diff options
| author | Péter Szilágyi <peterke@gmail.com> | 2015-04-30 17:41:27 +0800 |
|---|---|---|
| committer | Péter Szilágyi <peterke@gmail.com> | 2015-04-30 21:06:47 +0800 |
| commit | 1528dbc17101597348eefe3f3fb8d4f0d5c54b3c (patch) | |
| tree | 20f7fb8fa6d850ebc1b72740c7f9abaf548c16d5 /p2p/handshake.go | |
| parent | 14f32a0c3a30c172c62272aa93f97e8a3d72ddcb (diff) | |
| download | dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.gz dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.bz2 dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.lz dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.xz dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.zst dexon-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.zip | |
p2p: add trust check to handshake, test privileged connectivity
Conflicts:
p2p/server_test.go
Diffstat (limited to 'p2p/handshake.go')
| -rw-r--r-- | p2p/handshake.go | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/p2p/handshake.go b/p2p/handshake.go index 79395f23f..280b5068e 100644 --- a/p2p/handshake.go +++ b/p2p/handshake.go @@ -70,21 +70,21 @@ type protoHandshake struct { // If dial is non-nil, the connection the local node is the initiator. // If atcap is true, the connection will be disconnected with DiscTooManyPeers // after the key exchange. -func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { if dial == nil { - return setupInboundConn(fd, prv, our, atcap) + return setupInboundConn(fd, prv, our, atcap, trust) } else { - return setupOutboundConn(fd, prv, our, dial, atcap) + return setupOutboundConn(fd, prv, our, dial, atcap, trust) } } -func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool) (*conn, error) { +func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { secrets, err := receiverEncHandshake(fd, prv, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trust[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } @@ -99,13 +99,13 @@ func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, a return &conn{rw, rhs}, nil } -func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { secrets, err := initiatorEncHandshake(fd, prv, dial.ID, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trust[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } |