diff --git a/tunnels/client/reality/reality_client.c b/tunnels/client/reality/reality_client.c index 4f8d0ba5..96b4b936 100644 --- a/tunnels/client/reality/reality_client.c +++ b/tunnels/client/reality/reality_client.c @@ -122,9 +122,9 @@ static void upStream(tunnel_t *self, context_t *c) } // todo (research) about encapsulation order and safety, CMAC HMAC shift_buffer_t *buf = c->payload; - c->payload = NULL; + c->payload = NULL; - const int chunk_size = ((1 << 16) - (kSignLen + (2*kEncryptionBlockSize) + kIVlen)); + const int chunk_size = ((1 << 16) - (kSignLen + (2 * kEncryptionBlockSize) + kIVlen)); if (bufLen(buf) < chunk_size) { @@ -133,7 +133,7 @@ static void upStream(tunnel_t *self, context_t *c) signMessage(buf, cstate->msg_digest, cstate->sign_context, cstate->sign_key); appendTlsHeader(buf); assert(bufLen(buf) % 16 == 5); - c->payload = buf; + c->payload = buf; self->up->upStream(self->up, c); } @@ -152,7 +152,7 @@ static void upStream(tunnel_t *self, context_t *c) assert(bufLen(chunk) % 16 == 5); self->up->upStream(self->up, cout); } - reuseBuffer(getContextBufferPool(c),buf); + reuseBuffer(getContextBufferPool(c), buf); destroyContext(c); } } @@ -271,9 +271,8 @@ static void downStream(tunnel_t *self, context_t *c) goto failed; } - buf = genericDecrypt(buf, cstate->decryption_context, state->context_password, - getContextBufferPool(c)); - + buf = genericDecrypt(buf, cstate->decryption_context, state->context_password, + getContextBufferPool(c)); context_t *plain_data_ctx = newContextFrom(c); plain_data_ctx->payload = buf; diff --git a/tunnels/server/reality/reality_server.c b/tunnels/server/reality/reality_server.c index d9a2f83a..b66f7a4e 100644 --- a/tunnels/server/reality/reality_server.c +++ b/tunnels/server/reality/reality_server.c @@ -129,9 +129,9 @@ static void upStream(tunnel_t *self, context_t *c) return; } - buf = genericDecrypt(buf, cstate->decryption_context, state->context_password, - getContextBufferPool(c)); - + buf = genericDecrypt(buf, cstate->decryption_context, state->context_password, + getContextBufferPool(c)); + context_t *plain_data_ctx = newContextFrom(c); plain_data_ctx->payload = buf; self->up->upStream(self->up, plain_data_ctx); @@ -188,9 +188,8 @@ static void upStream(tunnel_t *self, context_t *c) goto failed; } - buf = genericDecrypt(buf, cstate->decryption_context, state->context_password, - getContextBufferPool(c)); - + buf = genericDecrypt(buf, cstate->decryption_context, state->context_password, + getContextBufferPool(c)); context_t *plain_data_ctx = newContextFrom(c); plain_data_ctx->payload = buf; @@ -269,9 +268,9 @@ static void downStream(tunnel_t *self, context_t *c) self->dw->downStream(self->dw, c); break; case kConAuthorized:; - shift_buffer_t *buf = c->payload; - c->payload = NULL; - const int chunk_size = ((1 << 16) - (kSignLen + (2*kEncryptionBlockSize) + kIVlen)); + shift_buffer_t *buf = c->payload; + c->payload = NULL; + const int chunk_size = ((1 << 16) - (kSignLen + (2 * kEncryptionBlockSize) + kIVlen)); if (bufLen(buf) < chunk_size) { @@ -279,7 +278,7 @@ static void downStream(tunnel_t *self, context_t *c) signMessage(buf, cstate->msg_digest, cstate->sign_context, cstate->sign_key); appendTlsHeader(buf); assert(bufLen(buf) % 16 == 5); - c->payload = buf; + c->payload = buf; self->dw->downStream(self->dw, c); } else @@ -288,8 +287,8 @@ static void downStream(tunnel_t *self, context_t *c) { const uint16_t remain = (uint16_t) min(bufLen(buf), chunk_size); shift_buffer_t *chunk = shallowSliceBuffer(buf, remain); - chunk = genericEncrypt(chunk, cstate->encryption_context, state->context_password, - getContextBufferPool(c)); + chunk = genericEncrypt(chunk, cstate->encryption_context, state->context_password, + getContextBufferPool(c)); signMessage(chunk, cstate->msg_digest, cstate->sign_context, cstate->sign_key); appendTlsHeader(chunk); context_t *cout = newContextFrom(c); @@ -297,7 +296,7 @@ static void downStream(tunnel_t *self, context_t *c) assert(bufLen(chunk) % 16 == 5); self->dw->downStream(self->dw, cout); } - reuseBuffer(getContextBufferPool(c),buf); + reuseBuffer(getContextBufferPool(c), buf); destroyContext(c); } @@ -306,8 +305,12 @@ static void downStream(tunnel_t *self, context_t *c) } else { - if (c->est) + if (c->est ) { + if(cstate->auth_state == kConAuthorized){ + destroyContext(c); + return; + } self->dw->downStream(self->dw, c); return; } diff --git a/ww/shiftbuffer.c b/ww/shiftbuffer.c index 19675b49..b129550c 100644 --- a/ww/shiftbuffer.c +++ b/ww/shiftbuffer.c @@ -110,7 +110,7 @@ void unShallow(shift_buffer_t *self) void expand(shift_buffer_t *self, unsigned int increase) { const bool keep = self->curpos != self->lenpos; - if (*(self->refc) > 1) + if (isShallow(self)) { const unsigned int old_realcap = self->full_cap; unsigned int new_realcap = (unsigned int) pow(2, ceil(log2((old_realcap * 2) + (increase * 2))));