Unauthenticate IPSC Bug Fixed
unauthenticated packets were subject to having their hashes stripped just like other packets. The problem is that they don't have hashes to strip, so I was throwing away part of the packet. Fixed in log.py, dmrlink.py and bridge.py
This commit is contained in:
parent
7a63b3d25f
commit
6223f582cf
20
bridge.py
20
bridge.py
|
@ -66,12 +66,28 @@ class bridgeIPSC(IPSC):
|
||||||
def private_data(self, _network, _src_sub, _dst_sub, _ts, _end, _peerid, _data):
|
def private_data(self, _network, _src_sub, _dst_sub, _ts, _end, _peerid, _data):
|
||||||
pass
|
pass
|
||||||
|
|
||||||
|
class bridgeUnauthIPSC(logIPSC):
|
||||||
|
|
||||||
|
# There isn't a hash to build, so just return the data
|
||||||
|
#
|
||||||
|
def hashed_packet(self, _key, _data):
|
||||||
|
return _data
|
||||||
|
|
||||||
|
# Remove the hash from a packet and return the payload
|
||||||
|
#
|
||||||
|
def strip_hash(self, _data):
|
||||||
|
return _data
|
||||||
|
|
||||||
|
# Everything is validated, so just return True
|
||||||
|
#
|
||||||
|
def validate_auth(self, _key, _data):
|
||||||
|
return True
|
||||||
|
|
||||||
for ipsc_network in NETWORK:
|
for ipsc_network in NETWORK:
|
||||||
if (NETWORK[ipsc_network]['LOCAL']['ENABLED']):
|
if (NETWORK[ipsc_network]['LOCAL']['ENABLED']):
|
||||||
if NETWORK[ipsc_network]['LOCAL']['AUTH_ENABLED'] == True:
|
if NETWORK[ipsc_network]['LOCAL']['AUTH_ENABLED'] == True:
|
||||||
networks[ipsc_network] = bridgeIPSC(ipsc_network)
|
networks[ipsc_network] = bridgeIPSC(ipsc_network)
|
||||||
else:
|
else:
|
||||||
networks[ipsc_network] = UnauthIPSC(ipsc_network)
|
networks[ipsc_network] = bridgeUnauthIPSC(ipsc_network)
|
||||||
reactor.listenUDP(NETWORK[ipsc_network]['LOCAL']['PORT'], networks[ipsc_network])
|
reactor.listenUDP(NETWORK[ipsc_network]['LOCAL']['PORT'], networks[ipsc_network])
|
||||||
reactor.run()
|
reactor.run()
|
25
dmrlink.py
25
dmrlink.py
|
@ -202,14 +202,6 @@ def get_info(_id, _dict):
|
||||||
return _dict[_id]
|
return _dict[_id]
|
||||||
return _id
|
return _id
|
||||||
|
|
||||||
# Remove the hash from a packet and return the payload
|
|
||||||
#
|
|
||||||
def strip_hash(_data):
|
|
||||||
# _log = logger.debug
|
|
||||||
# _log('Stripped Packet: %s', binascii.b2a_hex(_data[:-10]))
|
|
||||||
return _data[:-10]
|
|
||||||
|
|
||||||
|
|
||||||
# Determine if the provided peer ID is valid for the provided network
|
# Determine if the provided peer ID is valid for the provided network
|
||||||
#
|
#
|
||||||
def valid_peer(_peer_list, _peerid):
|
def valid_peer(_peer_list, _peerid):
|
||||||
|
@ -507,12 +499,18 @@ class IPSC(DatagramProtocol):
|
||||||
_hash = binascii.a2b_hex((hmac.new(_key,_data,hashlib.sha1)).hexdigest()[:20])
|
_hash = binascii.a2b_hex((hmac.new(_key,_data,hashlib.sha1)).hexdigest()[:20])
|
||||||
return (_data + _hash)
|
return (_data + _hash)
|
||||||
|
|
||||||
|
# Remove the hash from a packet and return the payload
|
||||||
|
#
|
||||||
|
def strip_hash(self, _data):
|
||||||
|
# _log = logger.debug
|
||||||
|
# _log('Stripped Packet: %s', binascii.b2a_hex(_data[:-10]))
|
||||||
|
return _data[:-10]
|
||||||
|
|
||||||
# Take a RECEIVED packet, calculate the auth hash and verify authenticity
|
# Take a RECEIVED packet, calculate the auth hash and verify authenticity
|
||||||
#
|
#
|
||||||
def validate_auth(self, _key, _data):
|
def validate_auth(self, _key, _data):
|
||||||
_log = logger.info
|
_log = logger.info
|
||||||
_payload = strip_hash(_data)
|
_payload = self.strip_hash(_data)
|
||||||
_hash = _data[-10:]
|
_hash = _data[-10:]
|
||||||
_chk_hash = binascii.a2b_hex((hmac.new(_key,_payload,hashlib.sha1)).hexdigest()[:20])
|
_chk_hash = binascii.a2b_hex((hmac.new(_key,_payload,hashlib.sha1)).hexdigest()[:20])
|
||||||
|
|
||||||
|
@ -643,7 +641,7 @@ class IPSC(DatagramProtocol):
|
||||||
return
|
return
|
||||||
|
|
||||||
# Strip the hash, we won't need it anymore
|
# Strip the hash, we won't need it anymore
|
||||||
data = strip_hash(data)
|
data = self.strip_hash(data)
|
||||||
|
|
||||||
# Packets types that must be originated from a peer (including master peer)
|
# Packets types that must be originated from a peer (including master peer)
|
||||||
if (_packettype in ANY_PEER_REQUIRED):
|
if (_packettype in ANY_PEER_REQUIRED):
|
||||||
|
@ -798,7 +796,12 @@ class UnauthIPSC(IPSC):
|
||||||
# There isn't a hash to build, so just return the data
|
# There isn't a hash to build, so just return the data
|
||||||
#
|
#
|
||||||
def hashed_packet(self, _key, _data):
|
def hashed_packet(self, _key, _data):
|
||||||
return (_data)
|
return _data
|
||||||
|
|
||||||
|
# Remove the hash from a packet and return the payload
|
||||||
|
#
|
||||||
|
def strip_hash(_self, data):
|
||||||
|
return _data
|
||||||
|
|
||||||
# Everything is validated, so just return True
|
# Everything is validated, so just return True
|
||||||
#
|
#
|
||||||
|
|
7
log.py
7
log.py
|
@ -95,7 +95,12 @@ class logUnauthIPSC(logIPSC):
|
||||||
# There isn't a hash to build, so just return the data
|
# There isn't a hash to build, so just return the data
|
||||||
#
|
#
|
||||||
def hashed_packet(self, _key, _data):
|
def hashed_packet(self, _key, _data):
|
||||||
return (_data)
|
return _data
|
||||||
|
|
||||||
|
# Remove the hash from a packet and return the payload
|
||||||
|
#
|
||||||
|
def strip_hash(self, _data):
|
||||||
|
return _data
|
||||||
|
|
||||||
# Everything is validated, so just return True
|
# Everything is validated, so just return True
|
||||||
#
|
#
|
||||||
|
|
Loading…
Reference in New Issue