diff options
author | Dirk Engling <erdgeist@erdgeist.org> | 2015-06-05 13:34:19 +0200 |
---|---|---|
committer | Dirk Engling <erdgeist@erdgeist.org> | 2015-06-05 13:34:38 +0200 |
commit | f0026ed1e0b99c7a896d430f9ea9506fb37c27da (patch) | |
tree | 37c911b63ad14b80a011f9443f2872b5e4601ac2 | |
parent | 27499d7a55bde404f3273a23026f2495e96adf87 (diff) |
Avoid reacting to our own error packets, should the happen to end up on our interface with a spoofed source IP. Thanks to zorun.
-rw-r--r-- | ot_udp.c | 19 |
1 files changed, 14 insertions, 5 deletions
@@ -20,7 +20,9 @@ | |||
20 | #include "ot_stats.h" | 20 | #include "ot_stats.h" |
21 | #include "ot_rijndael.h" | 21 | #include "ot_rijndael.h" |
22 | 22 | ||
23 | #if 0 | ||
23 | static const uint8_t g_static_connid[8] = { 0x23, 0x42, 0x05, 0x17, 0xde, 0x41, 0x50, 0xff }; | 24 | static const uint8_t g_static_connid[8] = { 0x23, 0x42, 0x05, 0x17, 0xde, 0x41, 0x50, 0xff }; |
25 | #endif | ||
24 | static uint32_t g_rijndael_round_key[44] = {0}; | 26 | static uint32_t g_rijndael_round_key[44] = {0}; |
25 | static uint32_t g_key_of_the_hour[2] = {0}; | 27 | static uint32_t g_key_of_the_hour[2] = {0}; |
26 | static ot_time g_hour_of_the_key; | 28 | static ot_time g_hour_of_the_key; |
@@ -61,6 +63,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
61 | uint32_t *outpacket = (uint32_t*)ws->outbuf; | 63 | uint32_t *outpacket = (uint32_t*)ws->outbuf; |
62 | uint32_t numwant, left, event, scopeid; | 64 | uint32_t numwant, left, event, scopeid; |
63 | uint32_t connid[2]; | 65 | uint32_t connid[2]; |
66 | uint32_t action; | ||
64 | uint16_t port, remoteport; | 67 | uint16_t port, remoteport; |
65 | size_t byte_count, scrape_count; | 68 | size_t byte_count, scrape_count; |
66 | 69 | ||
@@ -74,6 +77,11 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
74 | if( byte_count < 16 ) | 77 | if( byte_count < 16 ) |
75 | return 1; | 78 | return 1; |
76 | 79 | ||
80 | /* Get action to take. Ignore error messages and broken packets */ | ||
81 | action = ntohl( inpacket[2] ); | ||
82 | if( action > 2 ) | ||
83 | return 1; | ||
84 | |||
77 | /* Generate the connection id we give out and expect to and from | 85 | /* Generate the connection id we give out and expect to and from |
78 | the requesting ip address, this prevents udp spoofing */ | 86 | the requesting ip address, this prevents udp spoofing */ |
79 | udp_make_connectionid( connid, remoteip, 0 ); | 87 | udp_make_connectionid( connid, remoteip, 0 ); |
@@ -82,16 +90,16 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
82 | ws->hash = NULL; | 90 | ws->hash = NULL; |
83 | ws->peer_id = NULL; | 91 | ws->peer_id = NULL; |
84 | 92 | ||
85 | /* If action is not a ntohl(a) == a == 0, then we | 93 | /* If action is not 0 (connect), then we expect the derived |
86 | expect the derived connection id in first 64 bit */ | 94 | connection id in first 64 bit */ |
87 | if( inpacket[2] && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) ) { | 95 | if( ( action > 0 ) && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) ) { |
88 | /* If connection id does not match, try the one that was | 96 | /* If connection id does not match, try the one that was |
89 | valid in the previous hour. Only if this also does not | 97 | valid in the previous hour. Only if this also does not |
90 | match, return an error packet */ | 98 | match, return an error packet */ |
91 | udp_make_connectionid( connid, remoteip, 1 ); | 99 | udp_make_connectionid( connid, remoteip, 1 ); |
92 | if( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) { | 100 | if( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) { |
93 | const size_t s = sizeof( "Connection ID missmatch." ); | 101 | const size_t s = sizeof( "Connection ID missmatch." ); |
94 | outpacket[0] = 3; outpacket[1] = inpacket[3]; | 102 | outpacket[0] = htonl( 3 ); outpacket[1] = inpacket[3]; |
95 | memcpy( &outpacket[2], "Connection ID missmatch.", s ); | 103 | memcpy( &outpacket[2], "Connection ID missmatch.", s ); |
96 | socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 ); | 104 | socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 ); |
97 | stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s ); | 105 | stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s ); |
@@ -99,7 +107,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
99 | } | 107 | } |
100 | } | 108 | } |
101 | 109 | ||
102 | switch( ntohl( inpacket[2] ) ) { | 110 | switch( action ) { |
103 | case 0: /* This is a connect action */ | 111 | case 0: /* This is a connect action */ |
104 | /* look for udp bittorrent magic id */ | 112 | /* look for udp bittorrent magic id */ |
105 | if( (ntohl(inpacket[0]) != 0x00000417) || (ntohl(inpacket[1]) != 0x27101980) ) | 113 | if( (ntohl(inpacket[0]) != 0x00000417) || (ntohl(inpacket[1]) != 0x27101980) ) |
@@ -121,6 +129,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) { | |||
121 | /* We do only want to know, if it is zero */ | 129 | /* We do only want to know, if it is zero */ |
122 | left = inpacket[64/4] | inpacket[68/4]; | 130 | left = inpacket[64/4] | inpacket[68/4]; |
123 | 131 | ||
132 | /* Limit amount of peers to 200 */ | ||
124 | numwant = ntohl( inpacket[92/4] ); | 133 | numwant = ntohl( inpacket[92/4] ); |
125 | if (numwant > 200) numwant = 200; | 134 | if (numwant > 200) numwant = 200; |
126 | 135 | ||