Skip to content

Udp: Basic Connection Cookie Implementation #85

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Oct 19, 2022
Merged

Udp: Basic Connection Cookie Implementation #85

merged 4 commits into from
Oct 19, 2022

Conversation

da2ce7
Copy link
Contributor

@da2ce7 da2ce7 commented Sep 13, 2022
edited
Loading

This implementation is very basic and not optimal. However it should be secure and works as a proof of concept.

It works by testing many possible connection cookies for each time extent (a quantified period of time), until one matches. If there are no matches, then the cookie is either expired or otherwise invalid.

@da2ce7
Copy link
Contributor Author

da2ce7 commented Sep 14, 2022

Rebased after merge of #81

@da2ce7 da2ce7 mentioned this pull request Sep 14, 2022
Closed
@da2ce7
Copy link
Contributor Author

da2ce7 commented Sep 21, 2022

Rebased.

@da2ce7 da2ce7 changed the title udp: basic connection cookie implementation Udp: Basic Connection Cookie Implementation Sep 21, 2022
@da2ce7
Copy link
Contributor Author

da2ce7 commented Sep 22, 2022

Rebased after merge of #83

@da2ce7 da2ce7 force-pushed the connection-cookie branch from 217a018 to 36f8dba Compare October 18, 2022 12:27
@da2ce7
Copy link
Contributor Author

da2ce7 commented Oct 18, 2022

Rebased after merge of #84

@da2ce7
Copy link
Contributor Author

da2ce7 commented Oct 18, 2022
edited
Loading

@josecelano Three of your tests now fail, since they use different remote_addresses for the connection cookie.

test
udp::handlers::tests::announce_request::using_ipv4::an_announced_peer_should_be_added_to_the_tracker ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_announced_peer_should_not_be_included_in_the_response ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_tracker_should_always_use_the_remote_client_ip_but_not_the_port_in_the_udp_request_header_instead_of_the_peer_address_in_the_announce_request ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8081, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [93, 255, 163, 17, 63, 95, 9, 128]
FAILED

@josecelano
Copy link
Member

@josecelano Three of your tests now fail, since they use different remote_addresses for the connection cookie.

test
udp::handlers::tests::announce_request::using_ipv4::an_announced_peer_should_be_added_to_the_tracker ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_announced_peer_should_not_be_included_in_the_response ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_tracker_should_always_use_the_remote_client_ip_but_not_the_port_in_the_udp_request_header_instead_of_the_peer_address_in_the_announce_request ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8081, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [93, 255, 163, 17, 63, 95, 9, 128]
FAILED

I've fixed them in this PR.

@josecelano josecelano mentioned this pull request Oct 18, 2022
Merged
josecelano
josecelano approved these changes Oct 18, 2022
View reviewed changes
Copy link
Member

@josecelano josecelano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added only some minor comments.

@da2ce7 da2ce7 force-pushed the connection-cookie branch from 405053e to 4949424 Compare October 18, 2022 16:36
@da2ce7 da2ce7 requested a review from josecelano October 19, 2022 12:10
@josecelano
Copy link
Member

ACK 2911f3d

@da2ce7 da2ce7 merged commit a3320be into develop Oct 19, 2022
@da2ce7 da2ce7 deleted the connection-cookie branch August 30, 2023 06:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@josecelano josecelano josecelano approved these changes

Assignees

No one assigned

Labels

None yet

Projects

Torrust Solution
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@da2ce7 @josecelano