More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.

2016-09-09 08:43:58 -07:00 · 2016-09-09 08:43:58 -07:00 · 0d4109a9f1
commit 0d4109a9f1
parent 16df2c3363
13 changed files with 170 additions and 83 deletions
--- a/node/Network.cpp
+++ b/node/Network.cpp
@ -1054,6 +1054,7 @@ void Network::requestConfiguration()
 	} else {
 		outp.append((unsigned char)0,16);
 	}
+	RR->node->expectReplyTo(outp.packetId());
 	outp.compress();
 	RR->sw->send(outp,true);

@ -1092,6 +1093,15 @@ bool Network::gate(const SharedPtr<Peer> &peer,const Packet::Verb verb,const uin
 	return false;
 }

+bool Network::recentlyAllowedOnNetwork(const SharedPtr<Peer> &peer) const
+{
+	Mutex::Lock _l(_lock);
+	const Membership *m = _memberships.get(peer->address());
+	if (m)
+		return m->recentlyAllowedOnNetwork(_config);
+	return false;
+}
+
 void Network::clean()
 {
 	const uint64_t now = RR->node->now();