static int do_incoming(TCP_Server *TCP_server, uint32_t i)
{
if (TCP_server->incoming_connection_queue[i].status != TCP_STATUS_CONNECTED) {
return -1;
}
int ret = read_connection_handshake(&TCP_server->incoming_connection_queue[i], TCP_server->secret_key);
if (ret == -1) {
kill_TCP_secure_connection(&TCP_server->incoming_connection_queue[i]);
} else if (ret == 1) {
int index_new = TCP_server->unconfirmed_connection_queue_index % MAX_INCOMING_CONNECTIONS;
TCP_Secure_Connection *conn_old = &TCP_server->incoming_connection_queue[i];
TCP_Secure_Connection *conn_new = &TCP_server->unconfirmed_connection_queue[index_new];
if (conn_new->status != TCP_STATUS_NO_STATUS) {
kill_TCP_secure_connection(conn_new);
}
memcpy(conn_new, conn_old, sizeof(TCP_Secure_Connection));
crypto_memzero(conn_old, sizeof(TCP_Secure_Connection));
++TCP_server->unconfirmed_connection_queue_index;
return index_new;
}
return -1;
}
/* Kill the TCP connection
*/
void kill_TCP_connection(TCP_Client_Connection *TCP_connection)
{
if (TCP_connection == NULL) {
return;
}
wipe_priority_list(TCP_connection);
kill_sock(TCP_connection->sock);
crypto_memzero(TCP_connection, sizeof(TCP_Client_Connection));
free(TCP_connection);
}
/* Remove real pk from received_requests list.
*
* return 0 if it removed it successfully.
* return -1 if it didn't find it.
*/
int remove_request_received(Friend_Requests *fr, const uint8_t *real_pk)
{
uint32_t i;
for (i = 0; i < MAX_RECEIVED_STORED; ++i) {
if (id_equal(fr->received_requests[i], real_pk)) {
crypto_memzero(fr->received_requests[i], CRYPTO_PUBLIC_KEY_SIZE);
return 0;
}
}
return -1;
}
int32_t decrypt_data(const uint8_t *public_key, const uint8_t *secret_key, const uint8_t *nonce,
const uint8_t *encrypted, size_t length, uint8_t *plain)
{
if (!public_key || !secret_key) {
return -1;
}
uint8_t k[crypto_box_BEFORENMBYTES];
encrypt_precompute(public_key, secret_key, k);
int ret = decrypt_data_symmetric(k, nonce, encrypted, length, plain);
crypto_memzero(k, sizeof k);
return ret;
}
END_TEST
START_TEST(test_memzero)
{
uint8_t src[sizeof(test_c)];
memcpy(src, test_c, sizeof(test_c));
crypto_memzero(src, sizeof(src));
size_t i;
for (i = 0; i < sizeof(src); i++) {
ck_assert_msg(src[i] == 0, "Memory is not zeroed");
}
}
/* data must be of length TCP_SERVER_HANDSHAKE_SIZE
*
* return 0 on success.
* return -1 on failure.
*/
static int handle_handshake(TCP_Client_Connection *TCP_conn, const uint8_t *data)
{
uint8_t plain[CRYPTO_PUBLIC_KEY_SIZE + CRYPTO_NONCE_SIZE];
int len = decrypt_data_symmetric(TCP_conn->shared_key, data, data + CRYPTO_NONCE_SIZE,
TCP_SERVER_HANDSHAKE_SIZE - CRYPTO_NONCE_SIZE, plain);
if (len != sizeof(plain)) {
return -1;
}
memcpy(TCP_conn->recv_nonce, plain + CRYPTO_PUBLIC_KEY_SIZE, CRYPTO_NONCE_SIZE);
encrypt_precompute(plain, TCP_conn->temp_secret_key, TCP_conn->shared_key);
crypto_memzero(TCP_conn->temp_secret_key, CRYPTO_SECRET_KEY_SIZE);
return 0;
}
static int confirm_TCP_connection(TCP_Server *TCP_server, TCP_Secure_Connection *con, const uint8_t *data,
uint16_t length)
{
int index = add_accepted(TCP_server, con);
if (index == -1) {
kill_TCP_secure_connection(con);
return -1;
}
crypto_memzero(con, sizeof(TCP_Secure_Connection));
if (handle_TCP_packet(TCP_server, index, data, length) == -1) {
kill_accepted(TCP_server, index);
return -1;
}
return index;
}
/* Delete accepted connection from list.
*
* return 0 on success
* return -1 on failure
*/
static int del_accepted(TCP_Server *TCP_server, int index)
{
if ((uint32_t)index >= TCP_server->size_accepted_connections) {
return -1;
}
if (TCP_server->accepted_connection_array[index].status == TCP_STATUS_NO_STATUS) {
return -1;
}
if (!bs_list_remove(&TCP_server->accepted_key_list, TCP_server->accepted_connection_array[index].public_key, index)) {
return -1;
}
crypto_memzero(&TCP_server->accepted_connection_array[index], sizeof(TCP_Secure_Connection));
--TCP_server->num_accepted_connections;
if (TCP_server->num_accepted_connections == 0) {
realloc_connection(TCP_server, 0);
}
return 0;
}
/* Kill a TCP_Secure_Connection
*/
static void kill_TCP_secure_connection(TCP_Secure_Connection *con)
{
kill_sock(con->sock);
crypto_memzero(con, sizeof(TCP_Secure_Connection));
}
