From 59439ebf26968504d7f45a042ac381ef8a1d96d7 Mon Sep 17 00:00:00 2001
From: orignal <romakoshelkin@yandex.ru>
Date: Wed, 18 Jun 2014 19:38:21 -0400
Subject: [PATCH] don't rely on order in tunnel build message. assign index to
 hop instead

---
 Tunnel.cpp     | 36 ++++++++++++++++++++++++------------
 TunnelConfig.h |  1 +
 2 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/Tunnel.cpp b/Tunnel.cpp
index 30bbee80..3e270846 100644
--- a/Tunnel.cpp
+++ b/Tunnel.cpp
@@ -48,22 +48,27 @@ namespace tunnel
 					hop->next ? rnd.GenerateWord32 () : replyMsgID, // we set replyMsgID for last hop only
 				    hop->isGateway, hop->isEndpoint), 
 		    	records[i]);
+			hop->recordIndex = i; //TODO:
 			i++;
 			hop = hop->next;
 		}	
 
 		i2p::crypto::CBCDecryption decryption;
 		hop = m_Config->GetLastHop ()->prev;
-		size_t ind = numRecords - 1;
 		while (hop)
 		{
 			decryption.SetKey (hop->replyKey);
 			decryption.SetIV (hop->replyIV);
-			for (size_t i = ind; i < numRecords; i++)	
-				decryption.Decrypt((uint8_t *)&records[i], 
-					sizeof (I2NPBuildRequestRecordElGamalEncrypted), (uint8_t *)&records[i]);	
+			// decrypt records after current hop
+			TunnelHopConfig * hop1 = hop->next;
+			while (hop1)
+			{	
+				decryption.Decrypt((uint8_t *)&records[hop1->recordIndex], 
+					sizeof (I2NPBuildRequestRecordElGamalEncrypted), 
+				    (uint8_t *)&records[hop1->recordIndex]);
+				hop1 = hop1->next;
+			}	
 			hop = hop->prev;
-			ind--;
 		}	
 		FillI2NPMessageHeader (msg, eI2NPVariableTunnelBuild);
 		
@@ -76,21 +81,28 @@ namespace tunnel
 	bool Tunnel::HandleTunnelBuildResponse (uint8_t * msg, size_t len)
 	{
 		LogPrint ("TunnelBuildResponse ", (int)msg[0], " records.");
-
+		auto numHops = m_Config->GetNumHops (); 
+		if (msg[0] != numHops)
+		{
+			LogPrint ("Number of records in response ", (int)msg[0], " doesn't match ", numHops);
+			return false;
+		}	
+		
 		i2p::crypto::CBCDecryption decryption;
 		TunnelHopConfig * hop = m_Config->GetLastHop (); 
-		int num = msg[0];
 		while (hop)
 		{	
 			decryption.SetKey (hop->replyKey);
 			decryption.SetIV (hop->replyIV);
-			for (int i = 0; i < num; i++)
-			{			
-				uint8_t * record = msg + 1 + i*sizeof (I2NPBuildResponseRecord);
+			// decrypt records before and including current hop
+			TunnelHopConfig * hop1 = hop;
+			while (hop1)
+			{
+				uint8_t * record = msg + 1 + hop1->recordIndex*sizeof (I2NPBuildResponseRecord);
 				decryption.Decrypt(record, sizeof (I2NPBuildResponseRecord), record);
-			}
+				hop1 = hop1->prev;
+			}	
 			hop = hop->prev;
-			num--;
 		}
 
 		m_IsEstablished = true;
diff --git a/TunnelConfig.h b/TunnelConfig.h
index 5008d4ea..7cac47a0 100644
--- a/TunnelConfig.h
+++ b/TunnelConfig.h
@@ -24,6 +24,7 @@ namespace tunnel
 		
 		TunnelHopConfig * next, * prev;
 		i2p::crypto::TunnelDecryption decryption;	
+		int recordIndex; // record # in tunnel build message
 		
 		TunnelHopConfig (const i2p::data::RouterInfo * r)
 		{