mirror of
https://github.com/cwinfo/yggdrasil-go.git
synced 2024-11-30 03:11:37 +00:00
Move mutexes around
This commit is contained in:
parent
e3eadba4b7
commit
27b78b925d
@ -73,18 +73,26 @@ func (c *Conn) Read(b []byte) (int, error) {
|
|||||||
return 0, errors.New("session was closed")
|
return 0, errors.New("session was closed")
|
||||||
}
|
}
|
||||||
defer util.PutBytes(p.Payload)
|
defer util.PutBytes(p.Payload)
|
||||||
if !c.session.nonceIsOK(&p.Nonce) {
|
err := func() error {
|
||||||
return 0, errors.New("packet dropped due to invalid nonce")
|
c.session.theirNonceMutex.Lock()
|
||||||
|
defer c.session.theirNonceMutex.Unlock()
|
||||||
|
if !c.session.nonceIsOK(&p.Nonce) {
|
||||||
|
return errors.New("packet dropped due to invalid nonce")
|
||||||
|
}
|
||||||
|
bs, isOK := crypto.BoxOpen(&c.session.sharedSesKey, p.Payload, &p.Nonce)
|
||||||
|
if !isOK {
|
||||||
|
util.PutBytes(bs)
|
||||||
|
return errors.New("packet dropped due to decryption failure")
|
||||||
|
}
|
||||||
|
b = b[:0]
|
||||||
|
b = append(b, bs...)
|
||||||
|
c.session.updateNonce(&p.Nonce)
|
||||||
|
c.session.time = time.Now()
|
||||||
|
return nil
|
||||||
|
}()
|
||||||
|
if err != nil {
|
||||||
|
return 0, err
|
||||||
}
|
}
|
||||||
bs, isOK := crypto.BoxOpen(&c.session.sharedSesKey, p.Payload, &p.Nonce)
|
|
||||||
if !isOK {
|
|
||||||
util.PutBytes(bs)
|
|
||||||
return 0, errors.New("packet dropped due to decryption failure")
|
|
||||||
}
|
|
||||||
b = b[:0]
|
|
||||||
b = append(b, bs...)
|
|
||||||
c.session.updateNonce(&p.Nonce)
|
|
||||||
c.session.time = time.Now()
|
|
||||||
atomic.AddUint64(&c.session.bytesRecvd, uint64(len(b)))
|
atomic.AddUint64(&c.session.bytesRecvd, uint64(len(b)))
|
||||||
return len(b), nil
|
return len(b), nil
|
||||||
case <-c.session.closed:
|
case <-c.session.closed:
|
||||||
|
@ -79,10 +79,8 @@ func (s *sessionInfo) update(p *sessionPing) bool {
|
|||||||
s.theirSesPub = p.SendSesPub
|
s.theirSesPub = p.SendSesPub
|
||||||
s.theirHandle = p.Handle
|
s.theirHandle = p.Handle
|
||||||
s.sharedSesKey = *crypto.GetSharedKey(&s.mySesPriv, &s.theirSesPub)
|
s.sharedSesKey = *crypto.GetSharedKey(&s.mySesPriv, &s.theirSesPub)
|
||||||
s.theirNonceMutex.Lock()
|
|
||||||
s.theirNonce = crypto.BoxNonce{}
|
s.theirNonce = crypto.BoxNonce{}
|
||||||
s.theirNonceMask = 0
|
s.theirNonceMask = 0
|
||||||
s.theirNonceMutex.Unlock()
|
|
||||||
}
|
}
|
||||||
if p.MTU >= 1280 || p.MTU == 0 {
|
if p.MTU >= 1280 || p.MTU == 0 {
|
||||||
s.theirMTU = p.MTU
|
s.theirMTU = p.MTU
|
||||||
@ -272,10 +270,6 @@ func (ss *sessions) createSession(theirPermKey *crypto.BoxPubKey) *sessionInfo {
|
|||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
sinfo := sessionInfo{}
|
sinfo := sessionInfo{}
|
||||||
sinfo.myNonceMutex.Lock()
|
|
||||||
sinfo.theirNonceMutex.Lock()
|
|
||||||
defer sinfo.myNonceMutex.Unlock()
|
|
||||||
defer sinfo.theirNonceMutex.Unlock()
|
|
||||||
sinfo.core = ss.core
|
sinfo.core = ss.core
|
||||||
sinfo.reconfigure = make(chan chan error, 1)
|
sinfo.reconfigure = make(chan chan error, 1)
|
||||||
sinfo.theirPermPub = *theirPermKey
|
sinfo.theirPermPub = *theirPermKey
|
||||||
@ -395,9 +389,7 @@ func (ss *sessions) getPing(sinfo *sessionInfo) sessionPing {
|
|||||||
Coords: coords,
|
Coords: coords,
|
||||||
MTU: sinfo.myMTU,
|
MTU: sinfo.myMTU,
|
||||||
}
|
}
|
||||||
sinfo.myNonceMutex.Lock()
|
|
||||||
sinfo.myNonce.Increment()
|
sinfo.myNonce.Increment()
|
||||||
sinfo.myNonceMutex.Unlock()
|
|
||||||
return ref
|
return ref
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -501,8 +493,6 @@ func (sinfo *sessionInfo) getMTU() uint16 {
|
|||||||
// Checks if a packet's nonce is recent enough to fall within the window of allowed packets, and not already received.
|
// Checks if a packet's nonce is recent enough to fall within the window of allowed packets, and not already received.
|
||||||
func (sinfo *sessionInfo) nonceIsOK(theirNonce *crypto.BoxNonce) bool {
|
func (sinfo *sessionInfo) nonceIsOK(theirNonce *crypto.BoxNonce) bool {
|
||||||
// The bitmask is to allow for some non-duplicate out-of-order packets
|
// The bitmask is to allow for some non-duplicate out-of-order packets
|
||||||
sinfo.theirNonceMutex.Lock()
|
|
||||||
defer sinfo.theirNonceMutex.Unlock()
|
|
||||||
diff := theirNonce.Minus(&sinfo.theirNonce)
|
diff := theirNonce.Minus(&sinfo.theirNonce)
|
||||||
if diff > 0 {
|
if diff > 0 {
|
||||||
return true
|
return true
|
||||||
@ -512,8 +502,6 @@ func (sinfo *sessionInfo) nonceIsOK(theirNonce *crypto.BoxNonce) bool {
|
|||||||
|
|
||||||
// Updates the nonce mask by (possibly) shifting the bitmask and setting the bit corresponding to this nonce to 1, and then updating the most recent nonce
|
// Updates the nonce mask by (possibly) shifting the bitmask and setting the bit corresponding to this nonce to 1, and then updating the most recent nonce
|
||||||
func (sinfo *sessionInfo) updateNonce(theirNonce *crypto.BoxNonce) {
|
func (sinfo *sessionInfo) updateNonce(theirNonce *crypto.BoxNonce) {
|
||||||
sinfo.theirNonceMutex.Lock()
|
|
||||||
defer sinfo.theirNonceMutex.Unlock()
|
|
||||||
// Shift nonce mask if needed
|
// Shift nonce mask if needed
|
||||||
// Set bit
|
// Set bit
|
||||||
diff := theirNonce.Minus(&sinfo.theirNonce)
|
diff := theirNonce.Minus(&sinfo.theirNonce)
|
||||||
|
Loading…
Reference in New Issue
Block a user