Manage advanced sec via uapi

2025-06-05 12:53:43 +02:00 · 2023-10-09 13:22:49 +01:00 · 2023-10-09 13:22:49 +01:00 · f30419e0d1
commit f30419e0d1
parent 8f1a6a10b2
3 changed files with 52 additions and 43 deletions
--- a/device/device.go
+++ b/device/device.go
@ -98,6 +98,7 @@ type Device struct {
 }

 type aSecCfgType struct {
+	isSet                      bool
 	junkPacketCount            int
 	junkPacketMinSize          int
 	junkPacketMaxSize          int
@ -567,15 +568,7 @@ func (device *Device) isAdvancedSecurityOn() bool {

 func (device *Device) handlePostConfig(tempASecCfg *aSecCfgType) (err error) {

-	if tempASecCfg.junkPacketCount == 0 &&
-		tempASecCfg.junkPacketMaxSize == 0 &&
-		tempASecCfg.junkPacketMinSize == 0 &&
-		tempASecCfg.initPacketJunkSize == 0 &&
-		tempASecCfg.responsePacketJunkSize == 0 &&
-		tempASecCfg.initPacketMagicHeader == 0 &&
-		tempASecCfg.responsePacketMagicHeader == 0 &&
-		tempASecCfg.underloadPacketMagicHeader == 0 &&
-		tempASecCfg.transportPacketMagicHeader == 0 {
+	if !tempASecCfg.isSet {
 		return err
 	}

@ -603,7 +596,7 @@ func (device *Device) handlePostConfig(tempASecCfg *aSecCfgType) (err error) {
 		tempASecCfg.junkPacketMaxSize++ // to make rand gen work
 	}

-	if tempASecCfg.junkPacketMaxSize >= MaxSegmentSize{
+	if tempASecCfg.junkPacketMaxSize >= MaxSegmentSize {
 		device.aSecCfg.junkPacketMinSize = 0
 		device.aSecCfg.junkPacketMaxSize = 1
 		if err != nil {
--- a/device/send.go
+++ b/device/send.go
@ -126,25 +126,31 @@ func (peer *Peer) SendHandshakeInitiation(isRetry bool) error {
 	if peer.device.isAdvancedSecurityOn() {
 		peer.device.aSecMux.RLock()
 		junks, err := peer.createJunkPackets()
-		if err != nil {
 		peer.device.aSecMux.RUnlock()
+
+		if err != nil {
 			peer.device.log.Errorf("%v - %v", peer, err)
 			return err
 		}
-		sendBuffer = append(sendBuffer, junks...)
+
+		err = peer.SendBuffers(junks)
+		if err != nil {
+			peer.device.log.Errorf("%v - Failed to send junk packets: %v", peer, err)
+			return err
+		}
+
 		if peer.device.aSecCfg.initPacketJunkSize != 0 {
 			buf := make([]byte, 0, peer.device.aSecCfg.initPacketJunkSize)
 			writer := bytes.NewBuffer(buf[:0])
 			err = appendJunk(writer, peer.device.aSecCfg.initPacketJunkSize)
 			if err != nil {
-				peer.device.aSecMux.RUnlock()
 				peer.device.log.Errorf("%v - %v", peer, err)
 				return err
 			}
 			junkedHeader = writer.Bytes()
 		}
-		peer.device.aSecMux.RUnlock()
 	}
+
 	var buf [MessageInitiationSize]byte
 	writer := bytes.NewBuffer(buf[:0])
 	binary.Write(writer, binary.LittleEndian, msg)
--- a/device/uapi.go
+++ b/device/uapi.go
@ -295,6 +295,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 		}
 		device.log.Verbosef("UAPI: Updating junk_packet_count")
 		tempASecCfg.junkPacketCount = junkPacketCount
+		tempASecCfg.isSet = true

 	case "jmin":
 		junkPacketMinSize, err := strconv.Atoi(value)
@ -303,6 +304,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 		}
 		device.log.Verbosef("UAPI: Updating junk_packet_min_size")
 		tempASecCfg.junkPacketMinSize = junkPacketMinSize
+		tempASecCfg.isSet = true

 	case "jmax":
 		junkPacketMaxSize, err := strconv.Atoi(value)
@ -311,6 +313,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 		}
 		device.log.Verbosef("UAPI: Updating junk_packet_max_size")
 		tempASecCfg.junkPacketMaxSize = junkPacketMaxSize
+		tempASecCfg.isSet = true

 	case "s1":
 		initPacketJunkSize, err := strconv.Atoi(value)
@ -319,6 +322,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 		}
 		device.log.Verbosef("UAPI: Updating init_packet_junk_size")
 		tempASecCfg.initPacketJunkSize = initPacketJunkSize
+		tempASecCfg.isSet = true

 	case "s2":
 		responsePacketJunkSize, err := strconv.Atoi(value)
@ -327,6 +331,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 		}
 		device.log.Verbosef("UAPI: Updating response_packet_junk_size")
 		tempASecCfg.responsePacketJunkSize = responsePacketJunkSize
+		tempASecCfg.isSet = true

 	case "h1":
 		initPacketMagicHeader, err := strconv.ParseUint(value, 10, 32)
@ -334,6 +339,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 			return ipcErrorf(ipc.IpcErrorInvalid, "faield to parse init_packet_magic_header %w", err)
 		}
 		tempASecCfg.initPacketMagicHeader = uint32(initPacketMagicHeader)
+		tempASecCfg.isSet = true

 	case "h2":
 		responsePacketMagicHeader, err := strconv.ParseUint(value, 10, 32)
@ -341,6 +347,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 			return ipcErrorf(ipc.IpcErrorInvalid, "faield to parse response_packet_magic_header %w", err)
 		}
 		tempASecCfg.responsePacketMagicHeader = uint32(responsePacketMagicHeader)
+		tempASecCfg.isSet = true

 	case "h3":
 		underloadPacketMagicHeader, err := strconv.ParseUint(value, 10, 32)
@ -348,6 +355,7 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 			return ipcErrorf(ipc.IpcErrorInvalid, "faield to parse underload_packet_magic_header %w", err)
 		}
 		tempASecCfg.underloadPacketMagicHeader = uint32(underloadPacketMagicHeader)
+		tempASecCfg.isSet = true

 	case "h4":
 		transportPacketMagicHeader, err := strconv.ParseUint(value, 10, 32)
@ -355,8 +363,10 @@ func (device *Device) handleDeviceLine(key, value string, tempASecCfg *aSecCfgTy
 			return ipcErrorf(ipc.IpcErrorInvalid, "faield to parse transport_packet_magic_header %w", err)
 		}
 		tempASecCfg.transportPacketMagicHeader = uint32(transportPacketMagicHeader)
+		tempASecCfg.isSet = true
+
 	default:
-		return ipcErrorf(ipc.IpcErrorInvalid, "invalid UAPI device key: %v",key)
+		return ipcErrorf(ipc.IpcErrorInvalid, "invalid UAPI device key: %v", key)
 	}

 	return nil