Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixed problem with encryption decision and status report on encryption failure. #318

Merged
merged 17 commits into from
Apr 4, 2018
Merged

Fixed problem with encryption decision and status report on encryption failure. #318

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
17 commits
Select commit Hold shift + click to select a range
c7b410b
Added check to deny sending if encryption required and not possible.
Mar 23, 2018
97c5e9a
Added encryption check also for sendfile
Mar 23, 2018
aff648e
Fixed bug: KMREQ did not fill the state when failure
Mar 26, 2018
3e2afce
Added fake context creation when KMX failure. This is to make the pay…
Mar 26, 2018
fd8de36
Fixed incorrect status report when no passphrase
Mar 26, 2018
fb5bd8c
Refactored KM state and defined state change properly.
Mar 27, 2018
93d561c
Added more logs. Removed unused function
Mar 27, 2018
4203b1c
Fixed bug: recv KMREQ when Agent has no pw still processes KMX. Added…
Mar 27, 2018
0ee6dd0
Fixed incorrectly set states on UNSECURED and NOSECRET KMREQ failure …
Mar 27, 2018
143aca6
Fixed build break after adding logging to crypto.h
Mar 28, 2018
240b458
Added reading separate SND and RCV kmstate for testing
Mar 28, 2018
60bbc54
Fixed mistaken fallthru in UNSECURED KMREQ
Mar 28, 2018
324a59b
Updating SndKmLen even if password is not set. This makes PBKEYLEN re…
Mar 28, 2018
22fcc92
CHANGES IS SRT PROTOCOL. Added advertising PBKEYLEN in early handshak…
Mar 29, 2018
bc541ff
Removed app-enforced pbkeylen=16 when setting pw. Added logging aroun…
Mar 29, 2018
e40582a
Fixed advertising PBKEYLEN in URQ_WAVEAHAND hs message. Fixed some logs.
Mar 29, 2018
ea6be66
Fixed bug: checking if encryption required should check only secret l…
Mar 29, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions apps/socketoptions.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,11 +19,13 @@ SocketOption::Mode SrtConfigurePre(SRTSOCKET socket, string host, map<string, st

if ( options.count("passphrase") )
{
/*
// Insert default
if ( options.count("pbkeylen") == 0 )
{
options["pbkeylen"] = "16"; // m_output_direction ? "16" : "0";
}
*/
}

SocketOption::Mode mode;
Expand Down
13 changes: 11 additions & 2 deletions srtcore/buffer.cpp
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -360,7 +360,7 @@ int CSndBuffer::addBufferFromFile(fstream& ifs, int len)
return total;
}

int CSndBuffer::readData(char** data, int32_t& msgno_bitset, uint64_t& srctime, unsigned kflgs)
int CSndBuffer::readData(char** data, int32_t& msgno_bitset, uint64_t& srctime, int kflgs)
{
// No data to read
if (m_pCurrBlock == m_pLastBlock)
Expand Down Expand Up @@ -393,7 +393,16 @@ int CSndBuffer::readData(char** data, int32_t& msgno_bitset, uint64_t& srctime,
// extracting from here, but when the packet is stored into CSndBuffer. The appropriate
// flags for PH_MSGNO will be applied directly there. Then here the value for setting
// PH_MSGNO will be set as is.
m_pCurrBlock->m_iMsgNoBitset |= MSGNO_ENCKEYSPEC::wrap(kflgs);

if (kflgs == -1)
{
HLOGC(dlog.Debug, log << CONID() << " CSndBuffer: ERROR: encryption required and not possible. NOT SENDING.");
readlen = 0;
}
else
{
m_pCurrBlock->m_iMsgNoBitset |= MSGNO_ENCKEYSPEC::wrap(kflgs);
}
msgno_bitset = m_pCurrBlock->m_iMsgNoBitset;

srctime =
Expand Down
2 changes: 1 addition & 1 deletion srtcore/buffer.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,7 +105,7 @@ class CSndBuffer
/// @param [in] kflags Odd|Even crypto key flag
/// @return Actual length of data read.

int readData(char** data, int32_t& msgno, uint64_t& origintime, unsigned kflgs);
int readData(char** data, int32_t& msgno, uint64_t& origintime, int kflgs);


/// Find data position to pack a DATA packet for a retransmission.
Expand Down
312 changes: 214 additions & 98 deletions srtcore/core.cpp
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 2 additions & 0 deletions srtcore/core.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -334,6 +334,7 @@ class CUDT
EConnectStatus processAsyncConnectResponse(const CPacket& pkt) ATR_NOEXCEPT;
bool processAsyncConnectRequest(EConnectStatus cst, const CPacket& response, const sockaddr* serv_addr);

void checkUpdateCryptoKeyLen(const char* loghdr, int32_t typefield);

size_t fillSrtHandshake_HSREQ(uint32_t* srtdata, size_t srtlen, int hs_version);
size_t fillSrtHandshake_HSRSP(uint32_t* srtdata, size_t srtlen, int hs_version);
Expand Down Expand Up @@ -545,6 +546,7 @@ class CUDT

// XXX Consider removing them. The m_bDataSender may stay here
// in order to maintain the HS side selection in HSv4.
// m_bTwoWayData is unused.
bool m_bDataSender;
bool m_bTwoWayData;

Expand Down
Loading