SYNC added fpr/address spoofing protection

src/pEp_internal.h

@@ -54,6 +54,7 @@
 #include <string.h>
 #include <assert.h>
 #include <stdio.h>
+#include <ctype.h>
 
 #include "sqlite3.h"
 
@@ -170,3 +171,43 @@ void release_transport_system(PEP_SESSION session, bool out_last);
     log_event(session, (TITLE), (ENTITY), (DESC), "debug");
 #endif
 
+// Space tolerant and case insensitive fingerprint string compare
+static inline int _same_fpr(
+        const char* fpra,
+        size_t fpras,
+        const char* fprb,
+        size_t fprbs
+    )
+{
+    size_t ai = 0;
+    size_t bi = 0;
+    
+    do
+    {
+        if(fpra[ai] == 0 || fprb[bi] == 0)
+        {
+            return 0;
+        }
+        else if(fpra[ai] == ' ')
+        {
+            ai++;
+        }
+        else if(fprb[bi] == ' ')
+        {
+            bi++;
+        }
+        else if(toupper(fpra[ai]) == toupper(fprb[bi]))
+        {
+            ai++;
+            bi++;
+        }
+        else
+        {
+            return 0;
+        }
+        
+    }
+    while(ai < fpras && bi < fprbs);
+    
+    return ai == fpras && bi == fprbs;
+}

src/sync_impl.c

@@ -288,6 +288,47 @@ PEP_STATUS receive_DeviceState_msg(
                     return PEP_OUT_OF_MEMORY;
                 }
 
+                // detect and mitigate address spoofing
+                Identity check_me = NULL;
+                const char* null_terminated_address = 
+                    strndup((char *) msg->header.me.address->buf,
+                            msg->header.me.address->size);
+
+                status = get_identity(session, 
+                                      null_terminated_address, 
+                                      PEP_OWN_USERID, 
+                                      &check_me);
+
+                if (status == PEP_OUT_OF_MEMORY)
+                    goto free_all;
+
+                free_identity(check_me);
+
+                bool not_own_address = status != PEP_STATUS_OK;
+                status = PEP_STATUS_OK;
+
+                if (not_own_address || 
+                    strncmp(src->from->address,
+                            (char *) msg->header.me.address->buf,
+                            msg->header.me.address->size) != 0 ||
+                    strncmp(src->to->ident->address,
+                            (char *) msg->header.me.address->buf,
+                            msg->header.me.address->size) != 0) {
+                    consume = true;
+                    goto free_all;
+                }
+
+                // if encrypted, ensure that header.me.fpr match signer's fpr
+                if (rating >= PEP_rating_reliable && (
+                        !keylist ||
+                        !_same_fpr((char *) msg->header.me.fpr.buf,
+                                   msg->header.me.fpr.size,
+                                   keylist->value,
+                                   strlen(keylist->value)))) {
+                    consume = true;
+                    goto free_all;
+                }
+
                 // check message expiry 
                 if(src->recv) {
                     time_t expiry = timegm(src->recv) + SYNC_MSG_EXPIRE_TIME;