Mirrors/overte
3
0
Fork 0
mirror of https://github.com/overte-org/overte.git synced 2025-04-20 04:44:11 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'hmac-better-locking' into hmac-auth2

Browse source
This commit is contained in:
Simon Walton 2018-04-25 10:38:07 -07:00
commit e25e15d6b3
4 changed files with 12 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
libraries/networking/src/HMACAuth.cpp
View file

@ -68,7 +68,7 @@ bool HMACAuth::setKey(const char* keyValue, int keyLen) {
return false;
}
QMutexLocker lock(&_lock);
//QMutexLocker lock(&_lock);
return (bool) HMAC_Init_ex(_hmacContext, keyValue, keyLen, sslStruct, nullptr);
}
@ -78,16 +78,17 @@ bool HMACAuth::setKey(const QUuid& uidKey) {
}
bool HMACAuth::addData(const char* data, int dataLen) {
QMutexLocker lock(&_lock);
//QMutexLocker lock(&_lock);
return (bool) HMAC_Update(_hmacContext, reinterpret_cast<const unsigned char*>(data), dataLen);
}
HMACAuth::HMACHash HMACAuth::result() {
HMACHash hashValue(EVP_MAX_MD_SIZE);
unsigned int hashLen;
QMutexLocker lock(&_lock);
HMAC_Final(_hmacContext, &hashValue[0], &hashLen);
hashValue.resize((size_t) hashLen);
//QMutexLocker lock(&_lock);
if (HMAC_Final(_hmacContext, &hashValue[0], &hashLen)) {
hashValue.resize((size_t)hashLen);
}
// Clear state for possible reuse.
HMAC_Init_ex(_hmacContext, nullptr, 0, nullptr, nullptr);
return hashValue;

2
libraries/networking/src/HMACAuth.h
View file

@ -26,6 +26,8 @@ public:
explicit HMACAuth(AuthMethod authMethod = MD5);
~HMACAuth();
QMutex& getLock() { return _lock; }
bool setKey(const char* keyValue, int keyLen);
bool setKey(const QUuid& uidKey);
bool addData(const char* data, int dataLen);

5
libraries/networking/src/LimitedNodeList.cpp
View file

@ -333,13 +333,14 @@ bool LimitedNodeList::packetSourceAndHashMatchAndTrackBandwidth(const udt::Packe
QByteArray packetHeaderHash = NLPacket::verificationHashInHeader(packet);
QByteArray expectedHash = NLPacket::hashForPacketAndHMAC(packet, sourceNode->getAuthenticateHash());
// check if the md5 hash in the header matches the hash we would expect
// check if the HMAC-md5 hash in the header matches the hash we would expect
if (packetHeaderHash != expectedHash) {
static QMultiMap<QUuid, PacketType> hashDebugSuppressMap;
if (!hashDebugSuppressMap.contains(sourceID, headerType)) {
qCDebug(networking) << packetHeaderHash << expectedHash;
qCDebug(networking) << "Packet hash mismatch on" << headerType << "- Sender" << sourceID;
qCDebug(networking) << "Packet len:" << packet.getDataSize() << "Expected hash:" <<
expectedHash.toHex() << "Actual:" << packetHeaderHash.toHex();
hashDebugSuppressMap.insert(sourceID, headerType);
}

1
libraries/networking/src/NLPacket.cpp
View file

@ -157,6 +157,7 @@ QByteArray NLPacket::hashForPacketAndHMAC(const udt::Packet& packet, HMACAuth& h
+ NUM_BYTES_LOCALID + NUM_BYTES_MD5_HASH;
// add the packet payload and the connection UUID
QMutexLocker hashLock(&hash.getLock());
hash.addData(packet.getData() + offset, packet.getDataSize() - offset);
auto hashResult { hash.result() };
return QByteArray((const char*) hashResult.data(), (int) hashResult.size());