Fix incorrect SPTPS session labels.

To prevent a MITM from being able to splice different SPTPS sessions
together, each session has a unique label. snprintf() was used to fill a
buffer with the label, however the buffer was not big enough for the whole
label. Linux made sure the last byte of the buffer was a NUL character,
Windows did not, resulting in the two unable to connect to each other.

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 404a81c88de8ec09fddc65f58d926a09f4935eda..7a405fe4d8ea3436326ad9ba872de02a0b59b971 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -289,7 +289,9 @@ bool id_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
                c->protocol_minor = 2;
                c->allow_request = 1;
 
-               return sptps_start(&c->sptps, c, false, false, mesh->invitation_key, c->ecdsa, "meshlink invitation", 15, send_meta_sptps, receive_invitation_sptps);
+               static const char label[] = "MeshLink invitation";
+
+               return sptps_start(&c->sptps, c, false, false, mesh->invitation_key, c->ecdsa, label, sizeof label - 1, send_meta_sptps, receive_invitation_sptps);
        }
 
        /* Check if identity is a valid name */
@@ -354,14 +356,14 @@ bool id_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
        }
 
        c->allow_request = ACK;
-       char label[25 + strlen(mesh->self->name) + strlen(c->name)];
+       char label[14 + strlen(mesh->self->name) + strlen(c->name) + 1];
 
        if(c->outgoing)
-               snprintf(label, sizeof label, "meshlink TCP key expansion %s %s", mesh->self->name, c->name);
+               snprintf(label, sizeof label, "MeshLink TCP %s %s", mesh->self->name, c->name);
        else
-               snprintf(label, sizeof label, "meshlink TCP key expansion %s %s", c->name, mesh->self->name);
+               snprintf(label, sizeof label, "MeshLink TCP %s %s", c->name, mesh->self->name);
 
-       return sptps_start(&c->sptps, c, c->outgoing, false, mesh->self->connection->ecdsa, c->ecdsa, label, sizeof label, send_meta_sptps, receive_meta_sptps);
+       return sptps_start(&c->sptps, c, c->outgoing, false, mesh->self->connection->ecdsa, c->ecdsa, label, sizeof label - 1, send_meta_sptps, receive_meta_sptps);
 }
 
 bool send_ack(meshlink_handle_t *mesh, connection_t *c) {

diff --git a/src/protocol_key.c b/src/protocol_key.c
index 3ae65f0de4863b62c56a34d2291ba3e3175ce7c0..7f62b5fa59913fa536c58a3a2ff561ed109bf26d 100644 (file)
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -88,14 +88,14 @@ bool send_req_key(meshlink_handle_t *mesh, node_t *to) {
        if(to->sptps.label)
                logger(mesh, MESHLINK_DEBUG, "send_req_key(%s) called while sptps->label != NULL!", to->name);
 
-       char label[25 + strlen(mesh->self->name) + strlen(to->name)];
-       snprintf(label, sizeof label, "MeshLink UDP key expansion %s %s", mesh->self->name, to->name);
+       char label[14 + strlen(mesh->self->name) + strlen(to->name) + 1];
+       snprintf(label, sizeof label, "MeshLink UDP %s %s", mesh->self->name, to->name);
        sptps_stop(&to->sptps);
        to->status.validkey = false;
        to->status.waitingforkey = true;
        to->last_req_key = mesh->loop.now.tv_sec;
        to->incompression = mesh->self->incompression;
-       return sptps_start(&to->sptps, to, true, true, mesh->self->connection->ecdsa, to->ecdsa, label, sizeof label, send_initial_sptps_data, receive_sptps_record);
+       return sptps_start(&to->sptps, to, true, true, mesh->self->connection->ecdsa, to->ecdsa, label, sizeof label - 1, send_initial_sptps_data, receive_sptps_record);
 }
 
 /* REQ_KEY is overloaded to allow arbitrary requests to be routed between two nodes. */
@@ -149,13 +149,13 @@ static bool req_key_ext_h(meshlink_handle_t *mesh, connection_t *c, const char *
                                return true;
                        }
 
-                       char label[25 + strlen(from->name) + strlen(mesh->self->name)];
-                       snprintf(label, sizeof label, "MeshLink UDP key expansion %s %s", from->name, mesh->self->name);
+                       char label[14 + strlen(from->name) + strlen(mesh->self->name) + 1];
+                       snprintf(label, sizeof label, "MeshLink UDP %s %s", from->name, mesh->self->name);
                        sptps_stop(&from->sptps);
                        from->status.validkey = false;
                        from->status.waitingforkey = true;
                        from->last_req_key = mesh->loop.now.tv_sec;
-                       sptps_start(&from->sptps, from, false, true, mesh->self->connection->ecdsa, from->ecdsa, label, sizeof label, send_sptps_data, receive_sptps_record);
+                       sptps_start(&from->sptps, from, false, true, mesh->self->connection->ecdsa, from->ecdsa, label, sizeof label - 1, send_sptps_data, receive_sptps_record);
                        sptps_receive_data(&from->sptps, buf, len);
                        return true;
                }