diff options
author | Péter Szilágyi <peterke@gmail.com> | 2015-04-30 17:41:27 +0800 |
---|---|---|
committer | Péter Szilágyi <peterke@gmail.com> | 2015-04-30 21:06:47 +0800 |
commit | 1528dbc17101597348eefe3f3fb8d4f0d5c54b3c (patch) | |
tree | 20f7fb8fa6d850ebc1b72740c7f9abaf548c16d5 /p2p/handshake.go | |
parent | 14f32a0c3a30c172c62272aa93f97e8a3d72ddcb (diff) | |
download | go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.gz go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.bz2 go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.lz go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.xz go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.tar.zst go-tangerine-1528dbc17101597348eefe3f3fb8d4f0d5c54b3c.zip |
p2p: add trust check to handshake, test privileged connectivity
Conflicts:
p2p/server_test.go
Diffstat (limited to 'p2p/handshake.go')
-rw-r--r-- | p2p/handshake.go | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/p2p/handshake.go b/p2p/handshake.go index 79395f23f..280b5068e 100644 --- a/p2p/handshake.go +++ b/p2p/handshake.go @@ -70,21 +70,21 @@ type protoHandshake struct { // If dial is non-nil, the connection the local node is the initiator. // If atcap is true, the connection will be disconnected with DiscTooManyPeers // after the key exchange. -func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { if dial == nil { - return setupInboundConn(fd, prv, our, atcap) + return setupInboundConn(fd, prv, our, atcap, trust) } else { - return setupOutboundConn(fd, prv, our, dial, atcap) + return setupOutboundConn(fd, prv, our, dial, atcap, trust) } } -func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool) (*conn, error) { +func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { secrets, err := receiverEncHandshake(fd, prv, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trust[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } @@ -99,13 +99,13 @@ func setupInboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, a return &conn{rw, rhs}, nil } -func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool) (*conn, error) { +func setupOutboundConn(fd net.Conn, prv *ecdsa.PrivateKey, our *protoHandshake, dial *discover.Node, atcap bool, trust map[discover.NodeID]bool) (*conn, error) { secrets, err := initiatorEncHandshake(fd, prv, dial.ID, nil) if err != nil { return nil, fmt.Errorf("encryption handshake failed: %v", err) } rw := newRlpxFrameRW(fd, secrets) - if atcap { + if atcap && !trust[secrets.RemoteID] { SendItems(rw, discMsg, DiscTooManyPeers) return nil, errors.New("we have too many peers") } |