SSU2: Add checks of peer test msg 1 IP/port

2022-06-24 16:56:47 -04:00
parent ac3fc6a0d8
commit 897338b790
1 changed files with 15 additions and 0 deletions
--- a/router/java/src/net/i2p/router/transport/udp/PeerTestManager.java
+++ b/router/java/src/net/i2p/router/transport/udp/PeerTestManager.java
@@ -1055,6 +1055,21 @@ class PeerTestManager {
                        _log.warn("Msg 1 status " + status);
                    return;
                }
+                // IP/port checks
+                if (testIP == null ||
+                    isIPv6 != fromPeer.isIPv6() ||
+                    !TransportUtil.isValidPort(testPort) ||
+                    !_transport.isValid(testIP) ||
+                    _transport.isTooClose(testIP) ||
+                    // exact match for IPv4, /64 for IPv6
+                    !DataHelper.eq(fromPeer.getRemoteIP(), 0, testIP, 0, isIPv6 ? 8 : 4)) {
+                    if (_log.shouldWarn())
+                        _log.warn("Invalid PeerTest address: " + Addresses.toString(testIP, testPort));
+                    UDPPacket packet = _packetBuilder2.buildPeerTestToAlice(SSU2Util.TEST_REJECT_BOB_ADDRESS,
+                                                                            Hash.FAKE_HASH, data, fromPeer);
+                    _transport.send(packet);
+                    return;
+                }
                Hash alice = fromPeer.getRemotePeer();
                RouterInfo aliceRI = _context.netDb().lookupRouterInfoLocally(alice);
                if (aliceRI == null) {