diff options
author | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-02-23 21:23:44 +0100 |
---|---|---|
committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2013-02-23 21:23:44 +0100 |
commit | b3ba14d47370e156ef7366954c1160e088e92b49 (patch) | |
tree | d452a69235f01e3ad3110590a0379f72a5fe1b5e /src | |
parent | 54c6ff1c419fffcb12ae33e45208b6dbe8914c02 (diff) | |
download | fastd-b3ba14d47370e156ef7366954c1160e088e92b49.tar fastd-b3ba14d47370e156ef7366954c1160e088e92b49.zip |
Differentiate between reasons for ignoring a handshake
Diffstat (limited to 'src')
-rw-r--r-- | src/protocol_ec25519_fhmqvc.c | 54 |
1 files changed, 36 insertions, 18 deletions
diff --git a/src/protocol_ec25519_fhmqvc.c b/src/protocol_ec25519_fhmqvc.c index e614cfc..99c5a1a 100644 --- a/src/protocol_ec25519_fhmqvc.c +++ b/src/protocol_ec25519_fhmqvc.c @@ -495,21 +495,15 @@ static void handle_finish_handshake(fastd_context_t *ctx, fastd_socket_t *sock, &ctx->conf->protocol_config->public_key, &sigma, handshake_key->serial); } -static bool check_peer_config_match(const fastd_peer_config_t *config, const fastd_peer_address_t *address, const unsigned char key[32]) { - if (!config->enabled || !config->protocol_config) - return false; - - if (!fastd_peer_config_is_floating(config) && !fastd_peer_config_matches_dynamic(config, address)) - return false; - - return (memcmp(config->protocol_config->public_key.p, key, PUBLICKEYBYTES) == 0); -} - static fastd_peer_t* match_sender_key(fastd_context_t *ctx, const fastd_socket_t *sock, const fastd_peer_address_t *address, fastd_peer_t *peer, const unsigned char key[32]) { + errno = 0; + if (sock->peer) { if (peer != sock->peer) { - if (peer && !fastd_peer_is_floating(peer) && !fastd_peer_is_dynamic(peer)) + if (peer && !fastd_peer_is_floating(peer) && !fastd_peer_is_dynamic(peer)) { + errno = EPERM; return NULL; + } peer = sock->peer; } @@ -517,28 +511,38 @@ static fastd_peer_t* match_sender_key(fastd_context_t *ctx, const fastd_socket_t if (peer) { if (memcmp(peer->config->protocol_config->public_key.p, key, PUBLICKEYBYTES) == 0) { - if (sock->peer && sock->peer != peer) + if (sock->peer && sock->peer != peer) { + errno = EPERM; return NULL; + } return peer; } } - if (peer && !fastd_peer_is_floating(peer) && !fastd_peer_is_dynamic(peer)) + if (peer && !fastd_peer_is_floating(peer) && !fastd_peer_is_dynamic(peer)) { + errno = EPERM; return NULL; + } for (peer = ctx->peers; peer; peer = peer->next) { - if (!check_peer_config_match(peer->config, address, key)) + if (memcmp(peer->config->protocol_config->public_key.p, key, PUBLICKEYBYTES) != 0) continue; - if (!fastd_peer_is_floating(peer)) { /* matches dynamic */ + if (fastd_peer_config_matches_dynamic(peer->config, address)) { fastd_resolve_peer(ctx, peer); + errno = EAGAIN; return NULL; } - return peer; + if (fastd_peer_is_floating(peer)) + return peer; + + errno = EPERM; + return NULL; } + errno = ENOENT; return NULL; } @@ -559,8 +563,22 @@ static void protocol_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock peer = match_sender_key(ctx, sock, address, peer, handshake->records[RECORD_SENDER_KEY].data); if (!peer) { - pr_debug(ctx, "ignoring handshake from %I (unknown key or unresolved host)", address); - return; + switch (errno) { + case EAGAIN: + pr_debug(ctx, "received handshake from %I, resolving host...", address); + return; + + case EPERM: + pr_debug(ctx, "ignoring handshake from %I (incorrect source address)", address); + return; + + case ENOENT: + pr_debug(ctx, "ignoring handshake from %I (unknown key)", address); + return; + + default: + exit_bug(ctx, "match_sender_key: unknown error"); + } } if (!fastd_peer_may_connect(ctx, peer)) { |