Merge pull request #23 from acd/verify-remote

Validate IP address and port of received packets (take 2)

Author: pin

client.go

@@ -49,7 +49,7 @@ type Client struct {
 
 // Send starts outgoing file transmission. It returns io.ReaderFrom or error.
 func (c Client) Send(filename string, mode string) (io.ReaderFrom, error) {
-	conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+	conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 	if err != nil {
 		return nil, err
 	}
@@ -79,7 +79,7 @@ func (c Client) Send(filename string, mode string) (io.ReaderFrom, error) {
 
 // Receive starts incoming file transmission. It returns io.WriterTo or error.
 func (c Client) Receive(filename string, mode string) (io.WriterTo, error) {
-	conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+	conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 	if err != nil {
 		return nil, err
 	}

conn.go

@@ -42,6 +42,7 @@ type receiver struct {
 	send     []byte
 	receive  []byte
 	addr     *net.UDPAddr
+	tid      int
 	conn     *net.UDPConn
 	block    uint16
 	retry    *backoff
@@ -159,11 +160,14 @@ func (r *receiver) receiveDatagram(l int) (int, *net.UDPAddr, error) {
 		if err != nil {
 			return 0, nil, err
 		}
-		// TODO: compare addr here?
+		if !addr.IP.Equal(r.addr.IP) || (r.tid != 0 && addr.Port != r.tid) {
+			continue
+		}
 		p, err := parsePacket(r.receive[:c])
 		if err != nil {
 			return 0, addr, err
 		}
+		r.tid = addr.Port
 		switch p := p.(type) {
 		case pDATA:
 			if p.block() == r.block {

conn_darwin.go

@@ -33,6 +33,7 @@ type OutgoingTransfer interface {
 type sender struct {
 	conn    *net.UDPConn
 	addr    *net.UDPAddr
+	tid     int
 	send    []byte
 	receive []byte
 	retry   *backoff
@@ -189,10 +190,14 @@ func (s *sender) sendDatagram(l int) (*net.UDPAddr, error) {
 		if err != nil {
 			return nil, err
 		}
+		if !addr.IP.Equal(s.addr.IP) || (s.tid != 0 && addr.Port != s.tid) {
+			continue
+		}
 		p, err := parsePacket(s.receive[:n])
 		if err != nil {
 			continue
 		}
+		s.tid = addr.Port
 		switch p := p.(type) {
 		case pACK:
 			if p.block() == s.block {

receiver.go

@@ -118,7 +118,7 @@ func (s *Server) processRequest(conn *net.UDPConn) error {
 			return fmt.Errorf("unpack WRQ: %v", err)
 		}
 		//fmt.Printf("got WRQ (filename=%s, mode=%s, opts=%v)\n", filename, mode, opts)
-		conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+		conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 		if err != nil {
 			return err
 		}
@@ -157,13 +157,14 @@ func (s *Server) processRequest(conn *net.UDPConn) error {
 			return fmt.Errorf("unpack RRQ: %v", err)
 		}
 		//fmt.Printf("got RRQ (filename=%s, mode=%s, opts=%v)\n", filename, mode, opts)
-		conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+		conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 		if err != nil {
 			return err
 		}
 		rf := &sender{
 			send:    make([]byte, datagramLength),
 			receive: make([]byte, datagramLength),
+			tid:     remoteAddr.Port,
 			conn:    conn,
 			retry:   &backoff{},
 			timeout: s.timeout,

sender.go

@@ -8,12 +8,57 @@ import (
 	"math/rand"
 	"net"
 	"os"
+	"strconv"
 	"sync"
 	"testing"
 	"testing/iotest"
 	"time"
 )
 
+var localhost string = determineLocalhost()
+
+func determineLocalhost() string {
+	l, err := net.ListenTCP("tcp", nil)
+	if err != nil {
+		panic(fmt.Sprintf("ListenTCP error: %s", err))
+	}
+	_, lport, _ := net.SplitHostPort(l.Addr().String())
+	defer l.Close()
+
+	lo := make(chan string)
+
+	go func() {
+		for {
+			conn, err := l.Accept()
+			if err != nil {
+				break
+			}
+			conn.Close()
+		}
+	}()
+
+	go func() {
+		port, _ := strconv.Atoi(lport)
+		for _, af := range []string{"tcp6", "tcp4"} {
+			conn, err := net.DialTCP(af, &net.TCPAddr{}, &net.TCPAddr{Port: port})
+			if err == nil {
+				conn.Close()
+				host, _, _ := net.SplitHostPort(conn.LocalAddr().String())
+				lo <- host
+				return
+			}
+		}
+		panic("could not determine address family")
+	}()
+
+	return <-lo
+}
+
+func localSystem(c *net.UDPConn) string {
+	_, port, _ := net.SplitHostPort(c.LocalAddr().String())
+	return net.JoinHostPort(localhost, port)
+}
+
 func TestPackUnpack(t *testing.T) {
 	v := []string{"test-filename/with-subdir"}
 	testOptsList := []options{
@@ -272,7 +317,7 @@ func TestSendTsizeFromSeek(t *testing.T) {
 		return nil
 	}, nil)
 
-	conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+	conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 	if err != nil {
 		t.Fatalf("listening: %v", err)
 	}
@@ -310,7 +355,7 @@ func makeTestServer() (*Server, *Client) {
 	// Create server
 	s := NewServer(b.handleRead, b.handleWrite)
 
-	conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+	conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 	if err != nil {
 		panic(err)
 	}
@@ -329,7 +374,7 @@ func makeTestServer() (*Server, *Client) {
 func TestNoHandlers(t *testing.T) {
 	s := NewServer(nil, nil)
 
-	conn, err := net.ListenUDP(udp, &net.UDPAddr{})
+	conn, err := net.ListenUDP("udp", &net.UDPAddr{})
 	if err != nil {
 		panic(err)
 	}