Harden native auth and SDK datagram handling

This commit is contained in:
DuProcess
2026-07-05 18:00:31 -04:00
parent 92c94176bd
commit f205e0c128
3 changed files with 236 additions and 14 deletions
+42 -4
View File
@@ -433,6 +433,7 @@ struct PendingStreamOpen {
attempts: u32,
}
#[derive(Clone)]
struct PendingNativeAuth {
client: dosh::native::NativeClientHello,
server: NativeServerHello,
@@ -992,8 +993,8 @@ async fn handle_native_user_auth(
packet: &protocol::Packet,
) -> Result<()> {
let pending = {
let mut locked = state.lock().expect("server state poisoned");
locked.pending_native.remove(&packet.header.conn_id)
let locked = state.lock().expect("server state poisoned");
locked.pending_native.get(&packet.header.conn_id).cloned()
};
let Some(pending) = pending else {
return send_reject_to_client(socket, peer, packet.header.conn_id, "unknown native auth")
@@ -1009,11 +1010,38 @@ async fn handle_native_user_auth(
.await;
}
if pending.created_at.elapsed() > Duration::from_secs(30) {
state
.lock()
.expect("server state poisoned")
.pending_native
.remove(&packet.header.conn_id);
return send_reject_to_client(socket, peer, packet.header.conn_id, "native auth expired")
.await;
}
let body = protocol::decrypt_body(packet, &pending.session_key, CLIENT_TO_SERVER)?;
let req: NativeUserAuthBody = protocol::from_body(&body)?;
let body = match protocol::decrypt_body(packet, &pending.session_key, CLIENT_TO_SERVER) {
Ok(body) => body,
Err(_) => {
return send_reject_to_client(
socket,
peer,
packet.header.conn_id,
"native auth decrypt failed",
)
.await;
}
};
let req: NativeUserAuthBody = match protocol::from_body(&body) {
Ok(req) => req,
Err(_) => {
return send_reject_to_client(
socket,
peer,
packet.header.conn_id,
"invalid native auth body",
)
.await;
}
};
if pending.client.requested_mode == "doctor" {
let check_result = {
let locked = state.lock().expect("server state poisoned");
@@ -1049,6 +1077,11 @@ async fn handle_native_user_auth(
.await;
}
};
state
.lock()
.expect("server state poisoned")
.pending_native
.remove(&packet.header.conn_id);
let body = protocol::to_body(&check)?;
let out = protocol::encode_encrypted(
PacketKind::NativeAuthCheckOk,
@@ -1229,6 +1262,11 @@ async fn handle_native_user_auth(
if let Some((listener, path)) = agent_listener {
spawn_agent_forward(state, socket, client_id, listener, path);
}
state
.lock()
.expect("server state poisoned")
.pending_native
.remove(&packet.header.conn_id);
let ok = NativeAuthOk {
client_id,