p2p --link now defaults to setting up a bi-directional link

Both the local and remote git repositories get remotes added
pointing at one-another.

Makes pairing twice as easy!

Security: The new LINK command in the protocol can be sent repeatedly,
but only by a peer who has authenticated with us. So, it's entirely safe to
add a link back to that peer, or to some other peer it knows about.
Anything we receive over such a link, the peer could send us over the
current connection.

There is some risk of being flooded with LINKs, and adding too many
remotes. To guard against that, there's a hard cap on the number of remotes
that can be set up this way. This will only be a problem if setting up
large p2p networks that have exceptional interconnectedness.

A new, dedicated authtoken is created when sending LINK.

This also allows, in theory, using a p2p network like tor, to learn about
links on other networks, like telehash.

This commit was sponsored by Bruno BEAUFILS on Patreon.
This commit is contained in:
Joey Hess 2016-12-16 16:32:29 -04:00
parent e67a310da1
commit 3037feb1bf
No known key found for this signature in database
GPG key ID: C910D9222512E3C7
7 changed files with 105 additions and 46 deletions

View file

@ -14,6 +14,7 @@ import Git.Types
import Creds
import Utility.AuthToken
import Utility.Tor
import qualified Utility.SimpleProtocol as Proto
import qualified Data.Text as T
@ -46,6 +47,10 @@ instance FormatP2PAddress P2PAddress where
return (TorAnnex (OnionAddress onionaddr) onionport)
| otherwise = Nothing
instance Proto.Serializable P2PAddressAuth where
serialize = formatP2PAddress
deserialize = unformatP2PAddress
torAnnexScheme :: String
torAnnexScheme = "tor-annex:"