changes

author: Matthias Wachs <wachs@net.in.tum.de> 2013-03-05 13:40:12 +0000
committer: Matthias Wachs <wachs@net.in.tum.de> 2013-03-05 13:40:12 +0000
commit: e5cc8dcd9c82d1736b6c4cfd0a52fc1dcf9ea154 (patch)
tree: 6f8e1c8b0c5b7ddc79776f2a5f2c569ae680a1ed /src/transport/gnunet-service-transport_validation.c
parent: 0e62c9501710428cc6e27dded5262e2999b7fe56 (diff)
download: gnunet-e5cc8dcd9c82d1736b6c4cfd0a52fc1dcf9ea154.tar.gz
gnunet-e5cc8dcd9c82d1736b6c4cfd0a52fc1dcf9ea154.zip
1 files changed, 18 insertions, 7 deletions
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c
index a8996b1cc..f7a12085a 100644
--- a/src/transport/gnunet-service-transport_validation.c
+++ b/src/transport/gnunet-service-transport_validation.c
@@ -1149,6 +1149,7 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender,
  struct GNUNET_HELLO_Message *hello;
  struct GNUNET_HELLO_Address address;
  int sig_res;
+  int do_verify;
  if (ntohs (hdr->size) < sizeof (struct TransportPongMessage))
  {
@@ -1204,28 +1205,38 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender,
  }
  sig_res = GNUNET_SYSERR;
+  do_verify = GNUNET_YES;
  if (0 != GNUNET_TIME_absolute_get_remaining(ve->pong_sig_valid_until).rel_value)
  {
                if (0 == memcmp (&ve->pong_sig_cache, &pong->signature, sizeof (struct GNUNET_CRYPTO_EccSignature)))
+                {
                        sig_res = GNUNET_OK;
+                        do_verify = GNUNET_NO;
+                }
                else
+                {
                        sig_res = GNUNET_SYSERR;
+        GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                "Failed to check with cached signature: different signature on address %s:%s from peer `%s'\n",
+                tname, GST_plugins_a2s (ve->address),
+                GNUNET_i2s (sender));
+                }
  }
-  else
+  if (GNUNET_YES == do_verify)
  {
                sig_res = GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
                                &pong->purpose, &pong->signature,
                                &ve->public_key);
+      GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
+                "Failed to verify: invalid signature on address %s:%s from peer `%s'\n",
+                tname, GST_plugins_a2s (ve->address),
+                GNUNET_i2s (sender));
  }
  if (sig_res == GNUNET_SYSERR)
-  {
-    GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
-                "Invalid signature on address %s:%s from peer `%s'\n",
-                tname, GST_plugins_a2s (ve->address),
-                GNUNET_i2s (sender));
    return;
-  }
  GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
              "Address validated for peer `%s' with plugin `%s': `%s'\n",
              GNUNET_i2s (sender), tname, GST_plugins_a2s (ve->address));
author	Matthias Wachs <wachs@net.in.tum.de>	2013-03-05 13:40:12 +0000
committer	Matthias Wachs <wachs@net.in.tum.de>	2013-03-05 13:40:12 +0000
commit	e5cc8dcd9c82d1736b6c4cfd0a52fc1dcf9ea154 (patch)
tree	6f8e1c8b0c5b7ddc79776f2a5f2c569ae680a1ed /src/transport/gnunet-service-transport_validation.c
parent	0e62c9501710428cc6e27dded5262e2999b7fe56 (diff)
download	gnunet-e5cc8dcd9c82d1736b6c4cfd0a52fc1dcf9ea154.tar.gz gnunet-e5cc8dcd9c82d1736b6c4cfd0a52fc1dcf9ea154.zip

diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c index a8996b1cc..f7a12085a 100644 --- a/src/transport/gnunet-service-transport_validation.c +++ b/src/transport/gnunet-service-transport_validation.c
@@ -1149,6 +1149,7 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender,
1149	struct GNUNET_HELLO_Message *hello;	1149	struct GNUNET_HELLO_Message *hello;
1150	struct GNUNET_HELLO_Address address;	1150	struct GNUNET_HELLO_Address address;
1151	int sig_res;	1151	int sig_res;
		1152	int do_verify;
1152		1153
1153	if (ntohs (hdr->size) < sizeof (struct TransportPongMessage))	1154	if (ntohs (hdr->size) < sizeof (struct TransportPongMessage))
1154	{	1155	{
@@ -1204,28 +1205,38 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender,
1204	}	1205	}
1205		1206
1206	sig_res = GNUNET_SYSERR;	1207	sig_res = GNUNET_SYSERR;
		1208	do_verify = GNUNET_YES;
1207	if (0 != GNUNET_TIME_absolute_get_remaining(ve->pong_sig_valid_until).rel_value)	1209	if (0 != GNUNET_TIME_absolute_get_remaining(ve->pong_sig_valid_until).rel_value)
1208	{	1210	{
1209	if (0 == memcmp (&ve->pong_sig_cache, &pong->signature, sizeof (struct GNUNET_CRYPTO_EccSignature)))	1211	if (0 == memcmp (&ve->pong_sig_cache, &pong->signature, sizeof (struct GNUNET_CRYPTO_EccSignature)))
		1212	{
1210	sig_res = GNUNET_OK;	1213	sig_res = GNUNET_OK;
		1214	do_verify = GNUNET_NO;
		1215	}
1211	else	1216	else
		1217	{
1212	sig_res = GNUNET_SYSERR;	1218	sig_res = GNUNET_SYSERR;
		1219	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
		1220	"Failed to check with cached signature: different signature on address %s:%s from peer `%s'\n",
		1221	tname, GST_plugins_a2s (ve->address),
		1222	GNUNET_i2s (sender));
		1223	}
1213	}	1224	}
1214	else	1225
		1226	if (GNUNET_YES == do_verify)
1215	{	1227	{
1216	sig_res = GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,	1228	sig_res = GNUNET_CRYPTO_ecc_verify (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN,
1217	&pong->purpose, &pong->signature,	1229	&pong->purpose, &pong->signature,
1218	&ve->public_key);	1230	&ve->public_key);
		1231	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
		1232	"Failed to verify: invalid signature on address %s:%s from peer `%s'\n",
		1233	tname, GST_plugins_a2s (ve->address),
		1234	GNUNET_i2s (sender));
1219	}	1235	}
1220		1236
1221	if (sig_res == GNUNET_SYSERR)	1237	if (sig_res == GNUNET_SYSERR)
1222	{
1223	GNUNET_log (GNUNET_ERROR_TYPE_WARNING,
1224	"Invalid signature on address %s:%s from peer `%s'\n",
1225	tname, GST_plugins_a2s (ve->address),
1226	GNUNET_i2s (sender));
1227	return;	1238	return;
1228	}	1239
1229	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,	1240	GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
1230	"Address validated for peer `%s' with plugin `%s': `%s'\n",	1241	"Address validated for peer `%s' with plugin `%s': `%s'\n",
1231	GNUNET_i2s (sender), tname, GST_plugins_a2s (ve->address));	1242	GNUNET_i2s (sender), tname, GST_plugins_a2s (ve->address));