More refactoring to clean up code, and add a gate function to make sure we do not handle OK packets we did not expect. This hardens up a few potential edge cases around security, since such messages might be used to e.g. pollute a cache and DOS under certain conditions.

This commit is contained in:
Adam Ierymenko 2016-09-09 08:43:58 -07:00
parent 16df2c3363
commit 0d4109a9f1
13 changed files with 170 additions and 83 deletions

View file

@ -965,7 +965,7 @@ public:
* <[2] 16-bit reporter OS/platform or 0 if not specified>
* <[2] 16-bit reporter architecture or 0 if not specified>
* <[2] 16-bit error code (set to 0, currently unused)>
* <[8] 64-bit report flags (set to 0, currently unused)>
* <[8] 64-bit report flags>
* <[8] 64-bit packet ID of received CIRCUIT_TEST packet>
* <[5] upstream ZeroTier address from which CIRCUIT_TEST was received>
* <[1] 8-bit packet hop count of received CIRCUIT_TEST>
@ -980,6 +980,9 @@ public:
* <[5] ZeroTier address of next hop>
* <[...] current best direct path address, if any, 0 if none>
*
* Report flags:
* 0x1 - Upstream peer in circuit test path allowed in path (e.g. network COM valid)
*
* Circuit test reports can be sent by hops in a circuit test to report
* back results. They should include information about the sender as well
* as about the paths to which next hops are being sent.