Avoid memmove() for legacy UDP packets.
This commit is contained in:
Guus Sliepen
parent
c2319e90b1
commit
263d990382
2 changed files with 25 additions and 22 deletions
12
src/net.h
12
src/net.h
|
|
@ -87,12 +87,18 @@ typedef union sockaddr_t {
|
||||||
typedef struct vpn_packet_t {
|
typedef struct vpn_packet_t {
|
||||||
length_t len; /* the actual number of bytes in the `data' field */
|
length_t len; /* the actual number of bytes in the `data' field */
|
||||||
int priority; /* priority or TOS */
|
int priority; /* priority or TOS */
|
||||||
node_id_t dstid; /* node ID of the final recipient */
|
uint32_t seqno; /* 32 bits sequence number (network byte order of course) */
|
||||||
node_id_t srcid; /* node ID of the original sender */
|
|
||||||
uint8_t seqno[4]; /* 32 bits sequence number (network byte order of course) */
|
|
||||||
uint8_t data[MAXSIZE];
|
uint8_t data[MAXSIZE];
|
||||||
} vpn_packet_t;
|
} vpn_packet_t;
|
||||||
|
|
||||||
|
typedef struct sptps_packet_t {
|
||||||
|
length_t len; /* the actual number of bytes in the `data' field */
|
||||||
|
int priority; /* priority or TOS */
|
||||||
|
node_id_t dstid; /* node ID of the final recipient */
|
||||||
|
node_id_t srcid; /* node ID of the original sender */
|
||||||
|
char data[MAXSIZE];
|
||||||
|
} sptps_packet_t;
|
||||||
|
|
||||||
/* Packet types when using SPTPS */
|
/* Packet types when using SPTPS */
|
||||||
|
|
||||||
#define PKT_COMPRESSED 1
|
#define PKT_COMPRESSED 1
|
||||||
|
|
|
||||||
|
|
@ -348,12 +348,12 @@ static void receive_packet(node_t *n, vpn_packet_t *packet) {
|
||||||
|
|
||||||
static bool try_mac(node_t *n, const vpn_packet_t *inpkt) {
|
static bool try_mac(node_t *n, const vpn_packet_t *inpkt) {
|
||||||
if(n->status.sptps)
|
if(n->status.sptps)
|
||||||
return sptps_verify_datagram(&n->sptps, (char *)&inpkt->seqno, inpkt->len);
|
return sptps_verify_datagram(&n->sptps, ((sptps_packet_t *)inpkt)->data, inpkt->len);
|
||||||
|
|
||||||
if(!digest_active(n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest))
|
if(!digest_active(n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(n->indigest))
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
return digest_verify(n->indigest, &inpkt->seqno, inpkt->len - digest_length(n->indigest), (const char *)&inpkt->seqno + inpkt->len - digest_length(n->indigest));
|
return digest_verify(n->indigest, (const char *)&inpkt->seqno, inpkt->len - digest_length(n->indigest), (const char *)&inpkt->seqno + inpkt->len - digest_length(n->indigest));
|
||||||
}
|
}
|
||||||
|
|
||||||
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
|
static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
|
||||||
|
|
@ -372,7 +372,7 @@ static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
if(!sptps_receive_data(&n->sptps, (char *)&inpkt->seqno, inpkt->len)) {
|
if(!sptps_receive_data(&n->sptps, ((sptps_packet_t *)&inpkt)->data, inpkt->len)) {
|
||||||
logger(DEBUG_TRAFFIC, LOG_ERR, "Got bad packet from %s (%s)", n->name, n->hostname);
|
logger(DEBUG_TRAFFIC, LOG_ERR, "Got bad packet from %s (%s)", n->name, n->hostname);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
@ -419,9 +419,7 @@ static bool receive_udppacket(node_t *n, vpn_packet_t *inpkt) {
|
||||||
/* Check the sequence number */
|
/* Check the sequence number */
|
||||||
|
|
||||||
inpkt->len -= sizeof inpkt->seqno;
|
inpkt->len -= sizeof inpkt->seqno;
|
||||||
uint32_t seqno;
|
uint32_t seqno = ntohl(inpkt->seqno);
|
||||||
memcpy(&seqno, inpkt->seqno, sizeof seqno);
|
|
||||||
seqno = ntohl(seqno);
|
|
||||||
|
|
||||||
if(replaywin) {
|
if(replaywin) {
|
||||||
if(seqno != n->received_seqno + 1) {
|
if(seqno != n->received_seqno + 1) {
|
||||||
|
|
@ -699,8 +697,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
|
||||||
|
|
||||||
/* Add sequence number */
|
/* Add sequence number */
|
||||||
|
|
||||||
uint32_t seqno = htonl(++(n->sent_seqno));
|
inpkt->seqno = htonl(++(n->sent_seqno));
|
||||||
memcpy(inpkt->seqno, &seqno, sizeof inpkt->seqno);
|
|
||||||
inpkt->len += sizeof inpkt->seqno;
|
inpkt->len += sizeof inpkt->seqno;
|
||||||
|
|
||||||
/* Encrypt the packet */
|
/* Encrypt the packet */
|
||||||
|
|
@ -709,7 +706,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
|
||||||
outpkt = pkt[nextpkt++];
|
outpkt = pkt[nextpkt++];
|
||||||
outlen = MAXSIZE;
|
outlen = MAXSIZE;
|
||||||
|
|
||||||
if(!cipher_encrypt(n->outcipher, inpkt->seqno, inpkt->len, outpkt->seqno, &outlen, true)) {
|
if(!cipher_encrypt(n->outcipher, &inpkt->seqno, inpkt->len, &outpkt->seqno, &outlen, true)) {
|
||||||
logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname);
|
logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
@ -721,7 +718,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
|
||||||
/* Add the message authentication code */
|
/* Add the message authentication code */
|
||||||
|
|
||||||
if(digest_active(n->outdigest)) {
|
if(digest_active(n->outdigest)) {
|
||||||
if(!digest_create(n->outdigest, inpkt->seqno, inpkt->len, inpkt->seqno + inpkt->len)) {
|
if(!digest_create(n->outdigest, &inpkt->seqno, inpkt->len, &inpkt->seqno + inpkt->len)) {
|
||||||
logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname);
|
logger(DEBUG_TRAFFIC, LOG_ERR, "Error while encrypting packet to %s (%s)", n->name, n->hostname);
|
||||||
goto end;
|
goto end;
|
||||||
}
|
}
|
||||||
|
|
@ -749,7 +746,7 @@ static void send_udppacket(node_t *n, vpn_packet_t *origpkt) {
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if(sendto(listen_socket[sock].udp.fd, inpkt->seqno, inpkt->len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) {
|
if(sendto(listen_socket[sock].udp.fd, &inpkt->seqno, inpkt->len, 0, &sa->sa, SALEN(sa->sa)) < 0 && !sockwouldblock(sockerrno)) {
|
||||||
if(sockmsgsize(sockerrno)) {
|
if(sockmsgsize(sockerrno)) {
|
||||||
if(n->maxmtu >= origlen)
|
if(n->maxmtu >= origlen)
|
||||||
n->maxmtu = origlen - 1;
|
n->maxmtu = origlen - 1;
|
||||||
|
|
@ -1031,6 +1028,7 @@ static node_t *try_harder(const sockaddr_t *from, const vpn_packet_t *pkt) {
|
||||||
void handle_incoming_vpn_data(void *data, int flags) {
|
void handle_incoming_vpn_data(void *data, int flags) {
|
||||||
listen_socket_t *ls = data;
|
listen_socket_t *ls = data;
|
||||||
vpn_packet_t pkt;
|
vpn_packet_t pkt;
|
||||||
|
sptps_packet_t *spkt = (sptps_packet_t *)&pkt;
|
||||||
char *hostname;
|
char *hostname;
|
||||||
sockaddr_t from = {{0}};
|
sockaddr_t from = {{0}};
|
||||||
socklen_t fromlen = sizeof from;
|
socklen_t fromlen = sizeof from;
|
||||||
|
|
@ -1038,7 +1036,7 @@ void handle_incoming_vpn_data(void *data, int flags) {
|
||||||
node_t *to = myself;
|
node_t *to = myself;
|
||||||
int len;
|
int len;
|
||||||
|
|
||||||
len = recvfrom(ls->udp.fd, &pkt.dstid, MAXSIZE, 0, &from.sa, &fromlen);
|
len = recvfrom(ls->udp.fd, &pkt.seqno, MAXSIZE, 0, &from.sa, &fromlen);
|
||||||
|
|
||||||
if(len <= 0 || len > MAXSIZE) {
|
if(len <= 0 || len > MAXSIZE) {
|
||||||
if(!sockwouldblock(sockerrno))
|
if(!sockwouldblock(sockerrno))
|
||||||
|
|
@ -1051,21 +1049,21 @@ void handle_incoming_vpn_data(void *data, int flags) {
|
||||||
sockaddrunmap(&from); /* Some braindead IPv6 implementations do stupid things. */
|
sockaddrunmap(&from); /* Some braindead IPv6 implementations do stupid things. */
|
||||||
|
|
||||||
bool direct = false;
|
bool direct = false;
|
||||||
if(len >= sizeof pkt.dstid + sizeof pkt.srcid) {
|
if(len >= sizeof spkt->dstid + sizeof spkt->srcid) {
|
||||||
n = lookup_node_id(&pkt.srcid);
|
n = lookup_node_id(&spkt->srcid);
|
||||||
if(n) {
|
if(n) {
|
||||||
node_id_t nullid = {};
|
node_id_t nullid = {};
|
||||||
if(memcmp(&pkt.dstid, &nullid, sizeof nullid) == 0) {
|
if(memcmp(&spkt->dstid, &nullid, sizeof nullid) == 0) {
|
||||||
/* A zero dstid is used to indicate a direct, non-relayed packet. */
|
/* A zero dstid is used to indicate a direct, non-relayed packet. */
|
||||||
direct = true;
|
direct = true;
|
||||||
} else {
|
} else {
|
||||||
to = lookup_node_id(&pkt.dstid);
|
to = lookup_node_id(&spkt->dstid);
|
||||||
if(!to) {
|
if(!to) {
|
||||||
logger(DEBUG_PROTOCOL, LOG_WARNING, "Received UDP packet presumably sent by %s (%s) but with unknown destination ID", n->name, n->hostname);
|
logger(DEBUG_PROTOCOL, LOG_WARNING, "Received UDP packet presumably sent by %s (%s) but with unknown destination ID", n->name, n->hostname);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
pkt.len -= sizeof pkt.dstid + sizeof pkt.srcid;
|
pkt.len -= sizeof spkt->dstid + sizeof spkt->srcid;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -1078,14 +1076,13 @@ void handle_incoming_vpn_data(void *data, int flags) {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
send_sptps_data_priv(to, n, 0, pkt.seqno, pkt.len);
|
send_sptps_data_priv(to, n, 0, spkt->data, pkt.len);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(!n) {
|
if(!n) {
|
||||||
/* Most likely an old-style packet without node IDs. */
|
/* Most likely an old-style packet without node IDs. */
|
||||||
direct = true;
|
direct = true;
|
||||||
memmove(pkt.seqno, &pkt.dstid, sizeof pkt - offsetof(vpn_packet_t, seqno));
|
|
||||||
n = lookup_node_udp(&from);
|
n = lookup_node_udp(&from);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue