Implement HMAC for babel
HMAC is added in babel call to prevent babel communication between nodes of different re6st networks. This solves the problem of machines in different re6st networks but on the same LAN that exchange routes through babel. The key used to authenticate packets is randomly created on 16 bytes by the registry and sent to nodes when they fetch network parameters. This uses the WIP hmac branch of jech/babeld with Nexedi patches and the added possibility to not check HMAC in incoming packets for better HMAC integration on a HMAC-less network. /reviewed-on nexedi/re6stnet!18
Showing
Please register or sign in to comment