fastd/fastd
1
0
Fork 0
mirror of https://github.com/neocturne/fastd.git synced 2025-05-15 12:45:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Simplify handling of on-verify commands

Browse source
This commit is contained in:
Matthias Schiffer 2014-04-13 18:53:21 +02:00
parent 296fac170c
commit dd5d95468e
1 changed files with 9 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

25
src/protocols/ec25519_fhmqvc/handshake.c
View file

@ -490,14 +490,14 @@ static inline bool allow_unknown(fastd_context_t *ctx) {
return fastd_shell_command_isset(&ctx->conf->on_verify); return fastd_shell_command_isset(&ctx->conf->on_verify);
} }
static inline fastd_peer_t* add_temporary(fastd_context_t *ctx, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, const unsigned char key[32]) { static inline fastd_peer_t* add_temporary(fastd_context_t *ctx, const fastd_peer_address_t *addr, const unsigned char key[32]) {
if (!allow_unknown(ctx)) { if (!allow_unknown(ctx)) {
pr_debug(ctx, "ignoring handshake from %I (unknown key)", remote_addr); pr_debug(ctx, "ignoring handshake from %I (unknown key)", addr);
return NULL; return NULL;
} }
if (key_count(ctx, key)) { if (key_count(ctx, key)) {
pr_debug(ctx, "ignoring handshake from %I (disabled key)", remote_addr); pr_debug(ctx, "ignoring handshake from %I (disabled key)", addr);
return NULL; return NULL;
} }
@ -509,12 +509,6 @@ static inline fastd_peer_t* add_temporary(fastd_context_t *ctx, const fastd_peer
/* Ugly hack */ /* Ugly hack */
peer->protocol_state->last_serial--; peer->protocol_state->last_serial--;
if (!fastd_peer_verify_temporary(ctx, peer, local_addr, remote_addr)) {
pr_debug(ctx, "ignoring handshake from %P[%I] (verification failed)", peer, remote_addr);
fastd_peer_delete(ctx, peer);
return NULL;
}
return peer; return peer;
} }
@ -541,8 +535,6 @@ void fastd_protocol_ec25519_fhmqvc_handshake_init(fastd_context_t *ctx, const fa
void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr, void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_socket_t *sock, const fastd_peer_address_t *local_addr, const fastd_peer_address_t *remote_addr,
fastd_peer_t *peer, const fastd_handshake_t *handshake, const fastd_method_info_t *method) { fastd_peer_t *peer, const fastd_handshake_t *handshake, const fastd_method_info_t *method) {
bool temporary_added = false;
fastd_protocol_ec25519_fhmqvc_maintenance(ctx); fastd_protocol_ec25519_fhmqvc_maintenance(ctx);
if (!has_field(handshake, RECORD_SENDER_KEY, PUBLICKEYBYTES)) { if (!has_field(handshake, RECORD_SENDER_KEY, PUBLICKEYBYTES)) {
@ -558,11 +550,9 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_
return; return;
case ENOENT: case ENOENT:
peer = add_temporary(ctx, local_addr, remote_addr, handshake->records[RECORD_SENDER_KEY].data); peer = add_temporary(ctx, remote_addr, handshake->records[RECORD_SENDER_KEY].data);
if (peer) { if (peer)
temporary_added = true;
break; break;
}
return; return;
@ -571,12 +561,11 @@ void fastd_protocol_ec25519_fhmqvc_handshake_handle(fastd_context_t *ctx, fastd_
} }
} }
if (fastd_peer_is_temporary(peer) && !temporary_added) { if (fastd_peer_is_temporary(peer) && !fastd_peer_verify_temporary(ctx, peer, local_addr, remote_addr)) {
if (!fastd_peer_verify_temporary(ctx, peer, local_addr, remote_addr)) {
pr_debug(ctx, "ignoring handshake from %P[%I] (verification failed)", peer, remote_addr); pr_debug(ctx, "ignoring handshake from %P[%I] (verification failed)", peer, remote_addr);
fastd_peer_delete(ctx, peer);
return; return;
} }
}
if (!fastd_peer_may_connect(ctx, peer)) { if (!fastd_peer_may_connect(ctx, peer)) {
pr_debug(ctx, "ignoring handshake from %P[%I] because of local constraints", peer, remote_addr); pr_debug(ctx, "ignoring handshake from %P[%I] because of local constraints", peer, remote_addr);