ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-18 18:56:24 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Don't assume roots validated the identity, just in case they did not.

Browse Source
This commit is contained in:
Adam Ierymenko 2021-09-20 16:15:59 -04:00 committed by Grant Limberg
parent 46adc1f059
commit 9cfb807fcb
No known key found for this signature in database
GPG Key ID: 2BA62CCABBB4095A
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
node/IncomingPacket.cpp
View File

@ -511,7 +511,10 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,void *tPtr,const SharedP
case Packet::VERB_WHOIS:
if (RR->topology->isUpstream(peer->identity())) {
const Identity id(*this,ZT_PROTO_VERB_WHOIS__OK__IDX_IDENTITY);
RR->sw->doAnythingWaitingForPeer(tPtr,RR->topology->addPeer(tPtr,SharedPtr<Peer>(new Peer(RR,RR->identity,id))));
// Good idea to locally validate here even if roots are doing so. In a truly distributed
// system there should not be single points of failure for global trust assertions.
if (id.locallyValidate())
RR->sw->doAnythingWaitingForPeer(tPtr,RR->topology->addPeer(tPtr,SharedPtr<Peer>(new Peer(RR,RR->identity,id))));
}
break;