YGGverse/aquatic
1
0
Fork 0
mirror of https://github.com/YGGverse/aquatic.git synced 2026-04-01 10:15:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

aquatic_ws: check for "fake" peer_id's in announce requests

Browse source
This commit is contained in:
Joakim Frostegård 2020-05-11 16:07:51 +02:00
parent ab178b3189
commit da2d5986b9
2 changed files with 11 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
TODO.md
View file

@ -7,8 +7,6 @@
* test * test
* torrent state cleaning * torrent state cleaning
* config * config
* use src as field in addition to peer_id in peer map, since peers have
access to others' peer id's
## aquatic ## aquatic
* mio: set oneshot for epoll and kqueue? otherwise, stop reregistering? * mio: set oneshot for epoll and kqueue? otherwise, stop reregistering?

10
aquatic_ws/src/lib/handler.rs
View file

@ -92,6 +92,16 @@ pub fn handle_announce_requests(
let torrent_data = torrents.entry(info_hash.clone()) let torrent_data = torrents.entry(info_hash.clone())
.or_default(); .or_default();
// If there is already a peer with this peer_id, check that socket
// addr is same as that of request sender. Otherwise, ignore request.
// Since peers have access to each others peer_id's, they could send
// requests using them, causing all sorts of issues.
if let Some(previous_peer) = torrent_data.peers.get(&peer_id){
if sender_meta.peer_socket_addr != previous_peer.connection_meta.peer_socket_addr {
continue;
}
}
// FIXME: correct to only update when bytes_left is Some? // FIXME: correct to only update when bytes_left is Some?
if let Some(bytes_left) = request.bytes_left { if let Some(bytes_left) = request.bytes_left {
let peer_status = PeerStatus::from_event_and_bytes_left( let peer_status = PeerStatus::from_event_and_bytes_left(