i2pd/libi2pd/LeaseSet.cpp

499 lines
16 KiB
C++
Raw Normal View History

2014-12-31 17:14:53 +03:00
#include <string.h>
2014-01-15 05:57:33 +04:00
#include "I2PEndian.h"
2015-11-03 17:15:49 +03:00
#include "Crypto.h"
2013-11-25 03:10:27 +04:00
#include "Log.h"
2014-01-15 05:57:33 +04:00
#include "Timestamp.h"
#include "NetDb.hpp"
2016-05-25 21:17:34 +03:00
#include "Tunnel.h"
2013-11-25 03:10:27 +04:00
#include "LeaseSet.h"
namespace i2p
{
namespace data
{
2018-01-06 06:48:51 +03:00
2018-12-21 23:00:03 +03:00
LeaseSet::LeaseSet ():
m_IsValid (false), m_StoreLeases (false), m_ExpirationTime (0), m_Buffer (nullptr), m_BufferLen (0)
{
}
2016-02-08 03:45:06 +03:00
LeaseSet::LeaseSet (const uint8_t * buf, size_t len, bool storeLeases):
m_IsValid (true), m_StoreLeases (storeLeases), m_ExpirationTime (0)
2013-11-25 03:10:27 +04:00
{
2015-04-08 16:39:02 +03:00
m_Buffer = new uint8_t[len];
2014-07-29 21:44:54 +04:00
memcpy (m_Buffer, buf, len);
m_BufferLen = len;
ReadFromBuffer ();
}
2018-01-25 18:32:08 +03:00
void LeaseSet::Update (const uint8_t * buf, size_t len, bool verifySignature)
2018-01-06 06:48:51 +03:00
{
2015-04-08 16:39:02 +03:00
if (len > m_BufferLen)
{
auto oldBuffer = m_Buffer;
m_Buffer = new uint8_t[len];
delete[] oldBuffer;
2018-01-06 06:48:51 +03:00
}
2014-07-29 21:44:54 +04:00
memcpy (m_Buffer, buf, len);
m_BufferLen = len;
2018-01-25 18:32:08 +03:00
ReadFromBuffer (false, verifySignature);
2014-07-22 04:14:11 +04:00
}
2016-02-08 03:45:06 +03:00
void LeaseSet::PopulateLeases ()
{
m_StoreLeases = true;
ReadFromBuffer (false);
2018-01-06 06:48:51 +03:00
}
2018-01-25 18:09:34 +03:00
void LeaseSet::ReadFromBuffer (bool readIdentity, bool verifySignature)
2018-01-06 06:48:51 +03:00
{
2015-11-03 17:15:49 +03:00
if (readIdentity || !m_Identity)
m_Identity = std::make_shared<IdentityEx>(m_Buffer, m_BufferLen);
size_t size = m_Identity->GetFullLen ();
2016-02-02 19:55:38 +03:00
if (size > m_BufferLen)
{
LogPrint (eLogError, "LeaseSet: identity length ", size, " exceeds buffer size ", m_BufferLen);
m_IsValid = false;
return;
}
memcpy (m_EncryptionKey, m_Buffer + size, 256);
size += 256; // encryption key
2015-11-03 17:15:49 +03:00
size += m_Identity->GetSigningPublicKeyLen (); // unused signing key
uint8_t num = m_Buffer[size];
size++; // num
2015-12-18 17:08:23 +03:00
LogPrint (eLogDebug, "LeaseSet: read num=", (int)num);
2016-02-02 19:55:38 +03:00
if (!num || num > MAX_NUM_LEASES)
2018-01-06 06:48:51 +03:00
{
2016-02-02 19:55:38 +03:00
LogPrint (eLogError, "LeaseSet: incorrect number of leases", (int)num);
m_IsValid = false;
return;
2018-01-06 06:48:51 +03:00
}
2013-11-25 03:10:27 +04:00
2016-08-05 21:23:54 +03:00
// reset existing leases
2016-02-09 23:27:23 +03:00
if (m_StoreLeases)
2016-08-05 21:23:54 +03:00
for (auto& it: m_Leases)
it->isUpdated = false;
2018-01-06 06:48:51 +03:00
else
2016-02-09 23:27:23 +03:00
m_Leases.clear ();
// process leases
2016-02-08 03:45:06 +03:00
m_ExpirationTime = 0;
2016-02-10 06:42:01 +03:00
auto ts = i2p::util::GetMillisecondsSinceEpoch ();
const uint8_t * leases = m_Buffer + size;
for (int i = 0; i < num; i++)
2013-11-25 03:10:27 +04:00
{
2014-12-31 17:14:53 +03:00
Lease lease;
2015-03-23 19:55:42 +03:00
lease.tunnelGateway = leases;
leases += 32; // gateway
lease.tunnelID = bufbe32toh (leases);
leases += 4; // tunnel ID
2018-01-06 06:48:51 +03:00
lease.endDate = bufbe64toh (leases);
2015-03-23 19:55:42 +03:00
leases += 8; // end date
2019-01-02 23:40:48 +03:00
UpdateLease (lease, ts);
2018-01-06 06:48:51 +03:00
}
2016-02-15 02:30:07 +03:00
if (!m_ExpirationTime)
2016-02-10 06:42:01 +03:00
{
LogPrint (eLogWarning, "LeaseSet: all leases are expired. Dropped");
m_IsValid = false;
return;
2018-01-06 06:48:51 +03:00
}
2016-02-15 02:30:07 +03:00
m_ExpirationTime += LEASE_ENDDATE_THRESHOLD;
2018-01-06 06:48:51 +03:00
// delete old leases
2016-02-09 23:27:23 +03:00
if (m_StoreLeases)
2018-01-06 06:48:51 +03:00
{
2016-02-09 23:27:23 +03:00
for (auto it = m_Leases.begin (); it != m_Leases.end ();)
2018-01-06 06:48:51 +03:00
{
2016-02-09 23:27:23 +03:00
if (!(*it)->isUpdated)
{
(*it)->endDate = 0; // somebody might still hold it
m_Leases.erase (it++);
2018-01-06 06:48:51 +03:00
}
2016-02-09 23:27:23 +03:00
else
2016-08-05 21:23:54 +03:00
++it;
2016-02-09 23:27:23 +03:00
}
}
2014-01-09 07:47:22 +04:00
// verify
2018-01-25 18:09:34 +03:00
if (verifySignature && !m_Identity->Verify (m_Buffer, leases - m_Buffer, leases))
2015-04-08 17:34:16 +03:00
{
2015-12-18 17:08:23 +03:00
LogPrint (eLogWarning, "LeaseSet: verification failed");
2015-04-08 17:34:16 +03:00
m_IsValid = false;
}
2018-01-06 06:48:51 +03:00
}
2016-02-17 06:57:38 +03:00
2019-01-02 23:40:48 +03:00
void LeaseSet::UpdateLease (const Lease& lease, uint64_t ts)
{
if (ts < lease.endDate + LEASE_ENDDATE_THRESHOLD)
{
if (lease.endDate > m_ExpirationTime)
m_ExpirationTime = lease.endDate;
if (m_StoreLeases)
{
auto ret = m_Leases.insert (std::make_shared<Lease>(lease));
if (!ret.second) (*ret.first)->endDate = lease.endDate; // update existing
(*ret.first)->isUpdated = true;
// check if lease's gateway is in our netDb
if (!netdb.FindRouter (lease.tunnelGateway))
{
// if not found request it
LogPrint (eLogInfo, "LeaseSet: Lease's tunnel gateway not found, requesting");
netdb.RequestDestination (lease.tunnelGateway);
}
}
}
else
LogPrint (eLogWarning, "LeaseSet: Lease is expired already ");
}
2018-01-26 22:33:06 +03:00
uint64_t LeaseSet::ExtractTimestamp (const uint8_t * buf, size_t len) const
2016-02-17 06:57:38 +03:00
{
if (!m_Identity) return 0;
size_t size = m_Identity->GetFullLen ();
if (size > len) return 0;
size += 256; // encryption key
size += m_Identity->GetSigningPublicKeyLen (); // unused signing key
if (size > len) return 0;
2018-01-26 22:33:06 +03:00
uint8_t num = buf[size];
2016-02-17 06:57:38 +03:00
size++; // num
2016-05-25 21:17:34 +03:00
if (size + num*LEASE_SIZE > len) return 0;
2016-02-17 06:57:38 +03:00
uint64_t timestamp= 0 ;
for (int i = 0; i < num; i++)
{
size += 36; // gateway (32) + tunnelId(4)
2018-01-06 06:48:51 +03:00
auto endDate = bufbe64toh (buf + size);
2016-02-17 06:57:38 +03:00
size += 8; // end date
if (!timestamp || endDate < timestamp)
timestamp = endDate;
2018-01-06 06:48:51 +03:00
}
2016-02-17 06:57:38 +03:00
return timestamp;
2018-01-06 06:48:51 +03:00
}
2016-02-17 06:57:38 +03:00
bool LeaseSet::IsNewer (const uint8_t * buf, size_t len) const
{
2018-01-26 22:33:06 +03:00
return ExtractTimestamp (buf, len) > ExtractTimestamp (m_Buffer, m_BufferLen);
2018-01-06 06:48:51 +03:00
}
bool LeaseSet::ExpiresSoon(const uint64_t dlt, const uint64_t fudge) const
{
auto now = i2p::util::GetMillisecondsSinceEpoch ();
if (fudge) now += rand() % fudge;
if (now >= m_ExpirationTime) return true;
return m_ExpirationTime - now <= dlt;
}
const std::vector<std::shared_ptr<const Lease> > LeaseSet::GetNonExpiredLeases (bool withThreshold) const
{
return GetNonExpiredLeasesExcluding( [] (const Lease & l) -> bool { return false; }, withThreshold);
}
2018-01-06 06:48:51 +03:00
const std::vector<std::shared_ptr<const Lease> > LeaseSet::GetNonExpiredLeasesExcluding (LeaseInspectFunc exclude, bool withThreshold) const
2014-01-15 05:57:33 +04:00
{
auto ts = i2p::util::GetMillisecondsSinceEpoch ();
2016-02-11 06:51:08 +03:00
std::vector<std::shared_ptr<const Lease> > leases;
2016-08-05 21:23:54 +03:00
for (const auto& it: m_Leases)
2015-03-26 17:30:29 +03:00
{
2016-02-09 18:46:27 +03:00
auto endDate = it->endDate;
2016-02-15 02:30:07 +03:00
if (withThreshold)
endDate += LEASE_ENDDATE_THRESHOLD;
else
endDate -= LEASE_ENDDATE_THRESHOLD;
if (ts < endDate && !exclude(*it))
2014-03-23 17:25:16 +04:00
leases.push_back (it);
2018-01-06 06:48:51 +03:00
}
return leases;
}
2014-01-15 05:57:33 +04:00
bool LeaseSet::HasExpiredLeases () const
2018-01-06 07:01:44 +03:00
{
2014-01-15 05:57:33 +04:00
auto ts = i2p::util::GetMillisecondsSinceEpoch ();
2016-08-05 21:23:54 +03:00
for (const auto& it: m_Leases)
2016-02-09 18:46:27 +03:00
if (ts >= it->endDate) return true;
2014-01-15 05:57:33 +04:00
return false;
2018-01-06 07:01:44 +03:00
}
2014-01-15 05:57:33 +04:00
2016-02-08 03:45:06 +03:00
bool LeaseSet::IsExpired () const
2014-01-15 05:57:33 +04:00
{
2016-07-01 00:21:18 +03:00
if (m_StoreLeases && IsEmpty ()) return true;
2014-01-15 05:57:33 +04:00
auto ts = i2p::util::GetMillisecondsSinceEpoch ();
2016-02-08 03:45:06 +03:00
return ts > m_ExpirationTime;
2016-05-25 21:17:34 +03:00
}
void LeaseSet::Encrypt (const uint8_t * data, uint8_t * encrypted, BN_CTX * ctx) const
{
auto encryptor = m_Identity->CreateEncryptor (m_EncryptionKey);
if (encryptor)
encryptor->Encrypt (data, encrypted, ctx, true);
}
2018-12-21 23:00:03 +03:00
void LeaseSet::SetBuffer (const uint8_t * buf, size_t len)
{
if (m_Buffer) delete[] m_Buffer;
m_Buffer = new uint8_t[len];
m_BufferLen = len;
memcpy (m_Buffer, buf, len);
}
LeaseSet2::LeaseSet2 (uint8_t storeType, const uint8_t * buf, size_t len):
m_StoreType (storeType)
{
2018-12-21 23:00:03 +03:00
SetBuffer (buf, len);
2019-01-08 19:26:50 +03:00
if (storeType == NETDB_STORE_TYPE_ENCRYPTED_LEASESET2)
ReadFromBufferEncrypted (buf, len);
else
ReadFromBuffer (buf, len);
2018-12-21 23:00:03 +03:00
}
void LeaseSet2::ReadFromBuffer (const uint8_t * buf, size_t len)
2018-12-21 23:00:03 +03:00
{
2019-01-02 22:19:10 +03:00
// standard LS2 header
2018-12-21 23:00:03 +03:00
auto identity = std::make_shared<IdentityEx>(buf, len);
SetIdentity (identity);
size_t offset = identity->GetFullLen ();
2019-01-08 19:26:50 +03:00
if (offset + 8 >= len) return;
2018-12-21 23:00:03 +03:00
uint32_t timestamp = bufbe32toh (buf + offset); offset += 4; // published timestamp (seconds)
uint16_t expires = bufbe16toh (buf + offset); offset += 2; // expires (seconds)
SetExpirationTime ((timestamp + expires)*1000LL); // in milliseconds
2018-12-31 22:23:48 +03:00
uint16_t flags = bufbe16toh (buf + offset); offset += 2; // flags
2019-01-02 01:00:37 +03:00
std::unique_ptr<i2p::crypto::Verifier> offlineVerifier;
if (flags & 0x0001)
{
// offline key
2019-01-02 17:43:18 +03:00
if (offset + 6 >= len) return;
const uint8_t * signedData = buf + offset;
offset += 4; // expires timestamp
2019-01-02 01:00:37 +03:00
uint16_t keyType = bufbe16toh (buf + offset); offset += 2;
offlineVerifier.reset (i2p::data::IdentityEx::CreateVerifier (keyType));
if (!offlineVerifier) return;
auto keyLen = offlineVerifier->GetPublicKeyLen ();
if (offset + keyLen >= len) return;
offlineVerifier->SetPublicKey (buf + offset); offset += keyLen;
2019-01-08 19:26:50 +03:00
if (offset + identity->GetSignatureLen () >= len) return;
2019-01-02 17:43:18 +03:00
if (!identity->Verify (signedData, keyLen + 6, buf + offset)) return;
2019-01-08 19:26:50 +03:00
offset += identity->GetSignatureLen ();
2019-01-02 01:00:37 +03:00
}
2019-01-02 22:19:10 +03:00
// type specific part
size_t s = 0;
switch (m_StoreType)
{
case NETDB_STORE_TYPE_STANDARD_LEASESET2:
s = ReadStandardLS2TypeSpecificPart (buf + offset, len - offset);
break;
case NETDB_STORE_TYPE_META_LEASESET2:
s = ReadMetaLS2TypeSpecificPart (buf + offset, len - offset);
break;
default:
LogPrint (eLogWarning, "LeaseSet2: Unexpected store type ", (int)m_StoreType);
}
if (!s) return;
offset += s;
// verify signature
2019-01-08 19:26:50 +03:00
bool verified = offlineVerifier ? VerifySignature (offlineVerifier, buf, len, offset) :
VerifySignature (identity, buf, len, offset);
SetIsValid (verified);
}
template<typename Verifier>
bool LeaseSet2::VerifySignature (Verifier& verifier, const uint8_t * buf, size_t len, size_t signatureOffset)
{
if (signatureOffset + verifier->GetSignatureLen () > len) return false;
uint8_t * buf1 = new uint8_t[signatureOffset + 1];
2019-01-02 22:19:10 +03:00
buf1[0] = m_StoreType;
2019-01-08 19:26:50 +03:00
memcpy (buf1 + 1, buf, signatureOffset); // TODO: implement it better
bool verified = verifier->Verify (buf1, signatureOffset + 1, buf + signatureOffset);
2019-01-02 22:19:10 +03:00
delete[] buf1;
if (!verified)
LogPrint (eLogWarning, "LeaseSet2: verification failed");
2019-01-08 19:26:50 +03:00
return verified;
2019-01-02 22:19:10 +03:00
}
size_t LeaseSet2::ReadStandardLS2TypeSpecificPart (const uint8_t * buf, size_t len)
{
size_t offset = 0;
// properties
uint16_t propertiesLen = bufbe16toh (buf + offset); offset += 2;
offset += propertiesLen; // skip for now. TODO: implement properties
2019-01-02 22:19:10 +03:00
if (offset + 1 >= len) return 0;
// key sections
2019-01-02 01:00:37 +03:00
int numKeySections = buf[offset]; offset++;
for (int i = 0; i < numKeySections; i++)
{
// skip key for now. TODO: implement encryption key
offset += 2; // encryption key type
2019-01-02 22:19:10 +03:00
if (offset + 2 >= len) return 0;
uint16_t encryptionKeyLen = bufbe16toh (buf + offset); offset += 2;
offset += encryptionKeyLen;
2019-01-02 22:19:10 +03:00
if (offset >= len) return 0;
}
// leases
2019-01-02 22:19:10 +03:00
if (offset + 1 >= len) return 0;
int numLeases = buf[offset]; offset++;
2019-01-02 23:40:48 +03:00
auto ts = i2p::util::GetMillisecondsSinceEpoch ();
2019-01-02 22:19:10 +03:00
for (int i = 0; i < numLeases; i++)
{
if (offset + 40 > len) return 0;
2019-01-02 23:40:48 +03:00
Lease lease;
lease.tunnelGateway = buf + offset; offset += 32; // gateway
lease.tunnelID = bufbe32toh (buf + offset); offset += 4; // tunnel ID
lease.endDate = bufbe32toh (buf + offset)*1000LL; offset += 4; // end date
UpdateLease (lease, ts);
2019-01-02 22:19:10 +03:00
}
return offset;
}
size_t LeaseSet2::ReadMetaLS2TypeSpecificPart (const uint8_t * buf, size_t len)
{
size_t offset = 0;
// properties
uint16_t propertiesLen = bufbe16toh (buf + offset); offset += 2;
offset += propertiesLen; // skip for now. TODO: implement properties
// entries
if (offset + 1 >= len) return 0;
int numEntries = buf[offset]; offset++;
for (int i = 0; i < numEntries; i++)
{
if (offset + 40 >= len) return 0;
offset += 32; // hash
offset += 3; // flags
offset += 1; // cost
offset += 4; // expires
}
// revocations
if (offset + 1 >= len) return 0;
int numRevocations = buf[offset]; offset++;
for (int i = 0; i < numRevocations; i++)
{
if (offset + 32 > len) return 0;
offset += 32; // hash
}
return offset;
2018-12-21 23:00:03 +03:00
}
2019-01-08 19:26:50 +03:00
void LeaseSet2::ReadFromBufferEncrypted (const uint8_t * buf, size_t len)
{
size_t offset = 0;
// blinded key
uint16_t blindedKeyType = bufbe16toh (buf + offset); offset += 2;
std::unique_ptr<i2p::crypto::Verifier> blindedVerifier (i2p::data::IdentityEx::CreateVerifier (blindedKeyType));
if (!blindedVerifier) return;
auto blindedKeyLen = blindedVerifier->GetPublicKeyLen ();
if (offset + blindedKeyLen >= len) return;
blindedVerifier->SetPublicKey (buf + offset); offset += blindedKeyLen;
// expiration
if (offset + 8 >= len) return;
uint32_t timestamp = bufbe32toh (buf + offset); offset += 4; // published timestamp (seconds)
uint16_t expires = bufbe16toh (buf + offset); offset += 2; // expires (seconds)
SetExpirationTime ((timestamp + expires)*1000LL); // in milliseconds
uint16_t flags = bufbe16toh (buf + offset); offset += 2; // flags
std::unique_ptr<i2p::crypto::Verifier> offlineVerifier;
if (flags & 0x0001)
{
// offline key
if (offset + 6 >= len) return;
const uint8_t * signedData = buf + offset;
offset += 4; // expires timestamp
uint16_t keyType = bufbe16toh (buf + offset); offset += 2;
offlineVerifier.reset (i2p::data::IdentityEx::CreateVerifier (keyType));
if (!offlineVerifier) return;
auto keyLen = offlineVerifier->GetPublicKeyLen ();
if (offset + keyLen >= len) return;
offlineVerifier->SetPublicKey (buf + offset); offset += keyLen;
if (offset + blindedVerifier->GetSignatureLen () >= len) return;
if (!blindedVerifier->Verify (signedData, keyLen + 6, buf + offset)) return;
offset += blindedVerifier->GetSignatureLen ();
}
// outer ciphertext
if (offset + 2 > len) return;
uint16_t lenOuterCiphertext = bufbe16toh (buf + offset); offset += 2 + lenOuterCiphertext;
// verify signature
bool verified = offlineVerifier ? VerifySignature (offlineVerifier, buf, len, offset) :
VerifySignature (blindedVerifier, buf, len, offset);
SetIsValid (verified);
}
2016-05-25 21:17:34 +03:00
LocalLeaseSet::LocalLeaseSet (std::shared_ptr<const IdentityEx> identity, const uint8_t * encryptionPublicKey, std::vector<std::shared_ptr<i2p::tunnel::InboundTunnel> > tunnels):
2016-05-25 22:10:28 +03:00
m_ExpirationTime (0), m_Identity (identity)
2016-05-25 21:17:34 +03:00
{
int num = tunnels.size ();
if (num > MAX_NUM_LEASES) num = MAX_NUM_LEASES;
// identity
2016-05-26 00:41:24 +03:00
auto signingKeyLen = m_Identity->GetSigningPublicKeyLen ();
2018-01-06 06:48:51 +03:00
m_BufferLen = m_Identity->GetFullLen () + 256 + signingKeyLen + 1 + num*LEASE_SIZE + m_Identity->GetSignatureLen ();
m_Buffer = new uint8_t[m_BufferLen];
2016-05-25 21:17:34 +03:00
auto offset = m_Identity->ToBuffer (m_Buffer, m_BufferLen);
memcpy (m_Buffer + offset, encryptionPublicKey, 256);
offset += 256;
memset (m_Buffer + offset, 0, signingKeyLen);
offset += signingKeyLen;
// num leases
2018-01-06 06:48:51 +03:00
m_Buffer[offset] = num;
2016-05-25 21:17:34 +03:00
offset++;
// leases
2016-05-29 23:35:57 +03:00
m_Leases = m_Buffer + offset;
2016-05-25 21:17:34 +03:00
auto currentTime = i2p::util::GetMillisecondsSinceEpoch ();
for (int i = 0; i < num; i++)
{
memcpy (m_Buffer + offset, tunnels[i]->GetNextIdentHash (), 32);
offset += 32; // gateway id
htobe32buf (m_Buffer + offset, tunnels[i]->GetNextTunnelID ());
offset += 4; // tunnel id
uint64_t ts = tunnels[i]->GetCreationTime () + i2p::tunnel::TUNNEL_EXPIRATION_TIMEOUT - i2p::tunnel::TUNNEL_EXPIRATION_THRESHOLD; // 1 minute before expiration
ts *= 1000; // in milliseconds
2016-05-25 22:10:28 +03:00
if (ts > m_ExpirationTime) m_ExpirationTime = ts;
2016-05-25 21:17:34 +03:00
// make sure leaseset is newer than previous, but adding some time to expiration date
ts += (currentTime - tunnels[i]->GetCreationTime ()*1000LL)*2/i2p::tunnel::TUNNEL_EXPIRATION_TIMEOUT; // up to 2 secs
htobe64buf (m_Buffer + offset, ts);
offset += 8; // end date
}
// we don't sign it yet. must be signed later on
2016-05-25 22:10:28 +03:00
}
2016-05-25 21:17:34 +03:00
2016-05-30 19:56:42 +03:00
LocalLeaseSet::LocalLeaseSet (std::shared_ptr<const IdentityEx> identity, const uint8_t * buf, size_t len):
m_ExpirationTime (0), m_Identity (identity)
{
m_BufferLen = len;
m_Buffer = new uint8_t[m_BufferLen];
2018-01-06 06:48:51 +03:00
memcpy (m_Buffer, buf, len);
2016-05-30 19:56:42 +03:00
}
2016-05-25 22:10:28 +03:00
bool LocalLeaseSet::IsExpired () const
2016-05-25 21:17:34 +03:00
{
2016-05-25 22:10:28 +03:00
auto ts = i2p::util::GetMillisecondsSinceEpoch ();
return ts > m_ExpirationTime;
2018-01-06 06:48:51 +03:00
}
bool LeaseSetBufferValidate(const uint8_t * ptr, size_t sz, uint64_t & expires)
{
IdentityEx ident(ptr, sz);
size_t size = ident.GetFullLen ();
if (size > sz)
{
LogPrint (eLogError, "LeaseSet: identity length ", size, " exceeds buffer size ", sz);
return false;
}
// encryption key
size += 256;
// signing key (unused)
size += ident.GetSigningPublicKeyLen ();
uint8_t numLeases = ptr[size];
++size;
if (!numLeases || numLeases > MAX_NUM_LEASES)
{
LogPrint (eLogError, "LeaseSet: incorrect number of leases", (int)numLeases);
return false;
}
const uint8_t * leases = ptr + size;
expires = 0;
/** find lease with the max expiration timestamp */
for (int i = 0; i < numLeases; i++)
{
leases += 36; // gateway + tunnel ID
uint64_t endDate = bufbe64toh (leases);
leases += 8; // end date
if(endDate > expires)
expires = endDate;
}
return ident.Verify(ptr, leases - ptr, leases);
}
2018-01-06 06:48:51 +03:00
}
}