PurpleI2P
/
i2pd
mirror of https://github.com/PurpleI2P/i2pd.git
1
0
Fork 0
Code Issues Releases Activity
Browse Source

token expiration threshold

pull/1769/head
orignal 2 years ago
parent
dd602a27b5
commit
5bb20cb039
3 changed files with 15 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      libi2pd/SSU2.cpp
  2. 8
      libi2pd/SSU2Session.cpp
  3. 1
      libi2pd/SSU2Session.h

4
libi2pd/SSU2.cpp
Unescape View File

@ -588,7 +588,11 @@ namespace transport
{ {
auto it = m_OutgoingTokens.find (ep); auto it = m_OutgoingTokens.find (ep);
if (it != m_OutgoingTokens.end ()) if (it != m_OutgoingTokens.end ())
{
if (i2p::util::GetSecondsSinceEpoch () + SSU2_TOKEN_EXPIRATION_THRESHOLD > it->second.second)
return 0; // token expired
return it->second.first; return it->second.first;
}
return 0; return 0;
} }

8
libi2pd/SSU2Session.cpp
Unescape View File

@ -424,9 +424,10 @@ namespace transport
memset (headerX + 8, 0, 8); // token = 0 memset (headerX + 8, 0, 8); // token = 0
memcpy (headerX + 16, m_EphemeralKeys->GetPublicKey (), 32); // Y memcpy (headerX + 16, m_EphemeralKeys->GetPublicKey (), 32); // Y
// payload // payload
auto ts = i2p::util::GetSecondsSinceEpoch ();
payload[0] = eSSU2BlkDateTime; payload[0] = eSSU2BlkDateTime;
htobe16buf (payload + 1, 4); htobe16buf (payload + 1, 4);
htobe32buf (payload + 3, i2p::util::GetSecondsSinceEpoch ()); htobe32buf (payload + 3, ts);
size_t payloadSize = 7; size_t payloadSize = 7;
payloadSize += CreateAddressBlock (payload + payloadSize, 80 - payloadSize, m_RemoteEndpoint); payloadSize += CreateAddressBlock (payload + payloadSize, 80 - payloadSize, m_RemoteEndpoint);
if (m_RelayTag) if (m_RelayTag)
@ -437,11 +438,14 @@ namespace transport
payloadSize += 7; payloadSize += 7;
} }
auto token = m_Server.NewIncomingToken (m_RemoteEndpoint); auto token = m_Server.NewIncomingToken (m_RemoteEndpoint);
if (ts + SSU2_TOKEN_EXPIRATION_THRESHOLD > token.second) // not expired?
{
payload[payloadSize] = eSSU2BlkNewToken; payload[payloadSize] = eSSU2BlkNewToken;
htobe16buf (payload + payloadSize + 1, 12); htobe16buf (payload + payloadSize + 1, 12);
htobe32buf (payload + payloadSize + 3, token.second); // expires htobe32buf (payload + payloadSize + 3, token.second - SSU2_TOKEN_EXPIRATION_THRESHOLD); // expires
memcpy (payload + payloadSize + 7, &token.first, 8); // token memcpy (payload + payloadSize + 7, &token.first, 8); // token
payloadSize += 15; payloadSize += 15;
}
payloadSize += CreatePaddingBlock (payload + payloadSize, 80 - payloadSize); payloadSize += CreatePaddingBlock (payload + payloadSize, 80 - payloadSize);
// KDF for SessionCreated // KDF for SessionCreated
m_NoiseState->MixHash ( { {header.buf, 16}, {headerX, 16} } ); // h = SHA256(h || header) m_NoiseState->MixHash ( { {header.buf, 16}, {headerX, 16} } ); // h = SHA256(h || header)

1
libi2pd/SSU2Session.h
Unescape View File

@ -27,6 +27,7 @@ namespace transport
const int SSU2_TERMINATION_TIMEOUT = 330; // 5.5 minutes const int SSU2_TERMINATION_TIMEOUT = 330; // 5.5 minutes
const int SSU2_TOKEN_EXPIRATION_TIMEOUT = 9; // for Retry message, in seconds const int SSU2_TOKEN_EXPIRATION_TIMEOUT = 9; // for Retry message, in seconds
const int SSU2_NEXT_TOKEN_EXPIRATION_TIMEOUT = 52*60; // for next token block, in seconds const int SSU2_NEXT_TOKEN_EXPIRATION_TIMEOUT = 52*60; // for next token block, in seconds
const int SSU2_TOKEN_EXPIRATION_THRESHOLD = 2; // in seconds
const int SSU2_RELAY_NONCE_EXPIRATION_TIMEOUT = 10; // in seconds const int SSU2_RELAY_NONCE_EXPIRATION_TIMEOUT = 10; // in seconds
const int SSU2_PEER_TEST_EXPIRATION_TIMEOUT = 60; // 60 seconds const int SSU2_PEER_TEST_EXPIRATION_TIMEOUT = 60; // 60 seconds
const size_t SSU2_MTU = 1488; const size_t SSU2_MTU = 1488;

Write Preview
Loading…
Cancel
Save