X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=site.c;h=acbc2b62c99b9ed43e48b43a3d473becfdd404c3;hb=31dd07884afd1f1d87d398bf344e1ba3a71e293b;hp=dcac0baaf3428f20c8a97b83eb4d169954271119;hpb=1fc8a4acb3ef658696038c9c4bd3c155fbc27ac3;p=secnet.git

diff --git a/site.c b/site.c
index dcac0ba..acbc2b6 100644
--- a/site.c
+++ b/site.c
@@ -6,7 +6,7 @@
  *
  * secnet is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version d of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
  * (at your option) any later version.
  * 
  * secnet is distributed in the hope that it will be useful, but
@@ -328,14 +328,14 @@ struct site {
 				      after this time, initiate a new
 				      key exchange */
 
-    bool_t setup_priority; /* Do we have precedence if both sites emit
-			      message 1 simultaneously? */
+    bool_t our_name_later; /* our name > peer name */
     uint32_t log_events;
 
 /* runtime information */
     uint32_t state;
     uint64_t now; /* Most recently seen time */
     bool_t allow_send_prod;
+    bool_t msg1_crossed_logged;
     int resolving_count;
     int resolving_n_results_all;
     int resolving_n_results_stored;
@@ -470,14 +470,15 @@ static bool_t current_valid(struct site *st)
 }
 
 #define DEFINE_CALL_TRANSFORM(fwdrev)					\
-static int call_transform_##fwdrev(struct site *st,			\
+static transform_apply_return                                           \
+call_transform_##fwdrev(struct site *st,				\
 				   struct transform_inst_if *transform,	\
 				   struct buffer_if *buf,		\
 				   const char **errmsg)			\
 {									\
     if (!is_transform_valid(transform)) {				\
 	*errmsg="transform not set up";					\
-	return 1;							\
+	return transform_apply_err;					\
     }									\
     return transform->fwdrev(transform->st,buf,errmsg);			\
 }
@@ -534,8 +535,10 @@ struct msg {
     char *sig;
 };
 
-static void set_new_transform(struct site *st, char *pk)
+static _Bool set_new_transform(struct site *st, char *pk)
 {
+    _Bool ok;
+
     /* Make room for the shared key */
     st->sharedsecretlen=st->chosen_transform->keylen?:st->dh->ceil_len;
     assert(st->sharedsecretlen);
@@ -553,15 +556,18 @@ static void set_new_transform(struct site *st, char *pk)
     /* Set up the transform */
     struct transform_if *generator=st->chosen_transform;
     struct transform_inst_if *generated=generator->create(generator->st);
-    generated->setkey(generated->st,st->sharedsecret,
-		      st->sharedsecretlen,st->setup_priority);
+    ok = generated->setkey(generated->st,st->sharedsecret,
+			   st->sharedsecretlen,st->our_name_later);
+
     dispose_transform(&st->new_transform);
+    if (!ok) return False;
     st->new_transform=generated;
 
     slog(st,LOG_SETUP_INIT,"key exchange negotiated transform"
 	 " %d (capabilities ours=%#"PRIx32" theirs=%#"PRIx32")",
 	 st->chosen_transform->capab_transformnum,
 	 st->local_capabilities, st->remote_capabilities);
+    return True;
 }
 
 struct xinfoadd {
@@ -713,6 +719,13 @@ static bool_t unpick_msg(struct site *st, uint32_t type,
     CHECK_AVAIL(msg,m->siglen);
     m->sig=buf_unprepend(msg,m->siglen);
     CHECK_EMPTY(msg);
+
+    /* In `process_msg3_msg4' below, we assume that we can write a nul
+     * terminator following the signature.  Make sure there's enough space.
+     */
+    if (msg->start >= msg->base + msg->alloclen)
+	return False;
+
     return True;
 }
 
@@ -846,7 +859,7 @@ static bool_t process_msg3_msg4(struct site *st, struct msg *m)
     hst=st->hash->init();
     st->hash->update(hst,m->hashstart,m->hashlen);
     st->hash->final(hst,hash);
-    /* Terminate signature with a '0' - cheating, but should be ok */
+    /* Terminate signature with a '0' - already checked that this will fit */
     m->sig[m->siglen]=0;
     if (!st->pubkey->check(st->pubkey->st,hash,st->hash->len,m->sig)) {
 	slog(st,LOG_SEC,"msg3/msg4 signature failed check!");
@@ -905,7 +918,7 @@ static bool_t process_msg3(struct site *st, struct buffer_if *msg3,
     st->random->generate(st->random->st,st->dh->len,st->dhsecret);
 
     /* Generate the shared key and set up the transform */
-    set_new_transform(st,m.pk);
+    if (!set_new_transform(st,m.pk)) return False;
 
     return True;
 }
@@ -936,7 +949,7 @@ static bool_t process_msg4(struct site *st, struct buffer_if *msg4,
     m.pk[m.pklen]=0;
 
     /* Generate the shared key and set up the transform */
-    set_new_transform(st,m.pk);
+    if (!set_new_transform(st,m.pk)) return False;
 
     return True;
 }
@@ -1017,8 +1030,9 @@ static void create_msg6(struct site *st, struct transform_inst_if *transform,
     /* Give the netlink code an opportunity to put its own stuff in the
        message (configuration information, etc.) */
     buf_prepend_uint32(&st->buffer,LABEL_MSG6);
-    int problem = call_transform_forwards(st,transform,
-					  &st->buffer,&transform_err);
+    transform_apply_return problem =
+	call_transform_forwards(st,transform,
+				&st->buffer,&transform_err);
     assert(!problem);
     buf_prepend_uint32(&st->buffer,LABEL_MSG6);
     buf_prepend_uint32(&st->buffer,st->index);
@@ -1058,12 +1072,13 @@ static bool_t process_msg6(struct site *st, struct buffer_if *msg6,
     return True;
 }
 
-static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
+static transform_apply_return
+decrypt_msg0(struct site *st, struct buffer_if *msg0,
 			   const struct comm_addr *src)
 {
     cstring_t transform_err, auxkey_err, newkey_err="n/a";
     struct msg0 m;
-    uint32_t problem;
+    transform_apply_return problem;
 
     if (!unpick_msg0(st,msg0,&m)) return False;
 
@@ -1076,15 +1091,15 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
 	if (!st->auxiliary_is_new)
 	    delete_one_key(st,&st->auxiliary_key,
 			   "peer has used new key","auxiliary key",LOG_SEC);
-	return True;
+	return 0;
     }
-    if (problem==2)
-	goto skew;
+    if (transform_apply_return_badseq(problem))
+	goto badseq;
 
     buffer_copy(msg0, &st->scratch);
     problem = call_transform_reverse(st,st->auxiliary_key.transform,
 				     msg0,&auxkey_err);
-    if (problem==0) {
+    if (!problem) {
 	slog(st,LOG_DROP,"processing packet which uses auxiliary key");
 	if (st->auxiliary_is_new) {
 	    /* We previously timed out in state SENTMSG5 but it turns
@@ -1101,10 +1116,10 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
 	    st->auxiliary_is_new=0;
 	    st->renegotiate_key_time=st->auxiliary_renegotiate_key_time;
 	}
-	return True;
+	return 0;
     }
-    if (problem==2)
-	goto skew;
+    if (transform_apply_return_badseq(problem))
+	goto badseq;
 
     if (st->state==SITE_SENTMSG5) {
 	buffer_copy(msg0, &st->scratch);
@@ -1117,29 +1132,33 @@ static bool_t decrypt_msg0(struct site *st, struct buffer_if *msg0,
 	    BUF_FREE(&st->buffer);
 	    st->timeout=0;
 	    activate_new_key(st);
-	    return True; /* do process the data in this packet */
+	    return 0; /* do process the data in this packet */
 	}
-	if (problem==2)
-	    goto skew;
+	if (transform_apply_return_badseq(problem))
+	    goto badseq;
     }
 
     slog(st,LOG_SEC,"transform: %s (aux: %s, new: %s)",
 	 transform_err,auxkey_err,newkey_err);
     initiate_key_setup(st,"incoming message would not decrypt",0);
     send_nak(src,m.dest,m.source,m.type,msg0,"message would not decrypt");
-    return False;
+    assert(problem);
+    return problem;
 
- skew:
-    slog(st,LOG_DROP,"transform: %s (merely skew)",transform_err);
-    return False;
+ badseq:
+    slog(st,LOG_DROP,"transform: %s (bad seq.)",transform_err);
+    assert(problem);
+    return problem;
 }
 
 static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
 			   const struct comm_addr *src)
 {
     uint32_t type;
+    transform_apply_return problem;
 
-    if (!decrypt_msg0(st,msg0,src))
+    problem = decrypt_msg0(st,msg0,src);
+    if (problem)
 	return False;
 
     CHECK_AVAIL(msg0,4);
@@ -1449,7 +1468,7 @@ static void enter_state_run(struct site *st)
     FILLZERO(st->remoteN);
     dispose_transform(&st->new_transform);
     memset(st->dhsecret,0,st->dh->len);
-    memset(st->sharedsecret,0,st->sharedsecretlen);
+    if (st->sharedsecret) memset(st->sharedsecret,0,st->sharedsecretlen);
     set_link_quality(st);
 
     if (st->keepalive && !current_valid(st))
@@ -1512,6 +1531,7 @@ static bool_t enter_new_state(struct site *st, uint32_t next)
     case SITE_SENTMSG1:
 	state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE);
 	gen=generate_msg1;
+	st->msg1_crossed_logged = False;
 	break;
     case SITE_SENTMSG2:
 	state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE ||
@@ -1741,6 +1761,15 @@ static bool_t named_for_us(struct site *st, const struct buffer_if *buf_in,
 	&& name_matches(&m->local,st->localname);
 }
 
+static bool_t we_have_priority(struct site *st, const struct msg *m) {
+    if ((st->local_capabilities & m->remote_capabilities)
+	&& CAPAB_PRIORITY_MOBILE) {
+	if (st->local_mobile) return True;
+	if (st-> peer_mobile) return False;
+    }
+    return st->our_name_later;
+}
+
 /* This function is called by the communication device to deliver
    packets from our peers.
    It should return True if the packet is recognised as being for
@@ -1782,13 +1811,14 @@ static bool_t site_incoming(void *sst, struct buffer_if *buf,
 	    /* We've just sent a message 1! They may have crossed on
 	       the wire. If we have priority then we ignore the
 	       incoming one, otherwise we process it as usual. */
-	    if (st->setup_priority) {
+	    if (we_have_priority(st,&named_msg)) {
 		BUF_FREE(buf);
-		slog(st,LOG_DUMP,"crossed msg1s; we are higher "
-		     "priority => ignore incoming msg1");
+		if (!st->msg1_crossed_logged++)
+		    slog(st,LOG_SETUP_INIT,"crossed msg1s; we are higher "
+			 "priority => ignore incoming msg1");
 		return True;
 	    } else {
-		slog(st,LOG_DUMP,"crossed msg1s; we are lower "
+		slog(st,LOG_SETUP_INIT,"crossed msg1s; we are lower "
 		     "priority => use incoming msg1");
 		if (process_msg1(st,buf,source,&named_msg)) {
 		    BUF_FREE(&st->buffer); /* Free our old message 1 */
@@ -2114,7 +2144,7 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
     /* The information we expect to see in incoming messages of type 1 */
     /* fixme: lots of unchecked overflows here, but the results are only
        corrupted packets rather than undefined behaviour */
-    st->setup_priority=(strcmp(st->localname,st->remotename)>0);
+    st->our_name_later=(strcmp(st->localname,st->remotename)>0);
 
     buffer_new(&st->buffer,SETUP_BUFFER_LEN);
 
@@ -2146,6 +2176,9 @@ static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
 	st->local_capabilities |= capbit;
     }
 
+    if (st->local_mobile || st->peer_mobile)
+	st->local_capabilities |= CAPAB_PRIORITY_MOBILE;
+
     /* We need to register the remote networks with the netlink device */
     uint32_t netlink_mtu; /* local virtual interface mtu */
     st->netlink->reg(st->netlink->st, site_outgoing, st, &netlink_mtu);
@@ -2249,11 +2282,18 @@ static void transport_record_peers(struct site *st, transport_peers *peers,
      *
      * Caller must first call transport_peers_expire. */
 
-    if (naddrs==1 && peers->npeers>=1 &&
-	comm_addr_equal(&addrs[0], &peers->peers[0].addr)) {
-	/* optimisation, also avoids debug for trivial updates */
-	peers->peers[0].last = *tv_now;
-	return;
+    if (naddrs==1) {
+	/* avoids debug for uninteresting updates */
+	int i;
+	for (i=0; i<peers->npeers; i++) {
+	    if (comm_addr_equal(&addrs[0], &peers->peers[i].addr)) {
+		memmove(peers->peers+1, peers->peers,
+			sizeof(peers->peers[0]) * i);
+		peers->peers[0].addr = addrs[0];
+		peers->peers[0].last = *tv_now;
+		return;
+	    }
+	}
     }
 
     int old_npeers=peers->npeers;