fix: prevent websocket loopback connections

2024-03-10 07:24:48 -04:00 · 2024-03-10 07:24:48 -04:00 · 1f8d383da7
parent 4db7430abe
commit 1f8d383da7
2 changed files with 18 additions and 5 deletions
--- a/go.sum
+++ b/go.sum
@ -76,9 +76,9 @@ golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17/go.mod h1:lgLbSvA5ygNOMpwM/9
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.8.0 h1:LUYupSeNrTNCGzR/hVBk2NHZO4hXcVaW1k4Qx7rjPx8=
 golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/s5net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/s5net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/s5net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
--- a/service/default/http.go
+++ b/service/default/http.go
@ -3,11 +3,12 @@ package _default
 import (
 	"context"
 	"git.lumeweb.com/LumeWeb/libs5-go/build"
-	"git.lumeweb.com/LumeWeb/libs5-go/net"
+	s5net "git.lumeweb.com/LumeWeb/libs5-go/net"
 	"git.lumeweb.com/LumeWeb/libs5-go/service"
 	"github.com/julienschmidt/httprouter"
 	"go.sia.tech/jape"
 	"go.uber.org/zap"
+	"net"
 	"net/url"
 	"nhooyr.io/websocket"
 )
@ -69,7 +70,7 @@ func (h *HTTPServiceDefault) p2pHandler(ctx jape.Context) {
 		return
 	}

-	peer, err := net.CreateTransportPeer("wss", &net.TransportPeerConfig{
+	peer, err := s5net.CreateTransportPeer("wss", &s5net.TransportPeerConfig{
 		Socket: c,
 		Uris:   []*url.URL{},
 	})
@ -83,6 +84,18 @@ func (h *HTTPServiceDefault) p2pHandler(ctx jape.Context) {
 		return
 	}

+	ip := peer.GetIP()
+
+	switch v := ip.(type) {
+	case *net.IPNet:
+		if v.IP.IsLoopback() {
+			err := peer.End()
+			if err != nil {
+				return
+			}
+		}
+	}
+
 	h.Services().P2P().ConnectionTracker().Add(1)

 	go func() {