Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Udp: Basic Connection Cookie Implementation #85

Merged
merged 4 commits into from
Oct 19, 2022
Merged

Udp: Basic Connection Cookie Implementation #85

merged 4 commits into from
Oct 19, 2022

Conversation

da2ce7
Copy link
Contributor

@da2ce7 da2ce7 commented Sep 13, 2022
edited
Loading

This implementation is very basic and not optimal. However it should be secure and works as a proof of concept.

It works by testing many possible connection cookies for each time extent (a quantified period of time), until one matches. If there are no matches, then the cookie is either expired or otherwise invalid.

@da2ce7
Copy link
Contributor Author

da2ce7 commented Sep 14, 2022

Rebased after merge of #81

@da2ce7 da2ce7 mentioned this pull request Sep 14, 2022
Closed
@da2ce7
Copy link
Contributor Author

da2ce7 commented Sep 21, 2022

Rebased.

@da2ce7 da2ce7 changed the title udp: basic connection cookie implementation Udp: Basic Connection Cookie Implementation Sep 21, 2022
@da2ce7
Copy link
Contributor Author

da2ce7 commented Sep 22, 2022

Rebased after merge of #83

@da2ce7
Copy link
Contributor Author

da2ce7 commented Oct 18, 2022

Rebased after merge of #84

@da2ce7
Copy link
Contributor Author

da2ce7 commented Oct 18, 2022
edited
Loading

@josecelano Three of your tests now fail, since they use different remote_addresses for the connection cookie.

test
udp::handlers::tests::announce_request::using_ipv4::an_announced_peer_should_be_added_to_the_tracker ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_announced_peer_should_not_be_included_in_the_response ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_tracker_should_always_use_the_remote_client_ip_but_not_the_port_in_the_udp_request_header_instead_of_the_peer_address_in_the_announce_request ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8081, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [93, 255, 163, 17, 63, 95, 9, 128]
FAILED

@josecelano
Copy link
Member

@josecelano Three of your tests now fail, since they use different remote_addresses for the connection cookie.

test
udp::handlers::tests::announce_request::using_ipv4::an_announced_peer_should_be_added_to_the_tracker ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_announced_peer_should_not_be_included_in_the_response ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [148, 172, 221, 37, 102, 20, 245, 168]
FAILED

test
udp::handlers::tests::announce_request::using_ipv4::the_tracker_should_always_use_the_remote_client_ip_but_not_the_port_in_the_udp_request_header_instead_of_the_peer_address_in_the_announce_request ...
remote_address: 127.0.0.1:8080, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [45, 59, 50, 101, 97, 203, 48, 19]
remote_address: 126.0.0.1:8081, time_extent: TimeExtent { increment: 2s, amount: 60 }, cookie: [93, 255, 163, 17, 63, 95, 9, 128]
FAILED

I've fixed them in this PR.

@josecelano josecelano mentioned this pull request Oct 18, 2022
Merged
josecelano
josecelano approved these changes Oct 18, 2022
View reviewed changes
Copy link
Member

@josecelano josecelano left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've added only some minor comments.

src/udp/connection_cookie.rs Outdated Show resolved Hide resolved
src/udp/connection_cookie.rs Outdated Show resolved Hide resolved
src/udp/connection_cookie.rs Outdated Show resolved Hide resolved
src/udp/connection_cookie.rs Outdated Show resolved Hide resolved
src/udp/connection_cookie.rs Outdated Show resolved Hide resolved
src/udp/connection_cookie.rs Outdated Show resolved Hide resolved
@da2ce7 @josecelano
fix: prepare tests for connection cookie
c8fa30a 
Co-authored-by: Jose Celano <josecelano@gmail.com>
@josecelano
Copy link
Member

ACK 2911f3d

@da2ce7 da2ce7 merged commit a3320be into develop Oct 19, 2022
@da2ce7 da2ce7 deleted the connection-cookie branch August 30, 2023 06:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@josecelano josecelano josecelano approved these changes

Assignees
No one assigned
Labels
None yet
Projects
Torrust Solution
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@da2ce7 @josecelano