warp-vpn

commit 7d0e1def8e2c5f1733d20c1665477c1f3e643094
parent 7110dfe51d3f9082d445f14e0cee73b9c22097ab
Author: sin <sin@2f30.org>
Date:   Wed, 30 Mar 2016 16:03:57 +0100

use 64-bit integers for challenge-response

Diffstat:
M
stun.c
 | 
48
++++++++++++++++++++++++++++++------------------

1 file changed, 30 insertions(+), 18 deletions(-)
diff --git a/stun.c b/stun.c
@@ -389,18 +389,29 @@ unpack16(unsigned char *buf)
 }
 
 void
-pack32(unsigned char *buf, uint32_t n)
+pack64(unsigned char *buf, uint64_t n)
 {
-	buf[0] = n >> 24 & 0xff;
-	buf[1] = n >> 16 & 0xff;
-	buf[2] = n >> 8 & 0xff;
-	buf[3] = n & 0xff;
+	buf[0] = n >> 56 & 0xff;
+	buf[1] = n >> 48 & 0xff;
+	buf[2] = n >> 40 & 0xff;
+	buf[3] = n >> 32 & 0xff;
+	buf[4] = n >> 24 & 0xff;
+	buf[5] = n >> 16 & 0xff;
+	buf[6] = n >> 8 & 0xff;
+	buf[7] = n & 0xff;
 }
 
-uint32_t
-unpack32(unsigned char *buf)
+uint64_t
+unpack64(unsigned char *buf)
 {
-	return buf[0] << 24 | buf[1] << 16 | buf[2] << 8 | buf[3];
+	return (uint64_t)buf[0] << 56 |
+	       (uint64_t)buf[1] << 48 |
+	       (uint64_t)buf[2] << 40 |
+	       (uint64_t)buf[3] << 32 |
+	       (uint64_t)buf[4] << 24 |
+	       (uint64_t)buf[5] << 16 |
+	       (uint64_t)buf[6] << 8  |
+	       (uint64_t)buf[7];
 }
 
 int
@@ -529,14 +540,15 @@ challenge(int netfd)
 {
 	unsigned char buf[MTU + AES_BLOCK_SIZE];
 	struct pollfd pfd[1];
-	uint32_t n, reply;
+	uint64_t n, reply;
 	int ret;
 
 	ret = setrcvtimeo(netfd, CHALLENGETIMEO);
 	if (ret < 0)
 		return -1;
-	pack32(buf, n = arc4random());
-	if (writenet(netfd, buf, sizeof(uint32_t)) <= 0)
+	arc4random_buf(&n, sizeof(uint64_t));
+	pack64(buf, n);
+	if (writenet(netfd, buf, sizeof(uint64_t)) <= 0)
 		goto err;
 	pfd[0].fd = netfd;
 	pfd[0].events = POLLIN;
@@ -550,10 +562,10 @@ challenge(int netfd)
 		goto err;
 	default:
 		if (pfd[0].revents & (POLLIN | POLLHUP)) {
-			ret = readnet(netfd, buf, sizeof(uint32_t));
+			ret = readnet(netfd, buf, sizeof(uint64_t));
 			if (ret <= 0 || ret == BADPKT)
 				goto err;
-			reply = unpack32(buf);
+			reply = unpack64(buf);
 			if (n + 1 == reply) {
 				setrcvtimeo(netfd, 0);
 				return 0;
@@ -569,15 +581,15 @@ int
 response(int netfd)
 {
 	unsigned char buf[MTU + AES_BLOCK_SIZE];
-	uint32_t reply;
+	uint64_t reply;
 	int ret;
 
-	ret = readnet(netfd, buf, sizeof(uint32_t));
+	ret = readnet(netfd, buf, sizeof(uint64_t));
 	if (ret <= 0 || ret == BADPKT)
 		return -1;
-	reply = unpack32(buf);
-	pack32(buf, reply + 1);
-	if (writenet(netfd, buf, sizeof(uint32_t)) <= 0)
+	reply = unpack64(buf);
+	pack64(buf, reply + 1);
+	if (writenet(netfd, buf, sizeof(uint64_t)) <= 0)
 		return -1;
 	return 0;
 }