mirror of
https://github.com/irungentoo/toxcore.git
synced 2024-03-22 13:30:51 +08:00
Various minor cleanups in net_crypto
.
* Consistently use `num_packets_array` to get the packet count in the packet buffer. * Use `const` in more places. * Typo fix: begginning. * Rewrite `length < 1` for unsigned int to `length == 0`. * Limit scope of some loop variables by using for-init-decl. * Use early return in error paths to reduce indentation and for clarity. * Use `net_unpack_*` instead of manual `ntohs`. * Fix an uninitialised stack variable copy. * Fix a potential null pointer dereference. * Consistently use `get_crypto_connection`. It was inlined in some places. I de-inlined it now. * Add Loggers to some functions in preparation for adding log statements.
This commit is contained in:
parent
4e3bfac47d
commit
7c4b971d67
|
@ -198,13 +198,13 @@ static uint8_t crypt_connection_id_not_valid(const Net_Crypto *c, int crypt_conn
|
||||||
|
|
||||||
/* cookie timeout in seconds */
|
/* cookie timeout in seconds */
|
||||||
#define COOKIE_TIMEOUT 15
|
#define COOKIE_TIMEOUT 15
|
||||||
#define COOKIE_DATA_LENGTH (CRYPTO_PUBLIC_KEY_SIZE * 2)
|
#define COOKIE_DATA_LENGTH (uint16_t)(CRYPTO_PUBLIC_KEY_SIZE * 2)
|
||||||
#define COOKIE_CONTENTS_LENGTH (sizeof(uint64_t) + COOKIE_DATA_LENGTH)
|
#define COOKIE_CONTENTS_LENGTH (uint16_t)(sizeof(uint64_t) + COOKIE_DATA_LENGTH)
|
||||||
#define COOKIE_LENGTH (CRYPTO_NONCE_SIZE + COOKIE_CONTENTS_LENGTH + CRYPTO_MAC_SIZE)
|
#define COOKIE_LENGTH (uint16_t)(CRYPTO_NONCE_SIZE + COOKIE_CONTENTS_LENGTH + CRYPTO_MAC_SIZE)
|
||||||
|
|
||||||
#define COOKIE_REQUEST_PLAIN_LENGTH (COOKIE_DATA_LENGTH + sizeof(uint64_t))
|
#define COOKIE_REQUEST_PLAIN_LENGTH (uint16_t)(COOKIE_DATA_LENGTH + sizeof(uint64_t))
|
||||||
#define COOKIE_REQUEST_LENGTH (1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE)
|
#define COOKIE_REQUEST_LENGTH (uint16_t)(1 + CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE + COOKIE_REQUEST_PLAIN_LENGTH + CRYPTO_MAC_SIZE)
|
||||||
#define COOKIE_RESPONSE_LENGTH (1 + CRYPTO_NONCE_SIZE + COOKIE_LENGTH + sizeof(uint64_t) + CRYPTO_MAC_SIZE)
|
#define COOKIE_RESPONSE_LENGTH (uint16_t)(1 + CRYPTO_NONCE_SIZE + COOKIE_LENGTH + sizeof(uint64_t) + CRYPTO_MAC_SIZE)
|
||||||
|
|
||||||
/* Create a cookie request packet and put it in packet.
|
/* Create a cookie request packet and put it in packet.
|
||||||
* dht_public_key is the dht public key of the other
|
* dht_public_key is the dht public key of the other
|
||||||
|
@ -248,7 +248,7 @@ static int create_cookie_request(const Net_Crypto *c, uint8_t *packet, uint8_t *
|
||||||
static int create_cookie(const Logger *log, uint8_t *cookie, const uint8_t *bytes, const uint8_t *encryption_key)
|
static int create_cookie(const Logger *log, uint8_t *cookie, const uint8_t *bytes, const uint8_t *encryption_key)
|
||||||
{
|
{
|
||||||
uint8_t contents[COOKIE_CONTENTS_LENGTH];
|
uint8_t contents[COOKIE_CONTENTS_LENGTH];
|
||||||
uint64_t temp_time = unix_time();
|
const uint64_t temp_time = unix_time();
|
||||||
memcpy(contents, &temp_time, sizeof(temp_time));
|
memcpy(contents, &temp_time, sizeof(temp_time));
|
||||||
memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH);
|
memcpy(contents + sizeof(temp_time), bytes, COOKIE_DATA_LENGTH);
|
||||||
random_nonce(cookie);
|
random_nonce(cookie);
|
||||||
|
@ -269,7 +269,7 @@ static int create_cookie(const Logger *log, uint8_t *cookie, const uint8_t *byte
|
||||||
static int open_cookie(const Logger *log, uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key)
|
static int open_cookie(const Logger *log, uint8_t *bytes, const uint8_t *cookie, const uint8_t *encryption_key)
|
||||||
{
|
{
|
||||||
uint8_t contents[COOKIE_CONTENTS_LENGTH];
|
uint8_t contents[COOKIE_CONTENTS_LENGTH];
|
||||||
int len = decrypt_data_symmetric(encryption_key, cookie, cookie + CRYPTO_NONCE_SIZE,
|
const int len = decrypt_data_symmetric(encryption_key, cookie, cookie + CRYPTO_NONCE_SIZE,
|
||||||
COOKIE_LENGTH - CRYPTO_NONCE_SIZE, contents);
|
COOKIE_LENGTH - CRYPTO_NONCE_SIZE, contents);
|
||||||
|
|
||||||
if (len != sizeof(contents)) {
|
if (len != sizeof(contents)) {
|
||||||
|
@ -278,7 +278,7 @@ static int open_cookie(const Logger *log, uint8_t *bytes, const uint8_t *cookie,
|
||||||
|
|
||||||
uint64_t cookie_time;
|
uint64_t cookie_time;
|
||||||
memcpy(&cookie_time, contents, sizeof(cookie_time));
|
memcpy(&cookie_time, contents, sizeof(cookie_time));
|
||||||
uint64_t temp_time = unix_time();
|
const uint64_t temp_time = unix_time();
|
||||||
|
|
||||||
if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time) {
|
if (cookie_time + COOKIE_TIMEOUT < temp_time || temp_time < cookie_time) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -440,7 +440,7 @@ static int handle_cookie_response(const Logger *log, uint8_t *cookie, uint64_t *
|
||||||
}
|
}
|
||||||
|
|
||||||
uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)];
|
uint8_t plain[COOKIE_LENGTH + sizeof(uint64_t)];
|
||||||
int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE,
|
const int len = decrypt_data_symmetric(shared_key, packet + 1, packet + 1 + CRYPTO_NONCE_SIZE,
|
||||||
length - (1 + CRYPTO_NONCE_SIZE), plain);
|
length - (1 + CRYPTO_NONCE_SIZE), plain);
|
||||||
|
|
||||||
if (len != sizeof(plain)) {
|
if (len != sizeof(plain)) {
|
||||||
|
@ -746,7 +746,7 @@ static int add_data_to_buffer(const Logger *log, Packets_Array *array, uint32_t
|
||||||
memcpy(new_d, data, sizeof(Packet_Data));
|
memcpy(new_d, data, sizeof(Packet_Data));
|
||||||
array->buffer[num] = new_d;
|
array->buffer[num] = new_d;
|
||||||
|
|
||||||
if ((number - array->buffer_start) >= (array->buffer_end - array->buffer_start)) {
|
if (number - array->buffer_start >= num_packets_array(array)) {
|
||||||
array->buffer_end = number + 1;
|
array->buffer_end = number + 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -761,7 +761,7 @@ static int add_data_to_buffer(const Logger *log, Packets_Array *array, uint32_t
|
||||||
*/
|
*/
|
||||||
static int get_data_pointer(const Logger *log, const Packets_Array *array, Packet_Data **data, uint32_t number)
|
static int get_data_pointer(const Logger *log, const Packets_Array *array, Packet_Data **data, uint32_t number)
|
||||||
{
|
{
|
||||||
uint32_t num_spots = array->buffer_end - array->buffer_start;
|
const uint32_t num_spots = num_packets_array(array);
|
||||||
|
|
||||||
if (array->buffer_end - number > num_spots || number - array->buffer_start >= num_spots) {
|
if (array->buffer_end - number > num_spots || number - array->buffer_start >= num_spots) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -784,7 +784,9 @@ static int get_data_pointer(const Logger *log, const Packets_Array *array, Packe
|
||||||
*/
|
*/
|
||||||
static int64_t add_data_end_of_buffer(const Logger *log, Packets_Array *array, const Packet_Data *data)
|
static int64_t add_data_end_of_buffer(const Logger *log, Packets_Array *array, const Packet_Data *data)
|
||||||
{
|
{
|
||||||
if (num_packets_array(array) >= CRYPTO_PACKET_BUFFER_SIZE) {
|
const uint32_t num_spots = num_packets_array(array);
|
||||||
|
|
||||||
|
if (num_spots >= CRYPTO_PACKET_BUFFER_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -812,7 +814,7 @@ static int64_t read_data_beg_buffer(const Logger *log, Packets_Array *array, Pac
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t num = array->buffer_start % CRYPTO_PACKET_BUFFER_SIZE;
|
const uint32_t num = array->buffer_start % CRYPTO_PACKET_BUFFER_SIZE;
|
||||||
|
|
||||||
if (!array->buffer[num]) {
|
if (!array->buffer[num]) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -833,7 +835,7 @@ static int64_t read_data_beg_buffer(const Logger *log, Packets_Array *array, Pac
|
||||||
*/
|
*/
|
||||||
static int clear_buffer_until(const Logger *log, Packets_Array *array, uint32_t number)
|
static int clear_buffer_until(const Logger *log, Packets_Array *array, uint32_t number)
|
||||||
{
|
{
|
||||||
uint32_t num_spots = array->buffer_end - array->buffer_start;
|
const uint32_t num_spots = num_packets_array(array);
|
||||||
|
|
||||||
if (array->buffer_end - number >= num_spots || number - array->buffer_start > num_spots) {
|
if (array->buffer_end - number >= num_spots || number - array->buffer_start > num_spots) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -878,11 +880,11 @@ static int clear_buffer(Packets_Array *array)
|
||||||
*/
|
*/
|
||||||
static int set_buffer_end(const Logger *log, Packets_Array *array, uint32_t number)
|
static int set_buffer_end(const Logger *log, Packets_Array *array, uint32_t number)
|
||||||
{
|
{
|
||||||
if ((number - array->buffer_start) > CRYPTO_PACKET_BUFFER_SIZE) {
|
if (number - array->buffer_start > CRYPTO_PACKET_BUFFER_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((number - array->buffer_end) > CRYPTO_PACKET_BUFFER_SIZE) {
|
if (number - array->buffer_end > CRYPTO_PACKET_BUFFER_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -952,7 +954,7 @@ static int generate_request_packet(const Logger *log, uint8_t *data, uint16_t le
|
||||||
static int handle_request_packet(const Logger *log, Packets_Array *send_array, const uint8_t *data, uint16_t length,
|
static int handle_request_packet(const Logger *log, Packets_Array *send_array, const uint8_t *data, uint16_t length,
|
||||||
uint64_t *latest_send_time, uint64_t rtt_time)
|
uint64_t *latest_send_time, uint64_t rtt_time)
|
||||||
{
|
{
|
||||||
if (length < 1) {
|
if (length == 0) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -967,13 +969,13 @@ static int handle_request_packet(const Logger *log, Packets_Array *send_array, c
|
||||||
++data;
|
++data;
|
||||||
--length;
|
--length;
|
||||||
|
|
||||||
uint32_t i, n = 1;
|
uint32_t n = 1;
|
||||||
uint32_t requested = 0;
|
uint32_t requested = 0;
|
||||||
|
|
||||||
uint64_t temp_time = current_time_monotonic();
|
const uint64_t temp_time = current_time_monotonic();
|
||||||
uint64_t l_sent_time = ~0;
|
uint64_t l_sent_time = ~0;
|
||||||
|
|
||||||
for (i = send_array->buffer_start; i != send_array->buffer_end; ++i) {
|
for (uint32_t i = send_array->buffer_start; i != send_array->buffer_end; ++i) {
|
||||||
if (length == 0) {
|
if (length == 0) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -1038,7 +1040,9 @@ static int handle_request_packet(const Logger *log, Packets_Array *send_array, c
|
||||||
*/
|
*/
|
||||||
static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length)
|
static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_t *data, uint16_t length)
|
||||||
{
|
{
|
||||||
if (length == 0 || length + (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) > MAX_CRYPTO_PACKET_SIZE) {
|
const uint16_t max_length = MAX_CRYPTO_PACKET_SIZE - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE);
|
||||||
|
|
||||||
|
if (length == 0 || length > max_length) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1052,7 +1056,7 @@ static int send_data_packet(Net_Crypto *c, int crypt_connection_id, const uint8_
|
||||||
VLA(uint8_t, packet, 1 + sizeof(uint16_t) + length + CRYPTO_MAC_SIZE);
|
VLA(uint8_t, packet, 1 + sizeof(uint16_t) + length + CRYPTO_MAC_SIZE);
|
||||||
packet[0] = NET_PACKET_CRYPTO_DATA;
|
packet[0] = NET_PACKET_CRYPTO_DATA;
|
||||||
memcpy(packet + 1, conn->sent_nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t));
|
memcpy(packet + 1, conn->sent_nonce + (CRYPTO_NONCE_SIZE - sizeof(uint16_t)), sizeof(uint16_t));
|
||||||
int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t));
|
const int len = encrypt_data_symmetric(conn->shared_key, conn->sent_nonce, data, length, packet + 1 + sizeof(uint16_t));
|
||||||
|
|
||||||
if (len + 1 + sizeof(uint16_t) != SIZEOF_VLA(packet)) {
|
if (len + 1 + sizeof(uint16_t) != SIZEOF_VLA(packet)) {
|
||||||
pthread_mutex_unlock(&conn->mutex);
|
pthread_mutex_unlock(&conn->mutex);
|
||||||
|
@ -1101,27 +1105,19 @@ static int reset_max_speed_reached(Net_Crypto *c, int crypt_connection_id)
|
||||||
If sending it fails we won't be able to send the new packet. */
|
If sending it fails we won't be able to send the new packet. */
|
||||||
if (conn->maximum_speed_reached) {
|
if (conn->maximum_speed_reached) {
|
||||||
Packet_Data *dt = nullptr;
|
Packet_Data *dt = nullptr;
|
||||||
uint32_t packet_num = conn->send_array.buffer_end - 1;
|
const uint32_t packet_num = conn->send_array.buffer_end - 1;
|
||||||
int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num);
|
const int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num);
|
||||||
|
|
||||||
uint8_t send_failed = 0;
|
if (ret == 1 && dt->sent_time == 0) {
|
||||||
|
if (send_data_packet_helper(c, crypt_connection_id, conn->recv_array.buffer_start, packet_num,
|
||||||
if (ret == 1) {
|
dt->data, dt->length) != 0) {
|
||||||
if (!dt->sent_time) {
|
|
||||||
if (send_data_packet_helper(c, crypt_connection_id, conn->recv_array.buffer_start, packet_num, dt->data,
|
|
||||||
dt->length) != 0) {
|
|
||||||
send_failed = 1;
|
|
||||||
} else {
|
|
||||||
dt->sent_time = current_time_monotonic();
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!send_failed) {
|
|
||||||
conn->maximum_speed_reached = 0;
|
|
||||||
} else {
|
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
dt->sent_time = current_time_monotonic();
|
||||||
|
}
|
||||||
|
|
||||||
|
conn->maximum_speed_reached = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -1175,7 +1171,7 @@ static int64_t send_lossless_packet(Net_Crypto *c, int crypt_connection_id, cons
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
conn->maximum_speed_reached = 1;
|
conn->maximum_speed_reached = 1;
|
||||||
LOGGER_ERROR(c->log, "send_data_packet failed\n");
|
LOGGER_ERROR(c->log, "send_data_packet failed");
|
||||||
}
|
}
|
||||||
|
|
||||||
return packet_num;
|
return packet_num;
|
||||||
|
@ -1203,7 +1199,9 @@ static uint16_t get_nonce_uint16(const uint8_t *nonce)
|
||||||
static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet,
|
static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint8_t *data, const uint8_t *packet,
|
||||||
uint16_t length)
|
uint16_t length)
|
||||||
{
|
{
|
||||||
if (length <= (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE) || length > MAX_CRYPTO_PACKET_SIZE) {
|
const uint16_t crypto_packet_overhead = 1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE;
|
||||||
|
|
||||||
|
if (length <= crypto_packet_overhead || length > MAX_CRYPTO_PACKET_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1217,14 +1215,13 @@ static int handle_data_packet(const Net_Crypto *c, int crypt_connection_id, uint
|
||||||
memcpy(nonce, conn->recv_nonce, CRYPTO_NONCE_SIZE);
|
memcpy(nonce, conn->recv_nonce, CRYPTO_NONCE_SIZE);
|
||||||
uint16_t num_cur_nonce = get_nonce_uint16(nonce);
|
uint16_t num_cur_nonce = get_nonce_uint16(nonce);
|
||||||
uint16_t num;
|
uint16_t num;
|
||||||
memcpy(&num, packet + 1, sizeof(uint16_t));
|
net_unpack_u16(packet + 1, &num);
|
||||||
num = net_ntohs(num);
|
|
||||||
uint16_t diff = num - num_cur_nonce;
|
uint16_t diff = num - num_cur_nonce;
|
||||||
increment_nonce_number(nonce, diff);
|
increment_nonce_number(nonce, diff);
|
||||||
int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t),
|
int len = decrypt_data_symmetric(conn->shared_key, nonce, packet + 1 + sizeof(uint16_t),
|
||||||
length - (1 + sizeof(uint16_t)), data);
|
length - (1 + sizeof(uint16_t)), data);
|
||||||
|
|
||||||
if ((unsigned int)len != length - (1 + sizeof(uint16_t) + CRYPTO_MAC_SIZE)) {
|
if ((unsigned int)len != length - crypto_packet_overhead) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1276,13 +1273,13 @@ static int send_requested_packets(Net_Crypto *c, int crypt_connection_id, uint32
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint64_t temp_time = current_time_monotonic();
|
const uint64_t temp_time = current_time_monotonic();
|
||||||
uint32_t i, num_sent = 0, array_size = num_packets_array(&conn->send_array);
|
uint32_t i, num_sent = 0, array_size = num_packets_array(&conn->send_array);
|
||||||
|
|
||||||
for (i = 0; i < array_size; ++i) {
|
for (i = 0; i < array_size; ++i) {
|
||||||
Packet_Data *dt;
|
Packet_Data *dt;
|
||||||
uint32_t packet_num = (i + conn->send_array.buffer_start);
|
const uint32_t packet_num = i + conn->send_array.buffer_start;
|
||||||
int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num);
|
const int ret = get_data_pointer(c->log, &conn->send_array, &dt, packet_num);
|
||||||
|
|
||||||
if (ret == -1) {
|
if (ret == -1) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -1650,8 +1647,12 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, cons
|
||||||
}
|
}
|
||||||
|
|
||||||
case NET_PACKET_CRYPTO_HS: {
|
case NET_PACKET_CRYPTO_HS: {
|
||||||
if (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT
|
if (conn->status != CRYPTO_CONN_COOKIE_REQUESTING
|
||||||
|| conn->status == CRYPTO_CONN_NOT_CONFIRMED) {
|
&& conn->status != CRYPTO_CONN_HANDSHAKE_SENT
|
||||||
|
&& conn->status != CRYPTO_CONN_NOT_CONFIRMED) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
uint8_t peer_real_pk[CRYPTO_PUBLIC_KEY_SIZE];
|
uint8_t peer_real_pk[CRYPTO_PUBLIC_KEY_SIZE];
|
||||||
uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
|
uint8_t dht_public_key[CRYPTO_PUBLIC_KEY_SIZE];
|
||||||
uint8_t cookie[COOKIE_LENGTH];
|
uint8_t cookie[COOKIE_LENGTH];
|
||||||
|
@ -1676,19 +1677,16 @@ static int handle_packet_connection(Net_Crypto *c, int crypt_connection_id, cons
|
||||||
conn->dht_pk_callback(conn->dht_pk_callback_object, conn->dht_pk_callback_number, dht_public_key, userdata);
|
conn->dht_pk_callback(conn->dht_pk_callback_object, conn->dht_pk_callback_number, dht_public_key, userdata);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
case NET_PACKET_CRYPTO_DATA: {
|
case NET_PACKET_CRYPTO_DATA: {
|
||||||
if (conn->status == CRYPTO_CONN_NOT_CONFIRMED || conn->status == CRYPTO_CONN_ESTABLISHED) {
|
if (conn->status != CRYPTO_CONN_NOT_CONFIRMED && conn->status != CRYPTO_CONN_ESTABLISHED) {
|
||||||
return handle_data_packet_core(c, crypt_connection_id, packet, length, udp, userdata);
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return -1;
|
return handle_data_packet_core(c, crypt_connection_id, packet, length, udp, userdata);
|
||||||
}
|
}
|
||||||
|
|
||||||
default: {
|
default: {
|
||||||
|
@ -1729,9 +1727,7 @@ static int realloc_cryptoconnection(Net_Crypto *c, uint32_t num)
|
||||||
*/
|
*/
|
||||||
static int create_crypto_connection(Net_Crypto *c)
|
static int create_crypto_connection(Net_Crypto *c)
|
||||||
{
|
{
|
||||||
uint32_t i;
|
for (uint32_t i = 0; i < c->crypto_connections_length; ++i) {
|
||||||
|
|
||||||
for (i = 0; i < c->crypto_connections_length; ++i) {
|
|
||||||
if (c->crypto_connections[i].status == CRYPTO_CONN_NO_CONNECTION) {
|
if (c->crypto_connections[i].status == CRYPTO_CONN_NO_CONNECTION) {
|
||||||
return i;
|
return i;
|
||||||
}
|
}
|
||||||
|
@ -1811,9 +1807,7 @@ static int wipe_crypto_connection(Net_Crypto *c, int crypt_connection_id)
|
||||||
*/
|
*/
|
||||||
static int getcryptconnection_id(const Net_Crypto *c, const uint8_t *public_key)
|
static int getcryptconnection_id(const Net_Crypto *c, const uint8_t *public_key)
|
||||||
{
|
{
|
||||||
uint32_t i;
|
for (uint32_t i = 0; i < c->crypto_connections_length; ++i) {
|
||||||
|
|
||||||
for (i = 0; i < c->crypto_connections_length; ++i) {
|
|
||||||
if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) {
|
if (c->crypto_connections[i].status != CRYPTO_CONN_NO_CONNECTION) {
|
||||||
if (public_key_cmp(public_key, c->crypto_connections[i].public_key) == 0) {
|
if (public_key_cmp(public_key, c->crypto_connections[i].public_key) == 0) {
|
||||||
return i;
|
return i;
|
||||||
|
@ -1901,31 +1895,37 @@ static int handle_new_connection_handshake(Net_Crypto *c, IP_Port source, const
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
int crypt_connection_id = getcryptconnection_id(c, n_c.public_key);
|
const int crypt_connection_id = getcryptconnection_id(c, n_c.public_key);
|
||||||
|
|
||||||
if (crypt_connection_id != -1) {
|
if (crypt_connection_id != -1) {
|
||||||
Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id);
|
Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id);
|
||||||
|
|
||||||
|
if (conn == nullptr) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
if (public_key_cmp(n_c.dht_public_key, conn->dht_public_key) != 0) {
|
if (public_key_cmp(n_c.dht_public_key, conn->dht_public_key) != 0) {
|
||||||
connection_kill(c, crypt_connection_id, userdata);
|
connection_kill(c, crypt_connection_id, userdata);
|
||||||
} else {
|
} else {
|
||||||
int ret = -1;
|
if (conn->status != CRYPTO_CONN_COOKIE_REQUESTING && conn->status != CRYPTO_CONN_HANDSHAKE_SENT) {
|
||||||
|
free(n_c.cookie);
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
if (conn && (conn->status == CRYPTO_CONN_COOKIE_REQUESTING || conn->status == CRYPTO_CONN_HANDSHAKE_SENT)) {
|
|
||||||
memcpy(conn->recv_nonce, n_c.recv_nonce, CRYPTO_NONCE_SIZE);
|
memcpy(conn->recv_nonce, n_c.recv_nonce, CRYPTO_NONCE_SIZE);
|
||||||
memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE);
|
memcpy(conn->peersessionpublic_key, n_c.peersessionpublic_key, CRYPTO_PUBLIC_KEY_SIZE);
|
||||||
encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key);
|
encrypt_precompute(conn->peersessionpublic_key, conn->sessionsecret_key, conn->shared_key);
|
||||||
|
|
||||||
crypto_connection_add_source(c, crypt_connection_id, source);
|
crypto_connection_add_source(c, crypt_connection_id, source);
|
||||||
|
|
||||||
if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) == 0) {
|
if (create_send_handshake(c, crypt_connection_id, n_c.cookie, n_c.dht_public_key) != 0) {
|
||||||
conn->status = CRYPTO_CONN_NOT_CONFIRMED;
|
free(n_c.cookie);
|
||||||
ret = 0;
|
return -1;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
conn->status = CRYPTO_CONN_NOT_CONFIRMED;
|
||||||
free(n_c.cookie);
|
free(n_c.cookie);
|
||||||
return ret;
|
return 0;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1945,9 +1945,10 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c)
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
int crypt_connection_id = create_crypto_connection(c);
|
const int crypt_connection_id = create_crypto_connection(c);
|
||||||
|
|
||||||
if (crypt_connection_id == -1) {
|
if (crypt_connection_id == -1) {
|
||||||
|
LOGGER_ERROR(c->log, "Could not create new crypto connection");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1958,7 +1959,7 @@ int accept_crypto_connection(Net_Crypto *c, New_Connection *n_c)
|
||||||
}
|
}
|
||||||
|
|
||||||
pthread_mutex_lock(&c->tcp_mutex);
|
pthread_mutex_lock(&c->tcp_mutex);
|
||||||
int connection_number_tcp = new_tcp_connection_to(c->tcp_c, n_c->dht_public_key, crypt_connection_id);
|
const int connection_number_tcp = new_tcp_connection_to(c->tcp_c, n_c->dht_public_key, crypt_connection_id);
|
||||||
pthread_mutex_unlock(&c->tcp_mutex);
|
pthread_mutex_unlock(&c->tcp_mutex);
|
||||||
|
|
||||||
if (connection_number_tcp == -1) {
|
if (connection_number_tcp == -1) {
|
||||||
|
@ -2013,12 +2014,8 @@ int new_crypto_connection(Net_Crypto *c, const uint8_t *real_public_key, const u
|
||||||
|
|
||||||
Crypto_Connection *conn = &c->crypto_connections[crypt_connection_id];
|
Crypto_Connection *conn = &c->crypto_connections[crypt_connection_id];
|
||||||
|
|
||||||
if (conn == nullptr) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
pthread_mutex_lock(&c->tcp_mutex);
|
pthread_mutex_lock(&c->tcp_mutex);
|
||||||
int connection_number_tcp = new_tcp_connection_to(c->tcp_c, dht_public_key, crypt_connection_id);
|
const int connection_number_tcp = new_tcp_connection_to(c->tcp_c, dht_public_key, crypt_connection_id);
|
||||||
pthread_mutex_unlock(&c->tcp_mutex);
|
pthread_mutex_unlock(&c->tcp_mutex);
|
||||||
|
|
||||||
if (connection_number_tcp == -1) {
|
if (connection_number_tcp == -1) {
|
||||||
|
@ -2083,15 +2080,16 @@ int set_direct_ip_port(Net_Crypto *c, int crypt_connection_id, IP_Port ip_port,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
static int tcp_data_callback(void *object, int id, const uint8_t *data, uint16_t length, void *userdata)
|
static int tcp_data_callback(void *object, int crypt_connection_id, const uint8_t *data, uint16_t length,
|
||||||
|
void *userdata)
|
||||||
{
|
{
|
||||||
|
Net_Crypto *c = (Net_Crypto *)object;
|
||||||
|
|
||||||
if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) {
|
if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
Net_Crypto *c = (Net_Crypto *)object;
|
Crypto_Connection *conn = get_crypto_connection(c, crypt_connection_id);
|
||||||
|
|
||||||
Crypto_Connection *conn = get_crypto_connection(c, id);
|
|
||||||
|
|
||||||
if (conn == nullptr) {
|
if (conn == nullptr) {
|
||||||
return -1;
|
return -1;
|
||||||
|
@ -2104,7 +2102,7 @@ static int tcp_data_callback(void *object, int id, const uint8_t *data, uint16_t
|
||||||
// This unlocks the mutex that at this point is locked by do_tcp before
|
// This unlocks the mutex that at this point is locked by do_tcp before
|
||||||
// calling do_tcp_connections.
|
// calling do_tcp_connections.
|
||||||
pthread_mutex_unlock(&c->tcp_mutex);
|
pthread_mutex_unlock(&c->tcp_mutex);
|
||||||
int ret = handle_packet_connection(c, id, data, length, 0, userdata);
|
int ret = handle_packet_connection(c, crypt_connection_id, data, length, 0, userdata);
|
||||||
pthread_mutex_lock(&c->tcp_mutex);
|
pthread_mutex_lock(&c->tcp_mutex);
|
||||||
|
|
||||||
if (ret != 0) {
|
if (ret != 0) {
|
||||||
|
@ -2118,12 +2116,12 @@ static int tcp_data_callback(void *object, int id, const uint8_t *data, uint16_t
|
||||||
static int tcp_oob_callback(void *object, const uint8_t *public_key, unsigned int tcp_connections_number,
|
static int tcp_oob_callback(void *object, const uint8_t *public_key, unsigned int tcp_connections_number,
|
||||||
const uint8_t *data, uint16_t length, void *userdata)
|
const uint8_t *data, uint16_t length, void *userdata)
|
||||||
{
|
{
|
||||||
|
Net_Crypto *c = (Net_Crypto *)object;
|
||||||
|
|
||||||
if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) {
|
if (length == 0 || length > MAX_CRYPTO_PACKET_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
Net_Crypto *c = (Net_Crypto *)object;
|
|
||||||
|
|
||||||
if (data[0] == NET_PACKET_COOKIE_REQUEST) {
|
if (data[0] == NET_PACKET_COOKIE_REQUEST) {
|
||||||
return tcp_oob_handle_cookie_request(c, tcp_connections_number, public_key, data, length);
|
return tcp_oob_handle_cookie_request(c, tcp_connections_number, public_key, data, length);
|
||||||
}
|
}
|
||||||
|
@ -2378,12 +2376,13 @@ static int crypto_id_ip_port(const Net_Crypto *c, IP_Port ip_port)
|
||||||
*/
|
*/
|
||||||
static int udp_handle_packet(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
|
static int udp_handle_packet(void *object, IP_Port source, const uint8_t *packet, uint16_t length, void *userdata)
|
||||||
{
|
{
|
||||||
|
Net_Crypto *c = (Net_Crypto *)object;
|
||||||
|
|
||||||
if (length <= CRYPTO_MIN_PACKET_SIZE || length > MAX_CRYPTO_PACKET_SIZE) {
|
if (length <= CRYPTO_MIN_PACKET_SIZE || length > MAX_CRYPTO_PACKET_SIZE) {
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
Net_Crypto *c = (Net_Crypto *)object;
|
const int crypt_connection_id = crypto_id_ip_port(c, source);
|
||||||
int crypt_connection_id = crypto_id_ip_port(c, source);
|
|
||||||
|
|
||||||
if (crypt_connection_id == -1) {
|
if (crypt_connection_id == -1) {
|
||||||
if (packet[0] != NET_PACKET_CRYPTO_HS) {
|
if (packet[0] != NET_PACKET_CRYPTO_HS) {
|
||||||
|
@ -2439,12 +2438,11 @@ static int udp_handle_packet(void *object, IP_Port source, const uint8_t *packet
|
||||||
|
|
||||||
static void send_crypto_packets(Net_Crypto *c)
|
static void send_crypto_packets(Net_Crypto *c)
|
||||||
{
|
{
|
||||||
uint32_t i;
|
const uint64_t temp_time = current_time_monotonic();
|
||||||
uint64_t temp_time = current_time_monotonic();
|
|
||||||
double total_send_rate = 0;
|
double total_send_rate = 0;
|
||||||
uint32_t peak_request_packet_interval = ~0;
|
uint32_t peak_request_packet_interval = ~0;
|
||||||
|
|
||||||
for (i = 0; i < c->crypto_connections_length; ++i) {
|
for (uint32_t i = 0; i < c->crypto_connections_length; ++i) {
|
||||||
Crypto_Connection *conn = get_crypto_connection(c, i);
|
Crypto_Connection *conn = get_crypto_connection(c, i);
|
||||||
|
|
||||||
if (conn == nullptr) {
|
if (conn == nullptr) {
|
||||||
|
@ -2494,8 +2492,7 @@ static void send_crypto_packets(Net_Crypto *c)
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((PACKET_COUNTER_AVERAGE_INTERVAL + conn->packet_counter_set) < temp_time) {
|
if ((PACKET_COUNTER_AVERAGE_INTERVAL + conn->packet_counter_set) < temp_time) {
|
||||||
|
const double dt = temp_time - conn->packet_counter_set;
|
||||||
double dt = temp_time - conn->packet_counter_set;
|
|
||||||
|
|
||||||
conn->packet_recv_rate = (double)conn->packet_counter / (dt / 1000.0);
|
conn->packet_recv_rate = (double)conn->packet_counter / (dt / 1000.0);
|
||||||
conn->packet_counter = 0;
|
conn->packet_counter = 0;
|
||||||
|
@ -2758,7 +2755,7 @@ int64_t write_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t
|
||||||
*
|
*
|
||||||
* Note: The condition `buffer_end - buffer_start < packet_number - buffer_start` is
|
* Note: The condition `buffer_end - buffer_start < packet_number - buffer_start` is
|
||||||
* a trick which handles situations `buffer_end >= buffer_start` and
|
* a trick which handles situations `buffer_end >= buffer_start` and
|
||||||
* `buffer_end < buffer_start`(when buffer_end overflowed) both correctly
|
* `buffer_end < buffer_start` (when buffer_end overflowed) both correctly.
|
||||||
*
|
*
|
||||||
* It CANNOT be simplified to `packet_number < buffer_start`, as it will fail
|
* It CANNOT be simplified to `packet_number < buffer_start`, as it will fail
|
||||||
* when `buffer_end < buffer_start`.
|
* when `buffer_end < buffer_start`.
|
||||||
|
@ -2771,14 +2768,14 @@ int cryptpacket_received(Net_Crypto *c, int crypt_connection_id, uint32_t packet
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
uint32_t num = conn->send_array.buffer_end - conn->send_array.buffer_start;
|
uint32_t num = num_packets_array(&conn->send_array);
|
||||||
uint32_t num1 = packet_number - conn->send_array.buffer_start;
|
uint32_t num1 = packet_number - conn->send_array.buffer_start;
|
||||||
|
|
||||||
if (num < num1) {
|
if (num >= num1) {
|
||||||
return 0;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
return -1;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* return -1 on failure.
|
/* return -1 on failure.
|
||||||
|
@ -2796,7 +2793,7 @@ int send_lossy_cryptpacket(Net_Crypto *c, int crypt_connection_id, const uint8_t
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (data[0] >= (PACKET_ID_LOSSY_RANGE_START + PACKET_ID_LOSSY_RANGE_SIZE)) {
|
if (data[0] >= PACKET_ID_LOSSY_RANGE_START + PACKET_ID_LOSSY_RANGE_SIZE) {
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2981,10 +2978,7 @@ Net_Crypto *new_net_crypto(const Logger *log, DHT *dht, TCP_Proxy_Info *proxy_in
|
||||||
|
|
||||||
static void kill_timedout(Net_Crypto *c, void *userdata)
|
static void kill_timedout(Net_Crypto *c, void *userdata)
|
||||||
{
|
{
|
||||||
uint32_t i;
|
for (uint32_t i = 0; i < c->crypto_connections_length; ++i) {
|
||||||
//uint64_t temp_time = current_time_monotonic();
|
|
||||||
|
|
||||||
for (i = 0; i < c->crypto_connections_length; ++i) {
|
|
||||||
Crypto_Connection *conn = get_crypto_connection(c, i);
|
Crypto_Connection *conn = get_crypto_connection(c, i);
|
||||||
|
|
||||||
if (conn == nullptr) {
|
if (conn == nullptr) {
|
||||||
|
|
|
@ -54,7 +54,7 @@ typedef enum CRYPTO_CONN_STATE {
|
||||||
#define CRYPTO_DATA_PACKET_MIN_SIZE (uint16_t)(1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + CRYPTO_MAC_SIZE)
|
#define CRYPTO_DATA_PACKET_MIN_SIZE (uint16_t)(1 + sizeof(uint16_t) + (sizeof(uint32_t) + sizeof(uint32_t)) + CRYPTO_MAC_SIZE)
|
||||||
|
|
||||||
/* Max size of data in packets */
|
/* Max size of data in packets */
|
||||||
#define MAX_CRYPTO_DATA_SIZE (MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE)
|
#define MAX_CRYPTO_DATA_SIZE (uint16_t)(MAX_CRYPTO_PACKET_SIZE - CRYPTO_DATA_PACKET_MIN_SIZE)
|
||||||
|
|
||||||
/* Interval in ms between sending cookie request/handshake packets. */
|
/* Interval in ms between sending cookie request/handshake packets. */
|
||||||
#define CRYPTO_SEND_PACKET_INTERVAL 1000
|
#define CRYPTO_SEND_PACKET_INTERVAL 1000
|
||||||
|
|
Loading…
Reference in New Issue
Block a user