Ejemplo n.º 1
0
// Get shared session keys. Returns 1 if successful.
static int authGetSessionKeys(struct s_auth_state *authstate, struct s_crypto *ctx) {
	if(authIsCompleted(authstate)) {
		return cryptoSetSessionKeys(ctx, &authstate->crypto_ctx[auth_CRYPTOCTX_SESSION_A], &authstate->crypto_ctx[auth_CRYPTOCTX_SESSION_B], authstate->keygen_nonce, (auth_NONCESIZE + auth_NONCESIZE), crypto_AES256, crypto_SHA256);
	}
	else {
		return 0;
	}
}
Ejemplo n.º 2
0
// Get remote PeerID. Returns 1 if successful.
static int authGetRemotePeerID(struct s_auth_state *authstate, int *remote_peerid) {
	if(authIsCompleted(authstate)) {
		*remote_peerid = authstate->remote_peerid;
		return 1;
	}
	else {
		return 0;
	}
}
Ejemplo n.º 3
0
// Get connection parameters. Returns 1 if successful.
static int authGetConnectionParams(struct s_auth_state *authstate, int64_t *seq, int64_t *flags) {
	if(authIsCompleted(authstate)) {
		*seq = utilReadInt64(authstate->remote_seq);
		*flags = utilReadInt64(authstate->remote_flags);
		return 1;
	}
	else {
		return 0;
	}
}
Ejemplo n.º 4
0
// Decode auth message. Returns 1 if message is accepted.
int authmgtDecodeMsg(struct s_authmgt *mgt, const unsigned char *msg, const int msg_len, const struct s_peeraddr *peeraddr) {
	int authid;
	int authstateid;
	int tnow = utilGetClock();
	int newsession;
	int dupid;
    
    CREATE_HUMAN_IP(peeraddr);
    
    debugf("[%s] AUTH message received", humanIp);
    
	if(msg_len <= 4) {
        debugf("[%s] Wrong AUTH message size: %d", humanIp, msg_len);
        return 0;
    }
    
    authid = utilReadInt32(msg);
    if(authid > 0) {
        // message belongs to existing auth session
        authstateid = (authid - 1);
        
        debugf("Found active auth session: %d", authstateid);
        if(authstateid >= idspSize(&mgt->idsp)) {
            debugf("[%s] wrong auth state ID", humanIp);
            return 0;
        }
        
        if(!authDecodeMsg(&mgt->authstate[authstateid], msg, msg_len)) {
            debugf("[%s] failed to decode AUTH message", humanIp);
            return 0;
        }
        
        mgt->lastrecv[authstateid] = tnow;
        mgt->peeraddr[authstateid] = *peeraddr;
        if(mgt->fastauth) {
            mgt->lastsend[authstateid] = (tnow - authmgt_RESEND_TIMEOUT - 3);
        }
        
        if((authIsAuthed(&mgt->authstate[authstateid])) && (!authIsCompleted(&mgt->authstate[authstateid]))) mgt->current_authed_id = authstateid;
        
        if((authIsCompleted(&mgt->authstate[authstateid])) && (!authIsPeerCompleted(&mgt->authstate[authstateid]))) {
            msgf("Host %s authorized", humanIp);
            mgt->current_completed_id = authstateid;
        }
        
        return 1;
    } else if(authid == 0) {
        debugf("starting new session for %s, authid: %d", humanIp, authid);
        // message requests new auth session
        dupid = authmgtFindAddr(mgt, peeraddr);
        
        // we already have this session
        if(dupid >= 0) {
            // auth session with same PeerAddr found.
            if(authIsPreauth(&mgt->authstate[dupid])) {
                return 0;
            }
        
            authmgtDelete(mgt, dupid);
        }
        
        authstateid = authmgtNew(mgt, peeraddr);
        if(authstateid < 0) {
            // all auth slots are full, search for unused sessions that can be replaced
            dupid = authmgtFindUnused(mgt);
            if(!(dupid < 0)) {
                authmgtDelete(mgt, dupid);
                authstateid = authmgtNew(mgt, peeraddr);
                debugf("new auth session started for %s, authstateid %d", humanIp, authstateid);
            }
        }
        
        if(!(authstateid < 0)) {
            if(authDecodeMsg(&mgt->authstate[authstateid], msg, msg_len)) {
                mgt->lastrecv[authstateid] = tnow;
                mgt->peeraddr[authstateid] = *peeraddr;
                if(mgt->fastauth) {
                    mgt->lastsend[authstateid] = (tnow - authmgt_RESEND_TIMEOUT - 3);
                }
                return 1;
            }
            else {
                authmgtDelete(mgt, authstateid);
            }
        }
        
    }
    
    return 0;
}