Changeset 1568
- Timestamp:
- 02/25/08 09:23:11 (6 months ago)
- Files:
-
- nebula/trunk/src/session.c (modified) (11 diffs)
- nebula/trunk/src/session.h (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
nebula/trunk/src/session.c
r1566 r1568 19 19 */ 20 20 21 #include <arpa/inet.h> 21 22 #include <errno.h> 22 23 #include <poll.h> … … 110 111 int session_handle_data(struct pollfd *pfd, submission *s) { 111 112 int rv; 113 u_int16_t hmac_port; 112 114 u_int32_t nonce; 113 115 char *md5sum; … … 116 118 trie_node *t; 117 119 120 118 121 if (!pfd || !s) { 119 122 fprintf(stderr, "Error - Invalid parameters to submission handler.\n"); 120 123 exit(EXIT_FAILURE); 121 124 } 125 122 126 123 127 switch (s->state) { … … 125 129 // send random nonce 126 130 srand(time(0)); 127 nonce = (u_int32_t) (RAND_MAX * (rand() / (RAND_MAX + 1.0)));128 if (write(pfd->fd, & nonce, 4) == -1) {131 nonce = htonl((u_int32_t) (RAND_MAX * (rand() / (RAND_MAX + 1.0)))); 132 if (write(pfd->fd, &(nonce), 4) == -1) { 129 133 fprintf(stderr, "Error - Unable to send session nonce: %s.\n", strerror(errno)); 130 134 return(-1); 131 135 } 132 s->nonce = n once;136 s->nonce = ntohl(nonce); 133 137 s->state = NONCE_SENT; 134 138 s->bytes_read = 0; … … 235 239 return(-1); 236 240 } else if (rv == 2) { 241 s->port = ntohs(s->port); 237 242 if (verbose > 1) printf(" port: %u\n", s->port); 238 243 s->state = PORT_READ; … … 245 250 return(-1); 246 251 } else if (rv == 4) { 252 s->attack_len = ntohl(s->attack_len); 247 253 if (verbose > 1) printf(" bytes of attacks: %lu\n", s->attack_len); 248 254 s->state = ATTACK_LEN_READ; … … 255 261 return(-1); 256 262 } else if (rv == 4) { 263 s->cattack_len = ntohl(s->cattack_len); 257 264 if (verbose > 1) printf(" bytes of compressed attacks: %u\n", s->cattack_len); 258 265 s->state = CATTACK_LEN_READ; … … 262 269 case CATTACK_LEN_READ: 263 270 // read compressed attack 264 if (!s->cattack && ((s->cattack = malloc(s->cattack_len)) == NULL)) {271 if (!s->cattack && ((s->cattack = calloc(1, s->cattack_len)) == NULL)) { 265 272 fprintf(stderr, "Error - Unable to allocate memory: %s.\n", strerror(errno)); 266 273 exit(EXIT_FAILURE); 267 274 } 268 memset(s->cattack, 0, s->cattack_len);269 275 if ((rv = session_read_data(pfd->fd, s, s->cattack, s->cattack_len)) == -1) { 270 276 return(-1); … … 277 283 // read length of HMAC 278 284 s->hmac_len = 0xffff; 279 if ((rv = session_read_data(pfd->fd, s, (u_char *) &(s->hmac_len), 2)) == -1) {285 if ((rv = session_read_data(pfd->fd, s, (u_char *) &(s->hmac_len), sizeof(s->hmac_len))) == -1) { 280 286 return(-1); 281 287 } else if (rv == 2) { 288 s->hmac_len = ntohs(s->hmac_len); 282 289 if (verbose > 1) printf(" length of HMAC: %u\n", s->hmac_len); 283 290 s->state = HMAC_LEN_READ; … … 294 301 } else if (rv == s->hmac_len) { 295 302 if (verbose > 1) printf(" HMAC read: %s\n", s->hmac); 303 hmac_port = htons(s->port); 296 304 297 305 // send OK … … 309 317 } 310 318 memcpy(s->cattack+s->cattack_len, &s->protocol, 1); 311 memcpy(s->cattack+s->cattack_len+1, & s->port, 2);319 memcpy(s->cattack+s->cattack_len+1, &hmac_port, 2); 312 320 313 321 if ((sha512sum = session_hmac(&s->cattack, s->cattack_len+3)) == NULL) { nebula/trunk/src/session.h
r1566 r1568 59 59 typedef struct submission { 60 60 sstate state; // session state 61 ssize_tbytes_read; // number of bytes read so far62 u_int32_t nonce; 61 u_int32_t bytes_read; // number of bytes read so far 62 u_int32_t nonce; // session nonce, stored in network byte order 63 63 char secret_hash[129]; // hash(nonce+secret) 64 64 char *md5sum; // md5 hash of uncompressed attack data
