Simply network auth logic and always sent error on auth failure even for unknown networks to prevent forensics.
This commit is contained in:
Adam Ierymenko
parent
5ba7ca91c0
commit
9f550292fe
7 changed files with 64 additions and 61 deletions
|
|
@ -395,9 +395,9 @@ public:
|
|||
}
|
||||
|
||||
/**
|
||||
* Rate gate requests for network COM
|
||||
* Rate gate incoming requests for network COM
|
||||
*/
|
||||
inline bool rateGateComRequest(const uint64_t now)
|
||||
inline bool rateGateIncomingComRequest(const uint64_t now)
|
||||
{
|
||||
if ((now - _lastComRequestReceived) >= ZT_PEER_GENERAL_RATE_LIMIT) {
|
||||
_lastComRequestReceived = now;
|
||||
|
|
@ -406,6 +406,18 @@ public:
|
|||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Rate gate outgoing requests for network COM
|
||||
*/
|
||||
inline bool rateGateOutgoingComRequest(const uint64_t now)
|
||||
{
|
||||
if ((now - _lastComRequestSent) >= ZT_PEER_GENERAL_RATE_LIMIT) {
|
||||
_lastComRequestSent = now;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Find a common set of addresses by which two peers can link, if any
|
||||
*
|
||||
|
|
@ -465,6 +477,7 @@ private:
|
|||
uint64_t _lastWhoisRequestReceived;
|
||||
uint64_t _lastEchoRequestReceived;
|
||||
uint64_t _lastComRequestReceived;
|
||||
uint64_t _lastComRequestSent;
|
||||
uint64_t _lastCredentialsReceived;
|
||||
uint64_t _lastTrustEstablishedPacketReceived;
|
||||
const RuntimeEnvironment *RR;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue