diff --git a/libi2pd/NTCP2.cpp b/libi2pd/NTCP2.cpp index e5199bdc..dadd2075 100644 --- a/libi2pd/NTCP2.cpp +++ b/libi2pd/NTCP2.cpp @@ -693,13 +693,20 @@ namespace transport SendTerminationAndTerminate (eNTCP2Message3Error); return; } - auto addr = ri.GetNTCP2AddressWithStaticKey (m_Establisher->m_RemoteStaticKey); - if (!addr) + auto addr = m_RemoteEndpoint.address ().is_v4 () ? ri.GetNTCP2V4Address () : + (i2p::util::net::IsYggdrasilAddress (m_RemoteEndpoint.address ()) ? ri.GetYggdrasilAddress () : ri.GetNTCP2V6Address ()); + if (!addr || memcmp (m_Establisher->m_RemoteStaticKey, addr->s, 32)) { - LogPrint (eLogError, "NTCP2: No NTCP2 address with static key found in SessionConfirmed"); + LogPrint (eLogError, "NTCP2: Wrong static key in SessionConfirmed"); Terminate (); return; } + if (addr->IsPublishedNTCP2 () && m_RemoteEndpoint.address () != addr->host) + { + LogPrint (eLogError, "NTCP2: Host mismatch between published address ", addr->host, " and actual endpoint ", m_RemoteEndpoint.address ()); + Terminate (); + return; + } i2p::data::netdb.PostI2NPMsg (CreateI2NPMessage (eI2NPDummyMsg, buf.data () + 3, size)); // TODO: should insert ri and not parse it twice // TODO: process options diff --git a/libi2pd/RouterInfo.cpp b/libi2pd/RouterInfo.cpp index 49cfd72d..28959fe9 100644 --- a/libi2pd/RouterInfo.cpp +++ b/libi2pd/RouterInfo.cpp @@ -910,25 +910,16 @@ namespace data return nullptr; } - std::shared_ptr RouterInfo::GetNTCP2AddressWithStaticKey (const uint8_t * key) const + std::shared_ptr RouterInfo::GetNTCP2V4Address () const { - if (!key) return nullptr; - return GetAddress ( - [key](std::shared_ptr address)->bool - { - return address->IsNTCP2 () && !memcmp (address->s, key, 32); - }); + return (*GetAddresses ())[eNTCP2V4Idx]; } - std::shared_ptr RouterInfo::GetSSU2AddressWithStaticKey (const uint8_t * key, bool isV6) const + std::shared_ptr RouterInfo::GetNTCP2V6Address () const { - if (!key) return nullptr; - auto addr = (*GetAddresses ())[isV6 ? eSSU2V6Idx : eSSU2V4Idx]; - if (addr && !memcmp (addr->s, key, 32)) - return addr; - return nullptr; + return (*GetAddresses ())[eNTCP2V6Idx]; } - + std::shared_ptr RouterInfo::GetPublishedNTCP2V4Address () const { auto addr = (*GetAddresses ())[eNTCP2V4Idx]; diff --git a/libi2pd/RouterInfo.h b/libi2pd/RouterInfo.h index 7d004a33..ea0abf41 100644 --- a/libi2pd/RouterInfo.h +++ b/libi2pd/RouterInfo.h @@ -189,8 +189,8 @@ namespace data virtual void SetProperty (const std::string& key, const std::string& value) {}; virtual void ClearProperties () {}; boost::shared_ptr GetAddresses () const; // should be called for local RI only, otherwise must return shared_ptr - std::shared_ptr GetNTCP2AddressWithStaticKey (const uint8_t * key) const; - std::shared_ptr GetSSU2AddressWithStaticKey (const uint8_t * key, bool isV6) const; + std::shared_ptr GetNTCP2V4Address () const; + std::shared_ptr GetNTCP2V6Address () const; std::shared_ptr GetPublishedNTCP2V4Address () const; std::shared_ptr GetPublishedNTCP2V6Address () const; std::shared_ptr GetYggdrasilAddress () const; diff --git a/libi2pd/SSU2Session.cpp b/libi2pd/SSU2Session.cpp index 8ef1058c..4c359454 100644 --- a/libi2pd/SSU2Session.cpp +++ b/libi2pd/SSU2Session.cpp @@ -1041,16 +1041,16 @@ namespace transport LogPrint (eLogError, "SSU2: SessionConfirmed malformed RouterInfo block"); return false; } - m_Address = ri->GetSSU2AddressWithStaticKey (S, m_RemoteEndpoint.address ().is_v6 ()); - if (!m_Address) + m_Address = m_RemoteEndpoint.address ().is_v6 () ? ri->GetSSU2V6Address () : ri->GetSSU2V4Address (); + if (!m_Address || memcmp (S, m_Address->s, 32)) { - LogPrint (eLogError, "SSU2: No SSU2 address with static key found in SessionConfirmed from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ())); + LogPrint (eLogError, "SSU2: Wrong static key in SessionConfirmed from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ())); return false; } if (m_Address->published && m_RemoteEndpoint.address () != m_Address->host) { LogPrint (eLogError, "SSU2: Host mismatch between published address ", m_Address->host, - " and actual enpoint ", m_RemoteEndpoint.address (), " from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ())); + " and actual endpoint ", m_RemoteEndpoint.address (), " from ", i2p::data::GetIdentHashAbbreviation (ri->GetIdentHash ())); return false; } // update RouterInfo in netdb