/** * Function called to validate a reply or a request. For * request evaluation, simply pass "NULL" for the reply_block. * * @param cls closure * @param type block type * @param query original query (hash) * @param bf pointer to bloom filter associated with query; possibly updated (!) * @param bf_mutator mutation value for bf * @param xquery extrended query data (can be NULL, depending on type) * @param xquery_size number of bytes in xquery * @param reply_block response to validate * @param reply_block_size number of bytes in reply block * @return characterization of result */ static enum GNUNET_BLOCK_EvaluationResult block_plugin_template_evaluate (void *cls, enum GNUNET_BLOCK_Type type, const struct GNUNET_HashCode * query, struct GNUNET_CONTAINER_BloomFilter **bf, int32_t bf_mutator, const void *xquery, size_t xquery_size, const void *reply_block, size_t reply_block_size) { struct GNUNET_HashCode chash; struct GNUNET_HashCode mhash; /* FIXME: check validity first... */ /* mandatory duplicate-detection code... */ if (NULL != bf) { GNUNET_CRYPTO_hash (reply_block, reply_block_size, &chash); GNUNET_BLOCK_mingle_hash (&chash, bf_mutator, &mhash); if (NULL != *bf) { if (GNUNET_YES == GNUNET_CONTAINER_bloomfilter_test (*bf, &mhash)) return GNUNET_BLOCK_EVALUATION_OK_DUPLICATE; } else { *bf = GNUNET_CONTAINER_bloomfilter_init (NULL, 8, 64 /* BLOOMFILTER_K */); } GNUNET_CONTAINER_bloomfilter_add (*bf, &mhash); } /* FIXME: other stuff here... */ return GNUNET_BLOCK_EVALUATION_TYPE_NOT_SUPPORTED; }
/** * Function called to validate a reply or a request of type * #GNUNET_BLOCK_TYPE_REGEX. * For request evaluation, pass "NULL" for the reply_block. * Note that it is assumed that the reply has already been * matched to the key (and signatures checked) as it would * be done with the #GNUNET_BLOCK_get_key() function. * * @param cls closure * @param type block type * @param eo control flags * @param query original query (hash) * @param bf pointer to bloom filter associated with query; possibly updated (!) * @param bf_mutator mutation value for bf * @param xquery extrended query data (can be NULL, depending on type) * @param xquery_size number of bytes in @a xquery * @param reply_block response to validate * @param reply_block_size number of bytes in @a reply_block * @return characterization of result */ static enum GNUNET_BLOCK_EvaluationResult evaluate_block_regex (void *cls, enum GNUNET_BLOCK_Type type, enum GNUNET_BLOCK_EvaluationOptions eo, const struct GNUNET_HashCode *query, struct GNUNET_CONTAINER_BloomFilter **bf, int32_t bf_mutator, const void *xquery, size_t xquery_size, const void *reply_block, size_t reply_block_size) { if (NULL == reply_block) { if (0 != xquery_size) { const char *s; s = (const char *) xquery; if ('\0' != s[xquery_size - 1]) /* must be valid 0-terminated string */ { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_REQUEST_INVALID; } } return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; } if (0 != xquery_size) { const char *s; s = (const char *) xquery; if ('\0' != s[xquery_size - 1]) /* must be valid 0-terminated string */ { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_REQUEST_INVALID; } } else if (NULL != query) { /* xquery is required for regex GETs, at least an empty string */ GNUNET_break_op (0); GNUNET_log (GNUNET_ERROR_TYPE_ERROR, "type %d, query %p, xquery %p\n", type, query, xquery); return GNUNET_BLOCK_EVALUATION_REQUEST_INVALID; } switch (REGEX_BLOCK_check (reply_block, reply_block_size, query, xquery)) { case GNUNET_SYSERR: GNUNET_break_op(0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; case GNUNET_NO: /* xquery missmatch, can happen */ return GNUNET_BLOCK_EVALUATION_RESULT_IRRELEVANT; default: break; } if (NULL != bf) { struct GNUNET_HashCode chash; struct GNUNET_HashCode mhash; GNUNET_CRYPTO_hash (reply_block, reply_block_size, &chash); GNUNET_BLOCK_mingle_hash (&chash, bf_mutator, &mhash); if (NULL != *bf) { if (GNUNET_YES == GNUNET_CONTAINER_bloomfilter_test (*bf, &mhash)) return GNUNET_BLOCK_EVALUATION_OK_DUPLICATE; } else { *bf = GNUNET_CONTAINER_bloomfilter_init (NULL, 8, GNUNET_CONSTANTS_BLOOMFILTER_K); } GNUNET_CONTAINER_bloomfilter_add (*bf, &mhash); } return GNUNET_BLOCK_EVALUATION_OK_MORE; }
/** * Function called to validate a reply or a request of type * #GNUNET_BLOCK_TYPE_REGEX_ACCEPT. * For request evaluation, pass "NULL" for the reply_block. * Note that it is assumed that the reply has already been * matched to the key (and signatures checked) as it would * be done with the #GNUNET_BLOCK_get_key() function. * * @param cls closure * @param type block type * @param eo control flags * @param query original query (hash) * @param bf pointer to bloom filter associated with query; possibly updated (!) * @param bf_mutator mutation value for bf * @param xquery extrended query data (can be NULL, depending on type) * @param xquery_size number of bytes in @a xquery * @param reply_block response to validate * @param reply_block_size number of bytes in @a reply_block * @return characterization of result */ static enum GNUNET_BLOCK_EvaluationResult evaluate_block_regex_accept (void *cls, enum GNUNET_BLOCK_Type type, enum GNUNET_BLOCK_EvaluationOptions eo, const struct GNUNET_HashCode * query, struct GNUNET_CONTAINER_BloomFilter **bf, int32_t bf_mutator, const void *xquery, size_t xquery_size, const void *reply_block, size_t reply_block_size) { const struct RegexAcceptBlock *rba; if (0 != xquery_size) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_REQUEST_INVALID; } if (NULL == reply_block) return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; if (sizeof (struct RegexAcceptBlock) != reply_block_size) { GNUNET_break_op(0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } rba = reply_block; if (ntohl (rba->purpose.size) != sizeof (struct GNUNET_CRYPTO_EccSignaturePurpose) + sizeof (struct GNUNET_TIME_AbsoluteNBO) + sizeof (struct GNUNET_HashCode)) { GNUNET_break_op(0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } if (0 == GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_ntoh (rba->expiration_time)).rel_value_us) { /* technically invalid, but can happen without an error, so we're nice by reporting it as a 'duplicate' */ return GNUNET_BLOCK_EVALUATION_OK_DUPLICATE; } if (GNUNET_OK != GNUNET_CRYPTO_eddsa_verify (GNUNET_SIGNATURE_PURPOSE_REGEX_ACCEPT, &rba->purpose, &rba->signature, &rba->peer.public_key)) { GNUNET_break_op(0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } if (NULL != bf) { struct GNUNET_HashCode chash; struct GNUNET_HashCode mhash; GNUNET_CRYPTO_hash (reply_block, reply_block_size, &chash); GNUNET_BLOCK_mingle_hash (&chash, bf_mutator, &mhash); if (NULL != *bf) { if (GNUNET_YES == GNUNET_CONTAINER_bloomfilter_test (*bf, &mhash)) return GNUNET_BLOCK_EVALUATION_OK_DUPLICATE; } else { *bf = GNUNET_CONTAINER_bloomfilter_init (NULL, 8, GNUNET_CONSTANTS_BLOOMFILTER_K); } GNUNET_CONTAINER_bloomfilter_add (*bf, &mhash); } return GNUNET_BLOCK_EVALUATION_OK_MORE; }
/** * Function called to validate a reply or a request. For * request evaluation, simply pass "NULL" for the @a reply_block. * * @param cls closure * @param type block type * @param eo control flags * @param query original query (hash) * @param bf pointer to bloom filter associated with query; possibly updated (!) * @param bf_mutator mutation value for @a bf * @param xquery extended query data (can be NULL, depending on type) * @param xquery_size number of bytes in @a xquery * @param reply_block response to validate * @param reply_block_size number of bytes in @a reply_block * @return characterization of result */ static enum GNUNET_BLOCK_EvaluationResult block_plugin_dht_evaluate (void *cls, enum GNUNET_BLOCK_Type type, enum GNUNET_BLOCK_EvaluationOptions eo, const struct GNUNET_HashCode *query, struct GNUNET_CONTAINER_BloomFilter **bf, int32_t bf_mutator, const void *xquery, size_t xquery_size, const void *reply_block, size_t reply_block_size) { struct GNUNET_HashCode mhash; const struct GNUNET_HELLO_Message *hello; struct GNUNET_PeerIdentity pid; const struct GNUNET_MessageHeader *msg; struct GNUNET_HashCode phash; if (type != GNUNET_BLOCK_TYPE_DHT_HELLO) return GNUNET_BLOCK_EVALUATION_TYPE_NOT_SUPPORTED; if (xquery_size != 0) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_REQUEST_INVALID; } if (NULL == reply_block) return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; if (reply_block_size < sizeof (struct GNUNET_MessageHeader)) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } msg = reply_block; if (reply_block_size != ntohs (msg->size)) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } hello = reply_block; if (GNUNET_OK != GNUNET_HELLO_get_id (hello, &pid)) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } if (NULL != bf) { GNUNET_CRYPTO_hash (&pid, sizeof (pid), &phash); GNUNET_BLOCK_mingle_hash (&phash, bf_mutator, &mhash); if (NULL != *bf) { if (GNUNET_YES == GNUNET_CONTAINER_bloomfilter_test (*bf, &mhash)) return GNUNET_BLOCK_EVALUATION_OK_DUPLICATE; } else { *bf = GNUNET_CONTAINER_bloomfilter_init (NULL, 8, GNUNET_CONSTANTS_BLOOMFILTER_K); } GNUNET_CONTAINER_bloomfilter_add (*bf, &mhash); } return GNUNET_BLOCK_EVALUATION_OK_MORE; }
/** * Function called to validate a reply or a request. For * request evaluation, simply pass "NULL" for the reply_block. * Note that it is assumed that the reply has already been * matched to the key (and signatures checked) as it would * be done with the "get_key" function. * * @param cls closure * @param type block type * @param query original query (hash) * @param bf pointer to bloom filter associated with @a query; possibly updated (!) * @param bf_mutator mutation value for @a bf * @param xquery extrended query data (can be NULL, depending on @a type) * @param xquery_size number of bytes in @a xquery * @param reply_block response to validate * @param reply_block_size number of bytes in @a reply_block * @return characterization of result */ static enum GNUNET_BLOCK_EvaluationResult block_plugin_gns_evaluate (void *cls, enum GNUNET_BLOCK_Type type, const struct GNUNET_HashCode *query, struct GNUNET_CONTAINER_BloomFilter **bf, int32_t bf_mutator, const void *xquery, size_t xquery_size, const void *reply_block, size_t reply_block_size) { const struct GNUNET_GNSRECORD_Block *block; struct GNUNET_HashCode h; struct GNUNET_HashCode chash; struct GNUNET_HashCode mhash; if (type != GNUNET_BLOCK_TYPE_GNS_NAMERECORD) return GNUNET_BLOCK_EVALUATION_TYPE_NOT_SUPPORTED; if (NULL == reply_block) { if (0 != xquery_size) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_REQUEST_INVALID; } return GNUNET_BLOCK_EVALUATION_REQUEST_VALID; } /* this is a reply */ if (reply_block_size < sizeof (struct GNUNET_GNSRECORD_Block)) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } block = reply_block; if (ntohl (block->purpose.size) + sizeof (struct GNUNET_CRYPTO_EcdsaSignature) + sizeof (struct GNUNET_CRYPTO_EcdsaPublicKey) != reply_block_size) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } GNUNET_CRYPTO_hash (&block->derived_key, sizeof (block->derived_key), &h); if (0 != memcmp (&h, query, sizeof (struct GNUNET_HashCode))) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } if (GNUNET_OK != GNUNET_GNSRECORD_block_verify (block)) { GNUNET_break_op (0); return GNUNET_BLOCK_EVALUATION_RESULT_INVALID; } if (NULL != bf) { GNUNET_CRYPTO_hash (reply_block, reply_block_size, &chash); GNUNET_BLOCK_mingle_hash (&chash, bf_mutator, &mhash); if (NULL != *bf) { if (GNUNET_YES == GNUNET_CONTAINER_bloomfilter_test(*bf, &mhash)) return GNUNET_BLOCK_EVALUATION_OK_DUPLICATE; } else { *bf = GNUNET_CONTAINER_bloomfilter_init(NULL, 8, BLOOMFILTER_K); } GNUNET_CONTAINER_bloomfilter_add(*bf, &mhash); } return GNUNET_BLOCK_EVALUATION_OK_MORE; }