diff options
author | Jake McGinty <me@jake.su> | 2018-02-12 16:52:32 +0000 |
---|---|---|
committer | Jake McGinty <me@jake.su> | 2018-02-12 16:54:59 +0000 |
commit | cffba769212e40892a54222d8bebedc550582af3 (patch) | |
tree | 7be4da438df63a9557318ba86dfccef1523a6a6c /src/interface/peer_server.rs | |
parent | let Peer process its incoming handshake (diff) | |
download | wireguard-rs-cffba769212e40892a54222d8bebedc550582af3.tar.xz wireguard-rs-cffba769212e40892a54222d8bebedc550582af3.zip |
validate incoming handshake timestamps
Diffstat (limited to 'src/interface/peer_server.rs')
-rw-r--r-- | src/interface/peer_server.rs | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/interface/peer_server.rs b/src/interface/peer_server.rs index 5fe6bc3..2ad363a 100644 --- a/src/interface/peer_server.rs +++ b/src/interface/peer_server.rs @@ -129,8 +129,9 @@ impl PeerServer { &state.interface_info.private_key.ok_or_else(|| format_err!("no private key!"))?)?; let mut timestamp = [0u8; 12]; - let _ = noise.read_message(&packet[8..116], &mut timestamp) + let len = noise.read_message(&packet[8..116], &mut timestamp) .map_err(SyncFailure::new)?; + ensure!(len == 12, "incorrect handshake payload length"); let mut peer_ref = { let their_pubkey = noise.get_remote_static().expect("must have remote static key"); @@ -141,7 +142,7 @@ impl PeerServer { }; let mut peer = peer_ref.borrow_mut(); - let (response, next_index, dead_index) = peer.process_incoming_handshake(addr, their_index, ×tamp, noise)?; + let (response, next_index, dead_index) = peer.process_incoming_handshake(addr, their_index, timestamp.into(), noise)?; let _ = state.index_map.insert(next_index, peer_ref.clone()); if let Some(index) = dead_index { let _ = state.index_map.remove(&index); |