mirror of
https://github.com/yggdrasil-network/yggdrasil-go.git
synced 2024-11-27 12:05:23 +00:00
check that the source IP inside a packet matches the address or prefix for the session that transmitted it
This commit is contained in:
parent
f929df1ea9
commit
502ab3cfaa
@ -149,21 +149,22 @@ func (r *router) sendPacket(bs []byte) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (r *router) recvPacket(bs []byte, theirAddr *address) {
|
func (r *router) recvPacket(bs []byte, theirAddr *address, theirSubnet *subnet) {
|
||||||
// TODO pass their NodeID, check *that* instead
|
// TODO? move this into the session?
|
||||||
// Or store their address in the session?...
|
|
||||||
//fmt.Println("Recv packet")
|
//fmt.Println("Recv packet")
|
||||||
if theirAddr == nil {
|
|
||||||
panic("Should not happen ever")
|
|
||||||
}
|
|
||||||
if len(bs) < 24 {
|
if len(bs) < 24 {
|
||||||
|
util_putBytes(bs)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
var source address
|
var source address
|
||||||
copy(source[:], bs[8:])
|
copy(source[:], bs[8:])
|
||||||
var snet subnet
|
var snet subnet
|
||||||
copy(snet[:], bs[8:])
|
copy(snet[:], bs[8:])
|
||||||
if !source.isValid() && !snet.isValid() {
|
switch {
|
||||||
|
case source.isValid() && source == *theirAddr:
|
||||||
|
case snet.isValid() && snet == *theirSubnet:
|
||||||
|
default:
|
||||||
|
util_putBytes(bs)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
//go func() { r.recv<-bs }()
|
//go func() { r.recv<-bs }()
|
||||||
|
@ -373,5 +373,5 @@ func (sinfo *sessionInfo) doRecv(p *wire_trafficPacket) {
|
|||||||
}
|
}
|
||||||
sinfo.updateNonce(&p.nonce)
|
sinfo.updateNonce(&p.nonce)
|
||||||
sinfo.time = time.Now()
|
sinfo.time = time.Now()
|
||||||
sinfo.core.router.recvPacket(bs, &sinfo.theirAddr)
|
sinfo.core.router.recvPacket(bs, &sinfo.theirAddr, &sinfo.theirSubnet)
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user