summaryrefslogtreecommitdiff
path: root/toxcore/onion.c
diff options
context:
space:
mode:
Diffstat (limited to 'toxcore/onion.c')
-rw-r--r--toxcore/onion.c24
1 files changed, 24 insertions, 0 deletions
diff --git a/toxcore/onion.c b/toxcore/onion.c
index 961f5bd5..578621cc 100644
--- a/toxcore/onion.c
+++ b/toxcore/onion.c
@@ -24,6 +24,7 @@
24#endif 24#endif
25 25
26#include "onion.h" 26#include "onion.h"
27#include "util.h"
27 28
28#define MAX_ONION_SIZE MAX_DATA_SIZE 29#define MAX_ONION_SIZE MAX_DATA_SIZE
29 30
@@ -36,6 +37,16 @@
36#define SEND_2 ONION_SEND_2 37#define SEND_2 ONION_SEND_2
37#define SEND_1 ONION_SEND_1 38#define SEND_1 ONION_SEND_1
38 39
40/* Change symmetric keys every hour to make paths expire eventually. */
41#define KEY_REFRESH_INTERVAL (60 * 60)
42static void change_symmetric_key(Onion *onion)
43{
44 if (is_timeout(onion->timestamp, KEY_REFRESH_INTERVAL)) {
45 new_symmetric_key(onion->secret_symmetric_key);
46 onion->timestamp = unix_time();
47 }
48}
49
39/* Create and send a onion packet. 50/* Create and send a onion packet.
40 * 51 *
41 * nodes is a list of 4 nodes, the packet will route through nodes 0, 1, 2 and the data 52 * nodes is a list of 4 nodes, the packet will route through nodes 0, 1, 2 and the data
@@ -126,6 +137,8 @@ static int handle_send_initial(void *object, IP_Port source, uint8_t *packet, ui
126 if (length <= 1 + SEND_1) 137 if (length <= 1 + SEND_1)
127 return 1; 138 return 1;
128 139
140 change_symmetric_key(onion);
141
129 uint8_t plain[MAX_ONION_SIZE]; 142 uint8_t plain[MAX_ONION_SIZE];
130 143
131 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1, 144 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1,
@@ -170,6 +183,8 @@ static int handle_send_1(void *object, IP_Port source, uint8_t *packet, uint32_t
170 if (length <= 1 + SEND_2) 183 if (length <= 1 + SEND_2)
171 return 1; 184 return 1;
172 185
186 change_symmetric_key(onion);
187
173 uint8_t plain[MAX_ONION_SIZE]; 188 uint8_t plain[MAX_ONION_SIZE];
174 189
175 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1, 190 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1,
@@ -217,6 +232,8 @@ static int handle_send_2(void *object, IP_Port source, uint8_t *packet, uint32_t
217 if (length <= 1 + SEND_3) 232 if (length <= 1 + SEND_3)
218 return 1; 233 return 1;
219 234
235 change_symmetric_key(onion);
236
220 uint8_t plain[MAX_ONION_SIZE]; 237 uint8_t plain[MAX_ONION_SIZE];
221 238
222 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1, 239 int len = decrypt_data(packet + 1 + crypto_box_NONCEBYTES, onion->dht->self_secret_key, packet + 1,
@@ -263,6 +280,8 @@ static int handle_recv_3(void *object, IP_Port source, uint8_t *packet, uint32_t
263 if (length <= 1 + RETURN_3) 280 if (length <= 1 + RETURN_3)
264 return 1; 281 return 1;
265 282
283 change_symmetric_key(onion);
284
266 uint8_t plain[sizeof(IP_Port) + RETURN_2]; 285 uint8_t plain[sizeof(IP_Port) + RETURN_2];
267 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES, 286 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES,
268 sizeof(IP_Port) + RETURN_2 + crypto_secretbox_MACBYTES, plain); 287 sizeof(IP_Port) + RETURN_2 + crypto_secretbox_MACBYTES, plain);
@@ -295,6 +314,8 @@ static int handle_recv_2(void *object, IP_Port source, uint8_t *packet, uint32_t
295 if (length <= 1 + RETURN_2) 314 if (length <= 1 + RETURN_2)
296 return 1; 315 return 1;
297 316
317 change_symmetric_key(onion);
318
298 uint8_t plain[sizeof(IP_Port) + RETURN_1]; 319 uint8_t plain[sizeof(IP_Port) + RETURN_1];
299 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES, 320 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES,
300 sizeof(IP_Port) + RETURN_1 + crypto_secretbox_MACBYTES, plain); 321 sizeof(IP_Port) + RETURN_1 + crypto_secretbox_MACBYTES, plain);
@@ -327,6 +348,8 @@ static int handle_recv_1(void *object, IP_Port source, uint8_t *packet, uint32_t
327 if (length <= 1 + RETURN_1) 348 if (length <= 1 + RETURN_1)
328 return 1; 349 return 1;
329 350
351 change_symmetric_key(onion);
352
330 IP_Port send_to; 353 IP_Port send_to;
331 354
332 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES, 355 int len = decrypt_data_symmetric(onion->secret_symmetric_key, packet + 1, packet + 1 + crypto_secretbox_NONCEBYTES,
@@ -358,6 +381,7 @@ Onion *new_onion(DHT *dht)
358 onion->dht = dht; 381 onion->dht = dht;
359 onion->net = dht->c->lossless_udp->net; 382 onion->net = dht->c->lossless_udp->net;
360 new_symmetric_key(onion->secret_symmetric_key); 383 new_symmetric_key(onion->secret_symmetric_key);
384 onion->timestamp = unix_time();
361 385
362 networking_registerhandler(onion->net, NET_PACKET_ONION_SEND_INITIAL, &handle_send_initial, onion); 386 networking_registerhandler(onion->net, NET_PACKET_ONION_SEND_INITIAL, &handle_send_initial, onion);
363 networking_registerhandler(onion->net, NET_PACKET_ONION_SEND_1, &handle_send_1, onion); 387 networking_registerhandler(onion->net, NET_PACKET_ONION_SEND_1, &handle_send_1, onion);
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-28 19:05:39 +0000