stricter definition of public for DHT

parent 7c7c46d3
...@@ -23,6 +23,41 @@ type QueryFilterFunc func(dht *IpfsDHT, ai peer.AddrInfo) bool ...@@ -23,6 +23,41 @@ type QueryFilterFunc func(dht *IpfsDHT, ai peer.AddrInfo) bool
// the local route table. // the local route table.
type RouteTableFilterFunc func(dht *IpfsDHT, conns []network.Conn) bool type RouteTableFilterFunc func(dht *IpfsDHT, conns []network.Conn) bool
var publicCIDR6 = "2000::/3"
var public6 *net.IPNet
func init() {
_, public6, _ = net.ParseCIDR(publicCIDR6)
}
// isPublicAddr follows the logic of manet.IsPublicAddr, except it uses
// a stricter definition of "public" for ipv6: namely "is it in 2000::/3"?
func isPublicAddr(a ma.Multiaddr) bool {
ip, err := manet.ToIP(a)
if err != nil {
return false
}
if ip.To4() != nil {
return !inAddrRange(ip, manet.Private4) && !inAddrRange(ip, manet.Unroutable4)
}
return public6.Contains(ip)
}
// isPrivateAddr follows the logic of manet.IsPrivateAddr, except that
// it uses a stricter definition of "public" for ipv6
func isPrivateAddr(a ma.Multiaddr) bool {
ip, err := manet.ToIP(a)
if err != nil {
return false
}
if ip.To4() != nil {
return inAddrRange(ip, manet.Private4)
}
return !public6.Contains(ip) && !inAddrRange(ip, manet.Unroutable6)
}
// PublicQueryFilter returns true if the peer is suspected of being publicly accessible // PublicQueryFilter returns true if the peer is suspected of being publicly accessible
func PublicQueryFilter(_ *IpfsDHT, ai peer.AddrInfo) bool { func PublicQueryFilter(_ *IpfsDHT, ai peer.AddrInfo) bool {
if len(ai.Addrs) == 0 { if len(ai.Addrs) == 0 {
...@@ -31,7 +66,7 @@ func PublicQueryFilter(_ *IpfsDHT, ai peer.AddrInfo) bool { ...@@ -31,7 +66,7 @@ func PublicQueryFilter(_ *IpfsDHT, ai peer.AddrInfo) bool {
var hasPublicAddr bool var hasPublicAddr bool
for _, a := range ai.Addrs { for _, a := range ai.Addrs {
if !isRelayAddr(a) && manet.IsPublicAddr(a) { if !isRelayAddr(a) && isPublicAddr(a) {
hasPublicAddr = true hasPublicAddr = true
} }
} }
...@@ -51,7 +86,7 @@ func PublicRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool { ...@@ -51,7 +86,7 @@ func PublicRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool {
id := conns[0].RemotePeer() id := conns[0].RemotePeer()
known := dht.peerstore.PeerInfo(id) known := dht.peerstore.PeerInfo(id)
for _, a := range known.Addrs { for _, a := range known.Addrs {
if !isRelayAddr(a) && manet.IsPublicAddr(a) { if !isRelayAddr(a) && isPublicAddr(a) {
return true return true
} }
} }
...@@ -106,7 +141,7 @@ func PrivateRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool { ...@@ -106,7 +141,7 @@ func PrivateRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool {
router := getCachedRouter() router := getCachedRouter()
myAdvertisedIPs := make([]net.IP, 0) myAdvertisedIPs := make([]net.IP, 0)
for _, a := range dht.Host().Addrs() { for _, a := range dht.Host().Addrs() {
if manet.IsPublicAddr(a) && !isRelayAddr(a) { if isPublicAddr(a) && !isRelayAddr(a) {
ip, err := manet.ToIP(a) ip, err := manet.ToIP(a)
if err != nil { if err != nil {
continue continue
...@@ -117,11 +152,11 @@ func PrivateRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool { ...@@ -117,11 +152,11 @@ func PrivateRoutingTableFilter(dht *IpfsDHT, conns []network.Conn) bool {
for _, c := range conns { for _, c := range conns {
ra := c.RemoteMultiaddr() ra := c.RemoteMultiaddr()
if manet.IsPrivateAddr(ra) && !isRelayAddr(ra) { if isPrivateAddr(ra) && !isRelayAddr(ra) {
return true return true
} }
if manet.IsPublicAddr(ra) { if isPublicAddr(ra) {
ip, err := manet.ToIP(ra) ip, err := manet.ToIP(ra)
if err != nil { if err != nil {
continue continue
...@@ -173,3 +208,13 @@ func isRelayAddr(a ma.Multiaddr) bool { ...@@ -173,3 +208,13 @@ func isRelayAddr(a ma.Multiaddr) bool {
}) })
return found return found
} }
func inAddrRange(ip net.IP, ipnets []*net.IPNet) bool {
for _, ipnet := range ipnets {
if ipnet.Contains(ip) {
return true
}
}
return false
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment