6ede140df1
This change adds a trusted registry (via the source code) of node address to node id mappings (currently only for well known Satellites) to defeat MITM attacks to Satellites. It also extends the uplink UI such that when entering a satellite address by hand, a node id prefix can also be added to defeat MITM attacks with unknown satellites. When running uplink setup, satellite addresses can now be of the form 12EayRS2V1k@us-central-1.tardigrade.io (not even using a full node id) to ensure that the peer contacted is the peer that was expected. When using a known satellite address, the known node ids are used if no override is provided. |
||
|---|---|---|
| .. | ||
| cert.go | ||
| config.go | ||
| options_internal_test.go | ||
| options_test.go | ||
| options.go | ||
| tls_helpers_test.go | ||
| tls_test.go | ||
| tls.go | ||