make router unreachable if AEAD fails in SessionCreated

2025-04-28 11:47:48 +02:00 · 2023-05-03 07:43:28 -04:00 · 2023-05-03 07:43:28 -04:00 · 4ce2ef1d83
commit 4ce2ef1d83
parent fb83ca42f4
3 changed files with 7 additions and 1 deletions
--- a/libi2pd/SSU2Session.cpp
+++ b/libi2pd/SSU2Session.cpp
@ -809,6 +809,8 @@ namespace transport
 			m_NoiseState->m_CK + 32, nonce, decryptedPayload.data (), decryptedPayload.size (), false))
 		{
 			LogPrint (eLogWarning, "SSU2: SessionCreated AEAD verification failed ");
+			if (GetRemoteIdentity ())
+				i2p::data::netdb.SetUnreachable (GetRemoteIdentity ()->GetIdentHash (), true);  // assume wrong s key
 			return false;
 		}
 		m_NoiseState->MixHash (payload, len - 64); // h = SHA256(h || encrypted payload from SessionCreated) for SessionConfirmed