Add regexp to limit which link-local IPv6 zones allow peering, and check that a peer isn't from within the networks address block (prevents accidental tunneling)

2025-04-28 22:25:07 +03:00 · 2018-01-09 02:08:54 -06:00 · 2018-01-09 02:08:54 -06:00 · ef1e0c902f
commit ef1e0c902f
parent b76fcbb402
4 changed files with 26 additions and 1 deletions
--- a/src/yggdrasil/core.go
+++ b/src/yggdrasil/core.go
@ -2,6 +2,7 @@ package yggdrasil

 import "io/ioutil"
 import "log"
+import "regexp"

 type Core struct {
 	// This is the main data structure that holds everything else for a node
@ -23,6 +24,7 @@ type Core struct {
 	tcp         *tcpInterface
 	udp         *udpInterface
 	log         *log.Logger
+	ifceExpr    *regexp.Regexp // the zone of link-local IPv6 peers must match this
 }

 func (c *Core) Init() {