|
|
@ -75,7 +75,7 @@ int8_t packet_header_decrypt_if_required (uint8_t packet[], uint16_t packet_len, |
|
|
|
// changes to wire.c:encode/decode_common need to go together with this code
|
|
|
|
if ( (packet[19] == (uint8_t)0x00) // null terminated community name
|
|
|
|
&& (packet[00] == N2N_PKT_VERSION) // correct packet version
|
|
|
|
// && (packet[01] <= N2N_DEFAULT_TTL) // reasonable TTL -- might interfere with hole-punching-related or cli passed higher values ?!
|
|
|
|
// && (packet[01] <= N2N_DEFAULT_TTL) // reasonable TTL -- might interfere with hole-punching-related or cli passed higher values ?!
|
|
|
|
&& ((be16toh (*(uint16_t*)&(packet[02])) & N2N_FLAGS_TYPE_MASK ) <= MSG_TYPE_MAX_TYPE ) // message type
|
|
|
|
&& ( be16toh (*(uint16_t*)&(packet[02])) < N2N_FLAGS_OPTIONS) // flags
|
|
|
|
) { |
|
|
@ -115,19 +115,18 @@ int8_t packet_header_decrypt_if_required (uint8_t packet[], uint16_t packet_len, |
|
|
|
|
|
|
|
|
|
|
|
int32_t packet_header_encrypt (uint8_t packet[], uint8_t header_len, he_context_t * ctx) { |
|
|
|
uint8_t iv[16]; |
|
|
|
uint64_t *iv64 = (uint64_t*)&iv; |
|
|
|
const uint32_t magic = 0x006E326E; |
|
|
|
|
|
|
|
if (header_len < 20) |
|
|
|
return (-1); |
|
|
|
|
|
|
|
memcpy (&packet[16], &packet[00], 4); |
|
|
|
|
|
|
|
uint8_t iv[16]; |
|
|
|
((uint64_t*)iv)[0] = n2n_rand (); |
|
|
|
((uint64_t*)iv)[1] = n2n_rand (); |
|
|
|
|
|
|
|
const uint32_t magic = 0x006E326E; |
|
|
|
((uint32_t*)iv)[3] = htobe32 (magic); |
|
|
|
|
|
|
|
iv64[0] = n2n_rand(); |
|
|
|
iv64[1] = n2n_rand(); |
|
|
|
iv64[3] = htobe32(magic); |
|
|
|
iv[12] = header_len; |
|
|
|
|
|
|
|
speck_he (&packet[12], &packet[12], header_len - 12, iv, (speck_context_t*)ctx); |
|
|
|