diff options
author | irungentoo <irungentoo@gmail.com> | 2014-01-09 19:54:42 -0500 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2014-01-09 19:54:42 -0500 |
commit | ea7d1a726d2145d11c210c217370c766cc6179e9 (patch) | |
tree | fae9fdf80ded77b16874e297f0a14ea1b1adaa43 | |
parent | 0fd8e49c386e357487ab9d68f2a9aa1d8a2356e0 (diff) |
Putting the sendback outside the encrypted part of the response.
It's more useful this way.
-rw-r--r-- | auto_tests/onion_test.c | 12 | ||||
-rw-r--r-- | docs/Prevent_Tracking.txt | 4 | ||||
-rw-r--r-- | toxcore/onion_announce.c | 23 |
3 files changed, 20 insertions, 19 deletions
diff --git a/auto_tests/onion_test.c b/auto_tests/onion_test.c index 234e8aa5..1f175134 100644 --- a/auto_tests/onion_test.c +++ b/auto_tests/onion_test.c | |||
@@ -77,18 +77,20 @@ static int handle_test_3(void *object, IP_Port source, uint8_t *packet, uint32_t | |||
77 | crypto_box_MACBYTES)) | 77 | crypto_box_MACBYTES)) |
78 | return 1; | 78 | return 1; |
79 | 79 | ||
80 | uint8_t plain[ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_hash_sha256_BYTES]; | 80 | uint8_t plain[crypto_hash_sha256_BYTES]; |
81 | //print_client_id(packet, length); | 81 | //print_client_id(packet, length); |
82 | int len = decrypt_data(test_3_pub_key, onion->dht->c->self_secret_key, packet + 1, packet + 1 + crypto_box_NONCEBYTES, | 82 | int len = decrypt_data(test_3_pub_key, onion->dht->c->self_secret_key, packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, |
83 | ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_hash_sha256_BYTES + crypto_box_MACBYTES, plain); | 83 | packet + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES, |
84 | crypto_hash_sha256_BYTES + crypto_box_MACBYTES, plain); | ||
84 | 85 | ||
85 | if (len == -1) | 86 | if (len == -1) |
86 | return 1; | 87 | return 1; |
87 | 88 | ||
88 | if (memcmp(plain, sb_data, ONION_ANNOUNCE_SENDBACK_DATA_LENGTH) != 0) | 89 | |
90 | if (memcmp(packet + 1, sb_data, ONION_ANNOUNCE_SENDBACK_DATA_LENGTH) != 0) | ||
89 | return 1; | 91 | return 1; |
90 | 92 | ||
91 | memcpy(test_3_ping_id, plain + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, crypto_hash_sha256_BYTES); | 93 | memcpy(test_3_ping_id, plain, crypto_hash_sha256_BYTES); |
92 | //print_client_id(test_3_ping_id, sizeof(test_3_ping_id)); | 94 | //print_client_id(test_3_ping_id, sizeof(test_3_ping_id)); |
93 | handled_test_3 = 1; | 95 | handled_test_3 = 1; |
94 | return 0; | 96 | return 0; |
diff --git a/docs/Prevent_Tracking.txt b/docs/Prevent_Tracking.txt index 46d05ce8..b44c4cf7 100644 --- a/docs/Prevent_Tracking.txt +++ b/docs/Prevent_Tracking.txt | |||
@@ -110,8 +110,8 @@ encrypted with that temporary private key and the nonce and the real public key | |||
110 | 110 | ||
111 | Data sent to us: | 111 | Data sent to us: |
112 | announce response packet: | 112 | announce response packet: |
113 | [uint8_t packet id (132)][nonce] | 113 | [uint8_t packet id (132)][data to send back in response(fixed size)][nonce] |
114 | encrypted with the DHT private key of Node D, the public key in the request and the nonce:[[data to send back in response(fixed size)][(32 bytes) ping_id][Node_Format * (maximum of 8)]] | 114 | encrypted with the DHT private key of Node D, the public key in the request and the nonce:[[(32 bytes) ping_id][Node_Format * (maximum of 8)]] |
115 | (if the ping id is zero, it means the information to reach the client id we are searching for is stored on this node) | 115 | (if the ping id is zero, it means the information to reach the client id we are searching for is stored on this node) |
116 | 116 | ||
117 | data to route response packet: | 117 | data to route response packet: |
diff --git a/toxcore/onion_announce.c b/toxcore/onion_announce.c index 44b82da8..fed3e798 100644 --- a/toxcore/onion_announce.c +++ b/toxcore/onion_announce.c | |||
@@ -31,7 +31,7 @@ | |||
31 | 31 | ||
32 | #define ANNOUNCE_REQUEST_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_MACBYTES) | 32 | #define ANNOUNCE_REQUEST_SIZE (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_MACBYTES) |
33 | #define ANNOUNCE_REQUEST_SIZE_RECV (ANNOUNCE_REQUEST_SIZE + ONION_RETURN_3) | 33 | #define ANNOUNCE_REQUEST_SIZE_RECV (ANNOUNCE_REQUEST_SIZE + ONION_RETURN_3) |
34 | #define ANNOUNCE_RESPONSE_MIN_SIZE (1 + crypto_box_NONCEBYTES + ONION_PING_ID_SIZE + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_MACBYTES) | 34 | #define ANNOUNCE_RESPONSE_MIN_SIZE (1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + ONION_PING_ID_SIZE + crypto_box_MACBYTES) |
35 | #define ANNOUNCE_RESPONSE_MAX_SIZE (ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES) | 35 | #define ANNOUNCE_RESPONSE_MAX_SIZE (ANNOUNCE_RESPONSE_MIN_SIZE + sizeof(Node_format)*MAX_SENT_NODES) |
36 | 36 | ||
37 | #define DATA_REQUEST_MIN_SIZE (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) | 37 | #define DATA_REQUEST_MIN_SIZE (1 + crypto_box_PUBLICKEYBYTES + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + crypto_box_MACBYTES) |
@@ -242,29 +242,28 @@ static int handle_announce_request(void *object, IP_Port source, uint8_t *packet | |||
242 | uint8_t nonce[crypto_box_NONCEBYTES]; | 242 | uint8_t nonce[crypto_box_NONCEBYTES]; |
243 | new_nonce(nonce); | 243 | new_nonce(nonce); |
244 | 244 | ||
245 | uint8_t pl[ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + ONION_PING_ID_SIZE + sizeof(nodes_list)] = {0}; | 245 | uint8_t pl[ONION_PING_ID_SIZE + sizeof(nodes_list)] = {0}; |
246 | |||
246 | 247 | ||
247 | memcpy(pl, plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES, ONION_ANNOUNCE_SENDBACK_DATA_LENGTH); | ||
248 | 248 | ||
249 | if (!stored) { | 249 | if (!stored) { |
250 | memcpy(pl + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, ping_id2, ONION_PING_ID_SIZE); | 250 | memcpy(pl, ping_id2, ONION_PING_ID_SIZE); |
251 | } | 251 | } |
252 | 252 | ||
253 | memcpy(pl + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + ONION_PING_ID_SIZE, nodes_list, num_nodes * sizeof(Node_format)); | 253 | memcpy(pl + ONION_PING_ID_SIZE, nodes_list, num_nodes * sizeof(Node_format)); |
254 | 254 | ||
255 | uint8_t data[ANNOUNCE_RESPONSE_MAX_SIZE]; | 255 | uint8_t data[ANNOUNCE_RESPONSE_MAX_SIZE]; |
256 | len = encrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion_a->dht->self_secret_key, nonce, pl, | 256 | len = encrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion_a->dht->self_secret_key, nonce, pl, ONION_PING_ID_SIZE + num_nodes * sizeof(Node_format), data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES); |
257 | ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + ONION_PING_ID_SIZE + num_nodes * sizeof(Node_format), | ||
258 | data + 1 + crypto_box_NONCEBYTES); | ||
259 | 257 | ||
260 | if ((uint32_t)len != ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + ONION_PING_ID_SIZE + num_nodes * sizeof( | 258 | if ((uint32_t)len != ONION_PING_ID_SIZE + num_nodes * sizeof(Node_format) + crypto_box_MACBYTES) |
261 | Node_format) + crypto_box_MACBYTES) | ||
262 | return 1; | 259 | return 1; |
263 | 260 | ||
264 | data[0] = NET_PACKET_ANNOUNCE_RESPONSE; | 261 | data[0] = NET_PACKET_ANNOUNCE_RESPONSE; |
265 | memcpy(data + 1, nonce, crypto_box_NONCEBYTES); | 262 | memcpy(data + 1, plain + ONION_PING_ID_SIZE + crypto_box_PUBLICKEYBYTES, ONION_ANNOUNCE_SENDBACK_DATA_LENGTH); |
263 | memcpy(data + 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH, nonce, crypto_box_NONCEBYTES); | ||
266 | 264 | ||
267 | if (send_onion_response(onion_a->net, source, data, 1 + crypto_box_NONCEBYTES + len, | 265 | if (send_onion_response(onion_a->net, source, data, |
266 | 1 + ONION_ANNOUNCE_SENDBACK_DATA_LENGTH + crypto_box_NONCEBYTES + len, | ||
268 | packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) | 267 | packet + (ANNOUNCE_REQUEST_SIZE_RECV - ONION_RETURN_3)) == -1) |
269 | return 1; | 268 | return 1; |
270 | 269 | ||