disable session nonce checks

2025-04-30 07:05:06 +03:00 · 2019-08-15 18:58:29 -05:00 · 2019-08-15 18:58:29 -05:00 · 0cac0c1d4e
commit 0cac0c1d4e
parent fdac8932a8
1 changed files with 34 additions and 73 deletions
--- a/src/yggdrasil/session.go
+++ b/src/yggdrasil/session.go
@ -30,8 +30,6 @@ type sessionInfo struct {
 	sharedSesKey crypto.BoxSharedKey     // derived from session keys
 	theirHandle  crypto.Handle           //
 	myHandle     crypto.Handle           //
-	theirNonce     crypto.BoxNonce         //
-	theirNonceMask uint64                  //
 	myNonce      crypto.BoxNonce         //
 	theirMTU     uint16                  //
 	myMTU        uint16                  //
@ -86,8 +84,6 @@ func (s *sessionInfo) update(p *sessionPing) bool {
 		s.theirSesPub = p.SendSesPub
 		s.theirHandle = p.Handle
 		s.sharedSesKey = *crypto.GetSharedKey(&s.mySesPriv, &s.theirSesPub)
-		s.theirNonce = crypto.BoxNonce{}
-		s.theirNonceMask = 0
 	}
 	if p.MTU >= 1280 || p.MTU == 0 {
 		s.theirMTU = p.MTU
@ -397,32 +393,6 @@ func (sinfo *sessionInfo) getMTU() uint16 {
 	return sinfo.myMTU
 }

-// Checks if a packet's nonce is recent enough to fall within the window of allowed packets, and not already received.
-func (sinfo *sessionInfo) nonceIsOK(theirNonce *crypto.BoxNonce) bool {
-	// The bitmask is to allow for some non-duplicate out-of-order packets
-	diff := theirNonce.Minus(&sinfo.theirNonce)
-	if diff > 0 {
-		return true
-	}
-	return ^sinfo.theirNonceMask&(0x01<<uint64(-diff)) != 0
-}
-
-// Updates the nonce mask by (possibly) shifting the bitmask and setting the bit corresponding to this nonce to 1, and then updating the most recent nonce
-func (sinfo *sessionInfo) updateNonce(theirNonce *crypto.BoxNonce) {
-	// Shift nonce mask if needed
-	// Set bit
-	diff := theirNonce.Minus(&sinfo.theirNonce)
-	if diff > 0 {
-		// This nonce is newer, so shift the window before setting the bit, and update theirNonce in the session info.
-		sinfo.theirNonceMask <<= uint64(diff)
-		sinfo.theirNonceMask &= 0x01
-		sinfo.theirNonce = *theirNonce
-	} else {
-		// This nonce is older, so set the bit but do not shift the window.
-		sinfo.theirNonceMask &= 0x01 << uint64(-diff)
-	}
-}
-
 // Resets all sessions to an uninitialized state.
 // Called after coord changes, so attemtps to use a session will trigger a new ping and notify the remote end of the coord change.
 func (ss *sessions) reset() {
@ -448,27 +418,18 @@ type FlowKeyMessage struct {
 }

 func (sinfo *sessionInfo) recvWorker() {
-	// TODO move theirNonce etc into a struct that gets stored here, passed in over a channel
+	// TODO move used fields into a struct that gets stored here, passed in over a channel
 	//  Since there's no reason for anywhere else in the session code to need to *read* it...
 	//  Only needs to be updated from the outside if a ping resets it...
 	//  That would get rid of the need to take a mutex for the sessionFunc
 	var callbacks []chan func()
 	doRecv := func(p wire_trafficPacket) {
 		var bs []byte
-		var err error
 		var k crypto.BoxSharedKey
 		sessionFunc := func() {
-			if !sinfo.nonceIsOK(&p.Nonce) {
-				err = ConnError{errors.New("packet dropped due to invalid nonce"), false, true, false, 0}
-				return
-			}
 			k = sinfo.sharedSesKey
 		}
 		sinfo.doFunc(sessionFunc)
-		if err != nil {
-			util.PutBytes(p.Payload)
-			return
-		}
 		var isOK bool
 		ch := make(chan func(), 1)
 		poolFunc := func() {
@ -479,13 +440,13 @@ func (sinfo *sessionInfo) recvWorker() {
 					util.PutBytes(bs)
 					return
 				}
+				var err error
 				sessionFunc = func() {
-					if k != sinfo.sharedSesKey || !sinfo.nonceIsOK(&p.Nonce) {
+					if k != sinfo.sharedSesKey {
 						// The session updated in the mean time, so return an error
 						err = ConnError{errors.New("session updated during crypto operation"), false, true, false, 0}
 						return
 					}
-					sinfo.updateNonce(&p.Nonce)
 					sinfo.time = time.Now()
 					sinfo.bytesRecvd += uint64(len(bs))
 				}