From a56fbc1929d3cb2c6c5a1b4acb3b026a1e13135d Mon Sep 17 00:00:00 2001 From: Adam Ierymenko Date: Wed, 6 Jan 2016 15:35:27 -0800 Subject: [PATCH] Close another potential anti-recursion loophole. --- node/IncomingPacket.cpp | 1 + node/Peer.cpp | 1 + node/Switch.cpp | 1 + 3 files changed, 3 insertions(+) diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp index 2a51a3870..c71c67906 100644 --- a/node/IncomingPacket.cpp +++ b/node/IncomingPacket.cpp @@ -250,6 +250,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,SharedPtr &peer outp.append((uint64_t)pid); outp.append((unsigned char)Packet::ERROR_IDENTITY_COLLISION); outp.armor(key,true); + RR->antiRec->logOutgoingZT(outp.data(),outp.size()); RR->node->putPacket(_localAddress,_remoteAddress,outp.data(),outp.size()); } else { TRACE("rejected HELLO from %s(%s): packet failed authentication",id.address().toString().c_str(),_remoteAddress.toString().c_str()); diff --git a/node/Peer.cpp b/node/Peer.cpp index c00b07dc6..0db3e8a08 100644 --- a/node/Peer.cpp +++ b/node/Peer.cpp @@ -199,6 +199,7 @@ void Peer::received( // 1.1.1 and newer nodes support ECHO, which is smaller -- but 1.1.0 has a bug so use HELLO there too Packet outp(_id.address(),RR->identity.address(),Packet::VERB_ECHO); outp.armor(_key,true); + RR->antiRec->logOutgoingZT(outp.data(),outp.size()); RR->node->putPacket(localAddr,remoteAddr,outp.data(),outp.size()); } else { sendHELLO(localAddr,remoteAddr,now); diff --git a/node/Switch.cpp b/node/Switch.cpp index a65758360..a9885a29b 100644 --- a/node/Switch.cpp +++ b/node/Switch.cpp @@ -97,6 +97,7 @@ void Switch::onRemotePacket(const InetAddress &localAddr,const InetAddress &from _lastBeaconResponse = now; Packet outp(peer->address(),RR->identity.address(),Packet::VERB_NOP); outp.armor(peer->key(),true); + RR->antiRec->logOutgoingZT(outp.data(),outp.size()); RR->node->putPacket(localAddr,fromAddr,outp.data(),outp.size()); } }