Fix several things:
(1) The changes to path learning in the two previous releases were poorly thought out, and this version should remedy that by introducing PROBE. This is basically a kind of ECHO request and is used to authenticate endpoints that are not learned via a valid request/response pair. Thus we will still passively learn endpoints, but securely. (2) Turns out there was a security oversight in _doHELLO() that could have permitted... well... I'm not sure it was exploitable to do anything particularly interesting since a bad identity would be discarded anyway, but fix it just the same.
This commit is contained in:
Adam Ierymenko
parent
8055635e85
commit
10df5dcf70
8 changed files with 145 additions and 36 deletions
|
|
@ -129,6 +129,16 @@ public:
|
|||
*/
|
||||
bool sendHELLO(const SharedPtr<Peer> &dest,Demarc::Port localPort,const InetAddress &remoteAddr);
|
||||
|
||||
/**
|
||||
* Send a PROBE immediately to the indicated address
|
||||
*
|
||||
* @param localPort Originating local port or ANY_PORT to pick
|
||||
* @param remoteAddr IP address to send to
|
||||
* @param dest Destination peer
|
||||
* @return True if send appears successful
|
||||
*/
|
||||
bool sendPROBE(const SharedPtr<Peer> &dest,Demarc::Port localPort,const InetAddress &remoteAddr);
|
||||
|
||||
/**
|
||||
* Send RENDEZVOUS to two peers to permit them to directly connect
|
||||
*
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue