Fixed transport header problem

This commit is contained in:
Mathias Hall-Andersen 2017-07-02 15:28:38 +02:00
parent 1e620427bd
commit 2aa0daf4d5
5 changed files with 32 additions and 20 deletions

View file

@ -10,7 +10,7 @@ import (
type DummyTUN struct { type DummyTUN struct {
name string name string
mtu uint mtu int
packets chan []byte packets chan []byte
} }
@ -18,7 +18,7 @@ func (tun *DummyTUN) Name() string {
return tun.name return tun.name
} }
func (tun *DummyTUN) MTU() uint { func (tun *DummyTUN) MTU() int {
return tun.mtu return tun.mtu
} }

View file

@ -13,7 +13,8 @@ type KeyPair struct {
sendNonce uint64 sendNonce uint64
isInitiator bool isInitiator bool
created time.Time created time.Time
id uint32 localIndex uint32
remoteIndex uint32
} }
type KeyPairs struct { type KeyPairs struct {

View file

@ -32,10 +32,11 @@ const (
) )
const ( const (
MessageInitiationSize = 148 MessageInitiationSize = 148
MessageResponseSize = 92 MessageResponseSize = 92
MessageCookieReplySize = 64 MessageCookieReplySize = 64
MessageTransportSize = 16 + poly1305.TagSize // size of empty transport MessageTransportHeaderSize = 16
MessageTransportSize = MessageTransportHeaderSize + poly1305.TagSize // size of empty transport
) )
const ( const (
@ -449,6 +450,8 @@ func (peer *Peer) NewKeyPair() *KeyPair {
keyPair.sendNonce = 0 keyPair.sendNonce = 0
keyPair.recvNonce = 0 keyPair.recvNonce = 0
keyPair.created = time.Now() keyPair.created = time.Now()
keyPair.localIndex = peer.handshake.localIndex
keyPair.remoteIndex = peer.handshake.remoteIndex
// remap index // remap index
@ -471,7 +474,7 @@ func (peer *Peer) NewKeyPair() *KeyPair {
if kp.previous != nil { if kp.previous != nil {
kp.previous.send = nil kp.previous.send = nil
kp.previous.recv = nil kp.previous.recv = nil
peer.device.indices.Delete(kp.previous.id) peer.device.indices.Delete(kp.previous.localIndex)
} }
kp.previous = kp.current kp.previous = kp.current
kp.current = keyPair kp.current = keyPair

View file

@ -75,6 +75,7 @@ func (device *Device) RoutineReceiveIncomming() {
// handle packet // handle packet
packet = packet[:size] packet = packet[:size]
debugLog.Println("GOT:", packet)
msgType := binary.LittleEndian.Uint32(packet[:4]) msgType := binary.LittleEndian.Uint32(packet[:4])
func() { func() {
@ -371,6 +372,8 @@ func (peer *Peer) RoutineSequentialReceiver() {
// check for replay // check for replay
// strip padding
// check for keep-alive // check for keep-alive
if len(elem.packet) == 0 { if len(elem.packet) == 0 {
@ -393,8 +396,6 @@ func (device *Device) RoutineWriteToTUN(tun TUNDevice) {
case packet = <-device.queue.inbound: case packet = <-device.queue.inbound:
} }
device.log.Debug.Println("GOT:", packet)
size, err := tun.Write(packet) size, err := tun.Write(packet)
device.log.Debug.Println("DEBUG:", size, err) device.log.Debug.Println("DEBUG:", size, err)
if err != nil { if err != nil {

View file

@ -171,8 +171,6 @@ func (peer *Peer) RoutineNonce() {
} }
} }
logger.Println("PACKET:", packet)
// wait for key pair // wait for key pair
for { for {
@ -221,8 +219,6 @@ func (peer *Peer) RoutineNonce() {
work.peer = peer work.peer = peer
work.mutex.Lock() work.mutex.Lock()
logger.Println("WORK:", work)
packet = nil packet = nil
// drop packets until there is space // drop packets until there is space
@ -263,7 +259,7 @@ func (device *Device) RoutineEncryption() {
// pad packet // pad packet
padding := device.mtu - len(work.packet) padding := device.mtu - len(work.packet) - MessageTransportSize
if padding < 0 { if padding < 0 {
work.Drop() work.Drop()
continue continue
@ -272,19 +268,30 @@ func (device *Device) RoutineEncryption() {
for n := 0; n < padding; n += 1 { for n := 0; n < padding; n += 1 {
work.packet = append(work.packet, 0) work.packet = append(work.packet, 0)
} }
device.log.Debug.Println(work.packet) content := work.packet[MessageTransportHeaderSize:]
copy(content, work.packet)
// encrypt // prepare header
binary.LittleEndian.PutUint32(work.packet[:4], MessageTransportType)
binary.LittleEndian.PutUint32(work.packet[4:8], work.keyPair.remoteIndex)
binary.LittleEndian.PutUint64(work.packet[8:16], work.nonce)
device.log.Debug.Println(work.packet, work.nonce)
// encrypt content
binary.LittleEndian.PutUint64(nonce[4:], work.nonce) binary.LittleEndian.PutUint64(nonce[4:], work.nonce)
work.packet = work.keyPair.send.Seal( work.keyPair.send.Seal(
work.packet[:0], content[:0],
nonce[:], nonce[:],
work.packet, content,
nil, nil,
) )
work.mutex.Unlock() work.mutex.Unlock()
device.log.Debug.Println(work.packet, work.nonce)
// initiate new handshake // initiate new handshake
work.peer.KeepKeyFreshSending() work.peer.KeepKeyFreshSending()