void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-07 21:13:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

added warning comment

Browse source
This commit is contained in:
mamoniot 2022-12-19 10:37:04 -05:00
parent 51faf9b2da
commit 1a72873ff6
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
zssp/src/zssp.rs
View file

@ -33,6 +33,8 @@ pub enum Error {
InvalidParameter, InvalidParameter,
/// Packet failed one or more authentication (MAC) checks /// Packet failed one or more authentication (MAC) checks
/// IMPORTANT: Do not reply to a peer who has sent a packet that has failed authentication. Any response at all will leak to an attacker what authentication step their packet failed at (timing attack), which lowers the total authentication entropy they have to brute force.
/// There is a safe way to reply if absolutely necessary, by sending the reply back after a constant amount of time, but this is difficult to get correct.
FailedAuthentication, FailedAuthentication,
/// New session was rejected by the application layer. /// New session was rejected by the application layer.