From 214cb84aba7bcaf9a069a6b67cdb4ccf754f095c Mon Sep 17 00:00:00 2001 From: jp112sdl Date: Tue, 23 Jan 2024 11:01:53 +0100 Subject: [PATCH 1/3] check for valid sender address before processing CONFIG or ACTION messages (resolves #318) --- MultiChannelDevice.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/MultiChannelDevice.h b/MultiChannelDevice.h index 04c43af3..c550082f 100644 --- a/MultiChannelDevice.h +++ b/MultiChannelDevice.h @@ -252,11 +252,21 @@ class ChannelDevice : public Device { lastdev = msg.from(); lastcnt = msg.count(); + //is Device already paired to a master / CCU ? + bool isPaired = HMID::broadcast != this->getMasterID(); + //received message is from our paired master / CCU ? + bool msgIsFromMaster = msg.from() == this->getMasterID(); + // start processing the message uint8_t mtype = msg.type(); uint8_t mcomm = msg.command(); uint8_t msubc = msg.subcommand(); if( mtype == AS_MESSAGE_CONFIG ) { + //we are already paired, but the CONFIG message does not come from master / CCU + if( isPaired == true && msgIsFromMaster == false ) { + //DPRINTLN(F("-> message for us, but from wrong master address.")); + return false; + } // PAIR_SERIAL if( msubc == AS_CONFIG_PAIR_SERIAL && this->isDeviceSerial(msg.data())==true ) { this->led().set(LedStates::pairing); @@ -383,6 +393,11 @@ class ChannelDevice : public Device { } } else if( mtype == AS_MESSAGE_ACTION ) { + //we are paired to a master / CCU, but the ACTION message does not come from master / CCU + if( isPaired==true && msgIsFromMaster==false ) { + //DPRINTLN(F("-> message for us, but from wrong master address.")); + return false; + } if ( mcomm == AS_ACTION_RESET || mcomm == AS_ACTION_ENTER_BOOTLOADER ) { if( validSignature(msg) == true ) { this->sendAck(msg); From 4636714595a45132ac7a0c84f25adba90004bf85 Mon Sep 17 00:00:00 2001 From: jp112sdl Date: Tue, 23 Jan 2024 21:52:31 +0100 Subject: [PATCH 2/3] add check for valid sender to key exchange --- MultiChannelDevice.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/MultiChannelDevice.h b/MultiChannelDevice.h index c550082f..5da9ff43 100644 --- a/MultiChannelDevice.h +++ b/MultiChannelDevice.h @@ -504,6 +504,10 @@ class ChannelDevice : public Device { #endif #ifdef USE_AES else if (mtype == AS_MESSAGE_KEY_EXCHANGE ) { + if( isPaired==true && msgIsFromMaster==false ) { + //DPRINTLN(F("-> message for us, but from wrong master address.")); + return false; + } if( validSignature(msg) == true ) { if( this->keystore().exchange(msg.aesExchange())==true ) answer = REPLAY_ACK; else answer = REPLAY_NACK; From 58dd99a858bf784000ea77c6541db1782239366e Mon Sep 17 00:00:00 2001 From: jp112sdl Date: Wed, 24 Jan 2024 09:10:35 +0100 Subject: [PATCH 3/3] don't accept key exchange if there is no paired master or the sender is not the master --- MultiChannelDevice.h | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/MultiChannelDevice.h b/MultiChannelDevice.h index 5da9ff43..51a57eeb 100644 --- a/MultiChannelDevice.h +++ b/MultiChannelDevice.h @@ -504,10 +504,7 @@ class ChannelDevice : public Device { #endif #ifdef USE_AES else if (mtype == AS_MESSAGE_KEY_EXCHANGE ) { - if( isPaired==true && msgIsFromMaster==false ) { - //DPRINTLN(F("-> message for us, but from wrong master address.")); - return false; - } + if( isPaired==false || msgIsFromMaster==false ) { return false; } if( validSignature(msg) == true ) { if( this->keystore().exchange(msg.aesExchange())==true ) answer = REPLAY_ACK; else answer = REPLAY_NACK;