ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-30 16:13:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Revert "Don't assume roots validated the identity, just in case they did not."

Browse Source 
This reverts commit 39b97f91633dd8dca4a1c0834d49b7f172e9b935.
This commit is contained in:
Adam Ierymenko 2021-09-20 22:05:49 -04:00
parent a0239e17e9
commit 9bc79f94df
No known key found for this signature in database
GPG Key ID: C8877CF2D7A5D7F3
1 changed files with 1 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
node/IncomingPacket.cpp
View File

@ -511,9 +511,6 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,void *tPtr,const SharedP
case Packet::VERB_WHOIS: case Packet::VERB_WHOIS:
if (RR->topology->isUpstream(peer->identity())) { if (RR->topology->isUpstream(peer->identity())) {
const Identity id(*this,ZT_PROTO_VERB_WHOIS__OK__IDX_IDENTITY); const Identity id(*this,ZT_PROTO_VERB_WHOIS__OK__IDX_IDENTITY);
// Good idea to locally validate here even if roots are doing so. In a truly distributed
// system there should not be single points of failure for global trust assertions.
if (id.locallyValidate())
RR->sw->doAnythingWaitingForPeer(tPtr,RR->topology->addPeer(tPtr,SharedPtr<Peer>(new Peer(RR,RR->identity,id)))); RR->sw->doAnythingWaitingForPeer(tPtr,RR->topology->addPeer(tPtr,SharedPtr<Peer>(new Peer(RR,RR->identity,id))));
} }
break; break;