Fix cert verification check for self signed signatures

node/Network.cpp

@@ -286,6 +286,15 @@ void Network::addMembershipCertificate(const CertificateOfMembership &cert,bool
 			return;
 		}
 
+		if (cert.signedBy() == RR->identity.address()) {
+			// We are the controller: RR->identity.address() == controller() == cert.signedBy()
+			// So, verify that we signed th cert ourself
+			if (!cert.verify(RR->identity)) {
+				TRACE("rejected network membership certificate for %.16llx self signed by %s: signature check failed",(unsigned long long)_id,cert.signedBy().toString().c_str());
+				return;
+			}
+		} else {
+
 			SharedPtr<Peer> signer(RR->topology->getPeer(cert.signedBy()));
 
 			if (!signer) {
@@ -300,6 +309,7 @@ void Network::addMembershipCertificate(const CertificateOfMembership &cert,bool
 				return;
 			}
 		}
+	}
 
 	// If we made it past authentication, update cert
 	if (cert.revision() != old.revision())