diff --git a/CMakeLists.txt b/CMakeLists.txt
index a84c8b4610fd0355bffc26d097ddeb8915f6c723..664f32f20cee4aef13612ff8b3c0f8855bd733b5 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -2,7 +2,7 @@ project(cellframe-sdk C)
cmake_minimum_required(VERSION 3.0)
set(CMAKE_C_STANDARD 11)
-set(CELLFRAME_SDK_NATIVE_VERSION "2.9-6")
+set(CELLFRAME_SDK_NATIVE_VERSION "2.9-7")
add_definitions ("-DCELLFRAME_SDK_VERSION=\"${CELLFRAME_SDK_NATIVE_VERSION}\"")
set(DAPSDK_MODULES "")
message("Cellframe modules: ${CELLFRAME_MODULES}")
diff --git a/dap-sdk/crypto/include/dap_sign.h b/dap-sdk/crypto/include/dap_sign.h
index 61ccf73569e7cea365c25b1cf12ae783f6b338f9..1de33fe7bb144a689e6926ece32f055a52c238c3 100755
--- a/dap-sdk/crypto/include/dap_sign.h
+++ b/dap-sdk/crypto/include/dap_sign.h
@@ -127,6 +127,7 @@ uint8_t* dap_sign_get_sign(dap_sign_t *a_sign, size_t *a_sign_out);
uint8_t* dap_sign_get_pkey(dap_sign_t *a_sign, size_t *a_pub_key_out);
bool dap_sign_get_pkey_hash(dap_sign_t *a_sign, dap_chain_hash_fast_t * a_sign_hash);
+bool dap_sign_verify_size(dap_sign_t *a_sign, size_t a_key_size_max);
dap_enc_key_t *dap_sign_to_enc_key(dap_sign_t * a_chain_sign);
const char * dap_sign_type_to_str(dap_sign_type_t a_chain_sign_type);
dap_sign_type_t dap_sign_type_from_str(const char * a_type_str);
diff --git a/dap-sdk/crypto/src/dap_sign.c b/dap-sdk/crypto/src/dap_sign.c
index 349c2ebe623888c15b03ed3b4fc1a95c97b5b0b7..0dc4d61feae5c188df8262e0a3a4137ac800d010 100755
--- a/dap-sdk/crypto/src/dap_sign.c
+++ b/dap-sdk/crypto/src/dap_sign.c
@@ -90,7 +90,7 @@ dap_enc_key_type_t dap_sign_type_to_key_type(dap_sign_type_t a_chain_sign_type
case SIG_TYPE_TESLA: return DAP_ENC_KEY_TYPE_SIG_TESLA;
case SIG_TYPE_PICNIC: return DAP_ENC_KEY_TYPE_SIG_PICNIC;
case SIG_TYPE_DILITHIUM: return DAP_ENC_KEY_TYPE_SIG_DILITHIUM;
- default: return DAP_ENC_KEY_TYPE_NULL;
+ default: return DAP_ENC_KEY_TYPE_INVALID;
}
}
@@ -315,6 +315,13 @@ bool dap_sign_get_pkey_hash(dap_sign_t *a_sign, dap_chain_hash_fast_t * a_sign_h
}
+bool dap_sign_verify_size(dap_sign_t *a_sign, size_t a_key_size_max)
+{
+ if (a_sign->header.sign_pkey_size > a_key_size_max)
+ return false;
+ return true;
+}
+
/**
* @brief dap_sign_to_enc_key
* @param a_chain_sign
@@ -322,9 +329,12 @@ bool dap_sign_get_pkey_hash(dap_sign_t *a_sign, dap_chain_hash_fast_t * a_sign_h
*/
dap_enc_key_t *dap_sign_to_enc_key(dap_sign_t * a_chain_sign)
{
- dap_enc_key_t * l_ret = dap_enc_key_new( dap_sign_type_to_key_type( a_chain_sign->header.type ) );
+ dap_enc_key_type_t l_type = dap_sign_type_to_key_type(a_chain_sign->header.type);
+ if (l_type == DAP_ENC_KEY_TYPE_INVALID)
+ return NULL;
size_t l_pkey_size = 0;
uint8_t *l_pkey = dap_sign_get_pkey(a_chain_sign, &l_pkey_size);
+ dap_enc_key_t * l_ret = dap_enc_key_new(l_type);
// deserialize public key
dap_enc_key_deserealize_pub_key(l_ret, l_pkey, l_pkey_size);
return l_ret;
@@ -339,11 +349,10 @@ dap_enc_key_t *dap_sign_to_enc_key(dap_sign_t * a_chain_sign)
*/
int dap_sign_verify(dap_sign_t * a_chain_sign, const void * a_data, const size_t a_data_size)
{
- int l_ret;
- if (!a_chain_sign || !a_data)
+ if (!a_chain_sign || !a_data || !dap_sign_verify_size(a_chain_sign, a_data_size))
return -2;
- dap_enc_key_t * l_key = dap_sign_to_enc_key(a_chain_sign);
+ dap_enc_key_t * l_key = dap_sign_to_enc_key(a_chain_sign);
if ( ! l_key ){
log_it(L_WARNING,"Incorrect signature, can't extract key");
return -3;
@@ -352,6 +361,7 @@ int dap_sign_verify(dap_sign_t * a_chain_sign, const void * a_data, const size_t
uint8_t *l_sign_data_ser = dap_sign_get_sign(a_chain_sign, &l_sign_data_ser_size);
if ( ! l_sign_data_ser ){
+ dap_enc_key_delete(l_key);
log_it(L_WARNING,"Incorrect signature, can't extract serialized signature's data ");
return -4;
}
@@ -362,9 +372,12 @@ int dap_sign_verify(dap_sign_t * a_chain_sign, const void * a_data, const size_t
if ( ! l_sign_data ){
log_it(L_WARNING,"Incorrect signature, can't deserialize signature's data");
+ dap_enc_key_delete(l_key);
+ dap_enc_key_signature_delete(l_key->type, l_sign_data);
return -5;
}
+ int l_ret;
//uint8_t * l_sign = a_chain_sign->pkey_n_sign + a_chain_sign->header.sign_pkey_size;
switch (l_key->type) {
case DAP_ENC_KEY_TYPE_SIG_TESLA:
diff --git a/dap-sdk/net/client/dap_client_pvt.c b/dap-sdk/net/client/dap_client_pvt.c
index 33f62641861bbdaf6d191dd37e596796070e396b..46cfeb6d4c46d1446cc673ac26e1580cf0573ffc 100644
--- a/dap-sdk/net/client/dap_client_pvt.c
+++ b/dap-sdk/net/client/dap_client_pvt.c
@@ -1234,8 +1234,10 @@ static void s_stream_es_callback_delete(dap_events_socket_t *a_es, void *arg)
}
}
dap_stream_delete(l_client_pvt->stream);
- DAP_DEL_Z(l_client_pvt->stream_es->remote_addr_str)
- DAP_DEL_Z(l_client_pvt->stream_es->remote_addr_str6)
+ if (l_client_pvt->stream_es) {
+ DAP_DEL_Z(l_client_pvt->stream_es->remote_addr_str)
+ DAP_DEL_Z(l_client_pvt->stream_es->remote_addr_str6)
+ }
l_client_pvt->stream = NULL;
l_client_pvt->stream_es = NULL;
}
@@ -1305,7 +1307,7 @@ static void s_stream_es_callback_write(dap_events_socket_t * a_es, void * arg)
// Response received after client_pvt was deleted
return;
}
- if (l_client_pvt->stage_status == STAGE_STATUS_ERROR)
+ if (l_client_pvt->stage_status == STAGE_STATUS_ERROR || !l_client_pvt->stream)
return;
switch (l_client_pvt->stage) {
case STAGE_STREAM_STREAMING: {
diff --git a/dap-sdk/net/core/include/dap_proc_thread.h b/dap-sdk/net/core/include/dap_proc_thread.h
index 68537c3dbec148b82389b80e3967260132e0ac51..f4436778b18e1f09a3ef6044d768f9972030d43a 100644
--- a/dap-sdk/net/core/include/dap_proc_thread.h
+++ b/dap-sdk/net/core/include/dap_proc_thread.h
@@ -67,6 +67,7 @@ typedef struct dap_proc_thread{
} dap_proc_thread_t;
int dap_proc_thread_init(uint32_t a_threads_count);
+void dap_proc_thread_deinit();
dap_proc_thread_t * dap_proc_thread_get(uint32_t a_thread_number);
dap_proc_thread_t * dap_proc_thread_get_auto();
dap_events_socket_t * dap_proc_thread_create_queue_ptr(dap_proc_thread_t * a_thread, dap_events_socket_callback_queue_ptr_t a_callback);
diff --git a/modules/channel/chain/dap_stream_ch_chain.c b/modules/channel/chain/dap_stream_ch_chain.c
index 7c6923b45b72b42651828eb4f202bca3d79c56bd..160e1d5d059b39be9959439ba6c03dbe1bfbf746 100644
--- a/modules/channel/chain/dap_stream_ch_chain.c
+++ b/modules/channel/chain/dap_stream_ch_chain.c
@@ -1240,13 +1240,15 @@ void dap_stream_ch_chain_go_idle ( dap_stream_ch_chain_t * a_ch_chain)
// Cleanup after request
memset(&a_ch_chain->request, 0, sizeof(a_ch_chain->request));
memset(&a_ch_chain->request_hdr, 0, sizeof(a_ch_chain->request_hdr));
- if(a_ch_chain->request_atom_iter)
+ if(a_ch_chain->request_atom_iter) {
if(a_ch_chain->request_atom_iter->chain)
if(a_ch_chain->request_atom_iter->chain->callback_atom_iter_delete){
a_ch_chain->request_atom_iter->chain->callback_atom_iter_delete(a_ch_chain->request_atom_iter);
+ a_ch_chain->request_atom_iter = NULL;
return;
}
- DAP_DEL_Z(a_ch_chain->request_atom_iter);
+ DAP_DEL_Z(a_ch_chain->request_atom_iter);
+ }
}
static void s_process_gdb_iter(dap_stream_ch_t *a_ch)
diff --git a/modules/net/srv/dap_chain_net_srv_order.c b/modules/net/srv/dap_chain_net_srv_order.c
index b4fc60198f03e6db7018739781ad29b0404ff8ab..a61fa752ffb269dd24703dea5e1347611a1d7479 100644
--- a/modules/net/srv/dap_chain_net_srv_order.c
+++ b/modules/net/srv/dap_chain_net_srv_order.c
@@ -531,7 +531,7 @@ static void s_srv_order_callback_notify(void *a_arg, const char a_op_code, const
char *l_gdb_group_str = dap_chain_net_srv_order_get_gdb_group(l_net);
if (!strcmp(a_group, l_gdb_group_str)) {
dap_chain_net_srv_order_t *l_order = (dap_chain_net_srv_order_t *)a_value;
- if (l_order->version == 1) {
+ if (l_order->version != 2) {
dap_chain_global_db_gr_del(dap_strdup(a_key), a_group);
} else {
dap_sign_t *l_sign = (dap_sign_t *)&l_order->ext[l_order->ext_size];