dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.

Browse source
This commit is contained in:
Adam Ierymenko 2017-02-23 11:47:36 -08:00
parent 33b94e8478
commit 10185e92fa
15 changed files with 553 additions and 97 deletions
Download patch file Download diff file Expand all files Collapse all files

9
controller/EmbeddedNetworkController.cpp
View file

@ -1706,6 +1706,15 @@ void EmbeddedNetworkController::_request(
}
}
// Issue a certificate of ownership for all static IPs
if (nc.staticIpCount) {
nc.certificatesOfOwnership[0] = CertificateOfOwnership(nwid,now,identity.address(),1);
for(unsigned int i=0;i<nc.staticIpCount;++i)
nc.certificatesOfOwnership[0].addThing(nc.staticIps[i]);
nc.certificatesOfOwnership[0].sign(_signingId);
nc.certificateOfOwnershipCount = 1;
}
CertificateOfMembership com(now,credentialtmd,nwid,identity.address());
if (com.sign(_signingId)) {
nc.com = com;