Browse Source

don't use heap allocated buffers in ssu

pull/772/head
Jeff Becker 8 years ago
parent
commit
01ab027615
  1. 9
      SSUData.cpp
  2. 41
      SSUSession.cpp

9
SSUData.cpp

@ -154,8 +154,7 @@ namespace transport @@ -154,8 +154,7 @@ namespace transport
{
uint32_t msgID = bufbe32toh (buf); // message ID
buf += 4;
uint8_t frag[4];
frag[0] = 0;
uint8_t frag[4] = {0};
memcpy (frag + 1, buf, 3);
buf += 3;
uint32_t fragmentInfo = bufbe32toh (frag); // fragment info
@ -371,7 +370,7 @@ namespace transport @@ -371,7 +370,7 @@ namespace transport
void SSUData::SendMsgAck (uint32_t msgID)
{
uint8_t * buf = new uint8_t[48 + 18]; // actual length is 44 = 37 + 7 but pad it to multiple of 16
uint8_t buf[48 + 18] = {0}; // actual length is 44 = 37 + 7 but pad it to multiple of 16
uint8_t * payload = buf + sizeof (SSUHeader);
*payload = DATA_FLAG_EXPLICIT_ACKS_INCLUDED; // flag
payload++;
@ -384,7 +383,6 @@ namespace transport @@ -384,7 +383,6 @@ namespace transport
// encrypt message with session key
m_Session.FillHeaderAndEncrypt (PAYLOAD_TYPE_DATA, buf, 48);
m_Session.Send (buf, 48);
delete [] buf;
}
void SSUData::SendFragmentAck (uint32_t msgID, int fragmentNum)
@ -394,7 +392,7 @@ namespace transport @@ -394,7 +392,7 @@ namespace transport
LogPrint (eLogWarning, "SSU: Fragment number ", fragmentNum, " exceeds 64");
return;
}
uint8_t * buf = new uint8_t[64 + 18];
uint8_t buf[64 + 18] = {0};
uint8_t * payload = buf + sizeof (SSUHeader);
*payload = DATA_FLAG_ACK_BITFIELDS_INCLUDED; // flag
payload++;
@ -414,7 +412,6 @@ namespace transport @@ -414,7 +412,6 @@ namespace transport
// encrypt message with session key
m_Session.FillHeaderAndEncrypt (PAYLOAD_TYPE_DATA, buf, len);
m_Session.Send (buf, len);
delete [] buf;
}
void SSUData::ScheduleResend()

41
SSUSession.cpp

@ -350,7 +350,7 @@ namespace transport @@ -350,7 +350,7 @@ namespace transport
void SSUSession::SendSessionRequest ()
{
uint8_t * buf = new uint8_t[320 + 18]; // 304 bytes for ipv4, 320 for ipv6
uint8_t buf[320 + 18] = {0}; // 304 bytes for ipv4, 320 for ipv6
uint8_t * payload = buf + sizeof (SSUHeader);
uint8_t flag = 0;
// fill extended options, 3 bytes extended options don't change message size
@ -381,7 +381,6 @@ namespace transport @@ -381,7 +381,6 @@ namespace transport
RAND_bytes (iv, 16); // random iv
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_REQUEST, buf, isV4 ? 304 : 320, m_IntroKey, iv, m_IntroKey, flag);
m_Server.Send (buf, isV4 ? 304 : 320, m_RemoteEndpoint);
delete [] buf;
}
void SSUSession::SendRelayRequest (const i2p::data::RouterInfo::Introducer& introducer, uint32_t nonce)
@ -393,7 +392,7 @@ namespace transport @@ -393,7 +392,7 @@ namespace transport
return;
}
uint8_t * buf = new uint8_t[96 + 18];
uint8_t buf[96 + 18] = {0};
uint8_t * payload = buf + sizeof (SSUHeader);
htobe32buf (payload, introducer.iTag);
payload += 4;
@ -414,7 +413,6 @@ namespace transport @@ -414,7 +413,6 @@ namespace transport
else
FillHeaderAndEncrypt (PAYLOAD_TYPE_RELAY_REQUEST, buf, 96, introducer.iKey, iv, introducer.iKey);
m_Server.Send (buf, 96, m_RemoteEndpoint);
delete [] buf;
}
void SSUSession::SendSessionCreated (const uint8_t * x, bool sendRelayTag)
@ -429,7 +427,7 @@ namespace transport @@ -429,7 +427,7 @@ namespace transport
SignedData s; // x,y, remote IP, remote port, our IP, our port, relayTag, signed on time
s.Insert (x, 256); // x
uint8_t * buf = new uint8_t[384 + 18];
uint8_t buf[384 + 18] = {0};
uint8_t * payload = buf + sizeof (SSUHeader);
memcpy (payload, m_DHKeysPair->GetPublicKey (), 256);
s.Insert (payload, 256); // y
@ -475,14 +473,18 @@ namespace transport @@ -475,14 +473,18 @@ namespace transport
m_SignedData = std::unique_ptr<SignedData>(new SignedData (s));
s.Insert (payload - 4, 4); // BOB's signed on time
s.Sign (i2p::context.GetPrivateKeys (), payload); // DSA signature
// TODO: fill padding with random data
uint8_t iv[16];
RAND_bytes (iv, 16); // random iv
// encrypt signature and padding with newly created session key
size_t signatureLen = i2p::context.GetIdentity ()->GetSignatureLen ();
size_t paddingSize = signatureLen & 0x0F; // %16
if (paddingSize > 0) signatureLen += (16 - paddingSize);
if (paddingSize > 0)
{
// fill random padding
RAND_bytes(payload + signatureLen, (16 - paddingSize));
signatureLen += (16 - paddingSize);
}
m_SessionKeyEncryption.SetIV (iv);
m_SessionKeyEncryption.Encrypt (payload, signatureLen, payload);
payload += signatureLen;
@ -491,12 +493,11 @@ namespace transport @@ -491,12 +493,11 @@ namespace transport
// encrypt message with intro key
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_CREATED, buf, msgLen, m_IntroKey, iv, m_IntroKey);
Send (buf, msgLen);
delete [] buf;
}
void SSUSession::SendSessionConfirmed (const uint8_t * y, const uint8_t * ourAddress, size_t ourAddressLen)
{
uint8_t * buf = new uint8_t[512 + 18];
uint8_t buf[512 + 18] = {0};
uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 1; // 1 fragment
payload++; // info
@ -511,9 +512,8 @@ namespace transport @@ -511,9 +512,8 @@ namespace transport
auto signatureLen = i2p::context.GetIdentity ()->GetSignatureLen ();
size_t paddingSize = ((payload - buf) + signatureLen)%16;
if (paddingSize > 0) paddingSize = 16 - paddingSize;
// TODO: fill padding
RAND_bytes(payload, paddingSize); // fill padding with random
payload += paddingSize; // padding size
// signature
SignedData s; // x,y, our IP, our port, remote IP, remote port, relayTag, our signed on time
s.Insert (m_DHKeysPair->GetPublicKey (), 256); // x
@ -535,7 +535,6 @@ namespace transport @@ -535,7 +535,6 @@ namespace transport
// encrypt message with session key
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_CONFIRMED, buf, msgLen, m_SessionKey, iv, m_MacKey);
Send (buf, msgLen);
delete [] buf;
}
void SSUSession::ProcessRelayRequest (const uint8_t * buf, size_t len, const boost::asio::ip::udp::endpoint& from)
@ -569,7 +568,7 @@ namespace transport @@ -569,7 +568,7 @@ namespace transport
LogPrint (eLogWarning, "SSU: Charlie's IP must be v4");
return;
}
uint8_t * buf = new uint8_t[80 + 18]; // 64 Alice's ipv4 and 80 Alice's ipv6
uint8_t buf[80 + 18] = {0}; // 64 Alice's ipv4 and 80 Alice's ipv6
uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 4;
payload++; // size
@ -612,7 +611,6 @@ namespace transport @@ -612,7 +611,6 @@ namespace transport
m_Server.Send (buf, isV4 ? 64 : 80, from);
}
LogPrint (eLogDebug, "SSU: relay response sent");
delete [] buf;
}
void SSUSession::SendRelayIntro (std::shared_ptr<SSUSession> session, const boost::asio::ip::udp::endpoint& from)
@ -624,7 +622,7 @@ namespace transport @@ -624,7 +622,7 @@ namespace transport
LogPrint (eLogWarning, "SSU: Alice's IP must be v4");
return;
}
uint8_t * buf = new uint8_t[48 + 18];
uint8_t buf[48 + 18] = {0};
uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 4;
payload++; // size
@ -638,7 +636,6 @@ namespace transport @@ -638,7 +636,6 @@ namespace transport
FillHeaderAndEncrypt (PAYLOAD_TYPE_RELAY_INTRO, buf, 48, session->m_SessionKey, iv, session->m_MacKey);
m_Server.Send (buf, 48, session->m_RemoteEndpoint);
LogPrint (eLogDebug, "SSU: relay intro sent");
delete [] buf;
}
void SSUSession::ProcessRelayResponse (const uint8_t * buf, size_t len)
@ -1046,7 +1043,7 @@ namespace transport @@ -1046,7 +1043,7 @@ namespace transport
// toAddress is true for Alice<->Chalie communications only
// sendAddress is false if message comes from Alice
{
uint8_t * buf = new uint8_t[80 + 18];
uint8_t buf[80 + 18] = {0};
uint8_t iv[16];
uint8_t * payload = buf + sizeof (SSUHeader);
htobe32buf (payload, nonce);
@ -1103,7 +1100,6 @@ namespace transport @@ -1103,7 +1100,6 @@ namespace transport
FillHeaderAndEncrypt (PAYLOAD_TYPE_PEER_TEST, buf, 80);
Send (buf, 80);
}
delete [] buf;
}
void SSUSession::SendPeerTest ()
@ -1128,7 +1124,7 @@ namespace transport @@ -1128,7 +1124,7 @@ namespace transport
{
if (m_State == eSessionStateEstablished)
{
uint8_t * buf = new uint8_t[48 + 18];
uint8_t buf[48 + 18] = {0};
uint8_t * payload = buf + sizeof (SSUHeader);
*payload = 0; // flags
payload++;
@ -1138,7 +1134,6 @@ namespace transport @@ -1138,7 +1134,6 @@ namespace transport
Send (buf, 48);
LogPrint (eLogDebug, "SSU: keep-alive sent");
m_LastActivityTimestamp = i2p::util::GetSecondsSinceEpoch ();
delete [] buf;
}
}
@ -1146,7 +1141,7 @@ namespace transport @@ -1146,7 +1141,7 @@ namespace transport
{
if (m_IsSessionKey)
{
uint8_t * buf = new uint8_t[48 + 18];
uint8_t buf[48 + 18] = {0};
// encrypt message with session key
FillHeaderAndEncrypt (PAYLOAD_TYPE_SESSION_DESTROYED, buf, 48);
try
@ -1158,13 +1153,12 @@ namespace transport @@ -1158,13 +1153,12 @@ namespace transport
LogPrint (eLogWarning, "SSU: exception while sending session destoroyed: ", ex.what ());
}
LogPrint (eLogDebug, "SSU: session destroyed sent");
delete [] buf;
}
}
void SSUSession::Send (uint8_t type, const uint8_t * payload, size_t len)
{
uint8_t * buf = new uint8_t[SSU_MTU_V4 + 18];
uint8_t buf[SSU_MTU_V4 + 18] = {0};
size_t msgSize = len + sizeof (SSUHeader);
size_t paddingSize = msgSize & 0x0F; // %16
if (paddingSize > 0) msgSize += (16 - paddingSize);
@ -1177,7 +1171,6 @@ namespace transport @@ -1177,7 +1171,6 @@ namespace transport
// encrypt message with session key
FillHeaderAndEncrypt (type, buf, msgSize);
Send (buf, msgSize);
delete [] buf;
}
void SSUSession::Send (const uint8_t * buf, size_t size)

Loading…
Cancel
Save