diff options
Diffstat (limited to 'toxcore/net_crypto.c')
-rw-r--r-- | toxcore/net_crypto.c | 242 |
1 files changed, 118 insertions, 124 deletions
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index f82cef69..6a8932d1 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -198,13 +198,13 @@ static uint8_t crypt_connection_id_not_valid(const Net_Crypto *c, int crypt_conn | |||
198 | 198 | ||
199 | /* cookie timeout in seconds */ | 199 | /* cookie timeout in seconds */ |
200 | #define COOKIE_TIMEOUT 15 | 200 | #define COOKIE_TIMEOUT 15 |
201 | #define COOKIE_DATA_LENGTH (CRYPTO_PUBLIC_KEY_SIZE * 2) | 201 | #define COOKIE_DATA_LENGTH (uint16_t)(CRYPTO_PUBLIC_KEY_SIZE * 2) |
202 | #define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_DATA_LENGTH) | 202 | #define COOKIE_CONTENTS_LENGTH (uint16_t)(sizeof(uint64_t) + COOKIE_DATA_LENGTH) |
203 | #define COOKIE_LENGTH (CRYPTO_NONCE_SIZE + COOKIE_CONTENTS_LENGTH + CRYPTO_MAC_SIZE) | 203 | #define COOKIE_LENGTH (uint16_t)(CRYPTO_NONCE_SIZE + COOKIE_CONTENTS_LENGTH + CRYPTO_MAC_SIZE) |
204 | 204 | ||
205 | #define COOKIE_REQUEST_PLAIN_LENGTH (COOKIE_DATA_LENGTH + sizeof(uint64_t)) | 205 | #define COOKIE_REQUEST_PLAIN_LENGTH (uint16_t)(COOKIE_DATA_LENGTH + sizeof(uint64_t)) |
206 | #define COOKIE_REQUEST_LENGTH (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE) | 206 | #define COOKIE_REQUEST_LENGTH (uint16_t)(1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE) |
207 | #define COOKIE_RESPONSE_LENGTH (1 + CRYPTO_NONCE_SIZE + COOKIE_LENGTH + sizeof(uint64_t) + CRYPTO_MAC_SIZE) | 207 | #define COOKIE_RESPONSE_LENGTH (uint16_t)(1 + CRYPTO_NONCE_SIZE + COOKIE_LENGTH + sizeof(uint64_t) + CRYPTO_MAC_SIZE) |
208 | 208 | ||
209 | /* Create a cookie request packet and put it in packet. | 209 | /* Create a cookie request packet and put it in packet. |
210 | * dht_public_key is the dht public key of the other | 210 | * dht_public_key is the dht public key of the other |
@@ -248,7 +248,7 @@ static int create_cookie_request(const Net_Crypto *c, uint8_t *packet, uint8_t * | |||
248 | static int create_cookie(const Logger *log, uint8_t *cookie, const uint8_t *bytes, const uint8_t *encryption_key) | 248 | static int create_cookie(const Logger *log, uint8_t *cookie, const uint8_t *bytes, const uint8_t *encryption_key) |
249 | { | 249 | { |
250 | uint8_t contents[COOKIE_CONTENTS_LENGTH]; | 250 | uint8_t contents[COOKIE_CONTENTS_LENGTH]; |
251 | uint64_t temp_time = unix_time(); | 251 | const uint64_t temp_time = unix_time(); |
252 | memcpy(contents, &temp_time, sizeof(temp_time)); | 252 | memcpy(contents, &temp_time, sizeof(temp_time)); |
253 | memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH); | 253 | memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH); |
254 | random_nonce(cookie); | 254 | random_nonce(cookie); |
@@ -269,8 +269,8 @@ static int create_cookie(const Logger *log, uint8_t *cookie, const uint8_t *byte | |||
269 | static int open_cookie(const Logger *log, uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key) | 269 | static int open_cookie(const Logger *log, uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key) |
270 | { | 270 | { |
271 | uint8_t contents[COOKIE_CONTENTS_LENGTH]; | 271 | uint8_t contents[COOKIE_CONTENTS_LENGTH]; |
272 | int len = decrypt_data_symmetric(encryption_key, cookie, cookie + CRYPTO_NONCE_SIZE, | 272 | const int len = decrypt_data_symmetric(encryption_key, cookie, cookie + CRYPTO_NONCE_SIZE, |
273 | COOKIE_LENGTH - CRYPTO_NONCE_SIZE, contents); | 273 | COOKIE_LENGTH - CRYPTO_NONCE_SIZE, contents); |
274 | 274 | ||
275 | if (len != sizeof(contents)) { | 275 | if (len != sizeof(contents)) { |
276 | return -1; | 276 | return -1; |
@@ -278,7 +278,7 @@ static int open_cookie(const Logger *log, uint8_t *bytes, const uint8_t *cookie, | |||
278 | 278 | ||
279 | uint64_t cookie_time; | 279 | uint64_t cookie_time; |
280 | memcpy(&cookie_time, contents, sizeof(cookie_time)); | 280 | memcpy(&cookie_time, contents, sizeof(cookie_time)); |
281 | uint64_t temp_time = unix_time(); | 281 | const uint64_t temp_time = unix_time(); |
282 | 282 | ||
283 | if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time) { | 283 | if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time) { |
284 | return -1; | 284 | return -1; |
@@ -440,8 +440,8 @@ static int handle_cookie_response(const Logger *log, uint8_t *cookie, uint64_t * | |||
440 | } | 440 | } |
441 | 441 | ||
442 | uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; | 442 | uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)]; |
443 | int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE, | 443 | const int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE, |
444 | length - (1 + CRYPTO_NONCE_SIZE), plain); | 444 | length - (1 + CRYPTO_NONCE_SIZE), plain); |
445 | 445 | ||
446 | if (len != sizeof(plain)) { | 446 | if (len != sizeof(plain)) { |
447 | return -1; | 447 | return -1; |
@@ -746,7 +746,7 @@ static int add_data_to_buffer(const Logger *log, Packets_Array *array, uint32_t | |||
746 | memcpy(new_d, data, sizeof(Packet_Data)); | 746 | memcpy(new_d, data, sizeof(Packet_Data)); |
747 | array->buffer[num] = new_d; | 747 | array->buffer[num] = new_d; |
748 | 748 | ||
749 | if ((number - array->buffer_start) >= (array->buffer_end - array->buffer_start)) { | 749 | if (number - array->buffer_start >= num_packets_array(array)) { |
750 | array->buffer_end = number + 1; | 750 | array->buffer_end = number + 1; |
751 | } | 751 | } |
752 | 752 | ||
@@ -761,7 +761,7 @@ static int add_data_to_buffer(const Logger *log, Packets_Array *array, uint32_t | |||
761 | */ | 761 | */ |
762 | static int get_data_pointer(const Logger *log, const Packets_Array *array, Packet_Data **data, uint32_t number) | 762 | static int get_data_pointer(const Logger *log, const Packets_Array *array, Packet_Data **data, uint32_t number) |
763 | { | 763 | { |
764 | uint32_t num_spots = array->buffer_end - array->buffer_start; | 764 | const uint32_t num_spots = num_packets_array(array); |
765 | 765 | ||
766 | if (array->buffer_end - number > num_spots || number - array->buffer_start >= num_spots) { | 766 | if (array->buffer_end - number > num_spots || number - array->buffer_start >= num_spots) { |
767 | return -1; | 767 | return -1; |
@@ -784,7 +784,9 @@ static int get_data_pointer(const Logger *log, const Packets_Array *array, Packe | |||
784 | */ | 784 | */ |
785 | static int64_t add_data_end_of_buffer(const Logger *log, Packets_Array *array, const Packet_Data *data) | 785 | static int64_t add_data_end_of_buffer(const Logger *log, Packets_Array *array, const Packet_Data *data) |
786 | { | 786 | { |
787 | if (num_packets_array(array) >= CRYPTO_PACKET_BUFFER_SIZE) { | 787 | const uint32_t num_spots = num_packets_array(array); |
788 | |||
789 | if (num_spots >= CRYPTO_PACKET_BUFFER_SIZE) { | ||
788 | return -1; | 790 | return -1; |
789 | } | 791 | } |
790 | 792 | ||
@@ -812,7 +814,7 @@ static int64_t read_data_beg_buffer(const Logger *log, Packets_Array *array, Pac | |||
812 | return -1; | 814 | return -1; |
813 | } | 815 | } |
814 | 816 | ||
815 | uint32_t num = array->buffer_start % CRYPTO_PACKET_BUFFER_SIZE; | 817 | const uint32_t num = array->buffer_start % CRYPTO_PACKET_BUFFER_SIZE; |
816 | 818 | ||
817 | if (!array->buffer[num]) { | 819 | if (!array->buffer[num]) { |
818 | return -1; | 820 | return -1; |
@@ -833,7 +835,7 @@ static int64_t read_data_beg_buffer(const Logger *log, Packets_Array *array, Pac | |||
833 | */ | 835 | */ |
834 | static int clear_buffer_until(const Logger *log, Packets_Array *array, uint32_t number) | 836 | static int clear_buffer_until(const Logger *log, Packets_Array *array, uint32_t number) |
835 | { | 837 | { |
836 | uint32_t num_spots = array->buffer_end - array->buffer_start; | 838 | const uint32_t num_spots = num_packets_array(array); |
837 | 839 | ||
838 | if (array->buffer_end - number >= num_spots || number - array->buffer_start > num_spots) { | 840 | if (array->buffer_end - number >= num_spots || number - array->buffer_start > num_spots) { |
839 | return -1; | 841 | return -1; |
@@ -878,11 +880,11 @@ static int clear_buffer(Packets_Array *array) | |||
878 | */ | 880 | */ |
879 | static int set_buffer_end(const Logger *log, Packets_Array *array, uint32_t number) | 881 | static int set_buffer_end(const Logger *log, Packets_Array *array, uint32_t number) |
880 | { | 882 | { |
881 | if ((number - array->buffer_start) > CRYPTO_PACKET_BUFFER_SIZE) { | 883 | if (number - array->buffer_start > CRYPTO_PACKET_BUFFER_SIZE) { |
882 | return -1; | 884 | return -1; |
883 | } | 885 | } |
884 | 886 | ||
885 | if ((number - array->buffer_end) > CRYPTO_PACKET_BUFFER_SIZE) { | 887 | if (number - array->buffer_end > CRYPTO_PACKET_BUFFER_SIZE) { |
886 | return -1; | 888 | return -1; |
887 | } | 889 | } |
888 | 890 | ||
@@ -952,7 +954,7 @@ static int generate_request_packet(const Logger *log, uint8_t *data, uint16_t le | |||
952 | static int handle_request_packet(const Logger *log, Packets_Array *send_array, const uint8_t *data, uint16_t length, | 954 | static int handle_request_packet(const Logger *log, Packets_Array *send_array, const uint8_t *data, uint16_t length, |
953 | uint64_t *latest_send_time, uint64_t rtt_time) | 955 | uint64_t *latest_send_time, uint64_t rtt_time) |
954 | { | 956 | { |
955 | if (length < 1) { | 957 | if (length == 0) { |
956 | return -1; | 958 | return -1; |
957 | } | 959 | } |
958 | 960 | ||
@@ -967,13 +969,13 @@ static int handle_request_packet(const Logger *log, Packets_Array *send_array, c | |||
967 | ++data; | 969 | ++data; |
968 | --length; | 970 | --length; |
969 | 971 | ||
970 | uint32_t i, n = 1; | 972 | uint32_t n = 1; |
971 | uint32_t requested = 0; | 973 | uint32_t requested = 0; |
972 | 974 | ||
973 | uint64_t temp_time = current_time_monotonic(); | 975 | const uint64_t temp_time = current_time_monotonic(); |
974 | uint64_t l_sent_time = ~0; | 976 | uint64_t l_sent_time = ~0; |
975 | 977 | ||
976 | for (i = send_array->buffer_start; i != send_array->buffer_end; ++i) { | 978 | for (uint32_t i = send_array->buffer_start; i != send_array->buffer_end; ++i) { |
977 | if (length == 0) { | 979 | if (length == 0) { |
978 | break; | 980 | break; |
979 | } | 981 | } |
@@ -1038,7 +1040,9 @@ static int handle_request_packet(const Logger *log, Packets_Array *send_array, c | |||
1038 | */ | 1040 | */ |
1039 | static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length) | 1041 | static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length) |
1040 | { | 1042 | { |
1041 | if (length == 0 || length + (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) > MAX_CRYPTO_PACKET_SIZE) { | 1043 | const uint16_t max_length = MAX_CRYPTO_PACKET_SIZE - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE); |
1044 | |||
1045 | if (length == 0 || length > max_length) { | ||
1042 | return -1; | 1046 | return -1; |
1043 | } | 1047 | } |
1044 | 1048 | ||
@@ -1052,7 +1056,7 @@ static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_ | |||
1052 | VLA(uint8_t, packet, 1 + sizeof(uint16_t) + length + CRYPTO_MAC_SIZE); | 1056 | VLA(uint8_t, packet, 1 + sizeof(uint16_t) + length + CRYPTO_MAC_SIZE); |
1053 | packet[0] = NET_PACKET_CRYPTO_DATA; | 1057 | packet[0] = NET_PACKET_CRYPTO_DATA; |
1054 | memcpy(packet + 1, conn->sent_nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t)); | 1058 | memcpy(packet + 1, conn->sent_nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t)); |
1055 | int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t)); | 1059 | const int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t)); |
1056 | 1060 | ||
1057 | if (len + 1 + sizeof(uint16_t) != SIZEOF_VLA(packet)) { | 1061 | if (len + 1 + sizeof(uint16_t) != SIZEOF_VLA(packet)) { |
1058 | pthread_mutex_unlock(&conn->mutex); | 1062 | pthread_mutex_unlock(&conn->mutex); |
@@ -1101,27 +1105,19 @@ static int reset_max_speed_reached(Net_Crypto *c, int crypt_connection_id) | |||
1101 | If sending it fails we won't be able to send the new packet. */ | 1105 | If sending it fails we won't be able to send the new packet. */ |
1102 | if (conn->maximum_speed_reached) { | 1106 | if (conn->maximum_speed_reached) { |
1103 | Packet_Data *dt = nullptr; | 1107 | Packet_Data *dt = nullptr; |
1104 | uint32_t packet_num = conn->send_array.buffer_end - 1; | 1108 | const uint32_t packet_num = conn->send_array.buffer_end - 1; |
1105 | int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num); | 1109 | const int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num); |
1106 | 1110 | ||
1107 | uint8_t send_failed = 0; | 1111 | if (ret == 1 && dt->sent_time == 0) { |
1108 | 1112 | if (send_data_packet_helper(c, crypt_connection_id, conn->recv_array.buffer_start, packet_num, | |
1109 | if (ret == 1) { | 1113 | dt->data, dt->length) != 0) { |
1110 | if (!dt->sent_time) { | 1114 | return -1; |
1111 | if (send_data_packet_helper(c, crypt_connection_id, conn->recv_array.buffer_start, packet_num, dt->data, | ||
1112 | dt->length) != 0) { | ||
1113 | send_failed = 1; | ||
1114 | } else { | ||
1115 | dt->sent_time = current_time_monotonic(); | ||
1116 | } | ||
1117 | } | 1115 | } |
1118 | } | ||
1119 | 1116 | ||
1120 | if (!send_failed) { | 1117 | dt->sent_time = current_time_monotonic(); |
1121 | conn->maximum_speed_reached = 0; | ||
1122 | } else { | ||
1123 | return -1; | ||
1124 | } | 1118 | } |
1119 | |||
1120 | conn->maximum_speed_reached = 0; | ||
1125 | } | 1121 | } |
1126 | 1122 | ||
1127 | return 0; | 1123 | return 0; |
@@ -1175,7 +1171,7 @@ static int64_t send_lossless_packet(Net_Crypto *c, int crypt_connection_id, cons | |||
1175 | } | 1171 | } |
1176 | } else { | 1172 | } else { |
1177 | conn->maximum_speed_reached = 1; | 1173 | conn->maximum_speed_reached = 1; |
1178 | LOGGER_ERROR(c->log, "send_data_packet failed\n"); | 1174 | LOGGER_ERROR(c->log, "send_data_packet failed"); |
1179 | } | 1175 | } |
1180 | 1176 | ||
1181 | return packet_num; | 1177 | return packet_num; |
@@ -1203,7 +1199,9 @@ static uint16_t get_nonce_uint16(const uint8_t *nonce) | |||
1203 | static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet, | 1199 | static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet, |
1204 | uint16_t length) | 1200 | uint16_t length) |
1205 | { | 1201 | { |
1206 | if (length <= (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) || length > MAX_CRYPTO_PACKET_SIZE) { | 1202 | const uint16_t crypto_packet_overhead = 1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE; |
1203 | |||
1204 | if (length <= crypto_packet_overhead || length > MAX_CRYPTO_PACKET_SIZE) { | ||
1207 | return -1; | 1205 | return -1; |
1208 | } | 1206 | } |
1209 | 1207 | ||
@@ -1217,14 +1215,13 @@ static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint | |||
1217 | memcpy(nonce, conn->recv_nonce, CRYPTO_NONCE_SIZE); | 1215 | memcpy(nonce, conn->recv_nonce, CRYPTO_NONCE_SIZE); |
1218 | uint16_t num_cur_nonce = get_nonce_uint16(nonce); | 1216 | uint16_t num_cur_nonce = get_nonce_uint16(nonce); |
1219 | uint16_t num; | 1217 | uint16_t num; |
1220 | memcpy(&num, packet + 1, sizeof(uint16_t)); | 1218 | net_unpack_u16(packet + 1, &num); |
1221 | num = net_ntohs(num); | ||
1222 | uint16_t diff = num - num_cur_nonce; | 1219 | uint16_t diff = num - num_cur_nonce; |
1223 | increment_nonce_number(nonce, diff); | 1220 | increment_nonce_number(nonce, diff); |
1224 | int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t), | 1221 | int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t), |
1225 | length - (1 + sizeof(uint16_t)), data); | 1222 | length - (1 + sizeof(uint16_t)), data); |
1226 | 1223 | ||
1227 | if ((unsigned int)len != length - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE)) { | 1224 | if ((unsigned int)len != length - crypto_packet_overhead) { |
1228 | return -1; | 1225 | return -1; |
1229 | } | 1226 | } |
1230 | 1227 | ||
@@ -1276,13 +1273,13 @@ static int send_requested_packets(Net_Crypto *c, int crypt_connection_id, uint32 | |||
1276 | return -1; | 1273 | return -1; |
1277 | } | 1274 | } |
1278 | 1275 | ||
1279 | uint64_t temp_time = current_time_monotonic(); | 1276 | const uint64_t temp_time = current_time_monotonic(); |
1280 | uint32_t i, num_sent = 0, array_size = num_packets_array(&conn->send_array); | 1277 | uint32_t i, num_sent = 0, array_size = num_packets_array(&conn->send_array); |
1281 | 1278 | ||
1282 | for (i = 0; i < array_size; ++i) { | 1279 | for (i = 0; i < array_size; ++i) { |
1283 | Packet_Data *dt; | 1280 | Packet_Data *dt; |
1284 | uint32_t packet_num = (i + conn->send_array.buffer_start); | 1281 | const uint32_t packet_num = i + conn->send_array.buffer_start; |
1285 | int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num); | 1282 | const int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num); |
1286 | 1283 | ||
1287 | if (ret == -1) { | 1284 | if (ret == -1) { |
1288 | return -1; | 1285 | return -1; |
@@ -1650,45 +1647,46 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, cons | |||
1650 | } | 1647 | } |
1651 | 1648 | ||
1652 | case NET_PACKET_CRYPTO_HS: { | 1649 | case NET_PACKET_CRYPTO_HS: { |
1653 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT | 1650 | if (conn->status != CRYPTO_CONN_COOKIE_REQUESTING |
1654 | || conn->status == CRYPTO_CONN_NOT_CONFIRMED) { | 1651 | && conn->status != CRYPTO_CONN_HANDSHAKE_SENT |
1655 | uint8_t peer_real_pk[CRYPTO_PUBLIC_KEY_SIZE]; | 1652 | && conn->status != CRYPTO_CONN_NOT_CONFIRMED) { |
1656 | uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; | 1653 | return -1; |
1657 | uint8_t cookie[COOKIE_LENGTH]; | 1654 | } |
1658 | 1655 | ||
1659 | if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie, | 1656 | uint8_t peer_real_pk[CRYPTO_PUBLIC_KEY_SIZE]; |
1660 | packet, length, conn->public_key) != 0) { | 1657 | uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE]; |
1661 | return -1; | 1658 | uint8_t cookie[COOKIE_LENGTH]; |
1662 | } | ||
1663 | 1659 | ||
1664 | if (public_key_cmp(dht_public_key, conn->dht_public_key) == 0) { | 1660 | if (handle_crypto_handshake(c, conn->recv_nonce, conn->peersessionpublic_key, peer_real_pk, dht_public_key, cookie, |
1665 | encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); | 1661 | packet, length, conn->public_key) != 0) { |
1662 | return -1; | ||
1663 | } | ||
1666 | 1664 | ||
1667 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { | 1665 | if (public_key_cmp(dht_public_key, conn->dht_public_key) == 0) { |
1668 | if (create_send_handshake(c, crypt_connection_id, cookie, dht_public_key) != 0) { | 1666 | encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); |
1669 | return -1; | ||
1670 | } | ||
1671 | } | ||
1672 | 1667 | ||
1673 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1668 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { |
1674 | } else { | 1669 | if (create_send_handshake(c, crypt_connection_id, cookie, dht_public_key) != 0) { |
1675 | if (conn->dht_pk_callback) { | 1670 | return -1; |
1676 | conn->dht_pk_callback(conn->dht_pk_callback_object, conn->dht_pk_callback_number, dht_public_key, userdata); | ||
1677 | } | 1671 | } |
1678 | } | 1672 | } |
1673 | |||
1674 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | ||
1679 | } else { | 1675 | } else { |
1680 | return -1; | 1676 | if (conn->dht_pk_callback) { |
1677 | conn->dht_pk_callback(conn->dht_pk_callback_object, conn->dht_pk_callback_number, dht_public_key, userdata); | ||
1678 | } | ||
1681 | } | 1679 | } |
1682 | 1680 | ||
1683 | return 0; | 1681 | return 0; |
1684 | } | 1682 | } |
1685 | 1683 | ||
1686 | case NET_PACKET_CRYPTO_DATA: { | 1684 | case NET_PACKET_CRYPTO_DATA: { |
1687 | if (conn->status == CRYPTO_CONN_NOT_CONFIRMED || conn->status == CRYPTO_CONN_ESTABLISHED) { | 1685 | if (conn->status != CRYPTO_CONN_NOT_CONFIRMED && conn->status != CRYPTO_CONN_ESTABLISHED) { |
1688 | return handle_data_packet_core(c, crypt_connection_id, packet, length, udp, userdata); | 1686 | return -1; |
1689 | } | 1687 | } |
1690 | 1688 | ||
1691 | return -1; | 1689 | return handle_data_packet_core(c, crypt_connection_id, packet, length, udp, userdata); |
1692 | } | 1690 | } |
1693 | 1691 | ||
1694 | default: { | 1692 | default: { |
@@ -1729,9 +1727,7 @@ static int realloc_cryptoconnection(Net_Crypto *c, uint32_t num) | |||
1729 | */ | 1727 | */ |
1730 | static int create_crypto_connection(Net_Crypto *c) | 1728 | static int create_crypto_connection(Net_Crypto *c) |
1731 | { | 1729 | { |
1732 | uint32_t i; | 1730 | for (uint32_t i = 0; i < c->crypto_connections_length; ++i) { |
1733 | |||
1734 | for (i = 0; i < c->crypto_connections_length; ++i) { | ||
1735 | if (c->crypto_connections[i].status == CRYPTO_CONN_NO_CONNECTION) { | 1731 | if (c->crypto_connections[i].status == CRYPTO_CONN_NO_CONNECTION) { |
1736 | return i; | 1732 | return i; |
1737 | } | 1733 | } |
@@ -1811,9 +1807,7 @@ static int wipe_crypto_connection(Net_Crypto *c, int crypt_connection_id) | |||
1811 | */ | 1807 | */ |
1812 | static int getcryptconnection_id(const Net_Crypto *c, const uint8_t *public_key) | 1808 | static int getcryptconnection_id(const Net_Crypto *c, const uint8_t *public_key) |
1813 | { | 1809 | { |
1814 | uint32_t i; | 1810 | for (uint32_t i = 0; i < c->crypto_connections_length; ++i) { |
1815 | |||
1816 | for (i = 0; i < c->crypto_connections_length; ++i) { | ||
1817 | if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) { | 1811 | if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) { |
1818 | if (public_key_cmp(public_key, c->crypto_connections[i].public_key) == 0) { | 1812 | if (public_key_cmp(public_key, c->crypto_connections[i].public_key) == 0) { |
1819 | return i; | 1813 | return i; |
@@ -1901,31 +1895,37 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, const | |||
1901 | return -1; | 1895 | return -1; |
1902 | } | 1896 | } |
1903 | 1897 | ||
1904 | int crypt_connection_id = getcryptconnection_id(c, n_c.public_key); | 1898 | const int crypt_connection_id = getcryptconnection_id(c, n_c.public_key); |
1905 | 1899 | ||
1906 | if (crypt_connection_id != -1) { | 1900 | if (crypt_connection_id != -1) { |
1907 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); | 1901 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); |
1908 | 1902 | ||
1903 | if (conn == nullptr) { | ||
1904 | return -1; | ||
1905 | } | ||
1906 | |||
1909 | if (public_key_cmp(n_c.dht_public_key, conn->dht_public_key) != 0) { | 1907 | if (public_key_cmp(n_c.dht_public_key, conn->dht_public_key) != 0) { |
1910 | connection_kill(c, crypt_connection_id, userdata); | 1908 | connection_kill(c, crypt_connection_id, userdata); |
1911 | } else { | 1909 | } else { |
1912 | int ret = -1; | 1910 | if (conn->status != CRYPTO_CONN_COOKIE_REQUESTING && conn->status != CRYPTO_CONN_HANDSHAKE_SENT) { |
1911 | free(n_c.cookie); | ||
1912 | return -1; | ||
1913 | } | ||
1913 | 1914 | ||
1914 | if (conn && (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT)) { | 1915 | memcpy(conn->recv_nonce, n_c.recv_nonce, CRYPTO_NONCE_SIZE); |
1915 | memcpy(conn->recv_nonce, n_c.recv_nonce, CRYPTO_NONCE_SIZE); | 1916 | memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE); |
1916 | memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE); | 1917 | encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); |
1917 | encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key); | ||
1918 | 1918 | ||
1919 | crypto_connection_add_source(c, crypt_connection_id, source); | 1919 | crypto_connection_add_source(c, crypt_connection_id, source); |
1920 | 1920 | ||
1921 | if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) == 0) { | 1921 | if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) != 0) { |
1922 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1922 | free(n_c.cookie); |
1923 | ret = 0; | 1923 | return -1; |
1924 | } | ||
1925 | } | 1924 | } |
1926 | 1925 | ||
1926 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | ||
1927 | free(n_c.cookie); | 1927 | free(n_c.cookie); |
1928 | return ret; | 1928 | return 0; |
1929 | } | 1929 | } |
1930 | } | 1930 | } |
1931 | 1931 | ||
@@ -1945,9 +1945,10 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c) | |||
1945 | return -1; | 1945 | return -1; |
1946 | } | 1946 | } |
1947 | 1947 | ||
1948 | int crypt_connection_id = create_crypto_connection(c); | 1948 | const int crypt_connection_id = create_crypto_connection(c); |
1949 | 1949 | ||
1950 | if (crypt_connection_id == -1) { | 1950 | if (crypt_connection_id == -1) { |
1951 | LOGGER_ERROR(c->log, "Could not create new crypto connection"); | ||
1951 | return -1; | 1952 | return -1; |
1952 | } | 1953 | } |
1953 | 1954 | ||
@@ -1958,7 +1959,7 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c) | |||
1958 | } | 1959 | } |
1959 | 1960 | ||
1960 | pthread_mutex_lock(&c->tcp_mutex); | 1961 | pthread_mutex_lock(&c->tcp_mutex); |
1961 | int connection_number_tcp = new_tcp_connection_to(c->tcp_c, n_c->dht_public_key, crypt_connection_id); | 1962 | const int connection_number_tcp = new_tcp_connection_to(c->tcp_c, n_c->dht_public_key, crypt_connection_id); |
1962 | pthread_mutex_unlock(&c->tcp_mutex); | 1963 | pthread_mutex_unlock(&c->tcp_mutex); |
1963 | 1964 | ||
1964 | if (connection_number_tcp == -1) { | 1965 | if (connection_number_tcp == -1) { |
@@ -2013,12 +2014,8 @@ int new_crypto_connection(Net_Crypto *c, const uint8_t *real_public_key, const u | |||
2013 | 2014 | ||
2014 | Crypto_Connection *conn = &c->crypto_connections[crypt_connection_id]; | 2015 | Crypto_Connection *conn = &c->crypto_connections[crypt_connection_id]; |
2015 | 2016 | ||
2016 | if (conn == nullptr) { | ||
2017 | return -1; | ||
2018 | } | ||
2019 | |||
2020 | pthread_mutex_lock(&c->tcp_mutex); | 2017 | pthread_mutex_lock(&c->tcp_mutex); |
2021 | int connection_number_tcp = new_tcp_connection_to(c->tcp_c, dht_public_key, crypt_connection_id); | 2018 | const int connection_number_tcp = new_tcp_connection_to(c->tcp_c, dht_public_key, crypt_connection_id); |
2022 | pthread_mutex_unlock(&c->tcp_mutex); | 2019 | pthread_mutex_unlock(&c->tcp_mutex); |
2023 | 2020 | ||
2024 | if (connection_number_tcp == -1) { | 2021 | if (connection_number_tcp == -1) { |
@@ -2083,15 +2080,16 @@ int set_direct_ip_port(Net_Crypto *c, int crypt_connection_id, IP_Port ip_port, | |||
2083 | } | 2080 | } |
2084 | 2081 | ||
2085 | 2082 | ||
2086 | static int tcp_data_callback(void *object, int id, const uint8_t *data, uint16_t length, void *userdata) | 2083 | static int tcp_data_callback(void *object, int crypt_connection_id, const uint8_t *data, uint16_t length, |
2084 | void *userdata) | ||
2087 | { | 2085 | { |
2086 | Net_Crypto *c = (Net_Crypto *)object; | ||
2087 | |||
2088 | if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) { | 2088 | if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) { |
2089 | return -1; | 2089 | return -1; |
2090 | } | 2090 | } |
2091 | 2091 | ||
2092 | Net_Crypto *c = (Net_Crypto *)object; | 2092 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); |
2093 | |||
2094 | Crypto_Connection *conn = get_crypto_connection(c, id); | ||
2095 | 2093 | ||
2096 | if (conn == nullptr) { | 2094 | if (conn == nullptr) { |
2097 | return -1; | 2095 | return -1; |
@@ -2104,7 +2102,7 @@ static int tcp_data_callback(void *object, int id, const uint8_t *data, uint16_t | |||
2104 | // This unlocks the mutex that at this point is locked by do_tcp before | 2102 | // This unlocks the mutex that at this point is locked by do_tcp before |
2105 | // calling do_tcp_connections. | 2103 | // calling do_tcp_connections. |
2106 | pthread_mutex_unlock(&c->tcp_mutex); | 2104 | pthread_mutex_unlock(&c->tcp_mutex); |
2107 | int ret = handle_packet_connection(c, id, data, length, 0, userdata); | 2105 | int ret = handle_packet_connection(c, crypt_connection_id, data, length, 0, userdata); |
2108 | pthread_mutex_lock(&c->tcp_mutex); | 2106 | pthread_mutex_lock(&c->tcp_mutex); |
2109 | 2107 | ||
2110 | if (ret != 0) { | 2108 | if (ret != 0) { |
@@ -2118,12 +2116,12 @@ static int tcp_data_callback(void *object, int id, const uint8_t *data, uint16_t | |||
2118 | static int tcp_oob_callback(void *object, const uint8_t *public_key, unsigned int tcp_connections_number, | 2116 | static int tcp_oob_callback(void *object, const uint8_t *public_key, unsigned int tcp_connections_number, |
2119 | const uint8_t *data, uint16_t length, void *userdata) | 2117 | const uint8_t *data, uint16_t length, void *userdata) |
2120 | { | 2118 | { |
2119 | Net_Crypto *c = (Net_Crypto *)object; | ||
2120 | |||
2121 | if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) { | 2121 | if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) { |
2122 | return -1; | 2122 | return -1; |
2123 | } | 2123 | } |
2124 | 2124 | ||
2125 | Net_Crypto *c = (Net_Crypto *)object; | ||
2126 | |||
2127 | if (data[0] == NET_PACKET_COOKIE_REQUEST) { | 2125 | if (data[0] == NET_PACKET_COOKIE_REQUEST) { |
2128 | return tcp_oob_handle_cookie_request(c, tcp_connections_number, public_key, data, length); | 2126 | return tcp_oob_handle_cookie_request(c, tcp_connections_number, public_key, data, length); |
2129 | } | 2127 | } |
@@ -2378,12 +2376,13 @@ static int crypto_id_ip_port(const Net_Crypto *c, IP_Port ip_port) | |||
2378 | */ | 2376 | */ |
2379 | static int udp_handle_packet(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) | 2377 | static int udp_handle_packet(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata) |
2380 | { | 2378 | { |
2379 | Net_Crypto *c = (Net_Crypto *)object; | ||
2380 | |||
2381 | if (length <= CRYPTO_MIN_PACKET_SIZE || length > MAX_CRYPTO_PACKET_SIZE) { | 2381 | if (length <= CRYPTO_MIN_PACKET_SIZE || length > MAX_CRYPTO_PACKET_SIZE) { |
2382 | return 1; | 2382 | return 1; |
2383 | } | 2383 | } |
2384 | 2384 | ||
2385 | Net_Crypto *c = (Net_Crypto *)object; | 2385 | const int crypt_connection_id = crypto_id_ip_port(c, source); |
2386 | int crypt_connection_id = crypto_id_ip_port(c, source); | ||
2387 | 2386 | ||
2388 | if (crypt_connection_id == -1) { | 2387 | if (crypt_connection_id == -1) { |
2389 | if (packet[0] != NET_PACKET_CRYPTO_HS) { | 2388 | if (packet[0] != NET_PACKET_CRYPTO_HS) { |
@@ -2439,12 +2438,11 @@ static int udp_handle_packet(void *object, IP_Port source, const uint8_t *packet | |||
2439 | 2438 | ||
2440 | static void send_crypto_packets(Net_Crypto *c) | 2439 | static void send_crypto_packets(Net_Crypto *c) |
2441 | { | 2440 | { |
2442 | uint32_t i; | 2441 | const uint64_t temp_time = current_time_monotonic(); |
2443 | uint64_t temp_time = current_time_monotonic(); | ||
2444 | double total_send_rate = 0; | 2442 | double total_send_rate = 0; |
2445 | uint32_t peak_request_packet_interval = ~0; | 2443 | uint32_t peak_request_packet_interval = ~0; |
2446 | 2444 | ||
2447 | for (i = 0; i < c->crypto_connections_length; ++i) { | 2445 | for (uint32_t i = 0; i < c->crypto_connections_length; ++i) { |
2448 | Crypto_Connection *conn = get_crypto_connection(c, i); | 2446 | Crypto_Connection *conn = get_crypto_connection(c, i); |
2449 | 2447 | ||
2450 | if (conn == nullptr) { | 2448 | if (conn == nullptr) { |
@@ -2494,8 +2492,7 @@ static void send_crypto_packets(Net_Crypto *c) | |||
2494 | } | 2492 | } |
2495 | 2493 | ||
2496 | if ((PACKET_COUNTER_AVERAGE_INTERVAL + conn->packet_counter_set) < temp_time) { | 2494 | if ((PACKET_COUNTER_AVERAGE_INTERVAL + conn->packet_counter_set) < temp_time) { |
2497 | 2495 | const double dt = temp_time - conn->packet_counter_set; | |
2498 | double dt = temp_time - conn->packet_counter_set; | ||
2499 | 2496 | ||
2500 | conn->packet_recv_rate = (double)conn->packet_counter / (dt / 1000.0); | 2497 | conn->packet_recv_rate = (double)conn->packet_counter / (dt / 1000.0); |
2501 | conn->packet_counter = 0; | 2498 | conn->packet_counter = 0; |
@@ -2758,7 +2755,7 @@ int64_t write_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t | |||
2758 | * | 2755 | * |
2759 | * Note: The condition `buffer_end - buffer_start < packet_number - buffer_start` is | 2756 | * Note: The condition `buffer_end - buffer_start < packet_number - buffer_start` is |
2760 | * a trick which handles situations `buffer_end >= buffer_start` and | 2757 | * a trick which handles situations `buffer_end >= buffer_start` and |
2761 | * `buffer_end < buffer_start`(when buffer_end overflowed) both correctly | 2758 | * `buffer_end < buffer_start` (when buffer_end overflowed) both correctly. |
2762 | * | 2759 | * |
2763 | * It CANNOT be simplified to `packet_number < buffer_start`, as it will fail | 2760 | * It CANNOT be simplified to `packet_number < buffer_start`, as it will fail |
2764 | * when `buffer_end < buffer_start`. | 2761 | * when `buffer_end < buffer_start`. |
@@ -2771,14 +2768,14 @@ int cryptpacket_received(Net_Crypto *c, int crypt_connection_id, uint32_t packet | |||
2771 | return -1; | 2768 | return -1; |
2772 | } | 2769 | } |
2773 | 2770 | ||
2774 | uint32_t num = conn->send_array.buffer_end - conn->send_array.buffer_start; | 2771 | uint32_t num = num_packets_array(&conn->send_array); |
2775 | uint32_t num1 = packet_number - conn->send_array.buffer_start; | 2772 | uint32_t num1 = packet_number - conn->send_array.buffer_start; |
2776 | 2773 | ||
2777 | if (num < num1) { | 2774 | if (num >= num1) { |
2778 | return 0; | 2775 | return -1; |
2779 | } | 2776 | } |
2780 | 2777 | ||
2781 | return -1; | 2778 | return 0; |
2782 | } | 2779 | } |
2783 | 2780 | ||
2784 | /* return -1 on failure. | 2781 | /* return -1 on failure. |
@@ -2796,7 +2793,7 @@ int send_lossy_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t | |||
2796 | return -1; | 2793 | return -1; |
2797 | } | 2794 | } |
2798 | 2795 | ||
2799 | if (data[0] >= (PACKET_ID_LOSSY_RANGE_START + PACKET_ID_LOSSY_RANGE_SIZE)) { | 2796 | if (data[0] >= PACKET_ID_LOSSY_RANGE_START + PACKET_ID_LOSSY_RANGE_SIZE) { |
2800 | return -1; | 2797 | return -1; |
2801 | } | 2798 | } |
2802 | 2799 | ||
@@ -2981,10 +2978,7 @@ Net_Crypto *new_net_crypto(const Logger *log, DHT *dht, TCP_Proxy_Info *proxy_in | |||
2981 | 2978 | ||
2982 | static void kill_timedout(Net_Crypto *c, void *userdata) | 2979 | static void kill_timedout(Net_Crypto *c, void *userdata) |
2983 | { | 2980 | { |
2984 | uint32_t i; | 2981 | for (uint32_t i = 0; i < c->crypto_connections_length; ++i) { |
2985 | //uint64_t temp_time = current_time_monotonic(); | ||
2986 | |||
2987 | for (i = 0; i < c->crypto_connections_length; ++i) { | ||
2988 | Crypto_Connection *conn = get_crypto_connection(c, i); | 2982 | Crypto_Connection *conn = get_crypto_connection(c, i); |
2989 | 2983 | ||
2990 | if (conn == nullptr) { | 2984 | if (conn == nullptr) { |