diff options
| author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-11-18 11:09:19 -0800 |
|---|---|---|
| committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-11-18 11:09:19 -0800 |
| commit | ab4021dd0ee37af0af4137dc772911ea8ec52bb2 (patch) | |
| tree | ddafd96c7f07e8cc540cfeb08f09664999eef554 | |
| parent | 1fcbb1fbedad2d0aff567a0dda84a0985ba063cb (diff) | |
| download | infinitytier-ab4021dd0ee37af0af4137dc772911ea8ec52bb2.tar.gz infinitytier-ab4021dd0ee37af0af4137dc772911ea8ec52bb2.zip | |
Do packet MAC check before locallyValidate(), and add timing measurement in selftest.
| -rw-r--r-- | node/IncomingPacket.cpp | 15 | ||||
| -rw-r--r-- | selftest.cpp | 12 |
2 files changed, 16 insertions, 11 deletions
diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp index c6346346..ee4d62c0 100644 --- a/node/IncomingPacket.cpp +++ b/node/IncomingPacket.cpp @@ -275,7 +275,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut // Continue at // VALID } - } // else continue at // VALID + } // else if alreadyAuthenticated then continue at // VALID } else { // We don't already have an identity with this address -- validate and learn it @@ -285,18 +285,19 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut return true; } + // Check packet integrity and MAC + SharedPtr<Peer> newPeer(new Peer(RR,RR->identity,id)); + if (!dearmor(newPeer->key())) { + TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_path->address().toString().c_str()); + return true; + } + // Check that identity's address is valid as per the derivation function if (!id.locallyValidate()) { TRACE("dropped HELLO from %s(%s): identity invalid",id.address().toString().c_str(),_path->address().toString().c_str()); return true; } - // Check packet integrity and authentication - SharedPtr<Peer> newPeer(new Peer(RR,RR->identity,id)); - if (!dearmor(newPeer->key())) { - TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_path->address().toString().c_str()); - return true; - } peer = RR->topology->addPeer(newPeer); // Continue at // VALID diff --git a/selftest.cpp b/selftest.cpp index 7ca4ac3b..9992d757 100644 --- a/selftest.cpp +++ b/selftest.cpp @@ -376,11 +376,15 @@ static int testIdentity() std::cout << "FAIL (1)" << std::endl; return -1; } - if (!id.locallyValidate()) { - std::cout << "FAIL (2)" << std::endl; - return -1; + const uint64_t vst = OSUtils::now(); + for(int k=0;k<10;++k) { + if (!id.locallyValidate()) { + std::cout << "FAIL (2)" << std::endl; + return -1; + } } - std::cout << "PASS" << std::endl; + const uint64_t vet = OSUtils::now(); + std::cout << "PASS (" << ((double)(vet - vst) / 10.0) << "ms per validation)" << std::endl; std::cout << "[identity] Validate known-bad identity... "; std::cout.flush(); if (!id.fromString(KNOWN_BAD_IDENTITY)) { |