#define SITE_SENTMSG5 7
#define SITE_WAIT 8
+#define CASES_MSG3_KNOWN LABEL_MSG3: case LABEL_MSG3BIS
+
int32_t site_max_start_pad = 4*4;
static cstring_t state_name(uint32_t state)
struct resolver_if *resolver;
struct log_if *log;
struct random_if *random;
- struct rsaprivkey_if *privkey;
- struct rsapubkey_if *pubkey;
+ struct sigprivkey_if *privkey;
+ struct sigpubkey_if *pubkey;
struct transform_if **transforms;
int ntransforms;
struct dh_if *dh;
struct hash_if *hash;
uint32_t index; /* Index of this site */
+ uint32_t early_capabilities;
uint32_t local_capabilities;
int32_t setup_retries; /* How many times to send setup packets */
int32_t setup_retry_interval; /* Initial timeout for setup packets */
static _Bool type_is_msg34(uint32_t type)
{
- return
- type == LABEL_MSG3 ||
- type == LABEL_MSG3BIS ||
- type == LABEL_MSG4;
+ switch (type) {
+ case CASES_MSG3_KNOWN: case LABEL_MSG4: return True;
+ default: return False;
+ }
}
struct parsedname {
{
void *hst;
uint8_t *hash;
- string_t dhpub, sig;
+ string_t dhpub;
+ unsigned minor;
st->retries=st->setup_retries;
BUF_ALLOC(&st->buffer,what);
struct xinfoadd xia;
append_string_xinfo_start(&st->buffer,&xia,st->localname);
- if ((st->local_capabilities & CAPAB_EARLY) || (type != LABEL_MSG1)) {
+ if ((st->local_capabilities & st->early_capabilities) ||
+ (type != LABEL_MSG1)) {
buf_append_uint32(&st->buffer,st->local_capabilities);
}
if (type_is_msg34(type)) {
if (hacky_par_mid_failnow()) return False;
- if (type==LABEL_MSG3BIS)
+ if (MSGMAJOR(type) == 3) do {
+ minor = MSGMINOR(type);
+ if (minor < 1) break;
buf_append_uint8(&st->buffer,st->chosen_transform->capab_bit);
+ } while (0);
dhpub=st->dh->makepublic(st->dh->st,st->dhsecret,st->dh->len);
buf_append_string(&st->buffer,dhpub);
hst=st->hash->init();
st->hash->update(hst,st->buffer.start,st->buffer.size);
st->hash->final(hst,hash);
- sig=st->privkey->sign(st->privkey->st,hash,st->hash->len);
- buf_append_string(&st->buffer,sig);
- free(sig);
+ bool_t ok=st->privkey->sign(st->privkey->st,hash,st->hash->len,
+ &st->buffer);
+ if (!ok) goto fail;
free(hash);
return True;
+
+ fail:
+ free(hash);
+ return False;
}
static bool_t unpick_name(struct buffer_if *msg, struct parsedname *nm)
static bool_t unpick_msg(struct site *st, uint32_t type,
struct buffer_if *msg, struct msg *m)
{
+ unsigned minor;
+
m->capab_transformnum=-1;
m->hashstart=msg->start;
CHECK_AVAIL(msg,4);
CHECK_EMPTY(msg);
return True;
}
- if (type==LABEL_MSG3BIS) {
- CHECK_AVAIL(msg,1);
- m->capab_transformnum = buf_unprepend_uint8(msg);
- } else {
- m->capab_transformnum = CAPAB_BIT_ANCIENTTRANSFORM;
- }
+ if (MSGMAJOR(type) == 3) do {
+ minor = MSGMINOR(type);
+#define MAYBE_READ_CAP(minminor, kind, dflt) do { \
+ if (minor < (minminor)) \
+ m->capab_##kind##num = (dflt); \
+ else { \
+ CHECK_AVAIL(msg, 1); \
+ m->capab_##kind##num = buf_unprepend_uint8(msg); \
+ } \
+} while (0)
+ MAYBE_READ_CAP(1, transform, CAPAB_BIT_ANCIENTTRANSFORM);
+#undef MAYBE_READ_CAP
+ } while (0);
CHECK_AVAIL(msg,2);
m->pklen=buf_unprepend_uint16(msg);
CHECK_AVAIL(msg,m->pklen);
}
/* MSG3 has complicated rules about capabilities, which are
* handled in process_msg3. */
- if (type==LABEL_MSG3 || type==LABEL_MSG3BIS) return True;
+ if (MSGMAJOR(type) == 3) return True;
if (m->remote_capabilities!=st->remote_capabilities) {
*error="remote capabilities changed";
return False;
and create message number 3. */
st->random->generate(st->random->st,st->dh->len,st->dhsecret);
return generate_msg(st,
- (st->remote_capabilities & CAPAB_TRANSFORM_MASK
- ? LABEL_MSG3BIS : LABEL_MSG3),
+ (st->remote_capabilities & CAPAB_TRANSFORM_MASK)
+ ? LABEL_MSG3BIS
+ : LABEL_MSG3,
"site:MSG3");
}
struct msg m;
cstring_t err;
- assert(msgtype==LABEL_MSG3 || msgtype==LABEL_MSG3BIS);
+ switch (msgtype) {
+ case CASES_MSG3_KNOWN: break;
+ default: assert(0);
+ }
if (!unpick_msg(st,msgtype,msg3,&m)) return False;
if (!check_msg(st,msgtype,&m,&err)) {
return False;
}
uint32_t capab_adv_late = m.remote_capabilities
- & ~st->remote_capabilities & CAPAB_EARLY;
+ & ~st->remote_capabilities & st->early_capabilities;
if (capab_adv_late) {
slog(st,LOG_SEC,"msg3 impermissibly adds early capability flag(s)"
" %#"PRIx32" (was %#"PRIx32", now %#"PRIx32")",
capab_adv_late, st->remote_capabilities, m.remote_capabilities);
return False;
}
- st->remote_capabilities|=m.remote_capabilities;
#define CHOSE_CRYPTO(kind, what) do { \
struct kind##_if *iface; \
if (!process_msg3_msg4(st,&m))
return False;
+ /* Update our idea of the remote site's capabilities, now that we've
+ * verified that its message was authentic.
+ *
+ * Our previous idea of the remote site's capabilities came from the
+ * unauthenticated MSG1. We've already checked that this new message
+ * doesn't change any of the bits we relied upon in the past, but it may
+ * also have set additional capability bits. We simply throw those away
+ * now, and use the authentic capabilities from this MSG3. */
+ st->remote_capabilities=m.remote_capabilities;
+
/* Terminate their DH public key with a '0' */
m.pk[m.pklen]=0;
/* Invent our DH secret key */
slog(st,LOG_SEC,"invalid MSG2");
}
break;
- case LABEL_MSG3:
- case LABEL_MSG3BIS:
+ case CASES_MSG3_KNOWN:
/* Setup packet: expected only in state SENTMSG2 */
if (st->state!=SITE_SENTMSG2) {
if ((st->state==SITE_SENTMSG4) &&
assert(index_sequence < 0xffffffffUL);
st->index = ++index_sequence;
st->local_capabilities = 0;
+ st->early_capabilities = CAPAB_PRIORITY_MOBILE;
st->netlink=find_cl_if(dict,"link",CL_NETLINK,True,"site",loc);
#define GET_CLOSURE_LIST(dictkey,things,nthings,CL_TYPE) do{ \
st->log=find_cl_if(dict,"log",CL_LOG,True,"site",loc);
st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
- st->privkey=find_cl_if(dict,"local-key",CL_RSAPRIVKEY,True,"site",loc);
+ st->privkey=find_cl_if(dict,"local-key",CL_SIGPRIVKEY,True,"site",loc);
st->addresses=dict_read_string_array(dict,"address",False,"site",loc,0);
if (st->addresses)
st->remoteport=dict_read_number(dict,"port",True,"site",loc,0);
else st->remoteport=0;
- st->pubkey=find_cl_if(dict,"key",CL_RSAPUBKEY,True,"site",loc);
+ st->pubkey=find_cl_if(dict,"key",CL_SIGPUBKEY,True,"site",loc);
GET_CLOSURE_LIST("transform",transforms,ntransforms,CL_TRANSFORM);
~ian / secnet.git / blobdiff