added debugging to cryptoauth

cjdroute.c

@@ -186,6 +186,8 @@ static int genconf()
            "        }\n"
            "    }\n"
            "\n"
+           "    \"resetAfterInactivitySeconds\": 20,\n"
+           "\n"
            "    // Version of the config file, used internally for migration.\n"
            "    \"version\": 0\n"
            "}\n");

crypto/CryptoAuth.c

@@ -547,6 +547,11 @@ static uint8_t decryptHandshake(struct Wrapper* wrapper,
                   "Dropping message because auth was not given and is required.\n");
         return Error_AUTHENTICATION;
     }
+    if (passwordHash == NULL && header->handshake.auth.challenge.type != 0) {
+        Log_debug(wrapper->context->logger,
+                  "Dropping message because it contans an authenticator which is unrecognized.\n");
+        return Error_AUTHENTICATION;
+    }
 
     // What the nextNonce will become if this packet is valid.
     uint32_t nextNonce;
@@ -557,7 +562,9 @@ static uint8_t decryptHandshake(struct Wrapper* wrapper,
     uint8_t* herPermKey = NULL;
     if (nonce < 2) {
         if (nonce == 0) {
-            Log_debug(wrapper->context->logger, "Received a hello packet\n");
+            Log_debug1(wrapper->context->logger,
+                       "Received a hello packet, using auth: %d\n",
+                       (passwordHash != NULL));
         } else {
             Log_debug(wrapper->context->logger, "Received a repeat hello packet\n");
         }
@@ -586,6 +593,9 @@ static uint8_t decryptHandshake(struct Wrapper* wrapper,
             Log_debug1(wrapper->context->logger,
                        "Received a packet of unknown type! nonce=%u\n", nonce);
         }
+        if (memcmp(header->handshake.publicKey, herPermKey, 32)) {
+            Log_warn(wrapper->context->logger, "Packet contains different perminent key!\n");
+        }
         // We sent the hello, this is a key
         getSharedSecret(sharedSecret,
                         wrapper->secret,

dht/Ducttape.c

@@ -381,16 +381,15 @@ static inline uint8_t decryptedIncoming(struct Message* message, struct Context*
 
     if (!validIP6(message)) {
         Log_debug(context->logger, "Dropping message because of invalid ipv6 header.\n");
-        return 0;
+        return Error_INVALID;
     }
 
     if (isForMe(message, context)) {
         Message_shift(message, -Headers_IP6Header_SIZE);
         // This call goes to incomingForMe()
         context->contentSession =
             SessionManager_getSession(message, false, context->contentSmInside);
-        context->contentSession->receiveMessage(message, context->contentSession);
-        return 0;
+        return context->contentSession->receiveMessage(message, context->contentSession);
     }
 
     if (context->ip6Header->hopLimit == 0) {
@@ -410,7 +409,7 @@ static inline uint8_t decryptedIncoming(struct Message* message, struct Context*
     }
     Log_debug(context->logger, "Dropped message because this node is the closest known "
                                "node to the destination.\n");
-    return 0;
+    return Error_UNDELIVERABLE;
 }
 
 /**
@@ -447,9 +446,14 @@ static uint8_t receivedFromCryptoAuth(struct Message* message, struct Interface*
 {
     struct Context* context = iface->receiverContext;
     context->messageFromCryptoAuth = message;
-    RouterModule_addNode(context->herPublicKey, 
-                         context->switchHeader->label_be,
-                         context->routerModule);
+    if (validIP6(message)) {
+        RouterModule_addNode(context->herPublicKey,
+                             context->switchHeader->label_be,
+                             context->routerModule);
+    } else {
+        Log_debug(context->logger, "Dropping message because of invalid ipv6 header.\n");
+        return Error_INVALID;
+    }
     return decryptedIncoming(message, context);
 }