Skip to content
This repository has been archived by the owner on May 26, 2022. It is now read-only.

use the new SecureTransport and SecureMuxer interfaces #36

Merged
merged 2 commits into from
Sep 8, 2021
Merged

use the new SecureTransport and SecureMuxer interfaces #36

merged 2 commits into from
Sep 8, 2021

Conversation

marten-seemann
Copy link
Contributor

No description provided.

Stebalien
Stebalien approved these changes Sep 8, 2021
View reviewed changes
ssms.go
if err != nil {
return nil, false, fmt.Errorf("failed to secure inbound connection: %s", err)
}
// ensure the correct peer connected to us
if sconn.RemotePeer() != p {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about p != "" && p != sconn.RemotePeer()? Just slightly safer.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why? In case our secure transports mess up?
Should we make this an assertion then (i.e. a panic)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes. I'd log loudly and fail, but I wouldn't panic (would turn a bug into a DoS). Again, we should catch this at a higher layer as well, but this is something that's nice to check at all layers just in case we mess something up in one of them.

@marten-seemann marten-seemann merged commit b79a7ae into master Sep 8, 2021
@aschmahmann aschmahmann mentioned this pull request Dec 1, 2021
Closed
80 tasks
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Stebalien Stebalien Stebalien approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@marten-seemann @Stebalien