5
0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-09 16:20:26 +00:00

send dht responses via reverse path (fixes some possible DDoS issues with the old coord approach)

This commit is contained in:
Arceliar 2020-11-08 06:09:55 -06:00
parent 0ac203b007
commit 144d42c773
2 changed files with 9 additions and 7 deletions

View File

@ -185,7 +185,7 @@ func dht_ordered(first, second, third *crypto.NodeID) bool {
// Reads a request, performs a lookup, and responds.
// Update info about the node that sent the request.
func (t *dht) handleReq(req *dhtReq) {
func (t *dht) handleReq(req *dhtReq, rpath []byte) {
// Send them what they asked for
res := dhtRes{
Key: t.router.core.boxPub,
@ -193,7 +193,7 @@ func (t *dht) handleReq(req *dhtReq) {
Dest: req.Dest,
Infos: t.lookup(&req.Dest, false),
}
t.sendRes(&res, req)
t.sendRes(&res, req, rpath)
// Also add them to our DHT
info := dhtInfo{
key: req.Key,
@ -213,13 +213,15 @@ func (t *dht) handleReq(req *dhtReq) {
}
// Sends a lookup response to the specified node.
func (t *dht) sendRes(res *dhtRes, req *dhtReq) {
func (t *dht) sendRes(res *dhtRes, req *dhtReq, rpath []byte) {
// Send a reply for a dhtReq
bs := res.encode()
shared := t.router.sessions.getSharedKey(&t.router.core.boxPriv, &req.Key)
payload, nonce := crypto.BoxSeal(shared, bs, nil)
path := append([]byte{0}, switch_reverseCoordBytes(rpath)...)
p := wire_protoTrafficPacket{
Coords: req.Coords,
Offset: 1,
Coords: path,
ToKey: req.Key,
FromKey: t.router.core.boxPub,
Nonce: *nonce,

View File

@ -204,7 +204,7 @@ func (r *router) _handleProto(packet []byte) {
case wire_NodeInfoResponse:
r._handleNodeInfo(bs, &p.FromKey)
case wire_DHTLookupRequest:
r._handleDHTReq(bs, &p.FromKey)
r._handleDHTReq(bs, &p.FromKey, p.RPath)
case wire_DHTLookupResponse:
r._handleDHTRes(bs, &p.FromKey)
default:
@ -227,13 +227,13 @@ func (r *router) _handlePong(bs []byte, fromKey *crypto.BoxPubKey, rpath []byte)
}
// Decodes dht requests and passes them to dht.handleReq to trigger a lookup/response.
func (r *router) _handleDHTReq(bs []byte, fromKey *crypto.BoxPubKey) {
func (r *router) _handleDHTReq(bs []byte, fromKey *crypto.BoxPubKey, rpath []byte) {
req := dhtReq{}
if !req.decode(bs) {
return
}
req.Key = *fromKey
r.dht.handleReq(&req)
r.dht.handleReq(&req, rpath)
}
// Decodes dht responses and passes them to dht.handleRes to update the DHT table and further pass them to the search code (if applicable).