Skip to content

Commit 110e5c5

Browse files
sevenbitbytesevenbitbyte
committed
support p2p connection hosting
1 parent c87d87a commit 110e5c5

1 file changed

Lines changed: 34 additions & 19 deletions

File tree

src/comms/peer-comms.js

Lines changed: 34 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -376,31 +376,46 @@ class PeerComms extends ISocketComms {
376376
value: Routines.Utils.base64.decode( op.input.signature.value )
377377
}
378378

379-
const actor = await this.party.hostRunner.auth.lookupIdentity(offer.sender)
380-
const verified = await Routines.verifyDataPQ(actor, signature, offerBSON)
381-
382-
if(!verified){
383-
throw new Error('DENY - auth op signature is not valid')
384-
}
379+
const computedHash = await Routines.hashKey( offer.sender.key )
380+
debug('computed hash -', computedHash)
381+
if(computedHash != offer.sender.key.hash){ throw new Error('DENY - sender key hash is not valid!') }
385382

386-
if(this.discoverRemoteIdentity){ this.remoteIdentity = actor }
387-
388-
const authorized = await this.party.hostRunner.auth.isSocketConnectionAllowed(actor)
389-
if(!authorized){
383+
if(this.party.hostRunner){
384+
const actor = await this.party.hostRunner.auth.lookupIdentity(offer.sender)
385+
const verified = await Routines.verifyDataPQ(actor, signature, offerBSON)
386+
387+
if(!verified){
388+
throw new Error('DENY(hostRunner) - auth op signature is not valid')
389+
}
390390

391-
clearTimeout(this._host_auth_timeout)
392-
this._host_auth_timeout = null
391+
if(this.discoverRemoteIdentity){ this.remoteIdentity = actor }
392+
393+
const authorized = await this.party.hostRunner.auth.isSocketConnectionAllowed(actor)
394+
if(!authorized){
393395

394-
this.authed = false
395-
this.setState(PeerComms.STATES.SERVER_CLOSED)
396-
op.setState(HostOp.STATES.Finished_Success)
396+
clearTimeout(this._host_auth_timeout)
397+
this._host_auth_timeout = null
397398

398-
await this.stop()
399+
this.authed = false
400+
this.setState(PeerComms.STATES.SERVER_CLOSED)
401+
op.setState(HostOp.STATES.Finished_Success)
399402

400-
debug('DENY - client not allowed - ', this.remoteIdentity)
401-
}
403+
await this.stop()
402404

403-
405+
debug('DENY - client not allowed - ', this.remoteIdentity)
406+
}
407+
} else {
408+
const actor = offer.sender
409+
const verified = await Routines.verifyDataPQ(actor, signature, offerBSON)
410+
411+
if(!verified){ throw new Error('DENY - auth op signature is not valid') }
412+
413+
if(this.discoverRemoteIdentity){
414+
this.remoteIdentity = actor
415+
} else if(this.remoteIdentity.key.hash != actor.key.hash){
416+
throw new Error('DENY - auth op sender does not match expected remote')
417+
}
418+
}
404419

405420
debug('ALLOW - allowing client - ', this.remoteIdentity)
406421

0 commit comments

Comments
 (0)