zzz/i2p.i2p
1
0
Fork 0
forked from I2P_Developers/i2p.i2p
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity

SSU2: Fix ISE after sending retry for clock skew in session request

Browse Source 
log tweaks
This commit is contained in:
zzz
2022-09-01 12:21:33 -04:00
parent 52b640b582
commit 00774590b0
1 changed files with 10 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
router/java/src/net/i2p/router/transport/udp/InboundEstablishState2.java
View File

@@ -164,14 +164,17 @@ class InboundEstablishState2 extends InboundEstablishState implements SSU2Payloa
// termination block received
throw new GeneralSecurityException("Termination block in Session/Token Request");
}
if (_timeReceived == 0)
if (_timeReceived == 0) {
_currentState = InboundState.IB_STATE_FAILED;
throw new GeneralSecurityException("No DateTime block in Session/Token Request");
}
_skew = _establishBegin - _timeReceived;
if (_skew > MAX_SKEW || _skew < 0 - MAX_SKEW) {
_currentState = InboundState.IB_STATE_FAILED;
// send retry with termination
UDPPacket retry = _transport.getBuilder2().buildRetryPacket(this, SSU2Util.REASON_SKEW);
_transport.send(retry);
throw new GeneralSecurityException("Skew exceeded in Session/Token Request: " + _skew);
throw new GeneralSecurityException("Skew exceeded in Session/Token Request (retry sent): " + _skew);
}
packetReceived();
if (_log.shouldDebug())
@@ -187,7 +190,8 @@ class InboundEstablishState2 extends InboundEstablishState implements SSU2Payloa
if (_log.shouldDebug())
_log.debug("Processed " + blocks + " blocks on " + this);
} catch (Exception e) {
_log.error("IES2 payload error\n" + net.i2p.util.HexDump.dump(payload, 0, length), e);
if (_log.shouldWarn())
_log.warn("IES2 payload error\n" + net.i2p.util.HexDump.dump(payload, 0, length), e);
throw new GeneralSecurityException("IES2 payload error", e);
}
}
@@ -474,6 +478,9 @@ class InboundEstablishState2 extends InboundEstablishState implements SSU2Payloa
/** note that we just sent a Retry packet */
public synchronized void retryPacketSent() {
// retry after clock skew
if (_currentState == InboundState.IB_STATE_FAILED)
return;
if (_currentState != InboundState.IB_STATE_REQUEST_BAD_TOKEN_RECEIVED &&
_currentState != InboundState.IB_STATE_TOKEN_REQUEST_RECEIVED)
throw new IllegalStateException("Bad state for Retry Sent: " + _currentState);