don't handle more than 2 fragments in SessionConfirmed

This commit is contained in:
orignal 2022-09-20 18:32:29 -04:00
parent 030af11d86
commit 24ae8d5443

View file

@ -851,9 +851,15 @@ namespace transport
return true; return true;
} }
// check if fragmented // check if fragmented
if ((header.h.flags[0] & 0x0F) > 1) uint8_t numFragments = header.h.flags[0] & 0x0F;
if (numFragments > 1)
{ {
// fragmented // fragmented
if (numFragments > 2)
{
LogPrint (eLogError, "SSU2: Too many fragments ", numFragments, " in SessionConfirmed");
return false;
}
if (!(header.h.flags[0] & 0xF0)) if (!(header.h.flags[0] & 0xF0))
{ {
// first fragment // first fragment
@ -911,6 +917,7 @@ namespace transport
m_NoiseState->m_CK + 32, nonce, S, 32, false)) m_NoiseState->m_CK + 32, nonce, S, 32, false))
{ {
LogPrint (eLogWarning, "SSU2: SessionConfirmed part 1 AEAD verification failed "); LogPrint (eLogWarning, "SSU2: SessionConfirmed part 1 AEAD verification failed ");
if (m_SessionConfirmedFragment) m_SessionConfirmedFragment.reset (nullptr);
return false; return false;
} }
m_NoiseState->MixHash (buf + 16, 48); // h = SHA256(h || ciphertext); m_NoiseState->MixHash (buf + 16, 48); // h = SHA256(h || ciphertext);
@ -927,9 +934,11 @@ namespace transport
m_NoiseState->m_CK + 32, nonce, decryptedPayload.data (), decryptedPayload.size (), false)) m_NoiseState->m_CK + 32, nonce, decryptedPayload.data (), decryptedPayload.size (), false))
{ {
LogPrint (eLogWarning, "SSU2: SessionConfirmed part 2 AEAD verification failed "); LogPrint (eLogWarning, "SSU2: SessionConfirmed part 2 AEAD verification failed ");
if (m_SessionConfirmedFragment) m_SessionConfirmedFragment.reset (nullptr);
return false; return false;
} }
m_NoiseState->MixHash (payload, len - 64); // h = SHA256(h || ciphertext); m_NoiseState->MixHash (payload, len - 64); // h = SHA256(h || ciphertext);
if (m_SessionConfirmedFragment) m_SessionConfirmedFragment.reset (nullptr);
// payload // payload
// handle RouterInfo block that must be first // handle RouterInfo block that must be first
if (decryptedPayload[0] != eSSU2BlkRouterInfo) if (decryptedPayload[0] != eSSU2BlkRouterInfo)