5
0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-25 21:51:38 +00:00

send dht responses via reverse path (fixes some possible DDoS issues with the old coord approach)

This commit is contained in:
Arceliar 2020-11-08 06:09:55 -06:00
parent 0ac203b007
commit 144d42c773
2 changed files with 9 additions and 7 deletions

View File

@ -185,7 +185,7 @@ func dht_ordered(first, second, third *crypto.NodeID) bool {
// Reads a request, performs a lookup, and responds. // Reads a request, performs a lookup, and responds.
// Update info about the node that sent the request. // Update info about the node that sent the request.
func (t *dht) handleReq(req *dhtReq) { func (t *dht) handleReq(req *dhtReq, rpath []byte) {
// Send them what they asked for // Send them what they asked for
res := dhtRes{ res := dhtRes{
Key: t.router.core.boxPub, Key: t.router.core.boxPub,
@ -193,7 +193,7 @@ func (t *dht) handleReq(req *dhtReq) {
Dest: req.Dest, Dest: req.Dest,
Infos: t.lookup(&req.Dest, false), Infos: t.lookup(&req.Dest, false),
} }
t.sendRes(&res, req) t.sendRes(&res, req, rpath)
// Also add them to our DHT // Also add them to our DHT
info := dhtInfo{ info := dhtInfo{
key: req.Key, key: req.Key,
@ -213,13 +213,15 @@ func (t *dht) handleReq(req *dhtReq) {
} }
// Sends a lookup response to the specified node. // Sends a lookup response to the specified node.
func (t *dht) sendRes(res *dhtRes, req *dhtReq) { func (t *dht) sendRes(res *dhtRes, req *dhtReq, rpath []byte) {
// Send a reply for a dhtReq // Send a reply for a dhtReq
bs := res.encode() bs := res.encode()
shared := t.router.sessions.getSharedKey(&t.router.core.boxPriv, &req.Key) shared := t.router.sessions.getSharedKey(&t.router.core.boxPriv, &req.Key)
payload, nonce := crypto.BoxSeal(shared, bs, nil) payload, nonce := crypto.BoxSeal(shared, bs, nil)
path := append([]byte{0}, switch_reverseCoordBytes(rpath)...)
p := wire_protoTrafficPacket{ p := wire_protoTrafficPacket{
Coords: req.Coords, Offset: 1,
Coords: path,
ToKey: req.Key, ToKey: req.Key,
FromKey: t.router.core.boxPub, FromKey: t.router.core.boxPub,
Nonce: *nonce, Nonce: *nonce,

View File

@ -204,7 +204,7 @@ func (r *router) _handleProto(packet []byte) {
case wire_NodeInfoResponse: case wire_NodeInfoResponse:
r._handleNodeInfo(bs, &p.FromKey) r._handleNodeInfo(bs, &p.FromKey)
case wire_DHTLookupRequest: case wire_DHTLookupRequest:
r._handleDHTReq(bs, &p.FromKey) r._handleDHTReq(bs, &p.FromKey, p.RPath)
case wire_DHTLookupResponse: case wire_DHTLookupResponse:
r._handleDHTRes(bs, &p.FromKey) r._handleDHTRes(bs, &p.FromKey)
default: default:
@ -227,13 +227,13 @@ func (r *router) _handlePong(bs []byte, fromKey *crypto.BoxPubKey, rpath []byte)
} }
// Decodes dht requests and passes them to dht.handleReq to trigger a lookup/response. // Decodes dht requests and passes them to dht.handleReq to trigger a lookup/response.
func (r *router) _handleDHTReq(bs []byte, fromKey *crypto.BoxPubKey) { func (r *router) _handleDHTReq(bs []byte, fromKey *crypto.BoxPubKey, rpath []byte) {
req := dhtReq{} req := dhtReq{}
if !req.decode(bs) { if !req.decode(bs) {
return return
} }
req.Key = *fromKey req.Key = *fromKey
r.dht.handleReq(&req) r.dht.handleReq(&req, rpath)
} }
// Decodes dht responses and passes them to dht.handleRes to update the DHT table and further pass them to the search code (if applicable). // Decodes dht responses and passes them to dht.handleRes to update the DHT table and further pass them to the search code (if applicable).