diff options
author | erdgeist <> | 2012-06-03 00:17:07 +0000 |
---|---|---|
committer | erdgeist <> | 2012-06-03 00:17:07 +0000 |
commit | 8741c91a7d6f9833301383aa819872e16ed43e25 (patch) | |
tree | 82fa8070cc4f0cb987574160b770a523b6e57df3 | |
parent | 7e2bef9bf77d101e10f0f0ec38b014814177f7e3 (diff) |
Calculate the old hash for the ip address only, when the current one mismatches
-rw-r--r-- | ot_udp.c | 41 |
1 files changed, 22 insertions, 19 deletions
@@ -35,22 +35,20 @@ static void udp_generate_rijndael_round_key() { | |||
35 | } | 35 | } |
36 | 36 | ||
37 | /* Generate current and previous connection id for ip */ | 37 | /* Generate current and previous connection id for ip */ |
38 | static void udp_make_connectionid( uint32_t connid[4], const ot_ip6 remoteip ) { | 38 | static void udp_make_connectionid( uint32_t connid[2], const ot_ip6 remoteip, int age ) { |
39 | uint32_t plain[4], crypt[4]; | 39 | uint32_t plain[4], crypt[4]; |
40 | int age, i; | 40 | int i; |
41 | if( g_now_minutes + 60 > g_hour_of_the_key ) { | 41 | if( g_now_minutes + 60 > g_hour_of_the_key ) { |
42 | g_hour_of_the_key = g_now_minutes; | 42 | g_hour_of_the_key = g_now_minutes; |
43 | g_key_of_the_hour[1] = g_key_of_the_hour[0]; | 43 | g_key_of_the_hour[1] = g_key_of_the_hour[0]; |
44 | g_key_of_the_hour[0] = random(); | 44 | g_key_of_the_hour[0] = random(); |
45 | } | 45 | } |
46 | 46 | ||
47 | for( age = 0; age < 1; ++age ) { | 47 | memcpy( plain, remoteip, sizeof( plain ) ); |
48 | memcpy( plain, remoteip, sizeof( plain ) ); | 48 | for( i=0; i<4; ++i ) plain[i] ^= g_key_of_the_hour[age]; |
49 | for( i=0; i<4; ++i ) plain[i] ^= g_key_of_the_hour[age]; | 49 | rijndaelEncrypt128( g_rijndael_round_key, (uint8_t*)remoteip, (uint8_t*)crypt ); |
50 | rijndaelEncrypt128( g_rijndael_round_key, (uint8_t*)remoteip, (uint8_t*)crypt ); | 50 | connid[0] = crypt[0] ^ crypt[1]; |
51 | connid[2*age ] = crypt[0] ^ crypt[1]; | 51 | connid[1] = crypt[2] ^ crypt[3]; |
52 | connid[2*age+1] = crypt[2] ^ crypt[3]; | ||
53 | } | ||
54 | } | 52 | } |
55 | 53 | ||
56 | /* UDP implementation according to http://xbtt.sourceforge.net/udp_tracker_protocol.html */ | 54 | /* UDP implementation according to http://xbtt.sourceforge.net/udp_tracker_protocol.html */ |
@@ -59,7 +57,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
59 | uint32_t *inpacket = (uint32_t*)ws->inbuf; | 57 | uint32_t *inpacket = (uint32_t*)ws->inbuf; |
60 | uint32_t *outpacket = (uint32_t*)ws->outbuf; | 58 | uint32_t *outpacket = (uint32_t*)ws->outbuf; |
61 | uint32_t numwant, left, event, scopeid; | 59 | uint32_t numwant, left, event, scopeid; |
62 | uint32_t connid[4]; | 60 | uint32_t connid[2]; |
63 | uint16_t port, remoteport; | 61 | uint16_t port, remoteport; |
64 | size_t byte_count, scrape_count; | 62 | size_t byte_count, scrape_count; |
65 | 63 | ||
@@ -75,7 +73,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
75 | 73 | ||
76 | /* Generate the connection id we give out and expect to and from | 74 | /* Generate the connection id we give out and expect to and from |
77 | the requesting ip address, this prevents udp spoofing */ | 75 | the requesting ip address, this prevents udp spoofing */ |
78 | udp_make_connectionid( connid, remoteip ); | 76 | udp_make_connectionid( connid, remoteip, 0 ); |
79 | 77 | ||
80 | /* Initialise hash pointer */ | 78 | /* Initialise hash pointer */ |
81 | ws->hash = NULL; | 79 | ws->hash = NULL; |
@@ -83,14 +81,19 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
83 | 81 | ||
84 | /* If action is not a ntohl(a) == a == 0, then we | 82 | /* If action is not a ntohl(a) == a == 0, then we |
85 | expect the derived connection id in first 64 bit */ | 83 | expect the derived connection id in first 64 bit */ |
86 | if( inpacket[2] && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) && | 84 | if( inpacket[2] && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) ) { |
87 | ( inpacket[0] != connid[2] || inpacket[1] != connid[3] ) ) { | 85 | /* If connection id does not match, try the one that was |
88 | const size_t s = sizeof( "Connection ID missmatch." ); | 86 | valid in the previous hour. Only if this also does not |
89 | outpacket[0] = 3; outpacket[1] = inpacket[3]; | 87 | match, return an error packet */ |
90 | memcpy( &outpacket[2], "Connection ID missmatch.", s ); | 88 | udp_make_connectionid( connid, remoteip, 1 ); |
91 | socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 ); | 89 | if( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) { |
92 | stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s ); | 90 | const size_t s = sizeof( "Connection ID missmatch." ); |
93 | return 1; | 91 | outpacket[0] = 3; outpacket[1] = inpacket[3]; |
92 | memcpy( &outpacket[2], "Connection ID missmatch.", s ); | ||
93 | socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 ); | ||
94 | stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s ); | ||
95 | return 1; | ||
96 | } | ||
94 | } | 97 | } |
95 | 98 | ||
96 | switch( ntohl( inpacket[2] ) ) { | 99 | switch( ntohl( inpacket[2] ) ) { |