Skip to content

GitLab

"debian/vscode:/vscode.git/clone" did not exist on "fc56e84e59de31bb54efa21ac32c56c2f1db6e66"
Commit 89c1c828 authored by Jeromy's avatar Jeromy Committed by Juan Batiz-Benet
Browse files

add in basic address dial filtering 



License: MIT
Signed-off-by: default avatarJeromy <jeromyj@gmail.com>
parent b1702b08
Hide whitespace changes
Inline Side-by-side
net/swarm/swarm.go
View file @ 89c1c828
...@@ -4,6 +4,7 @@ package swarm ...@@ -4,6 +4,7 @@ package swarm
import ( import (
"fmt" "fmt"
"net"
"sync" "sync"
"time" "time"
...@@ -50,6 +51,9 @@ type Swarm struct { ...@@ -50,6 +51,9 @@ type Swarm struct {
notifmu sync.RWMutex notifmu sync.RWMutex
notifs map[inet.Notifiee]ps.Notifiee notifs map[inet.Notifiee]ps.Notifiee
// filters for addresses that shouldnt be dialed
filters []*net.IPNet
cg ctxgroup.ContextGroup cg ctxgroup.ContextGroup
bwc metrics.Reporter bwc metrics.Reporter
} }
...@@ -84,6 +88,10 @@ func (s *Swarm) teardown() error { ...@@ -84,6 +88,10 @@ func (s *Swarm) teardown() error {
return s.swarm.Close() return s.swarm.Close()
} }
func (s *Swarm) AddDialFilter(f *net.IPNet) {
s.filters = append(s.filters, f)
}
// CtxGroup returns the Context Group of the swarm // CtxGroup returns the Context Group of the swarm
func filterAddrs(listenAddrs []ma.Multiaddr) ([]ma.Multiaddr, error) { func filterAddrs(listenAddrs []ma.Multiaddr) ([]ma.Multiaddr, error) {
if len(listenAddrs) > 0 { if len(listenAddrs) > 0 {
......
net/swarm/swarm_dial.go
View file @ 89c1c828
...@@ -303,6 +303,8 @@ func (s *Swarm) dial(ctx context.Context, p peer.ID) (*Conn, error) { ...@@ -303,6 +303,8 @@ func (s *Swarm) dial(ctx context.Context, p peer.ID) (*Conn, error) {
ila, _ := s.InterfaceListenAddresses() ila, _ := s.InterfaceListenAddresses()
remoteAddrs = addrutil.Subtract(remoteAddrs, ila) remoteAddrs = addrutil.Subtract(remoteAddrs, ila)
remoteAddrs = addrutil.Subtract(remoteAddrs, s.peers.Addrs(s.local)) remoteAddrs = addrutil.Subtract(remoteAddrs, s.peers.Addrs(s.local))
remoteAddrs = s.filterAddrs(remoteAddrs)
log.Debugf("%s swarm dialing %s -- local:%s remote:%s", s.local, p, s.ListenAddresses(), remoteAddrs) log.Debugf("%s swarm dialing %s -- local:%s remote:%s", s.local, p, s.ListenAddresses(), remoteAddrs)
if len(remoteAddrs) == 0 { if len(remoteAddrs) == 0 {
err := errors.New("peer has no addresses") err := errors.New("peer has no addresses")
...@@ -454,6 +456,32 @@ func (s *Swarm) dialAddr(ctx context.Context, d *conn.Dialer, p peer.ID, addr ma ...@@ -454,6 +456,32 @@ func (s *Swarm) dialAddr(ctx context.Context, d *conn.Dialer, p peer.ID, addr ma
return connC, nil return connC, nil
} }
func (s *Swarm) filterAddrs(addrs []ma.Multiaddr) []ma.Multiaddr {
var out []ma.Multiaddr
for _, a := range addrs {
if !s.addrBlocked(a) {
out = append(out, a)
}
}
return out
}
func (s *Swarm) addrBlocked(a ma.Multiaddr) bool {
_, addr, err := manet.DialArgs(a)
if err != nil {
// if we cant parse it, its probably not blocked
return false
}
ip := net.ParseIP(addr)
for _, f := range s.filters {
if f.Contains(ip) {
return true
}
}
return false
}
// dialConnSetup is the setup logic for a connection from the dial side. it // dialConnSetup is the setup logic for a connection from the dial side. it
// needs to add the Conn to the StreamSwarm, then run newConnSetup // needs to add the Conn to the StreamSwarm, then run newConnSetup
func dialConnSetup(ctx context.Context, s *Swarm, connC conn.Conn) (*Conn, error) { func dialConnSetup(ctx context.Context, s *Swarm, connC conn.Conn) (*Conn, error) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment