From 144d42c773ad072e6d2311e76ad86c0fa98d7d85 Mon Sep 17 00:00:00 2001 From: Arceliar Date: Sun, 8 Nov 2020 06:09:55 -0600 Subject: [PATCH] send dht responses via reverse path (fixes some possible DDoS issues with the old coord approach) --- src/yggdrasil/dht.go | 10 ++++++---- src/yggdrasil/router.go | 6 +++--- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/src/yggdrasil/dht.go b/src/yggdrasil/dht.go index bbc31546..a68ba2bd 100644 --- a/src/yggdrasil/dht.go +++ b/src/yggdrasil/dht.go @@ -185,7 +185,7 @@ func dht_ordered(first, second, third *crypto.NodeID) bool { // Reads a request, performs a lookup, and responds. // Update info about the node that sent the request. -func (t *dht) handleReq(req *dhtReq) { +func (t *dht) handleReq(req *dhtReq, rpath []byte) { // Send them what they asked for res := dhtRes{ Key: t.router.core.boxPub, @@ -193,7 +193,7 @@ func (t *dht) handleReq(req *dhtReq) { Dest: req.Dest, Infos: t.lookup(&req.Dest, false), } - t.sendRes(&res, req) + t.sendRes(&res, req, rpath) // Also add them to our DHT info := dhtInfo{ key: req.Key, @@ -213,13 +213,15 @@ func (t *dht) handleReq(req *dhtReq) { } // Sends a lookup response to the specified node. -func (t *dht) sendRes(res *dhtRes, req *dhtReq) { +func (t *dht) sendRes(res *dhtRes, req *dhtReq, rpath []byte) { // Send a reply for a dhtReq bs := res.encode() shared := t.router.sessions.getSharedKey(&t.router.core.boxPriv, &req.Key) payload, nonce := crypto.BoxSeal(shared, bs, nil) + path := append([]byte{0}, switch_reverseCoordBytes(rpath)...) p := wire_protoTrafficPacket{ - Coords: req.Coords, + Offset: 1, + Coords: path, ToKey: req.Key, FromKey: t.router.core.boxPub, Nonce: *nonce, diff --git a/src/yggdrasil/router.go b/src/yggdrasil/router.go index f89b26f9..089c49e7 100644 --- a/src/yggdrasil/router.go +++ b/src/yggdrasil/router.go @@ -204,7 +204,7 @@ func (r *router) _handleProto(packet []byte) { case wire_NodeInfoResponse: r._handleNodeInfo(bs, &p.FromKey) case wire_DHTLookupRequest: - r._handleDHTReq(bs, &p.FromKey) + r._handleDHTReq(bs, &p.FromKey, p.RPath) case wire_DHTLookupResponse: r._handleDHTRes(bs, &p.FromKey) default: @@ -227,13 +227,13 @@ func (r *router) _handlePong(bs []byte, fromKey *crypto.BoxPubKey, rpath []byte) } // Decodes dht requests and passes them to dht.handleReq to trigger a lookup/response. -func (r *router) _handleDHTReq(bs []byte, fromKey *crypto.BoxPubKey) { +func (r *router) _handleDHTReq(bs []byte, fromKey *crypto.BoxPubKey, rpath []byte) { req := dhtReq{} if !req.decode(bs) { return } req.Key = *fromKey - r.dht.handleReq(&req) + r.dht.handleReq(&req, rpath) } // Decodes dht responses and passes them to dht.handleRes to update the DHT table and further pass them to the search code (if applicable).