diff options
author | irungentoo <irungentoo@gmail.com> | 2013-09-28 19:03:29 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2013-09-28 19:03:29 -0400 |
commit | d4e42230bdce38941abad85ba2aaa184f31e2f5f (patch) | |
tree | f3250469741cf8f4a76fde8cb38269f5d3f1b64c /toxcore/net_crypto.c | |
parent | 8adb34e6a9af2fcc48dca995a644bfff1374c283 (diff) |
Potential DoS fixed.
Diffstat (limited to 'toxcore/net_crypto.c')
-rw-r--r-- | toxcore/net_crypto.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index 8f3a6be1..b82a1e6d 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -474,6 +474,7 @@ int crypto_connect(Net_Crypto *c, uint8_t *public_key, IP_Port ip_port) | |||
474 | random_nonce(c->crypto_connections[i].recv_nonce); | 474 | random_nonce(c->crypto_connections[i].recv_nonce); |
475 | memcpy(c->crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); | 475 | memcpy(c->crypto_connections[i].public_key, public_key, crypto_box_PUBLICKEYBYTES); |
476 | crypto_box_keypair(c->crypto_connections[i].sessionpublic_key, c->crypto_connections[i].sessionsecret_key); | 476 | crypto_box_keypair(c->crypto_connections[i].sessionpublic_key, c->crypto_connections[i].sessionsecret_key); |
477 | c->crypto_connections[i].timeout = unix_time() + CRYPTO_HANDSHAKE_TIMEOUT; | ||
477 | 478 | ||
478 | if (c->crypto_connections_length == i) | 479 | if (c->crypto_connections_length == i) |
479 | ++c->crypto_connections_length; | 480 | ++c->crypto_connections_length; |
@@ -593,6 +594,7 @@ int accept_crypto_inbound(Net_Crypto *c, int connection_id, uint8_t *public_key, | |||
593 | if (c->crypto_connections[i].status == CONN_NO_CONNECTION) { | 594 | if (c->crypto_connections[i].status == CONN_NO_CONNECTION) { |
594 | c->crypto_connections[i].number = connection_id; | 595 | c->crypto_connections[i].number = connection_id; |
595 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; | 596 | c->crypto_connections[i].status = CONN_NOT_CONFIRMED; |
597 | c->crypto_connections[i].timeout = unix_time() + CRYPTO_HANDSHAKE_TIMEOUT; | ||
596 | random_nonce(c->crypto_connections[i].recv_nonce); | 598 | random_nonce(c->crypto_connections[i].recv_nonce); |
597 | memcpy(c->crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); | 599 | memcpy(c->crypto_connections[i].sent_nonce, secret_nonce, crypto_box_NONCEBYTES); |
598 | memcpy(c->crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); | 600 | memcpy(c->crypto_connections[i].peersessionpublic_key, session_key, crypto_box_PUBLICKEYBYTES); |
@@ -666,6 +668,7 @@ void load_keys(Net_Crypto *c, uint8_t *keys) | |||
666 | static void receive_crypto(Net_Crypto *c) | 668 | static void receive_crypto(Net_Crypto *c) |
667 | { | 669 | { |
668 | uint32_t i; | 670 | uint32_t i; |
671 | uint64_t temp_time = unix_time(); | ||
669 | 672 | ||
670 | for (i = 0; i < c->crypto_connections_length; ++i) { | 673 | for (i = 0; i < c->crypto_connections_length; ++i) { |
671 | if (c->crypto_connections[i].status == CONN_HANDSHAKE_SENT) { | 674 | if (c->crypto_connections[i].status == CONN_HANDSHAKE_SENT) { |
@@ -715,6 +718,7 @@ static void receive_crypto(Net_Crypto *c) | |||
715 | c->crypto_connections[i].sessionsecret_key, | 718 | c->crypto_connections[i].sessionsecret_key, |
716 | c->crypto_connections[i].shared_key); | 719 | c->crypto_connections[i].shared_key); |
717 | c->crypto_connections[i].status = CONN_ESTABLISHED; | 720 | c->crypto_connections[i].status = CONN_ESTABLISHED; |
721 | c->crypto_connections[i].timeout = ~0; | ||
718 | } else { | 722 | } else { |
719 | /* This should not happen, timeout the connection if it does. */ | 723 | /* This should not happen, timeout the connection if it does. */ |
720 | c->crypto_connections[i].status = CONN_TIMED_OUT; | 724 | c->crypto_connections[i].status = CONN_TIMED_OUT; |
@@ -724,6 +728,10 @@ static void receive_crypto(Net_Crypto *c) | |||
724 | c->crypto_connections[i].status = CONN_TIMED_OUT; | 728 | c->crypto_connections[i].status = CONN_TIMED_OUT; |
725 | } | 729 | } |
726 | } | 730 | } |
731 | |||
732 | if (temp_time > c->crypto_connections[i].timeout) { | ||
733 | c->crypto_connections[i].status = CONN_TIMED_OUT; | ||
734 | } | ||
727 | } | 735 | } |
728 | } | 736 | } |
729 | 737 | ||