Skip to content

Commit

Permalink
stricter definition of public for DHT
Browse files Browse the repository at this point in the history
  • Loading branch information
@willscott
willscott committed Apr 20, 2020
1 parent 7c7c46d commit 278c3ea
Showing 1 changed file with 50 additions and 5 deletions.
55 changes: 50 additions & 5 deletions dht_filters.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,41 @@ type QueryFilterFunc func(dht *IpfsDHT, ai peer.AddrInfo) bool
// the local route table.
type RouteTableFilterFunc func(dht *IpfsDHT, conns []network.Conn) bool

var publicCIDR6 = "2000::/3"
var public6 *net.IPNet

func init() {
_, public6, _ = net.ParseCIDR(publicCIDR6)
}

// isPublicAddr follows the logic of manet.IsPublicAddr, except it uses
// a stricter definition of "public" for ipv6: namely "is it in 2000::/3"?
func isPublicAddr(a ma.Multiaddr) bool {
ip, err := manet.ToIP(a)
if err != nil {
return false
}
if ip.To4() != nil {
return !inAddrRange(ip, manet.Private4) && !inAddrRange(ip, manet.Unroutable4)
}

return public6.Contains(ip)
}

// isPrivateAddr follows the logic of manet.IsPrivateAddr, except that
// it uses a stricter definition of "public" for ipv6
func isPrivateAddr(a ma.Multiaddr) bool {
ip, err := manet.ToIP(a)
if err != nil {
return false
}
if ip.To4() != nil {
return inAddrRange(ip, manet.Private4)
}

return !public6.Contains(ip) && !inAddrRange(ip, manet.Unroutable6)
}

// PublicQueryFilter returns true if the peer is suspected of being publicly accessible
func PublicQueryFilter(_ *IpfsDHT, ai peer.AddrInfo) bool {
if len(ai.Addrs) == 0 {
Expand All @@ -31,7 +66,7 @@ func PublicQueryFilter(_ *IpfsDHT, ai peer.AddrInfo) bool {

var hasPublicAddr bool
for _, a := range ai.Addrs {
if !isRelayAddr(a) && manet.IsPublicAddr(a) {
if !isRelayAddr(a) && isPublicAddr(a) {
hasPublicAddr = true
}
}
Expand All @@ -51,7 +86,7 @@ func PublicRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool {
id := conns[0].RemotePeer()
known := dht.peerstore.PeerInfo(id)
for _, a := range known.Addrs {
if !isRelayAddr(a) && manet.IsPublicAddr(a) {
if !isRelayAddr(a) && isPublicAddr(a) {
return true
}
}
Expand Down Expand Up @@ -106,7 +141,7 @@ func PrivateRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool {
router := getCachedRouter()
myAdvertisedIPs := make([]net.IP, 0)
for _, a := range dht.Host().Addrs() {
if manet.IsPublicAddr(a) && !isRelayAddr(a) {
if isPublicAddr(a) && !isRelayAddr(a) {
ip, err := manet.ToIP(a)
if err != nil {
continue
Expand All @@ -117,11 +152,11 @@ func PrivateRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool {

for _, c := range conns {
ra := c.RemoteMultiaddr()
if manet.IsPrivateAddr(ra) && !isRelayAddr(ra) {
if isPrivateAddr(ra) && !isRelayAddr(ra) {
return true
}

if manet.IsPublicAddr(ra) {
if isPublicAddr(ra) {
ip, err := manet.ToIP(ra)
if err != nil {
continue
Expand Down Expand Up @@ -173,3 +208,13 @@ func isRelayAddr(a ma.Multiaddr) bool {
})
return found
}

func inAddrRange(ip net.IP, ipnets []*net.IPNet) bool {
for _, ipnet := range ipnets {
if ipnet.Contains(ip) {
return true
}
}

return false
}

0 comments on commit 278c3ea

Please sign in to comment.