diff options
author | irungentoo <irungentoo@gmail.com> | 2018-04-20 07:40:43 -0400 |
---|---|---|
committer | irungentoo <irungentoo@gmail.com> | 2018-04-20 07:40:43 -0400 |
commit | fda74a8454a028c9ec063f0074062e19fd25f7e7 (patch) | |
tree | 6eef6c54f844d8a59a020ca01ba03f572b0d9e06 /toxcore/onion.c | |
parent | dcf2aaa53005060608353b9d66b9917fd7ed18a9 (diff) |
Restrict packet kinds that can be sent through onion path.
Taken from:
https://github.com/TokTok/c-toxcore/commit/6b97acb773622f9abca5ef305cd55bdef1ecc484
Diffstat (limited to 'toxcore/onion.c')
-rw-r--r-- | toxcore/onion.c | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/toxcore/onion.c b/toxcore/onion.c index cec178b9..2bed5821 100644 --- a/toxcore/onion.c +++ b/toxcore/onion.c | |||
@@ -438,6 +438,15 @@ static int handle_send_2(void *object, IP_Port source, const uint8_t *packet, ui | |||
438 | if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES)) | 438 | if (len != length - (1 + crypto_box_NONCEBYTES + crypto_box_PUBLICKEYBYTES + RETURN_2 + crypto_box_MACBYTES)) |
439 | return 1; | 439 | return 1; |
440 | 440 | ||
441 | if (len <= SIZE_IPPORT) { | ||
442 | return 1; | ||
443 | } | ||
444 | |||
445 | if (plain[SIZE_IPPORT] != NET_PACKET_ANNOUNCE_REQUEST && | ||
446 | plain[SIZE_IPPORT] != NET_PACKET_ONION_DATA_REQUEST) { | ||
447 | return 1; | ||
448 | } | ||
449 | |||
441 | IP_Port send_to; | 450 | IP_Port send_to; |
442 | 451 | ||
443 | if (ipport_unpack(&send_to, plain, len, 0) == -1) | 452 | if (ipport_unpack(&send_to, plain, len, 0) == -1) |
@@ -476,6 +485,11 @@ static int handle_recv_3(void *object, IP_Port source, const uint8_t *packet, ui | |||
476 | if (length <= 1 + RETURN_3) | 485 | if (length <= 1 + RETURN_3) |
477 | return 1; | 486 | return 1; |
478 | 487 | ||
488 | if (packet[1 + RETURN_3] != NET_PACKET_ANNOUNCE_RESPONSE && | ||
489 | packet[1 + RETURN_3] != NET_PACKET_ONION_DATA_RESPONSE) { | ||
490 | return 1; | ||
491 | } | ||
492 | |||
479 | change_symmetric_key(onion); | 493 | change_symmetric_key(onion); |
480 | 494 | ||
481 | uint8_t plain[SIZE_IPPORT + RETURN_2]; | 495 | uint8_t plain[SIZE_IPPORT + RETURN_2]; |
@@ -512,6 +526,11 @@ static int handle_recv_2(void *object, IP_Port source, const uint8_t *packet, ui | |||
512 | if (length <= 1 + RETURN_2) | 526 | if (length <= 1 + RETURN_2) |
513 | return 1; | 527 | return 1; |
514 | 528 | ||
529 | if (packet[1 + RETURN_2] != NET_PACKET_ANNOUNCE_RESPONSE && | ||
530 | packet[1 + RETURN_2] != NET_PACKET_ONION_DATA_RESPONSE) { | ||
531 | return 1; | ||
532 | } | ||
533 | |||
515 | change_symmetric_key(onion); | 534 | change_symmetric_key(onion); |
516 | 535 | ||
517 | uint8_t plain[SIZE_IPPORT + RETURN_1]; | 536 | uint8_t plain[SIZE_IPPORT + RETURN_1]; |
@@ -548,6 +567,11 @@ static int handle_recv_1(void *object, IP_Port source, const uint8_t *packet, ui | |||
548 | if (length <= 1 + RETURN_1) | 567 | if (length <= 1 + RETURN_1) |
549 | return 1; | 568 | return 1; |
550 | 569 | ||
570 | if (packet[1 + RETURN_1] != NET_PACKET_ANNOUNCE_RESPONSE && | ||
571 | packet[1 + RETURN_1] != NET_PACKET_ONION_DATA_RESPONSE) { | ||
572 | return 1; | ||
573 | } | ||
574 | |||
551 | change_symmetric_key(onion); | 575 | change_symmetric_key(onion); |
552 | 576 | ||
553 | uint8_t plain[SIZE_IPPORT]; | 577 | uint8_t plain[SIZE_IPPORT]; |