summaryrefslogtreecommitdiff
path: root/ot_udp.c
diff options
context:
space:
mode:
Diffstat (limited to 'ot_udp.c')
-rw-r--r--ot_udp.c41
1 files changed, 22 insertions, 19 deletions
diff --git a/ot_udp.c b/ot_udp.c
index 1945247..bd84ebb 100644
--- a/ot_udp.c
+++ b/ot_udp.c
@@ -35,22 +35,20 @@ static void udp_generate_rijndael_round_key() {
35} 35}
36 36
37/* Generate current and previous connection id for ip */ 37/* Generate current and previous connection id for ip */
38static void udp_make_connectionid( uint32_t connid[4], const ot_ip6 remoteip ) { 38static void udp_make_connectionid( uint32_t connid[2], const ot_ip6 remoteip, int age ) {
39 uint32_t plain[4], crypt[4]; 39 uint32_t plain[4], crypt[4];
40 int age, i; 40 int i;
41 if( g_now_minutes + 60 > g_hour_of_the_key ) { 41 if( g_now_minutes + 60 > g_hour_of_the_key ) {
42 g_hour_of_the_key = g_now_minutes; 42 g_hour_of_the_key = g_now_minutes;
43 g_key_of_the_hour[1] = g_key_of_the_hour[0]; 43 g_key_of_the_hour[1] = g_key_of_the_hour[0];
44 g_key_of_the_hour[0] = random(); 44 g_key_of_the_hour[0] = random();
45 } 45 }
46 46
47 for( age = 0; age < 1; ++age ) { 47 memcpy( plain, remoteip, sizeof( plain ) );
48 memcpy( plain, remoteip, sizeof( plain ) ); 48 for( i=0; i<4; ++i ) plain[i] ^= g_key_of_the_hour[age];
49 for( i=0; i<4; ++i ) plain[i] ^= g_key_of_the_hour[age]; 49 rijndaelEncrypt128( g_rijndael_round_key, (uint8_t*)remoteip, (uint8_t*)crypt );
50 rijndaelEncrypt128( g_rijndael_round_key, (uint8_t*)remoteip, (uint8_t*)crypt ); 50 connid[0] = crypt[0] ^ crypt[1];
51 connid[2*age ] = crypt[0] ^ crypt[1]; 51 connid[1] = crypt[2] ^ crypt[3];
52 connid[2*age+1] = crypt[2] ^ crypt[3];
53 }
54} 52}
55 53
56/* UDP implementation according to http://xbtt.sourceforge.net/udp_tracker_protocol.html */ 54/* UDP implementation according to http://xbtt.sourceforge.net/udp_tracker_protocol.html */
@@ -59,7 +57,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
59 uint32_t *inpacket = (uint32_t*)ws->inbuf; 57 uint32_t *inpacket = (uint32_t*)ws->inbuf;
60 uint32_t *outpacket = (uint32_t*)ws->outbuf; 58 uint32_t *outpacket = (uint32_t*)ws->outbuf;
61 uint32_t numwant, left, event, scopeid; 59 uint32_t numwant, left, event, scopeid;
62 uint32_t connid[4]; 60 uint32_t connid[2];
63 uint16_t port, remoteport; 61 uint16_t port, remoteport;
64 size_t byte_count, scrape_count; 62 size_t byte_count, scrape_count;
65 63
@@ -75,7 +73,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
75 73
76 /* Generate the connection id we give out and expect to and from 74 /* Generate the connection id we give out and expect to and from
77 the requesting ip address, this prevents udp spoofing */ 75 the requesting ip address, this prevents udp spoofing */
78 udp_make_connectionid( connid, remoteip ); 76 udp_make_connectionid( connid, remoteip, 0 );
79 77
80 /* Initialise hash pointer */ 78 /* Initialise hash pointer */
81 ws->hash = NULL; 79 ws->hash = NULL;
@@ -83,14 +81,19 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
83 81
84 /* If action is not a ntohl(a) == a == 0, then we 82 /* If action is not a ntohl(a) == a == 0, then we
85 expect the derived connection id in first 64 bit */ 83 expect the derived connection id in first 64 bit */
86 if( inpacket[2] && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) && 84 if( inpacket[2] && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) ) {
87 ( inpacket[0] != connid[2] || inpacket[1] != connid[3] ) ) { 85 /* If connection id does not match, try the one that was
88 const size_t s = sizeof( "Connection ID missmatch." ); 86 valid in the previous hour. Only if this also does not
89 outpacket[0] = 3; outpacket[1] = inpacket[3]; 87 match, return an error packet */
90 memcpy( &outpacket[2], "Connection ID missmatch.", s ); 88 udp_make_connectionid( connid, remoteip, 1 );
91 socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 ); 89 if( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) {
92 stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s ); 90 const size_t s = sizeof( "Connection ID missmatch." );
93 return 1; 91 outpacket[0] = 3; outpacket[1] = inpacket[3];
92 memcpy( &outpacket[2], "Connection ID missmatch.", s );
93 socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 );
94 stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s );
95 return 1;
96 }
94 } 97 }
95 98
96 switch( ntohl( inpacket[2] ) ) { 99 switch( ntohl( inpacket[2] ) ) {