Details
-
Sub-task
-
Status: Resolved
-
Normal
-
Resolution: Not A Problem
-
None
-
All.
Description
A prerequisite for preventing malicious nodes from joining a cluster (parent issue https://issues.apache.org/jira/browse/CASSANDRA-2274) is that we can determine the IP of the sender (setting aside the fact that this may be spoofed by a determined attacker).
Currently we deserialize the "from" IP address from the incoming message header, using Header.deserialize() and CompactEndpointSerializationHelper.deserialize() i.e. we trust the sender to supply a true IP address.
We could stop storing the IP address in the message Header at all (saving a small amount of space) and set the 'true' sender IP upon receipt of the message, in org.apache.cassandra.net.IncomingTcpConnection, using socket.getInetAddress().