check that the source IP inside a packet matches the address or prefix for the session that transmitted it

This commit is contained in:
Arceliar 2018-01-19 17:33:04 -06:00
parent f929df1ea9
commit 502ab3cfaa
2 changed files with 9 additions and 8 deletions

View File

@ -149,21 +149,22 @@ func (r *router) sendPacket(bs []byte) {
} }
} }
func (r *router) recvPacket(bs []byte, theirAddr *address) { func (r *router) recvPacket(bs []byte, theirAddr *address, theirSubnet *subnet) {
// TODO pass their NodeID, check *that* instead // TODO? move this into the session?
// Or store their address in the session?...
//fmt.Println("Recv packet") //fmt.Println("Recv packet")
if theirAddr == nil {
panic("Should not happen ever")
}
if len(bs) < 24 { if len(bs) < 24 {
util_putBytes(bs)
return return
} }
var source address var source address
copy(source[:], bs[8:]) copy(source[:], bs[8:])
var snet subnet var snet subnet
copy(snet[:], bs[8:]) copy(snet[:], bs[8:])
if !source.isValid() && !snet.isValid() { switch {
case source.isValid() && source == *theirAddr:
case snet.isValid() && snet == *theirSubnet:
default:
util_putBytes(bs)
return return
} }
//go func() { r.recv<-bs }() //go func() { r.recv<-bs }()

View File

@ -373,5 +373,5 @@ func (sinfo *sessionInfo) doRecv(p *wire_trafficPacket) {
} }
sinfo.updateNonce(&p.nonce) sinfo.updateNonce(&p.nonce)
sinfo.time = time.Now() sinfo.time = time.Now()
sinfo.core.router.recvPacket(bs, &sinfo.theirAddr) sinfo.core.router.recvPacket(bs, &sinfo.theirAddr, &sinfo.theirSubnet)
} }