예제 #1
0
 Session(const std::shared_ptr<GlobalGrid::VSocket>& socket,unsigned char* key, unsigned char* claimedThumbprint) {
   memcpy(this->key,key,32);
   this->socket = socket;
   secure_random_bytes(&challenge,16);
   verified = false;
   memcpy(this->claimedThumbprint,claimedThumbprint,16);
 }
예제 #2
0
 void Handshake(const std::shared_ptr<GlobalGrid::VSocket>& socket, void* remoteKey) {
   //Remote thumbprint + AES session key
   unsigned char thumbprint[16];
   Session session(socket);
   session.verified = true; //If they can send back a response (properly encoded; that is); we know that we're verified.
   secure_random_bytes(session.key,32);
   RSA_thumbprint(remoteKey,thumbprint);
   //Encrypt second part of message containing AES session key
   void* buffy = RSA_Encrypt(remoteKey,session.key,32);
   unsigned char* buffy_bytes;
   size_t buffy_size;
   GlobalGrid::Buffer_Get(buffy,&buffy_bytes,&buffy_size); //Be careful. Buffy bytes!
   unsigned char* mander = new unsigned char[16+buffy_size];
   memcpy(mander,thumbprint,16);
   memcpy(mander+16,buffy_bytes,buffy_size);
   socket->Send(mander,16+buffy_size); //Send Charmander into battle.
   sessions.insert(session);
   delete[] mander;
   GlobalGrid::GGObject_Free(buffy);
   
   
 }
예제 #3
0
파일: sl.c 프로젝트: cmusatyalab/coda
static struct CEntry *MakeConn(struct RPC2_PacketBuffer *pb)
{
    struct Init1Body *ib1;
    struct CEntry *ce;

    say(9, RPC2_DebugLevel, " Request on brand new connection\n");

    ib1 = (struct Init1Body *)(pb->Body);

#define INIT1LENGTH                                                \
    (sizeof(struct RPC2_PacketHeader) + sizeof(struct Init1Body) - \
     sizeof(ib1->Text))

    if (pb->Prefix.LengthOfPacket < INIT1LENGTH ||
        pb->Prefix.LengthOfPacket <
            (INIT1LENGTH + ntohl(ib1->FakeBody_ClientIdent_SeqLen))) {
        /* avoid memory reference errors from bogus packets */
        say(1, RPC2_DebugLevel, "Ignoring short Init1 packet\n");
        return NULL;
    }

    ce                = rpc2_AllocConn(pb->Prefix.PeerAddr);
    ce->TimeStampEcho = pb->Header.TimeStamp;
    TVTOTS(&pb->Prefix.RecvStamp, ce->RequestTime);

    say(15, RPC2_DebugLevel, "makeconn TS %u RQ %u\n", ce->TimeStampEcho,
        ce->RequestTime);

    switch ((int)pb->Header.Opcode) {
    case RPC2_INIT1OPENKIMONO:
        ce->SecurityLevel = RPC2_OPENKIMONO;
        break;
    case RPC2_INIT1AUTHONLY:
        ce->SecurityLevel = RPC2_AUTHONLY;
        break;
    case RPC2_INIT1HEADERSONLY:
        ce->SecurityLevel = RPC2_HEADERSONLY;
        break;
    case RPC2_INIT1SECURE:
        ce->SecurityLevel = RPC2_SECURE;
        break;
    default:
        assert(FALSE);
    }

    if (ce->SecurityLevel != RPC2_OPENKIMONO) {
        secure_random_bytes(&ce->NextSeqNumber, sizeof(ce->NextSeqNumber));
        ce->EncryptionType = ntohl(ib1->FakeBody_EncryptionType);
    }

    SetRole(ce, SERVER);
    SetState(ce, S_STARTBIND);
    ce->PeerHandle  = pb->Header.LocalHandle;
    ce->sa.peer_spi = pb->Header.LocalHandle;
    ce->SubsysId    = pb->Header.SubsysId;
    ce->PeerUnique  = pb->Header.Uniquefier;
    ce->SEProcs     = NULL;
    ce->Color       = GetPktColor(pb);

#ifdef RPC2DEBUG
    if (RPC2_DebugLevel > 9) {
        printf("New Connection %p......\n", ce);
        rpc2_PrintCEntry(ce, rpc2_tracefile);
        (void)fflush(rpc2_tracefile);
    }
#endif

    rpc2_NoteBinding(pb->Prefix.PeerAddr, ce->PeerHandle, pb->Header.Uniquefier,
                     ce->UniqueCID);
    return (ce);
}