diff options
Diffstat (limited to 'toxcore/net_crypto.c')
-rw-r--r-- | toxcore/net_crypto.c | 80 |
1 files changed, 75 insertions, 5 deletions
diff --git a/toxcore/net_crypto.c b/toxcore/net_crypto.c index 35cf21cd..2f01bc83 100644 --- a/toxcore/net_crypto.c +++ b/toxcore/net_crypto.c | |||
@@ -233,7 +233,33 @@ static int tcp_handle_cookie_request(Net_Crypto *c, TCP_Client_Connection *TCP_c | |||
233 | if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data)) | 233 | if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data)) |
234 | return -1; | 234 | return -1; |
235 | 235 | ||
236 | if ((uint32_t)send_data(TCP_con, conn_id, data, sizeof(data)) != 1) | 236 | if (send_data(TCP_con, conn_id, data, sizeof(data)) != 1) |
237 | return -1; | ||
238 | |||
239 | return 0; | ||
240 | } | ||
241 | |||
242 | /* Handle the cookie request packet (for TCP oob packets) | ||
243 | */ | ||
244 | static int tcp_oob_handle_cookie_request(Net_Crypto *c, TCP_Client_Connection *TCP_con, uint8_t *dht_public_key, | ||
245 | uint8_t *packet, uint32_t length) | ||
246 | { | ||
247 | uint8_t request_plain[COOKIE_REQUEST_PLAIN_LENGTH]; | ||
248 | uint8_t shared_key[crypto_box_BEFORENMBYTES]; | ||
249 | uint8_t dht_public_key_temp[crypto_box_PUBLICKEYBYTES]; | ||
250 | |||
251 | if (handle_cookie_request(c, request_plain, shared_key, dht_public_key_temp, packet, length) != 0) | ||
252 | return -1; | ||
253 | |||
254 | if (memcmp(dht_public_key, dht_public_key_temp, crypto_box_PUBLICKEYBYTES) != 0) | ||
255 | return -1; | ||
256 | |||
257 | uint8_t data[COOKIE_RESPONSE_LENGTH]; | ||
258 | |||
259 | if (create_cookie_response(c, data, request_plain, shared_key, dht_public_key) != sizeof(data)) | ||
260 | return -1; | ||
261 | |||
262 | if (send_oob_packet(TCP_con, dht_public_key, data, sizeof(data)) != 1) | ||
237 | return -1; | 263 | return -1; |
238 | 264 | ||
239 | return 0; | 265 | return 0; |
@@ -1115,7 +1141,7 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, uint | |||
1115 | 1141 | ||
1116 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1142 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; |
1117 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ | 1143 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ |
1118 | set_connection_dht_public_key(c, crypt_connection_id, dht_public_key); | 1144 | set_connection_dht_public_key(c, crypt_connection_id, dht_public_key, current_time_monotonic()); |
1119 | } else { | 1145 | } else { |
1120 | return -1; | 1146 | return -1; |
1121 | } | 1147 | } |
@@ -1326,7 +1352,7 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, uint8_ | |||
1326 | if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) == 0) { | 1352 | if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) == 0) { |
1327 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1353 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; |
1328 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ | 1354 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ |
1329 | set_connection_dht_public_key(c, crypt_connection_id, n_c.dht_public_key); | 1355 | set_connection_dht_public_key(c, crypt_connection_id, n_c.dht_public_key, current_time_monotonic()); |
1330 | ret = 0; | 1356 | ret = 0; |
1331 | } | 1357 | } |
1332 | } | 1358 | } |
@@ -1375,7 +1401,7 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c) | |||
1375 | 1401 | ||
1376 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; | 1402 | conn->status = CRYPTO_CONN_NOT_CONFIRMED; |
1377 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ | 1403 | /* Status needs to be CRYPTO_CONN_NOT_CONFIRMED for this to work. */ |
1378 | set_connection_dht_public_key(c, crypt_connection_id, n_c->dht_public_key); | 1404 | set_connection_dht_public_key(c, crypt_connection_id, n_c->dht_public_key, current_time_monotonic()); |
1379 | conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; | 1405 | conn->packet_send_rate = CRYPTO_PACKET_MIN_RATE; |
1380 | crypto_connection_add_source(c, crypt_connection_id, n_c->source); | 1406 | crypto_connection_add_source(c, crypt_connection_id, n_c->source); |
1381 | return crypt_connection_id; | 1407 | return crypt_connection_id; |
@@ -1463,17 +1489,22 @@ static int connect_peer_tcp(Net_Crypto *c, int crypt_connection_id) | |||
1463 | } | 1489 | } |
1464 | 1490 | ||
1465 | /* Set the DHT public key of the crypto connection. | 1491 | /* Set the DHT public key of the crypto connection. |
1492 | * timestamp is the time (current_time_monotonic()) at which the key was last confirmed belonging to | ||
1493 | * the other peer. | ||
1466 | * | 1494 | * |
1467 | * return -1 on failure. | 1495 | * return -1 on failure. |
1468 | * return 0 on success. | 1496 | * return 0 on success. |
1469 | */ | 1497 | */ |
1470 | int set_connection_dht_public_key(Net_Crypto *c, int crypt_connection_id, uint8_t *dht_public_key) | 1498 | int set_connection_dht_public_key(Net_Crypto *c, int crypt_connection_id, uint8_t *dht_public_key, uint64_t timestamp) |
1471 | { | 1499 | { |
1472 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); | 1500 | Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id); |
1473 | 1501 | ||
1474 | if (conn == 0) | 1502 | if (conn == 0) |
1475 | return -1; | 1503 | return -1; |
1476 | 1504 | ||
1505 | if (timestamp <= conn->dht_public_key_timestamp) | ||
1506 | return -1; | ||
1507 | |||
1477 | if (conn->dht_public_key_set == 1 && memcmp(conn->dht_public_key, dht_public_key, crypto_box_PUBLICKEYBYTES) == 0) | 1508 | if (conn->dht_public_key_set == 1 && memcmp(conn->dht_public_key, dht_public_key, crypto_box_PUBLICKEYBYTES) == 0) |
1478 | return -1; | 1509 | return -1; |
1479 | 1510 | ||
@@ -1483,6 +1514,7 @@ int set_connection_dht_public_key(Net_Crypto *c, int crypt_connection_id, uint8_ | |||
1483 | 1514 | ||
1484 | memcpy(conn->dht_public_key, dht_public_key, crypto_box_PUBLICKEYBYTES); | 1515 | memcpy(conn->dht_public_key, dht_public_key, crypto_box_PUBLICKEYBYTES); |
1485 | conn->dht_public_key_set = 1; | 1516 | conn->dht_public_key_set = 1; |
1517 | conn->dht_public_key_timestamp = timestamp; | ||
1486 | 1518 | ||
1487 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { | 1519 | if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING) { |
1488 | conn->cookie_request_number = random_64b(); | 1520 | conn->cookie_request_number = random_64b(); |
@@ -1597,6 +1629,43 @@ static int tcp_data_callback(void *object, uint32_t number, uint8_t connection_i | |||
1597 | return 0; | 1629 | return 0; |
1598 | } | 1630 | } |
1599 | 1631 | ||
1632 | static int tcp_oob_callback(void *object, uint8_t *public_key, uint8_t *data, uint16_t length) | ||
1633 | { | ||
1634 | if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) | ||
1635 | return -1; | ||
1636 | |||
1637 | TCP_Client_Connection *TCP_con = object; | ||
1638 | Net_Crypto *c = TCP_con->net_crypto_pointer; | ||
1639 | uint32_t location = TCP_con->net_crypto_location; | ||
1640 | |||
1641 | if (data[0] == NET_PACKET_COOKIE_REQUEST) { | ||
1642 | return tcp_oob_handle_cookie_request(c, TCP_con, public_key, data, length); | ||
1643 | } | ||
1644 | |||
1645 | int crypt_connection_id = getcryptconnection_id_dht_pubkey(c, public_key); | ||
1646 | |||
1647 | if (crypt_connection_id == -1) { | ||
1648 | IP_Port source; | ||
1649 | source.ip.family = TCP_FAMILY; | ||
1650 | source.ip.ip6.uint32[0] = location; | ||
1651 | |||
1652 | if (data[0] != NET_PACKET_CRYPTO_HS) { | ||
1653 | fprintf(stderr, "tcp snhappen %u\n", data[0]); | ||
1654 | return -1; | ||
1655 | } | ||
1656 | |||
1657 | if (handle_new_connection_handshake(c, source, data, length) != 0) | ||
1658 | return -1; | ||
1659 | |||
1660 | return 0; | ||
1661 | } | ||
1662 | |||
1663 | if (handle_packet_connection(c, crypt_connection_id, data, length) != 0) | ||
1664 | return -1; | ||
1665 | |||
1666 | return 0; | ||
1667 | } | ||
1668 | |||
1600 | /* Check if tcp connection to public key can be created. | 1669 | /* Check if tcp connection to public key can be created. |
1601 | * | 1670 | * |
1602 | * return -1 if it can't. | 1671 | * return -1 if it can't. |
@@ -1696,6 +1765,7 @@ static int add_tcp_connected(Net_Crypto *c, TCP_Client_Connection *tcp_con) | |||
1696 | routing_response_handler(tcp_con, tcp_response_callback, tcp_con); | 1765 | routing_response_handler(tcp_con, tcp_response_callback, tcp_con); |
1697 | routing_status_handler(tcp_con, tcp_status_callback, tcp_con); | 1766 | routing_status_handler(tcp_con, tcp_status_callback, tcp_con); |
1698 | routing_data_handler(tcp_con, tcp_data_callback, tcp_con); | 1767 | routing_data_handler(tcp_con, tcp_data_callback, tcp_con); |
1768 | oob_data_handler(tcp_con, tcp_oob_callback, tcp_con); | ||
1699 | c->tcp_connections[tcp_num] = tcp_con; | 1769 | c->tcp_connections[tcp_num] = tcp_con; |
1700 | return 0; | 1770 | return 0; |
1701 | } | 1771 | } |