The unified diff between revisions [3c57b646..] and [1fc0f639..] is displayed below. It can also be downloaded as a raw diff.
#
#
# patch "ChangeLog"
# from [1a92ac866998074c2b9d6e2795fe322656a4666b]
# to [d854a64fa2a6f8ca24e19f020336fb28d7d14204]
#
# patch "constants.cc"
# from [2258f6165b6db8f8c952f97aaacf0addbbed060f]
# to [7f9f28b1ee2c9caea3e9fef7b45ade9f406f3170]
#
# patch "netcmd.cc"
# from [3556111073d4b6be8c066608d4f078ce9bb367a3]
# to [153d5459fc8f72fe6d0e5cdef30c16233ed00b33]
#
============================================================
--- ChangeLog 1a92ac866998074c2b9d6e2795fe322656a4666b
+++ ChangeLog d854a64fa2a6f8ca24e19f020336fb28d7d14204
@@ -1,3 +1,8 @@
+2005-06-24 Matt Johnston <matt@ucc.asn.au>
+
+ * constants.cc: netcmd_minsz should be increased with hmacs
+ * netcmd.cc: update to hmac the entire packet
+
2005-06-22 Nathaniel Smith <njs@codesourcery.com>
* netcmd.hh (netcmd::read, netcmd::write): Don't have defaults for
============================================================
--- constants.cc 2258f6165b6db8f8c952f97aaacf0addbbed060f
+++ constants.cc 7f9f28b1ee2c9caea3e9fef7b45ade9f406f3170
@@ -149,7 +149,7 @@ namespace constants
size_t const netcmd_minsz = (1 // version
+ 1 // cmd code
+ 1 // smallest uleb possible
- + 4); // adler32
+ + 20); // hmac
// allow payloads up to 256 megs (this sets the in-practice maximum size of
// a compressed file/manifest).
============================================================
--- netcmd.cc 3556111073d4b6be8c066608d4f078ce9bb367a3
+++ netcmd.cc 153d5459fc8f72fe6d0e5cdef30c16233ed00b33
@@ -164,10 +164,26 @@ netcmd::read(string & inbuf, netsync_ses
// out.payload = extract_substring(inbuf, pos, payload_len, "netcmd payload");
// Do this ourselves, so we can swap the strings instead of copying.
require_bytes(inbuf, pos, payload_len, "netcmd payload");
+
+ // hmac the data chunk before we alter the buffer
+ I(key().size() == CryptoPP::SHA::DIGESTSIZE);
+ I(key().size() == hmac_val().size());
+ byte keybuf[CryptoPP::SHA::DIGESTSIZE];
+ for (size_t i = 0; i < sizeof(keybuf); i++)
+ {
+ keybuf[i] = key()[i] ^ hmac_val()[i];
+ }
+ char digest_buf[CryptoPP::SHA::DIGESTSIZE];
+ CryptoPP::HMAC<CryptoPP::SHA> hmac(keybuf, sizeof(keybuf));
+ hmac.CalculateDigest(reinterpret_cast<byte *>(digest_buf),
+ reinterpret_cast<const byte *>(inbuf.data()),
+ inbuf.size() - CryptoPP::SHA::DIGESTSIZE);
+
inbuf.erase(0, pos);
pos = payload_len;
string cmd_digest = extract_substring(inbuf, pos, CryptoPP::SHA::DIGESTSIZE,
"netcmd HMAC");
+ I(pos == inbuf.size());
inbuf.resize(payload_len);
inbuf.swap(payload);
@@ -178,18 +194,6 @@ netcmd::read(string & inbuf, netsync_ses
length_len = 0;
// they might have given us bogus data
- I(key().size() == CryptoPP::SHA::DIGESTSIZE);
- I(key().size() == hmac_val().size());
- byte keybuf[CryptoPP::SHA::DIGESTSIZE];
- for (size_t i = 0; i < sizeof(keybuf); i++)
- {
- keybuf[i] = key()[i] ^ hmac_val()[i];
- }
- CryptoPP::HMAC<CryptoPP::SHA> hmac(keybuf, sizeof(keybuf));
- char digest_buf[CryptoPP::SHA::DIGESTSIZE];
- hmac.CalculateDigest(reinterpret_cast<byte *>(digest_buf),
- reinterpret_cast<const byte *>(payload.data()),
- payload.size());
string digest(digest_buf, sizeof(digest_buf));
if (cmd_digest != digest)
throw bad_decode(F("bad HMAC %s vs. %s") % encode_hexenc(cmd_digest)