p2p --link now defaults to setting up a bi-directional link
Both the local and remote git repositories get remotes added pointing at one-another. Makes pairing twice as easy! Security: The new LINK command in the protocol can be sent repeatedly, but only by a peer who has authenticated with us. So, it's entirely safe to add a link back to that peer, or to some other peer it knows about. Anything we receive over such a link, the peer could send us over the current connection. There is some risk of being flooded with LINKs, and adding too many remotes. To guard against that, there's a hard cap on the number of remotes that can be set up this way. This will only be a problem if setting up large p2p networks that have exceptional interconnectedness. A new, dedicated authtoken is created when sending LINK. This also allows, in theory, using a p2p network like tor, to learn about links on other networks, like telehash. This commit was sponsored by Bruno BEAUFILS on Patreon.
This commit is contained in:
Joey Hess
parent
e67a310da1
commit
3037feb1bf
7 changed files with 105 additions and 46 deletions
|
|
@ -14,6 +14,7 @@ import Git.Types
|
|||
import Creds
|
||||
import Utility.AuthToken
|
||||
import Utility.Tor
|
||||
import qualified Utility.SimpleProtocol as Proto
|
||||
|
||||
import qualified Data.Text as T
|
||||
|
||||
|
|
@ -46,6 +47,10 @@ instance FormatP2PAddress P2PAddress where
|
|||
return (TorAnnex (OnionAddress onionaddr) onionport)
|
||||
| otherwise = Nothing
|
||||
|
||||
instance Proto.Serializable P2PAddressAuth where
|
||||
serialize = formatP2PAddress
|
||||
deserialize = unformatP2PAddress
|
||||
|
||||
torAnnexScheme :: String
|
||||
torAnnexScheme = "tor-annex:"
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue