Skip to content

Commit

Permalink
Don't use channel index for encrypted packet (meshtastic#5509)
Browse files Browse the repository at this point in the history
* Don't use channel index for encrypted packet

* Remove assert in `getKey`, set invalid key length
So encrypting will fail without reboot

* Reset channel to 0 when unable to encrypt
Such that the NAK doesn't use the failing channel hash
  • Loading branch information
GUVWAF authored Dec 5, 2024
1 parent d3e3985 commit c3d6034
Show file tree
Hide file tree
Showing 3 changed files with 4 additions and 3 deletions.
3 changes: 1 addition & 2 deletions src/mesh/Channels.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -178,12 +178,11 @@ CryptoKey Channels::getKey(ChannelIndex chIndex)
{
meshtastic_Channel &ch = getByIndex(chIndex);
const meshtastic_ChannelSettings &channelSettings = ch.settings;
assert(ch.has_settings);

CryptoKey k;
memset(k.bytes, 0, sizeof(k.bytes)); // In case the user provided a short key, we want to pad the rest with zeros

if (ch.role == meshtastic_Channel_Role_DISABLED) {
if (!ch.has_settings || ch.role == meshtastic_Channel_Role_DISABLED) {
k.length = -1; // invalid
} else {
memcpy(k.bytes, channelSettings.psk.bytes, channelSettings.psk.size);
Expand Down
3 changes: 2 additions & 1 deletion src/mesh/FloodingRouter.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,8 @@ bool FloodingRouter::shouldFilterReceived(const meshtastic_MeshPacket *p)
if (isRepeated) {
LOG_DEBUG("Repeated reliable tx");
if (!perhapsRebroadcast(p) && isToUs(p) && p->want_ack) {
sendAckNak(meshtastic_Routing_Error_NONE, getFrom(p), p->id, p->channel, 0);
// FIXME - channel index should be used, but the packet is still encrypted here
sendAckNak(meshtastic_Routing_Error_NONE, getFrom(p), p->id, 0, 0);
}
}

Expand Down
1 change: 1 addition & 0 deletions src/mesh/Router.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -271,6 +271,7 @@ ErrorCode Router::send(meshtastic_MeshPacket *p)
auto encodeResult = perhapsEncode(p);
if (encodeResult != meshtastic_Routing_Error_NONE) {
packetPool.release(p_decoded);
p->channel = 0; // Reset the channel to 0, so we don't use the failing hash again
abortSendAndNak(encodeResult, p);
return encodeResult; // FIXME - this isn't a valid ErrorCode
}
Expand Down

0 comments on commit c3d6034

Please sign in to comment.