compare published address and actual endpoint

2 years ago · 21123e2afa
4 changed files with 21 additions and 23 deletions
--- a/libi2pd/NTCP2.cpp
+++ b/libi2pd/NTCP2.cpp
@ -693,13 +693,20 @@ namespace transport
				@@ -693,13 +693,20 @@ namespace transport
 						SendTerminationAndTerminate (eNTCP2Message3Error);
 						return;
 					}
-					auto addr = ri.GetNTCP2AddressWithStaticKey (m_Establisher->m_RemoteStaticKey);
-					if (!addr)
+					auto addr = m_RemoteEndpoint.address ().is_v4 () ? ri.GetNTCP2V4Address () : 
+						(i2p::util::net::IsYggdrasilAddress (m_RemoteEndpoint.address ()) ? ri.GetYggdrasilAddress () : ri.GetNTCP2V6Address ());			
+					if (!addr || memcmp (m_Establisher->m_RemoteStaticKey, addr->s, 32))
 					{
-						LogPrint (eLogError, "NTCP2: No NTCP2 address with static key found in SessionConfirmed");
+						LogPrint (eLogError, "NTCP2: Wrong static key in SessionConfirmed");
 						Terminate ();
 						return;
 					}
+					if (addr->IsPublishedNTCP2 () && m_RemoteEndpoint.address () != addr->host)
+					{
+						LogPrint (eLogError, "NTCP2: Host mismatch between published address ", addr->host, " and actual endpoint ", m_RemoteEndpoint.address ());
+						Terminate ();
+						return;
+					}		
 					i2p::data::netdb.PostI2NPMsg (CreateI2NPMessage (eI2NPDummyMsg, buf.data () + 3, size)); // TODO: should insert ri and not parse it twice
 					// TODO: process options

--- a/libi2pd/RouterInfo.cpp
+++ b/libi2pd/RouterInfo.cpp
@ -910,25 +910,16 @@ namespace data
				@@ -910,25 +910,16 @@ namespace data
 		return nullptr;
 	}

-	std::shared_ptr<const RouterInfo::Address> RouterInfo::GetNTCP2AddressWithStaticKey (const uint8_t * key) const
+	std::shared_ptr<const RouterInfo::Address> RouterInfo::GetNTCP2V4Address () const
 	{
-		if (!key) return nullptr;
-		return GetAddress (
-			[key](std::shared_ptr<const RouterInfo::Address> address)->bool
-			{
-				return address->IsNTCP2 () && !memcmp (address->s, key, 32);
-			});
+		return (*GetAddresses ())[eNTCP2V4Idx];
 	}

-	std::shared_ptr<const RouterInfo::Address> RouterInfo::GetSSU2AddressWithStaticKey (const uint8_t * key, bool isV6) const
+	std::shared_ptr<const RouterInfo::Address> RouterInfo::GetNTCP2V6Address () const
 	{
-		if (!key) return nullptr;
-		auto addr = (*GetAddresses ())[isV6 ? eSSU2V6Idx : eSSU2V4Idx];
-		if (addr && !memcmp (addr->s, key, 32))
-		    return addr;
-		return nullptr;
+		return (*GetAddresses ())[eNTCP2V6Idx];
 	}
-
+		
 	std::shared_ptr<const RouterInfo::Address> RouterInfo::GetPublishedNTCP2V4Address () const
 	{
 		auto addr = (*GetAddresses ())[eNTCP2V4Idx];
--- a/libi2pd/RouterInfo.h
+++ b/libi2pd/RouterInfo.h
@ -189,8 +189,8 @@ namespace data
				@@ -189,8 +189,8 @@ namespace data
 			virtual void SetProperty (const std::string& key, const std::string& value) {};
 			virtual void ClearProperties () {};
 			boost::shared_ptr<Addresses> GetAddresses () const; // should be called for local RI only, otherwise must return shared_ptr
-			std::shared_ptr<const Address> GetNTCP2AddressWithStaticKey (const uint8_t * key) const;
-			std::shared_ptr<const Address> GetSSU2AddressWithStaticKey (const uint8_t * key, bool isV6) const;
+			std::shared_ptr<const Address> GetNTCP2V4Address () const;
+			std::shared_ptr<const Address> GetNTCP2V6Address () const;
 			std::shared_ptr<const Address> GetPublishedNTCP2V4Address () const;
 			std::shared_ptr<const Address> GetPublishedNTCP2V6Address () const;
 			std::shared_ptr<const Address> GetYggdrasilAddress () const;
--- a/libi2pd/SSU2Session.cpp
+++ b/libi2pd/SSU2Session.cpp
@ -1041,16 +1041,16 @@ namespace transport
				@@ -1041,16 +1041,16 @@ namespace transport
 			LogPrint (eLogError, "SSU2: SessionConfirmed malformed RouterInfo block");
 			return false;
 		}
-		m_Address = ri->GetSSU2AddressWithStaticKey (S, m_RemoteEndpoint.address ().is_v6 ());
-		if (!m_Address)
+		m_Address = m_RemoteEndpoint.address ().is_v6 () ? ri->GetSSU2V6Address () : ri->GetSSU2V4Address ();			
+		if (!m_Address || memcmp (S, m_Address->s, 32))
 		{
-			LogPrint (eLogError, "SSU2: No SSU2 address with static key found in SessionConfirmed from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ()));
+			LogPrint (eLogError, "SSU2: Wrong static key in SessionConfirmed from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ()));
 			return false;
 		}
 		if (m_Address->published && m_RemoteEndpoint.address () != m_Address->host)
 		{
 			LogPrint (eLogError, "SSU2: Host mismatch between published address ", m_Address->host, 
-				" and actual enpoint ", m_RemoteEndpoint.address (), " from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ()));
+				" and actual endpoint ", m_RemoteEndpoint.address (), " from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ()));
 			return false;
 		}	
 		// update RouterInfo in netdb