5
0
mirror of https://github.com/cwinfo/yggdrasil-go.git synced 2024-11-26 07:11:40 +00:00

Check AllowedEncryptionPublicKeys

This commit is contained in:
Neil Alexander 2019-01-31 23:29:18 +00:00
parent e36f88c75f
commit 432f93de89
No known key found for this signature in database
GPG Key ID: A02A2019A2BB0944

View File

@ -1,6 +1,7 @@
package yggdrasil package yggdrasil
import ( import (
"encoding/hex"
"errors" "errors"
"fmt" "fmt"
"net" "net"
@ -104,6 +105,18 @@ func (intf *linkInterface) handler() error {
intf.link.core.log.Errorln("Failed to connect to node: " + intf.name + " version: " + fmt.Sprintf("%d.%d", meta.ver, meta.minorVer)) intf.link.core.log.Errorln("Failed to connect to node: " + intf.name + " version: " + fmt.Sprintf("%d.%d", meta.ver, meta.minorVer))
return errors.New("failed to connect: wrong version") return errors.New("failed to connect: wrong version")
} }
// Check if we're authorized to connect to this key / IP
if !intf.link.core.peers.isAllowedEncryptionPublicKey(&meta.box) {
// Allow unauthorized peers if they're link-local
raddrStr, _, _ := net.SplitHostPort(intf.info.remote)
raddr := net.ParseIP(raddrStr)
if !raddr.IsLinkLocalUnicast() {
intf.link.core.log.Debugf("%s connection to %s forbidden: AllowedEncryptionPublicKey does not contain key %s",
strings.ToUpper(intf.info.linkType), intf.info.remote, hex.EncodeToString(meta.box[:]))
intf.msgIO.close()
return nil
}
}
// Check if we already have a link to this node // Check if we already have a link to this node
intf.info.box = meta.box intf.info.box = meta.box
intf.info.sig = meta.sig intf.info.sig = meta.sig