dark/zerotiertspu
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Do not allow VERB_RENDEZVOUS from non-upstream peers to block potential DOS vector.

Browse source
This commit is contained in:
Adam Ierymenko 2015-10-19 12:56:29 -07:00
parent aa6e3c79a0
commit 95953b48f9
3 changed files with 43 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

15
node/Topology.hpp
View file

@ -136,16 +136,15 @@ public:
inline bool isRoot(const Identity &id) const
{
Mutex::Lock _l(_lock);
if (std::find(_rootAddresses.begin(),_rootAddresses.end(),id.address()) != _rootAddresses.end()) {
// Double check full identity for security reasons
for(std::vector<World::Root>::const_iterator r(_world.roots().begin());r!=_world.roots().end();++r) {
if (id == r->identity)
return true;
}
}
return false;
return (std::find(_rootAddresses.begin(),_rootAddresses.end(),id.address()) != _rootAddresses.end());
}
/**
* @param id Identity to check
* @return True if this is a root server or a network preferred relay from one of our networks
*/
bool isUpstream(const Identity &id) const;
/**
* @return Vector of root server addresses
*/