From 4036fe121cf1da3af0a5fbb1bd4d3a1a63619a23 Mon Sep 17 00:00:00 2001 From: GUVWAF <78759985+GUVWAF@users.noreply.github.com> Date: Thu, 5 Dec 2024 03:00:19 +0100 Subject: [PATCH] Don't use channel index for encrypted packet (#5509) * Don't use channel index for encrypted packet * Remove assert in `getKey`, set invalid key length So encrypting will fail without reboot * Reset channel to 0 when unable to encrypt Such that the NAK doesn't use the failing channel hash --- src/mesh/Channels.cpp | 3 +-- src/mesh/FloodingRouter.cpp | 3 ++- src/mesh/Router.cpp | 1 + 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/src/mesh/Channels.cpp b/src/mesh/Channels.cpp index cfaff7640a..4bdd9e674a 100644 --- a/src/mesh/Channels.cpp +++ b/src/mesh/Channels.cpp @@ -178,12 +178,11 @@ CryptoKey Channels::getKey(ChannelIndex chIndex) { meshtastic_Channel &ch = getByIndex(chIndex); const meshtastic_ChannelSettings &channelSettings = ch.settings; - assert(ch.has_settings); CryptoKey k; memset(k.bytes, 0, sizeof(k.bytes)); // In case the user provided a short key, we want to pad the rest with zeros - if (ch.role == meshtastic_Channel_Role_DISABLED) { + if (!ch.has_settings || ch.role == meshtastic_Channel_Role_DISABLED) { k.length = -1; // invalid } else { memcpy(k.bytes, channelSettings.psk.bytes, channelSettings.psk.size); diff --git a/src/mesh/FloodingRouter.cpp b/src/mesh/FloodingRouter.cpp index e959297bff..e29c596df4 100644 --- a/src/mesh/FloodingRouter.cpp +++ b/src/mesh/FloodingRouter.cpp @@ -36,7 +36,8 @@ bool FloodingRouter::shouldFilterReceived(const meshtastic_MeshPacket *p) if (isRepeated) { LOG_DEBUG("Repeated reliable tx"); if (!perhapsRebroadcast(p) && isToUs(p) && p->want_ack) { - sendAckNak(meshtastic_Routing_Error_NONE, getFrom(p), p->id, p->channel, 0); + // FIXME - channel index should be used, but the packet is still encrypted here + sendAckNak(meshtastic_Routing_Error_NONE, getFrom(p), p->id, 0, 0); } } diff --git a/src/mesh/Router.cpp b/src/mesh/Router.cpp index e9c62ff279..e714ef2154 100644 --- a/src/mesh/Router.cpp +++ b/src/mesh/Router.cpp @@ -271,6 +271,7 @@ ErrorCode Router::send(meshtastic_MeshPacket *p) auto encodeResult = perhapsEncode(p); if (encodeResult != meshtastic_Routing_Error_NONE) { packetPool.release(p_decoded); + p->channel = 0; // Reset the channel to 0, so we don't use the failing hash again abortSendAndNak(encodeResult, p); return encodeResult; // FIXME - this isn't a valid ErrorCode }