Allow incoming connections to specify a real address in the ID request.

If there is some kind of proxy that is forwarding meta-connections,
then MeshLink will see incoming connections with the address of the proxy
instead of the real address of the peer. This can be problematic for other
peers that want to form meta-connections. So allow an address and port to be
appended to ID requests, that will cause MeshLink to announce that address
to other nodes instead of the one from the incoming meta-connection.

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 1f2e24a2ce8d9d6def723ee1a851ac4b5928ccef..500bdfe9c98a5db9241b27e45da0b5d67fc4b4aa 100644 (file)
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -187,12 +187,29 @@ bool id_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
        assert(*request);
 
        char name[MAX_STRING_SIZE];
+       char real_address[MAX_STRING_SIZE] = "";
+       char real_port[MAX_STRING_SIZE] = "";
 
-       if(sscanf(request, "%*d " MAX_STRING " %d.%d", name, &c->protocol_major, &c->protocol_minor) < 2) {
+       if(sscanf(request, "%*d " MAX_STRING " %d.%d %*s " MAX_STRING " " MAX_STRING, name, &c->protocol_major, &c->protocol_minor, real_address, real_port) < 2) {
                logger(mesh, MESHLINK_ERROR, "Got bad %s from %s", "ID", c->name);
                return false;
        }
 
+       /* Parse the real address if present */
+
+       if(!c->outgoing && *real_address && *real_port) {
+               sockaddr_t sa = str2sockaddr(real_address, real_port);
+
+               if(sa.sa.sa_family == AF_UNKNOWN || sa.sa.sa_family == AF_UNSPEC) {
+                       logger(mesh, MESHLINK_ERROR, "Could not parse real address from %s", c->name);
+                       sockaddrfree(&sa);
+                       return false;
+               }
+
+               sockaddrfree(&c->address);
+               c->address = sa;
+       }
+
        /* Check if this is an invitation  */
 
        if(name[0] == '?') {