First attempt to sign and verify the SLPD data
This commit is contained in:
thorkill
parent
43ed440176
commit
4cb85c00a8
2 changed files with 37 additions and 5 deletions
|
|
@ -1529,7 +1529,7 @@ static void handle_incoming_slpd_packet(listen_socket_t *ls, void *pkt, struct s
|
|||
return;
|
||||
}
|
||||
|
||||
if (mav == 0 && miv == 1) {
|
||||
if (mav == 0 && miv <= 2) {
|
||||
|
||||
logger(DEBUG_TRAFFIC, LOG_ERR, "Got SLPD packet node:%s port:%d %d.%d <%s> from %s", nodename, port, mav, miv, fng, addrstr);
|
||||
|
||||
|
|
@ -1539,6 +1539,22 @@ static void handle_incoming_slpd_packet(listen_socket_t *ls, void *pkt, struct s
|
|||
return;
|
||||
}
|
||||
|
||||
node_read_ecdsa_public_key(n);
|
||||
|
||||
char sig[64];
|
||||
int v;
|
||||
size_t nlen = strlen(pkt);
|
||||
if (miv >= 2) {
|
||||
if (b64decode(fng, &sig, 86) != 64) {
|
||||
logger(DEBUG_ALWAYS, LOG_ERR, "b64decode() failed!");
|
||||
return;
|
||||
}
|
||||
if (!ecdsa_verify(n->ecdsa, pkt, nlen-86-1, sig)) {
|
||||
logger(DEBUG_ALWAYS, LOG_ERR, "Signature verification for SLPD from <%s> failed!", addrstr);
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
if (!strncmp(n->name, myself->name, strlen(myself->name))) {
|
||||
logger(DEBUG_SCARY_THINGS, LOG_NOTICE, "Ignore SLPD for myself: %s", nodename);
|
||||
return;
|
||||
|
|
|
|||
|
|
@ -402,11 +402,27 @@ void send_slpd_broadcast(char *iface) {
|
|||
return;
|
||||
}
|
||||
|
||||
snprintf(slpd_msg, MAXSIZE, "sLPD 0 1 %s %d none ", myname, atoi(myport));
|
||||
slpd_msg[MAXSIZE-1] = '\00';
|
||||
//ecdsa_sign(myself->sptps.mykey, msg, strlen(msg), sig);
|
||||
snprintf(slpd_msg, MAXSIZE, "sLPD 0 2 %s %d", myname, atoi(myport));
|
||||
|
||||
if (sendto(sd, slpd_msg, strlen(slpd_msg), 0, mcast_addr->ai_addr, mcast_addr->ai_addrlen) != strlen(slpd_msg) ) {
|
||||
char signature[87];
|
||||
char b64sig[255];
|
||||
char pkt[MAXSIZE];
|
||||
int public_key = node_read_ecdsa_public_key(myself);
|
||||
char *private_key;
|
||||
|
||||
private_key = read_ecdsa_private_key();
|
||||
|
||||
slpd_msg[MAXSIZE-1] = '\00';
|
||||
ecdsa_sign(myself->connection->ecdsa, slpd_msg, strlen(slpd_msg), &signature);
|
||||
if (b64encode(signature, &b64sig, 64) != 86) {
|
||||
logger(DEBUG_ALWAYS, LOG_ERR, "b64encode() failed!");
|
||||
return;
|
||||
}
|
||||
|
||||
int l = snprintf(&pkt, strlen(slpd_msg) + strlen(b64sig) + 2, "%s %s", slpd_msg, b64sig);
|
||||
pkt[l] = '\00';
|
||||
|
||||
if (sendto(sd, pkt, strlen(pkt), 0, mcast_addr->ai_addr, mcast_addr->ai_addrlen) != strlen(pkt) ) {
|
||||
logger(DEBUG_ALWAYS, LOG_ERR, "SLPD send() error: [%s:%d]", strerror(errno), errno);
|
||||
}
|
||||
close(sd);
|
||||
|
|
|
|||
Loading…
Reference in a new issue