void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-05 03:53:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Don't assume roots validated the identity, just in case they did not.

Browse source
This commit is contained in:
Adam Ierymenko 2021-09-20 16:15:59 -04:00
parent a20a290836
commit 39b97f9163
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
node/IncomingPacket.cpp
View file

@ -511,7 +511,10 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,void *tPtr,const SharedP
case Packet::VERB_WHOIS: case Packet::VERB_WHOIS:
if (RR->topology->isUpstream(peer->identity())) { if (RR->topology->isUpstream(peer->identity())) {
const Identity id(*this,ZT_PROTO_VERB_WHOIS__OK__IDX_IDENTITY); const Identity id(*this,ZT_PROTO_VERB_WHOIS__OK__IDX_IDENTITY);
RR->sw->doAnythingWaitingForPeer(tPtr,RR->topology->addPeer(tPtr,SharedPtr<Peer>(new Peer(RR,RR->identity,id)))); // Good idea to locally validate here even if roots are doing so. In a truly distributed
// system there should not be single points of failure for global trust assertions.
if (id.locallyValidate())
RR->sw->doAnythingWaitingForPeer(tPtr,RR->topology->addPeer(tPtr,SharedPtr<Peer>(new Peer(RR,RR->identity,id))));
} }
break; break;