yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-11-04 03:05:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Enforce AllowedEncryptionPublicKeys for all peers inc. link-local

Browse source
This commit is contained in:
Neil Alexander 2019-01-31 23:47:20 +00:00
parent 432f93de89
commit ec5f7d9879
No known key found for this signature in database
GPG key ID: A02A2019A2BB0944
1 changed files with 4 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

13
src/yggdrasil/link.go
View file

@ -107,15 +107,10 @@ func (intf *linkInterface) handler() error {
}
// Check if we're authorized to connect to this key / IP
if !intf.link.core.peers.isAllowedEncryptionPublicKey(&meta.box) {
// Allow unauthorized peers if they're link-local
raddrStr, _, _ := net.SplitHostPort(intf.info.remote)
raddr := net.ParseIP(raddrStr)
if !raddr.IsLinkLocalUnicast() {
intf.link.core.log.Debugf("%s connection to %s forbidden: AllowedEncryptionPublicKey does not contain key %s",
strings.ToUpper(intf.info.linkType), intf.info.remote, hex.EncodeToString(meta.box[:]))
intf.msgIO.close()
return nil
}
intf.link.core.log.Debugf("%s connection to %s forbidden: AllowedEncryptionPublicKeys does not contain key %s",
strings.ToUpper(intf.info.linkType), intf.info.remote, hex.EncodeToString(meta.box[:]))
intf.msgIO.close()
return nil
}
// Check if we already have a link to this node
intf.info.box = meta.box