mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-12-04 05:20:30 +00:00
AK: Use secure SipHash-4-8 for IP addresses
Routing tables formed with IP address hashes should be DoS-resistant.
This commit is contained in:
parent
9a026fc8d5
commit
4cefb02324
Notes:
sideshowbarker
2024-07-17 06:51:10 +09:00
Author: https://github.com/kleinesfilmroellchen Commit: https://github.com/SerenityOS/serenity/commit/4cefb02324 Pull-request: https://github.com/SerenityOS/serenity/pull/21069 Reviewed-by: https://github.com/alimpfard
2 changed files with 4 additions and 13 deletions
|
@ -9,6 +9,7 @@
|
|||
#include <AK/Endian.h>
|
||||
#include <AK/Format.h>
|
||||
#include <AK/Optional.h>
|
||||
#include <AK/SipHash.h>
|
||||
#include <AK/StringView.h>
|
||||
#include <AK/Vector.h>
|
||||
|
||||
|
@ -162,7 +163,7 @@ static_assert(sizeof(IPv4Address) == 4);
|
|||
|
||||
template<>
|
||||
struct Traits<IPv4Address> : public GenericTraits<IPv4Address> {
|
||||
static constexpr unsigned hash(IPv4Address const& address) { return int_hash(address.to_u32()); }
|
||||
static unsigned hash(IPv4Address const& address) { return secure_sip_hash(static_cast<u64>(address.to_u32())); }
|
||||
};
|
||||
|
||||
#ifdef KERNEL
|
||||
|
|
|
@ -270,18 +270,8 @@ static_assert(sizeof(IPv6Address) == 16);
|
|||
|
||||
template<>
|
||||
struct Traits<IPv6Address> : public GenericTraits<IPv6Address> {
|
||||
static constexpr unsigned hash(IPv6Address const& address)
|
||||
{
|
||||
unsigned h = 0;
|
||||
for (int group = 0; group < 8; group += 2) {
|
||||
u32 two_groups = ((u32)address[group] << 16) | (u32)address[group + 1];
|
||||
if (group == 0)
|
||||
h = int_hash(two_groups);
|
||||
else
|
||||
h = pair_int_hash(h, two_groups);
|
||||
}
|
||||
return h;
|
||||
}
|
||||
// SipHash-4-8 is considered conservatively secure, even if not cryptographically secure.
|
||||
static unsigned hash(IPv6Address const& address) { return sip_hash_bytes<4, 8>({ &address.to_in6_addr_t(), sizeof(address.to_in6_addr_t()) }); }
|
||||
};
|
||||
|
||||
#ifdef KERNEL
|
||||
|
|
Loading…
Reference in a new issue