Gotta support old encrypted flag, move cipher spec to middle 3 bits... due to some shortsighted design early-on. In the future this can die once there are no old peers.

2025-04-13 22:12:56 +00:00 · 2014-10-02 11:08:59 -07:00 · 2014-10-02 11:08:59 -07:00 · 17da733f97
commit 17da733f97
parent 23836d4c11
1 changed files with 14 additions and 24 deletions
--- a/node/Packet.hpp
+++ b/node/Packet.hpp
@ -107,15 +107,6 @@
 */
 #define ZT_PROTO_CIPHER_SUITE__C25519_AES256_GCM 0x1

-/**
- * Header flag indicating that a packet is encrypted with Salsa20
- *
- * If this is not set, then the packet's payload is in the clear and the
- * MAC is over this (since there is no ciphertext). Otherwise the MAC is
- * of the ciphertext after encryption.
- */
-#define ZT_PROTO_FLAG_ENCRYPTED 0x80
-
 /**
 * Header flag indicating that a packet is fragmented
 *
@ -320,7 +311,7 @@ namespace ZeroTier {
 * 
 * Packets smaller than 28 bytes are invalid and silently discarded.
 *
- * The flags/cipher/hops bit field is: CCCFFHHH where C is a 3-bit cipher
+ * The flags/cipher/hops bit field is: FFCCCHHH where C is a 3-bit cipher
 * selection allowing up to 8 cipher suites, F is flags (reserved, currently
 * all zero), and H is hop count.
 *
@ -1024,7 +1015,13 @@ public:
 	/**
 	 * @return Cipher suite selector: 0 - 7 (see #defines)
 	 */
-	inline unsigned int cipher() const { return (((unsigned int)(*this)[ZT_PACKET_IDX_FLAGS] & 0xe0) >> 5); }
+	inline unsigned int cipher() const
+	{
+		unsigned char b = (*this)[ZT_PACKET_IDX_FLAGS];
+		//return (((unsigned int)(*this)[ZT_PACKET_IDX_FLAGS] & 0x38) >> 3);
+		// Use DEPRECATED 0x80 "encrypted" flag -- this will go away once there are no more <1.0.0 peers on the net
+		return ((b & 0x80) == 0) ? ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_NONE : ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012;
+	}

 	/**
 	 * Set this packet's cipher suite
@ -1035,18 +1032,13 @@ public:
 	inline void setCipher(unsigned int c)
 	{
 		unsigned char &b = (*this)[ZT_PACKET_IDX_FLAGS];
-		b &= 0x1f;
-		b |= (unsigned char)(c << 5);
+		b = (b & 0xc7) | (unsigned char)((c << 3) & 0x38);
+		// Set both the new cipher suite spec field and the old DEPRECATED "encrypted" flag as long as there's <1.0.0 peers online
+		if (c == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)
+			b |= 0x80;
+		else b &= 0x7f;
 	}

-	/**
-	 * Set the cipher suite field to zero indicating unencrypted
-	 *
-	 * This normally should not be called directly. It's here for use by
-	 * armoring and dearmoring functions.
-	 */
-	inline void clearCipher() { (*this)[ZT_PACKET_IDX_FLAGS] &= 0x1f; }
-
 	/**
 	 * Get this packet's unique ID (the IV field interpreted as uint64_t)
 	 * 
@ -1137,10 +1129,8 @@ public:
 			if (!Utils::secureEq(mac,field(ZT_PACKET_IDX_MAC,8),8))
 				return false;

-			if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012) {
+			if (cs == ZT_PROTO_CIPHER_SUITE__C25519_POLY1305_SALSA2012)
 				s20.decrypt(payload,payload,payloadLen);
-				clearCipher();
-			}

 			return true;
 		} else if (cs == ZT_PROTO_CIPHER_SUITE__C25519_AES256_GCM) {