mirror
/
devilutionX-ZeroTierOne
mirror of https://github.com/diasurgical/ZeroTierOne.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Do packet MAC check before locallyValidate(), and add timing measurement in selftest.

pull/1/head
Adam Ierymenko 9 years ago
parent
1fcbb1fbed
commit
ab4021dd0e
2 changed files with 16 additions and 11 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 15
      node/IncomingPacket.cpp
  2. 12
      selftest.cpp

15
node/IncomingPacket.cpp
Unescape View File

@ -275,7 +275,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut
// Continue at // VALID
}
} // else continue at // VALID
} // else if alreadyAuthenticated then continue at // VALID
} else {
// We don't already have an identity with this address -- validate and learn it
@ -285,18 +285,19 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut
return true;
}
// Check packet integrity and MAC
SharedPtr<Peer> newPeer(new Peer(RR,RR->identity,id));
if (!dearmor(newPeer->key())) {
TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_path->address().toString().c_str());
return true;
}
// Check that identity's address is valid as per the derivation function
if (!id.locallyValidate()) {
TRACE("dropped HELLO from %s(%s): identity invalid",id.address().toString().c_str(),_path->address().toString().c_str());
return true;
}
// Check packet integrity and authentication
SharedPtr<Peer> newPeer(new Peer(RR,RR->identity,id));
if (!dearmor(newPeer->key())) {
TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_path->address().toString().c_str());
return true;
}
peer = RR->topology->addPeer(newPeer);
// Continue at // VALID

12
selftest.cpp
Unescape View File

@ -376,11 +376,15 @@ static int testIdentity()
std::cout << "FAIL (1)" << std::endl;
return -1;
}
if (!id.locallyValidate()) {
std::cout << "FAIL (2)" << std::endl;
return -1;
const uint64_t vst = OSUtils::now();
for(int k=0;k<10;++k) {
if (!id.locallyValidate()) {
std::cout << "FAIL (2)" << std::endl;
return -1;
}
}
std::cout << "PASS" << std::endl;
const uint64_t vet = OSUtils::now();
std::cout << "PASS (" << ((double)(vet - vst) / 10.0) << "ms per validation)" << std::endl;
std::cout << "[identity] Validate known-bad identity... "; std::cout.flush();
if (!id.fromString(KNOWN_BAD_IDENTITY)) {

Write Preview
Loading…
Cancel
Save