PurpleI2P/i2pd
1
0
Fork 0
mirror of https://github.com/PurpleI2P/i2pd.git synced 2025-01-22 12:24:19 +00:00
Code Issues Releases Activity

check timestamps

Browse Source
This commit is contained in:
orignal 2018-08-15 11:42:56 -04:00
parent db4c26a400
commit c41081d35c
2 changed files with 23 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
libi2pd/NTCP2.cpp
View File

@ -259,12 +259,20 @@ namespace transport
memset (nonce, 0, 12); // set nonce to zero memset (nonce, 0, 12); // set nonce to zero
if (i2p::crypto::AEADChaCha20Poly1305 (m_SessionRequestBuffer + 32, 16, m_H, 32, m_K, nonce, options, 16, false)) // decrypt if (i2p::crypto::AEADChaCha20Poly1305 (m_SessionRequestBuffer + 32, 16, m_H, 32, m_K, nonce, options, 16, false)) // decrypt
{ {
if (options[1] == 2) // options
if (options[1] == 2) // ver is always 2
{ {
paddingLen = bufbe16toh (options + 2); paddingLen = bufbe16toh (options + 2);
m_SessionRequestBufferLen = paddingLen + 64; m_SessionRequestBufferLen = paddingLen + 64;
m3p2Len = bufbe16toh (options + 4); m3p2Len = bufbe16toh (options + 4);
// TODO: check tsA // check timestamp
auto ts = i2p::util::GetSecondsSinceEpoch ();
uint32_t tsA = bufbe32toh (options + 8);
if (tsA < ts - NTCP2_CLOCK_SKEW || tsA > ts + NTCP2_CLOCK_SKEW)
{
LogPrint (eLogWarning, "NTCP2: SessionRequest time difference ", ts - tsA, " exceeds clock skew");
return false;
}
} }
else else
{ {
@ -295,9 +303,17 @@ namespace transport
uint8_t nonce[12]; uint8_t nonce[12];
memset (nonce, 0, 12); // set nonce to zero memset (nonce, 0, 12); // set nonce to zero
if (i2p::crypto::AEADChaCha20Poly1305 (m_SessionCreatedBuffer + 32, 16, m_H, 32, m_K, nonce, payload, 16, false)) // decrypt if (i2p::crypto::AEADChaCha20Poly1305 (m_SessionCreatedBuffer + 32, 16, m_H, 32, m_K, nonce, payload, 16, false)) // decrypt
{ {
// options
paddingLen = bufbe16toh(payload + 2); paddingLen = bufbe16toh(payload + 2);
// TODO: check tsB // check timestamp
auto ts = i2p::util::GetSecondsSinceEpoch ();
uint32_t tsB = bufbe32toh (payload + 8);
if (tsB < ts - NTCP2_CLOCK_SKEW || tsB > ts + NTCP2_CLOCK_SKEW)
{
LogPrint (eLogWarning, "NTCP2: SessionCreated time difference ", ts - tsB, " exceeds clock skew");
return false;
}
} }
else else
{ {
@ -414,7 +430,7 @@ namespace transport
m_IsEstablished = true; m_IsEstablished = true;
m_Establisher.reset (nullptr); m_Establisher.reset (nullptr);
SetTerminationTimeout (NTCP2_TERMINATION_TIMEOUT); SetTerminationTimeout (NTCP2_TERMINATION_TIMEOUT);
transports.PeerConnected (shared_from_this ()); // transports.PeerConnected (shared_from_this ());
} }
void NTCP2Session::CreateNonce (uint64_t seqn, uint8_t * nonce) void NTCP2Session::CreateNonce (uint64_t seqn, uint8_t * nonce)

2
libi2pd/NTCP2.h
View File

@ -26,6 +26,8 @@ namespace transport
const int NTCP2_TERMINATION_TIMEOUT = 120; // 2 minutes const int NTCP2_TERMINATION_TIMEOUT = 120; // 2 minutes
const int NTCP2_TERMINATION_CHECK_TIMEOUT = 30; // 30 seconds const int NTCP2_TERMINATION_CHECK_TIMEOUT = 30; // 30 seconds
const int NTCP2_CLOCK_SKEW = 60; // in seconds
enum NTCP2BlockType enum NTCP2BlockType
{ {
eNTCP2BlkDateTime = 0, eNTCP2BlkDateTime = 0,