int txop_contract_confirm(shpeer_t *peer, tx_contract_t *contract)
{
shtime_t now;
shkey_t *key;
int sig_ok;
if (0 != strcmp(contract->con_cur, COIN_USDE) &&
0 != strcmp(contract->con_cur, COIN_GMC) &&
0 != strcmp(contract->con_cur, COIN_SYS))
return (SHERR_INVAL);
now = shtime();
if (shtime_before(shtime(), contract->con_birth) ||
shtime_before(shtime(), contract->con_stamp) ||
shtime_after(contract->con_birth, contract->con_stamp))
return (SHERR_TIME);
key = shkey_hexgen(contract->con_key + 8);
if (!key)
return (SHERR_NOKEY);
sig_ok = shkey_cmp(key, &contract->con_sig);
shkey_free(&key);
if (!sig_ok)
return (SHERR_KEYREJECTED);
return (0);
}
int shcert_verify(shcert_t *cert, shcert_t *parent)
{
shtime_t now;
int err;
if (!(cert->cert_flag & SHCERT_CERT_CHAIN)) {
/* initial (CA) chain entity */
if (parent)
return (SHERR_INVAL);
return (0);
}
/* supplemental chain entity */
if (!parent)
return (SHERR_INVAL);
/* The Issuer of each certificate (except the last one) matches the Subject of the next (parent) certificate in the list. */
if (0 != strcasecmp(cert->cert_iss.ent_name,
parent->cert_sub.ent_name)) {
return (SHERR_ACCESS);
}
now = shtime();
if (!shtime_after(now, shcert_sub_stamp(cert))) {
return (SHERR_ACCESS);
}
if (!shtime_before(now, shcert_sub_expire(cert))) {
return (SHERR_KEYEXPIRED);
}
/* The signature of one certificate can be verified using the public key contained in the following certificate. */
err = shcert_sign_verify(cert, parent);
if (err)
return (err);
return (0);
}
int sharedaemon_bcast_recv(void)
{
struct sockaddr_in addr;
socklen_t addr_len;
struct timeval to;
fd_set read_set;
shpeer_t *peer;
char dgram[512];
ssize_t r_len;
int err;
err = bcast_recv_init();
if (err) {
return (err);
}
FD_ZERO(&read_set);
FD_SET(_bcast_recv_fd, &read_set);
/* nonblocking read */
memset(&to, 0, sizeof(to));
err = select(_bcast_recv_fd+1, &read_set, NULL, NULL, &to);
if (err < 0) {
return (-errno);
}
if (err == 0) {
//fprintf(stderr, "\rWaiting for select(_bcast_recv_fd)..");
//fflush(stderr);
return (0); /* nothing to read */
}
addr_len = sizeof(addr);
memset(&addr, 0, addr_len);
r_len = recvfrom(_bcast_recv_fd,
dgram, sizeof dgram, 0, &addr, &addr_len);
if (r_len < 0) {
fprintf(stderr, "DEBUG: %d = recvfrom()\n", r_len);
return (-errno);
}
/* and who are you? */
if (r_len < sizeof(shpeer_t)) {
fprintf(stderr, "DEBUG: <%d bytes> pending..\n", r_len);
return (SHERR_INVAL);
}
#if 0
now = shtime();
tx = (tx_t *)dgram;
if (shtime_after(tx->tx_stamp, now) ||
shtime_before(tx->tx_stamp, shtime_adj(now, -BROADCAST_TIMEOUT))) {
/* broadcast message must indicate sane time-frame. */
return (SHERR_TIME);
}
switch (tx->tx_op) {
case TX_PEER:
peer_tx = (tx_peer_t *)dgram;
if (0 != shkey_cmp(&tx->tx_peer, shpeer_kpriv(&peer_tx->peer)))
return (SHERR_INVAL); /* only accept self-referencing broadcast */
}
#endif
/* share-daemon broadcasting it's peer address. */
peer = (shpeer_t *)dgram;
if (!shkey_cmp(shpeer_kpub(sharedaemon_peer()), shpeer_kpub(peer))) {
/* this is not a shared peer */
return (0); /* all done */
}
if (!shkey_cmp(shpeer_kpub(sharedaemon_peer()), shpeer_kpub(peer))) {
fprintf(stderr, "DEBUG: invalid key\n");
/* this is a peer referencing ourselves. */
//err = sharedaemon_netclient_alias(&addr);
}
switch (peer->type) {
case SHNET_PEER_LOCAL:
case SHNET_PEER_IPV4:
/*
memset(&addr, '\000', sizeof(struct sockaddr_in));
memcpy(&addr, &peer_tx->peer.addr, sizeof(peer_tx->peer.addr));
*/
fprintf(stderr, "DEBUG: received UDP broadcast with peer \"%s\"\n", shpeer_print(peer));
fprintf(stderr, "DEBUG: received UDP broadcast for \"%s\" port %d\n", inet_ntoa(addr.sin_addr), ntohs(addr.sin_port));
if (!peer->addr.sin_port)
break; /* otay */
addr.sin_family = AF_INET;
err = sharedaemon_netclient_conn(peer, &addr);
if (err)
return (err);
break;
}
fprintf(stderr, "DEBUG: processed bcast recv\n");
return (0);
}
