Skip to content
Snippets Groups Projects
Commit 4f2d526c authored by bontric's avatar bontric
Browse files

Check if contact Id matches expected Id if we receive a stream from

the mailbox
parent 47541e5a
No related branches found
No related tags found
No related merge requests found
...@@ -78,7 +78,7 @@ public class MailboxOwnerSession extends AbstractMailboxSession { ...@@ -78,7 +78,7 @@ public class MailboxOwnerSession extends AbstractMailboxSession {
while (nextStream != null) { while (nextStream != null) {
// Send TAKE request and delete stream if request was successfull // Send TAKE request and delete stream if request was successfull
MailboxRequestTake req = MailboxRequestTake req =
new MailboxRequestTake(nextStream.getStream()); new MailboxRequestTake(nextStream.getContactId(), nextStream.getStream());
mailboxProtocol.writeRequest(req); mailboxProtocol.writeRequest(req);
if (req.awaitAndGetResponse()) if (req.awaitAndGetResponse())
......
...@@ -47,7 +47,8 @@ public class PrivateMailboxSession extends AbstractMailboxSession { ...@@ -47,7 +47,8 @@ public class PrivateMailboxSession extends AbstractMailboxSession {
MailboxProtocol mailboxProtocol, int transportMaxLatency, MailboxProtocol mailboxProtocol, int transportMaxLatency,
int transportMaxIdleTime, DatabaseComponent db) { int transportMaxIdleTime, DatabaseComponent db) {
super(ioExecutor, db, keyManager, syncSessionFactory, streamWriterFactory, super(ioExecutor, db, keyManager, syncSessionFactory,
streamWriterFactory,
streamReaderFactory, mailboxProtocol, transportMaxLatency, streamReaderFactory, mailboxProtocol, transportMaxLatency,
transportMaxIdleTime, contactId); transportMaxIdleTime, contactId);
this.syncSessionFactory = syncSessionFactory; this.syncSessionFactory = syncSessionFactory;
...@@ -113,11 +114,13 @@ public class PrivateMailboxSession extends AbstractMailboxSession { ...@@ -113,11 +114,13 @@ public class PrivateMailboxSession extends AbstractMailboxSession {
MailboxRequestTake takeRequest = (MailboxRequestTake) request; MailboxRequestTake takeRequest = (MailboxRequestTake) request;
InputStream in = new ByteArrayInputStream( InputStream in = new ByteArrayInputStream(
takeRequest.getEncryptedSyncStream()); takeRequest.getEncryptedSyncStream());
try { try {
StreamContext ctx = readTag(in); StreamContext ctx = readTag(in);
if (ctx.getContactId() != (takeRequest.getContactId()))
throw new ProtocolException(
"Stream does not match expected contactId");
InputStream reader = InputStream reader =
streamReaderFactory.createStreamReader(in, ctx); streamReaderFactory.createStreamReader(in, ctx);
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment