j3d1/tinc
1
0
Fork 0
Code Issues1 Pull requests Releases Wiki Activity

Revert the order of seqno check and decryption in sptps_receive_data_datagram

Browse source 
the late seqno check changes the sequence numbers!
This commit is contained in:
thorkill 2016-05-23 12:52:18 +02:00
parent b5593abe05
commit 6369a4157b
1 changed files with 5 additions and 5 deletions

10
src/sptps.c
View file

@ -512,11 +512,6 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
return receive_handshake(s, data, len); return receive_handshake(s, data, len);
} }
if(!sptps_check_seqno(s, seqno, true)) {
warning(s, "%s@%d: %x/%x\n", __FUNCTION__, __LINE__, s->state, s->outstate);
return false;
}
// Decrypt // Decrypt
char buffer[len]; char buffer[len];
memset(buffer, 0x00, len); memset(buffer, 0x00, len);
@ -525,6 +520,11 @@ static bool sptps_receive_data_datagram(sptps_t *s, const char *data, size_t len
if(!chacha_poly1305_decrypt(s->incipher, seqno, data, len, buffer, &outlen)) if(!chacha_poly1305_decrypt(s->incipher, seqno, data, len, buffer, &outlen))
return error(s, EIO, "Failed to decrypt and verify packet"); return error(s, EIO, "Failed to decrypt and verify packet");
if(!sptps_check_seqno(s, seqno, true)) {
warning(s, "%s@%d: %x/%x\n", __FUNCTION__, __LINE__, s->state, s->outstate);
return false;
}
// Append a NULL byte for safety. // Append a NULL byte for safety.
buffer[outlen] = 0; buffer[outlen] = 0;