fumiama/WireGold
1
0
Fork 0
mirror of https://github.com/fumiama/WireGold.git synced 2026-06-25 05:20:15 +08:00
Code Activity

增加抗重放攻击

Browse Source
This commit is contained in:
源文雨
2022-05-15 23:08:29 +08:00
parent 90a1b5f3e4
commit 764d0f61d6
4 changed files with 26 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
gold/link/listen.go
View File

@@ -40,7 +40,7 @@ func (m *Me) listenthread(conn *net.UDPConn, mu *sync.Mutex) {
if packet == nil {
continue
}
sz := packet.TeaTypeDataSZ & 0x00ffffff
sz := packet.TeaTypeDataSZ & 0x0000ffff
r := int(sz) - len(packet.Data)
if r > 0 {
logrus.Warnln("[link] packet from endpoint", addr, "is smaller than it declared: drop it")
@@ -61,7 +61,7 @@ func (m *Me) listenthread(conn *net.UDPConn, mu *sync.Mutex) {
}
switch {
case p.IsToMe(packet.Dst):
packet.Data = p.Decode(uint8(packet.TeaTypeDataSZ>>24), packet.Data)
packet.Data = p.Decode(uint8(packet.TeaTypeDataSZ>>28), packet.Data)
if !packet.IsVaildHash() {
logrus.Debugln("[link] drop invalid packet")
packet.Put()

5
gold/link/me.go
View File

@@ -45,6 +45,8 @@ type Me struct {
writer *helper.Writer
// 本机未接收完全分片池
recving *ttl.Cache[[32]byte, *head.Packet]
// 抗重放攻击记录池
recved *ttl.Cache[uint64, uint8]
// 本机上层配置
srcport, dstport, mtu uint16
}
@@ -96,7 +98,8 @@ func NewMe(cfg *MyConfig) (m Me) {
if m.writer == nil {
m.writer = helper.SelectWriter()
}
m.recving = ttl.NewCache[[32]byte, *head.Packet](time.Second * 128)
m.recving = ttl.NewCache[[32]byte, *head.Packet](time.Second * 30)
m.recved = ttl.NewCache[uint64, uint8](time.Second * 30)
return
}

6
gold/link/recv.go
View File

@@ -22,6 +22,10 @@ func (m *Me) wait(data []byte) *head.Packet {
if flags&0x8000 == 0x8000 { // not a valid packet
return nil
}
crc := binary.LittleEndian.Uint64(data[52:60])
if m.recved.Get(crc) != 0 { // 是重放攻击
return nil
}
logrus.Debugln("[recv]", len(data), "bytes data with flag", hex.EncodeToString(data[10:12]))
if flags == 0 || flags == 0x4000 {
h := head.SelectPacket()
@@ -30,6 +34,7 @@ func (m *Me) wait(data []byte) *head.Packet {
logrus.Errorln("[recv] unmarshal err:", err)
return nil
}
m.recved.Set(crc, 1)
return h
}
@@ -42,6 +47,7 @@ func (m *Me) wait(data []byte) *head.Packet {
if err == nil {
if ok {
m.recving.Delete(hsh)
m.recved.Set(crc, 1)
logrus.Debugln("[recv] all parts of", hex.EncodeToString(hashd), "is reached")
return h
}