grumble: allow for other ciphers than OCB2-AES128.

2012-12-08 23:50:32 +01:00 · 2012-12-08 23:50:32 +01:00 · cd363d197e
commit cd363d197e
parent eacf839182
3 changed files with 12 additions and 8 deletions
--- a/client.go
+++ b/client.go
@ -367,7 +367,7 @@ func (client *Client) udpRecvLoop() {
 // through the client's control channel (TCP).
 func (client *Client) SendUDP(buf []byte) error {
 	if client.udp {
-		crypted := make([]byte, len(buf)+4)
+		crypted := make([]byte, len(buf)+client.crypt.Overhead())
 		client.crypt.Encrypt(crypted, buf)
 		return client.server.SendUDP(crypted, client.udpaddr)
 	} else {
--- a/pkg/cryptstate/cryptstate.go
+++ b/pkg/cryptstate/cryptstate.go
@ -109,8 +109,8 @@ func (cs *CryptState) Decrypt(dst, src []byte) error {
 	}

 	plain_len := len(src) - cs.Overhead()
-	if len(dst) != plain_len {
-		return errors.New("cryptstate: plain_len and src len mismatch")
+	if len(dst) < plain_len {
+		return errors.New("cryptstate: not enough space in dst for plain text")
 	}

 	ivbyte := src[0]
--- a/server.go
+++ b/server.go
@ -514,9 +514,9 @@ func (server *Server) handleAuthenticate(client *Client, msg *Message) {
 	// if it wishes.
 	client.lastResync = time.Now().Unix()
 	err = client.sendMessage(&mumbleproto.CryptSetup{
-		Key:         client.crypt.RawKey[0:],
-		ClientNonce: client.crypt.DecryptIV[0:],
-		ServerNonce: client.crypt.EncryptIV[0:],
+		Key:         client.crypt.Key,
+		ClientNonce: client.crypt.DecryptIV,
+		ServerNonce: client.crypt.EncryptIV,
 	})
 	if err != nil {
 		client.Panicf("%v", err)
@ -989,7 +989,7 @@ func (server *Server) udpListenLoop() {

 func (server *Server) handleUdpPacket(udpaddr *net.UDPAddr, buf []byte, nread int) {
 	var match *Client
-	plain := make([]byte, nread-4)
+	plain := make([]byte, nread)

 	// Determine which client sent the the packet.  First, we
 	// check the map 'hpclients' in the server struct. It maps
@ -1001,7 +1001,7 @@ func (server *Server) handleUdpPacket(udpaddr *net.UDPAddr, buf []byte, nread in
 	defer server.hmutex.Unlock()
 	client, ok := server.hpclients[udpaddr.String()]
 	if ok {
-		err := client.crypt.Decrypt(plain[0:], buf[0:nread])
+		err := client.crypt.Decrypt(plain, buf)
 		if err != nil {
 			client.cryptResync()
 			return
@ -1029,6 +1029,10 @@ func (server *Server) handleUdpPacket(udpaddr *net.UDPAddr, buf []byte, nread in
 		return
 	}

+	// Resize the plaintext slice now that we know
+	// the true encryption overhead.
+	plain = plain[:len(plain)-match.crypt.Overhead()]
+
 	match.udp = true
 	match.udprecv <- plain
 }