From 4eef9e780f1e226f1c1d20ee9f3d8b973ee833a6 Mon Sep 17 00:00:00 2001 From: orignal Date: Fri, 19 Feb 2016 16:37:41 -0500 Subject: [PATCH] extract and verify family from RouterInfo --- Family.cpp | 6 +++--- Family.h | 4 ++-- NetDb.h | 1 + RouterInfo.cpp | 18 +++++++++++++++++- RouterInfo.h | 2 +- 5 files changed, 24 insertions(+), 7 deletions(-) diff --git a/Family.cpp b/Family.cpp index 7e2d6e6c..a93e31ef 100644 --- a/Family.cpp +++ b/Family.cpp @@ -101,12 +101,12 @@ namespace data LogPrint (eLogInfo, "Family: ", numCertificates, " certificates loaded"); } - bool Families::VerifyFamily (const char * family, const IdentHash& ident, + bool Families::VerifyFamily (const std::string& family, const IdentHash& ident, const char * signature, const char * key) { uint8_t buf[50], signatureBuf[64]; - size_t len = strlen (family), signatureLen = strlen (signature); - memcpy (buf, family, len); + size_t len = family.length (), signatureLen = strlen (signature); + memcpy (buf, family.c_str (), len); memcpy (buf + len, (const uint8_t *)ident, 32); len += 32; Base64ToByteStream (signature, signatureLen, signatureBuf, 64); diff --git a/Family.h b/Family.h index 78abd5b6..51cf6bf5 100644 --- a/Family.h +++ b/Family.h @@ -18,8 +18,8 @@ namespace data Families (); ~Families (); void LoadCertificates (); - bool VerifyFamily (const char * family, const IdentHash& ident, - const char * signature, const char * key); + bool VerifyFamily (const std::string& family, const IdentHash& ident, + const char * signature, const char * key = nullptr); private: diff --git a/NetDb.h b/NetDb.h index 33fd6e27..1ec2ade5 100644 --- a/NetDb.h +++ b/NetDb.h @@ -62,6 +62,7 @@ namespace data void PostI2NPMsg (std::shared_ptr msg); void Reseed (); + Families& GetFamilies () { return m_Families; }; // for web interface int GetNumRouters () const { return m_RouterInfos.size (); }; diff --git a/RouterInfo.cpp b/RouterInfo.cpp index 3267392b..ec9a4acd 100644 --- a/RouterInfo.cpp +++ b/RouterInfo.cpp @@ -8,6 +8,7 @@ #include "Base.h" #include "Timestamp.h" #include "Log.h" +#include "NetDb.h" #include "RouterInfo.h" namespace i2p @@ -262,11 +263,26 @@ namespace data if (!strcmp (key, "caps")) ExtractCaps (value); // check netId - if (!strcmp (key, "netId") && atoi (value) != I2PD_NET_ID) + else if (!strcmp (key, "netId") && atoi (value) != I2PD_NET_ID) { LogPrint (eLogError, "Unexpected netid=", value); m_IsUnreachable = true; } + // family + else if (!strcmp (key, "family")) + { + m_Family = value; + boost::to_lower (m_Family); + } + else if (!strcmp (key, "family.sig")) + { + if (!netdb.GetFamilies ().VerifyFamily (m_Family, GetIdentHash (), value)) + { + LogPrint (eLogWarning, "RouterInfo: family signature verification failed"); + m_Family.clear (); + } + } + if (!s) return; } diff --git a/RouterInfo.h b/RouterInfo.h index 4870eb50..57212be9 100644 --- a/RouterInfo.h +++ b/RouterInfo.h @@ -180,7 +180,7 @@ namespace data private: - std::string m_FullPath; + std::string m_FullPath, m_Family; std::shared_ptr m_RouterIdentity; uint8_t * m_Buffer; size_t m_BufferLen;