp_msg_t msg = IPCP_MSG__INIT; ipcp_msg_t * recv_msg = NULL; @@ -515,6 +524,9 @@ int ipcp_flow_alloc_resp(pid_t pid, msg.pid = n_pid; msg.has_response = true; msg.response = response; + msg.has_pk = true; + msg.pk.data = (uint8_t *) data; + msg.pk.len = (uint32_t) len; recv_msg = send_recv_ipcp_msg(pid, &msg); if (recv_msg == NULL) |