Skip to content

Commit

Permalink
Gossip: Fix connection leak when spoofing detected
Browse files Browse the repository at this point in the history
In gossip, when a peer sends a message to a remote peer, it specifies
its PKI-ID in order for the layers above the comm layer to be sure
the peer on the other side has the identity that the current peer
thinks the peer on the other side has.

In case the handshake succeeds, but the PKI-ID of the remote peer
is detected to be different than the expected PKI-ID, the connection
creation attempt aborts but it doesn't close the gRPC connection-
which leads to a connection leak.

Change-Id: Ic8d247ccbc02da3018a27770cffa5173c76a6ae4
Signed-off-by: Yacov Manevich <yacovm@il.ibm.com>
  • Loading branch information
yacovm committed Mar 21, 2017
1 parent 5b59e06 commit cba7661
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions gossip/comm/comm_impl.go
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,7 @@ func (c *commImpl) createConnection(endpoint string, expectedPKIID common.PKIidT
if expectedPKIID != nil && !bytes.Equal(pkiID, expectedPKIID) {
// PKIID is nil when we don't know the remote PKI id's
c.logger.Warning("Remote endpoint claims to be a different peer, expected", expectedPKIID, "but got", pkiID)
cc.Close()
return nil, errors.New("Authentication failure")
}
conn := newConnection(cl, cc, stream, nil)
Expand Down

0 comments on commit cba7661

Please sign in to comment.