atsign-foundation / noports

Connect to any device with no external listening ports open
https://noports.com
BSD 3-Clause "New" or "Revised" License
269 stars 15 forks source link

Policy server being asked for policy when the name of device is similar #1485

Open cconstab opened 2 hours ago

cconstab commented 2 hours ago

Describe the bug

I have two device names that are similar csshnp01 and sshnp01 the first is using the C daemon the second is using the Dart daemon which is also using a thurd atSign for policy. When I try to connect to the csshnp01 i see a policy request from the sshnp01 device which I am not expecting as it should only be matching on device name before a policy check (I think).

Steps to reproduce

  1. First set up two sshnpd daemons with device names as above and the sshnp01 deamon pointing to a policy atSign
  2. Then sshnp to the csshnp01 device
  3. And then see the policy trigger in the policy UI

Expected behavior

Only policy requests if the device name matches

Additional context

This is much easier to see if the C daemon is swicthed off.. I suspect it is nothing to do with the C code but the policy code on the Dart -p code not fully checking the device name.

cconstab commented 2 hours ago

https://github.com/user-attachments/assets/c61703d4-15b2-46f8-be34-96c632bc3144

Video for better context