More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.
This commit is contained in:
Adam Ierymenko
parent
16df2c3363
commit
0d4109a9f1
13 changed files with 170 additions and 83 deletions
|
|
@ -163,8 +163,10 @@ public:
|
|||
return true;
|
||||
if (_com) {
|
||||
const uint64_t a = _com.timestamp().first;
|
||||
const std::pair<uint64_t,uint64_t> b(nconf.com.timestamp());
|
||||
return ((a <= b.first) ? ((b.first - a) <= ZT_PEER_ACTIVITY_TIMEOUT) : true);
|
||||
if ((_blacklistBefore)&&(a <= _blacklistBefore))
|
||||
return false;
|
||||
const uint64_t b = nconf.com.timestamp().first;
|
||||
return ((a <= b) ? ((b - a) <= ZT_NETWORKCONFIG_DEFAULT_CREDENTIAL_TIME_MAX_MAX_DELTA) : true);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue