Correctly classify link-local addresses in the TCP handler, fix AllowedPublicEncryptionKeys warning

2024-11-22 14:10:28 +00:00 · 2019-03-12 16:03:02 +00:00 · 2019-03-12 16:03:02 +00:00 · dc3a05f13a
commit dc3a05f13a
parent c388885a92
2 changed files with 4 additions and 3 deletions
--- a/src/yggdrasil/link.go
+++ b/src/yggdrasil/link.go
@ -176,7 +176,7 @@ func (intf *linkInterface) handler() error {
 	}
 	// Check if we're authorized to connect to this key / IP
 	if intf.incoming && !intf.force && !intf.link.core.peers.isAllowedEncryptionPublicKey(&meta.box) {
-		intf.link.core.log.Warnf("%s connection to %s forbidden: AllowedEncryptionPublicKeys does not contain key %s",
+		intf.link.core.log.Warnf("%s connection from %s forbidden: AllowedEncryptionPublicKeys does not contain key %s",
 			strings.ToUpper(intf.info.linkType), intf.info.remote, hex.EncodeToString(meta.box[:]))
 		intf.msgIO.close()
 		return nil
--- a/src/yggdrasil/tcp.go
+++ b/src/yggdrasil/tcp.go
@ -19,6 +19,7 @@ import (
 	"fmt"
 	"math/rand"
 	"net"
+	"strings"
 	"sync"
 	"time"

@ -332,7 +333,7 @@ func (t *tcp) handler(sock net.Conn, incoming bool, options interface{}) {
 	stream.init(sock)
 	local, _, _ := net.SplitHostPort(sock.LocalAddr().String())
 	remote, _, _ := net.SplitHostPort(sock.RemoteAddr().String())
-	remotelinklocal := net.ParseIP(remote).IsLinkLocalUnicast()
+	force := net.ParseIP(strings.Split(remote, "%")[0]).IsLinkLocalUnicast()
 	var name string
 	var proto string
 	if socksaddr, issocks := options.(string); issocks {
@ -342,7 +343,7 @@ func (t *tcp) handler(sock net.Conn, incoming bool, options interface{}) {
 		name = "tcp://" + sock.RemoteAddr().String()
 		proto = "tcp"
 	}
-	link, err := t.link.core.link.create(&stream, name, proto, local, remote, incoming, remotelinklocal)
+	link, err := t.link.core.link.create(&stream, name, proto, local, remote, incoming, force)
 	if err != nil {
 		t.link.core.log.Println(err)
 		panic(err)