go-ethereum

forks/go-ethereum

Fork 1

mirror of https://github.com/ethereum/go-ethereum.git synced 2026-05-24 08:49:29 +00:00

Commit graph

Author	SHA1	Message	Date
ozpool	ac53e42b9c	p2p/nat: bump pion/stun to v3 to pull in fixed pion/dtls (#34621 ) CVE-2026-26014 affects github.com/pion/dtls/v2, currently pulled in transitively via github.com/pion/stun/v2 v2.0.0. The fix lives in github.com/pion/dtls/v3, which github.com/pion/stun/v3 already uses. The v3 API surface used by p2p/nat/stun.go (Dial, Build, TransactionID, BindingRequest, Event, XORMappedAddress, DefaultPort) is identical to v2 in shape and behaviour, so the source change is just an import rename plus matching alias rename (stunV2 -> stunV3). go mod tidy drops every dtls/v2 and stun/v2 entry from go.sum and pulls in dtls/v3 v3.0.7 / stun/v3 v3.0.1 / transport/v3 v3.0.8 as the new indirect set. Verified: - go build ./p2p/nat/ clean. - go test ./p2p/nat/ clean (26s). - grep 'pion/dtls/v2\\\|pion/stun/v2' go.sum returns 0 matches. Closes #34621	2026-05-15 16:50:07 +05:30
zhen peng	75526bb8e0	p2p/nat: add stun protocol (#31064 ) This implements a basic mechanism to query the node's external IP using a STUN server. There is a built-in list of public STUN servers for convenience. The new detection mechanism must be selected explicitly using `--nat=stun` and is not enabled by default in Geth. Fixes #30881 --------- Co-authored-by: Felix Lange <fjl@twurst.com>	2025-01-24 16:16:02 +01:00

Author

SHA1

Message

Date

ozpool

ac53e42b9c

p2p/nat: bump pion/stun to v3 to pull in fixed pion/dtls (#34621 )

CVE-2026-26014 affects github.com/pion/dtls/v2, currently pulled in
transitively via github.com/pion/stun/v2 v2.0.0. The fix lives in
github.com/pion/dtls/v3, which github.com/pion/stun/v3 already uses.

The v3 API surface used by p2p/nat/stun.go (Dial, Build, TransactionID,
BindingRequest, Event, XORMappedAddress, DefaultPort) is identical to
v2 in shape and behaviour, so the source change is just an import
rename plus matching alias rename (stunV2 -> stunV3). go mod tidy
drops every dtls/v2 and stun/v2 entry from go.sum and pulls in
dtls/v3 v3.0.7 / stun/v3 v3.0.1 / transport/v3 v3.0.8 as the new
indirect set.

Verified:
- go build ./p2p/nat/ clean.
- go test ./p2p/nat/ clean (26s).
- grep 'pion/dtls/v2\\|pion/stun/v2' go.sum returns 0 matches.

Closes #34621

2026-05-15 16:50:07 +05:30

zhen peng

75526bb8e0

p2p/nat: add stun protocol (#31064 )

This implements a basic mechanism to query the node's external IP using
a STUN server. There is a built-in list of public STUN servers for convenience.
The new detection mechanism must be selected explicitly using `--nat=stun` 
and is not enabled by default in Geth.

Fixes #30881

---------

Co-authored-by: Felix Lange <fjl@twurst.com>

2025-01-24 16:16:02 +01:00

2 commits