diff options
Diffstat (limited to 'src/transport/gnunet-service-transport_validation.c')
-rw-r--r-- | src/transport/gnunet-service-transport_validation.c | 30 |
1 files changed, 10 insertions, 20 deletions
diff --git a/src/transport/gnunet-service-transport_validation.c b/src/transport/gnunet-service-transport_validation.c index e07ff7546..86c51c729 100644 --- a/src/transport/gnunet-service-transport_validation.c +++ b/src/transport/gnunet-service-transport_validation.c | |||
@@ -132,11 +132,8 @@ struct TransportPongMessage | |||
132 | struct GNUNET_CRYPTO_RsaSignature signature; | 132 | struct GNUNET_CRYPTO_RsaSignature signature; |
133 | 133 | ||
134 | /** | 134 | /** |
135 | * What are we signing and why? Two possible reason codes can be here: | ||
136 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a | 135 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN to confirm that this is a |
137 | * plausible address for this peer (pid is set to identity of signer); or | 136 | * plausible address for the signing peer. |
138 | * GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_USING to confirm that this is | ||
139 | * an address we used to connect to the peer with the given pid. | ||
140 | */ | 137 | */ |
141 | struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; | 138 | struct GNUNET_CRYPTO_RsaSignaturePurpose purpose; |
142 | 139 | ||
@@ -146,13 +143,6 @@ struct TransportPongMessage | |||
146 | struct GNUNET_TIME_AbsoluteNBO expiration; | 143 | struct GNUNET_TIME_AbsoluteNBO expiration; |
147 | 144 | ||
148 | /** | 145 | /** |
149 | * Either the identity of the peer Who signed this message, or the | ||
150 | * identity of the peer that we're connected to using the given | ||
151 | * address (depending on purpose.type). | ||
152 | */ | ||
153 | struct GNUNET_PeerIdentity pid; | ||
154 | |||
155 | /** | ||
156 | * Size of address appended to this message (part of what is | 146 | * Size of address appended to this message (part of what is |
157 | * being signed, hence not redundant). | 147 | * being signed, hence not redundant). |
158 | */ | 148 | */ |
@@ -683,11 +673,10 @@ GST_validation_handle_ping (const struct GNUNET_PeerIdentity *sender, | |||
683 | htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + | 673 | htonl (sizeof (struct GNUNET_CRYPTO_RsaSignaturePurpose) + |
684 | sizeof (uint32_t) + | 674 | sizeof (uint32_t) + |
685 | sizeof (struct GNUNET_TIME_AbsoluteNBO) + | 675 | sizeof (struct GNUNET_TIME_AbsoluteNBO) + |
686 | sizeof (struct GNUNET_PeerIdentity) + alen + slen); | 676 | alen + slen); |
687 | pong->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN); | 677 | pong->purpose.purpose = htonl (GNUNET_SIGNATURE_PURPOSE_TRANSPORT_PONG_OWN); |
688 | pong->challenge = ping->challenge; | 678 | pong->challenge = ping->challenge; |
689 | pong->addrlen = htonl(alen + slen); | 679 | pong->addrlen = htonl(alen + slen); |
690 | pong->pid = GST_my_identity; | ||
691 | memcpy (&pong[1], addr, slen); | 680 | memcpy (&pong[1], addr, slen); |
692 | memcpy (&((char*)&pong[1])[slen], addrend, alen); | 681 | memcpy (&((char*)&pong[1])[slen], addrend, alen); |
693 | if (GNUNET_TIME_absolute_get_remaining (*sig_cache_exp).rel_value < PONG_SIGNATURE_LIFETIME.rel_value / 4) | 682 | if (GNUNET_TIME_absolute_get_remaining (*sig_cache_exp).rel_value < PONG_SIGNATURE_LIFETIME.rel_value / 4) |
@@ -993,13 +982,6 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender, | |||
993 | 1, | 982 | 1, |
994 | GNUNET_NO); | 983 | GNUNET_NO); |
995 | pong = (const struct TransportPongMessage *) hdr; | 984 | pong = (const struct TransportPongMessage *) hdr; |
996 | if (0 != memcmp (&pong->pid, | ||
997 | sender, | ||
998 | sizeof (struct GNUNET_PeerIdentity))) | ||
999 | { | ||
1000 | GNUNET_break_op (0); | ||
1001 | return; | ||
1002 | } | ||
1003 | addr = (const char*) &pong[1]; | 985 | addr = (const char*) &pong[1]; |
1004 | alen = ntohs (hdr->size) - sizeof (struct TransportPongMessage); | 986 | alen = ntohs (hdr->size) - sizeof (struct TransportPongMessage); |
1005 | addrend = memchr (addr, '\0', alen); | 987 | addrend = memchr (addr, '\0', alen); |
@@ -1025,6 +1007,14 @@ GST_validation_handle_pong (const struct GNUNET_PeerIdentity *sender, | |||
1025 | return; | 1007 | return; |
1026 | } | 1008 | } |
1027 | /* now check that PONG is well-formed */ | 1009 | /* now check that PONG is well-formed */ |
1010 | if (0 != memcmp (&ve->pid, | ||
1011 | sender, | ||
1012 | sizeof (struct GNUNET_PeerIdentity))) | ||
1013 | { | ||
1014 | GNUNET_break_op (0); | ||
1015 | return; | ||
1016 | } | ||
1017 | |||
1028 | if (GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_ntoh (pong->expiration)).rel_value == 0) | 1018 | if (GNUNET_TIME_absolute_get_remaining (GNUNET_TIME_absolute_ntoh (pong->expiration)).rel_value == 0) |
1029 | { | 1019 | { |
1030 | GNUNET_STATISTICS_update (GST_stats, | 1020 | GNUNET_STATISTICS_update (GST_stats, |