summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDirk Engling <erdgeist@erdgeist.org>2015-06-05 13:34:19 +0200
committerDirk Engling <erdgeist@erdgeist.org>2015-06-05 13:34:38 +0200
commitf0026ed1e0b99c7a896d430f9ea9506fb37c27da (patch)
tree37c911b63ad14b80a011f9443f2872b5e4601ac2
parent27499d7a55bde404f3273a23026f2495e96adf87 (diff)
Avoid reacting to our own error packets, should the happen to end up on our interface with a spoofed source IP. Thanks to zorun.
-rw-r--r--ot_udp.c19
1 files changed, 14 insertions, 5 deletions
diff --git a/ot_udp.c b/ot_udp.c
index 1d495eb..3bf311c 100644
--- a/ot_udp.c
+++ b/ot_udp.c
@@ -20,7 +20,9 @@
20#include "ot_stats.h" 20#include "ot_stats.h"
21#include "ot_rijndael.h" 21#include "ot_rijndael.h"
22 22
23#if 0
23static const uint8_t g_static_connid[8] = { 0x23, 0x42, 0x05, 0x17, 0xde, 0x41, 0x50, 0xff }; 24static const uint8_t g_static_connid[8] = { 0x23, 0x42, 0x05, 0x17, 0xde, 0x41, 0x50, 0xff };
25#endif
24static uint32_t g_rijndael_round_key[44] = {0}; 26static uint32_t g_rijndael_round_key[44] = {0};
25static uint32_t g_key_of_the_hour[2] = {0}; 27static uint32_t g_key_of_the_hour[2] = {0};
26static ot_time g_hour_of_the_key; 28static ot_time g_hour_of_the_key;
@@ -61,6 +63,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
61 uint32_t *outpacket = (uint32_t*)ws->outbuf; 63 uint32_t *outpacket = (uint32_t*)ws->outbuf;
62 uint32_t numwant, left, event, scopeid; 64 uint32_t numwant, left, event, scopeid;
63 uint32_t connid[2]; 65 uint32_t connid[2];
66 uint32_t action;
64 uint16_t port, remoteport; 67 uint16_t port, remoteport;
65 size_t byte_count, scrape_count; 68 size_t byte_count, scrape_count;
66 69
@@ -74,6 +77,11 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
74 if( byte_count < 16 ) 77 if( byte_count < 16 )
75 return 1; 78 return 1;
76 79
80 /* Get action to take. Ignore error messages and broken packets */
81 action = ntohl( inpacket[2] );
82 if( action > 2 )
83 return 1;
84
77 /* Generate the connection id we give out and expect to and from 85 /* Generate the connection id we give out and expect to and from
78 the requesting ip address, this prevents udp spoofing */ 86 the requesting ip address, this prevents udp spoofing */
79 udp_make_connectionid( connid, remoteip, 0 ); 87 udp_make_connectionid( connid, remoteip, 0 );
@@ -82,16 +90,16 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
82 ws->hash = NULL; 90 ws->hash = NULL;
83 ws->peer_id = NULL; 91 ws->peer_id = NULL;
84 92
85 /* If action is not a ntohl(a) == a == 0, then we 93 /* If action is not 0 (connect), then we expect the derived
86 expect the derived connection id in first 64 bit */ 94 connection id in first 64 bit */
87 if( inpacket[2] && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) ) { 95 if( ( action > 0 ) && ( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) ) {
88 /* If connection id does not match, try the one that was 96 /* If connection id does not match, try the one that was
89 valid in the previous hour. Only if this also does not 97 valid in the previous hour. Only if this also does not
90 match, return an error packet */ 98 match, return an error packet */
91 udp_make_connectionid( connid, remoteip, 1 ); 99 udp_make_connectionid( connid, remoteip, 1 );
92 if( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) { 100 if( inpacket[0] != connid[0] || inpacket[1] != connid[1] ) {
93 const size_t s = sizeof( "Connection ID missmatch." ); 101 const size_t s = sizeof( "Connection ID missmatch." );
94 outpacket[0] = 3; outpacket[1] = inpacket[3]; 102 outpacket[0] = htonl( 3 ); outpacket[1] = inpacket[3];
95 memcpy( &outpacket[2], "Connection ID missmatch.", s ); 103 memcpy( &outpacket[2], "Connection ID missmatch.", s );
96 socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 ); 104 socket_send6( serversocket, ws->outbuf, 8 + s, remoteip, remoteport, 0 );
97 stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s ); 105 stats_issue_event( EVENT_CONNID_MISSMATCH, FLAG_UDP, 8 + s );
@@ -99,7 +107,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
99 } 107 }
100 } 108 }
101 109
102 switch( ntohl( inpacket[2] ) ) { 110 switch( action ) {
103 case 0: /* This is a connect action */ 111 case 0: /* This is a connect action */
104 /* look for udp bittorrent magic id */ 112 /* look for udp bittorrent magic id */
105 if( (ntohl(inpacket[0]) != 0x00000417) || (ntohl(inpacket[1]) != 0x27101980) ) 113 if( (ntohl(inpacket[0]) != 0x00000417) || (ntohl(inpacket[1]) != 0x27101980) )
@@ -121,6 +129,7 @@ int handle_udp6( int64 serversocket, struct ot_workstruct *ws ) {
121 /* We do only want to know, if it is zero */ 129 /* We do only want to know, if it is zero */
122 left = inpacket[64/4] | inpacket[68/4]; 130 left = inpacket[64/4] | inpacket[68/4];
123 131
132 /* Limit amount of peers to 200 */
124 numwant = ntohl( inpacket[92/4] ); 133 numwant = ntohl( inpacket[92/4] );
125 if (numwant > 200) numwant = 200; 134 if (numwant > 200) numwant = 200;
126 135