github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-08-22 22:33:58 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge a002c95d54 into daebce4994

Browse source
This commit is contained in:
keesbos 2015-06-26 07:15:44 +00:00
commit 3e1810f126
3 changed files with 32 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

9
controller/SqliteNetworkController.cpp
View file

@ -1176,7 +1176,14 @@ unsigned int SqliteNetworkController::_doCPGet(
sqlite3_bind_text(_sGetIpAssignmentsForNode2,2,addrs,10,SQLITE_STATIC); sqlite3_bind_text(_sGetIpAssignmentsForNode2,2,addrs,10,SQLITE_STATIC);
bool firstIp = true; bool firstIp = true;
while (sqlite3_step(_sGetIpAssignmentsForNode2) == SQLITE_ROW) { while (sqlite3_step(_sGetIpAssignmentsForNode2) == SQLITE_ROW) {
InetAddress ip((const void *)sqlite3_column_blob(_sGetIpAssignmentsForNode2,0),(sqlite3_column_int(_sGetIpAssignmentsForNode2,2) == 6) ? 16 : 4,(unsigned int)sqlite3_column_int(_sGetIpAssignmentPools2,1)); int ipversion = sqlite3_column_int(_sGetIpAssignmentsForNode2,2);
char ipBlob[16];
memcpy(ipBlob,(const void *)sqlite3_column_blob(_sGetIpAssignmentsForNode2,0),16);
InetAddress ip(
(const void *)(ipversion == 6 ? ipBlob : &ipBlob[12]),
(ipversion == 6 ? 16 : 4),
(unsigned int)sqlite3_column_int(_sGetIpAssignmentsForNode2,1)
);
responseBody.append(firstIp ? "\"" : ",\""); responseBody.append(firstIp ? "\"" : ",\"");
firstIp = false; firstIp = false;
responseBody.append(_jsonEscape(ip.toString())); responseBody.append(_jsonEscape(ip.toString()));

30
node/Network.cpp
View file

@ -286,18 +286,28 @@ void Network::addMembershipCertificate(const CertificateOfMembership &cert,bool
return; return;
} }
SharedPtr<Peer> signer(RR->topology->getPeer(cert.signedBy())); if (cert.signedBy() == RR->identity.address()) {
// We are the controller: RR->identity.address() == controller() == cert.signedBy()
// So, verify that we signed th cert ourself
if (!cert.verify(RR->identity)) {
TRACE("rejected network membership certificate for %.16llx self signed by %s: signature check failed",(unsigned long long)_id,cert.signedBy().toString().c_str());
return;
}
} else {
if (!signer) { SharedPtr<Peer> signer(RR->topology->getPeer(cert.signedBy()));
// This would be rather odd, since this is our controller... could happen
// if we get packets before we've gotten config.
RR->sw->requestWhois(cert.signedBy());
return;
}
if (!cert.verify(signer->identity())) { if (!signer) {
TRACE("rejected network membership certificate for %.16llx signed by %s: signature check failed",(unsigned long long)_id,cert.signedBy().toString().c_str()); // This would be rather odd, since this is our controller... could happen
return; // if we get packets before we've gotten config.
RR->sw->requestWhois(cert.signedBy());
return;
}
if (!cert.verify(signer->identity())) {
TRACE("rejected network membership certificate for %.16llx signed by %s: signature check failed",(unsigned long long)_id,cert.signedBy().toString().c_str());
return;
}
} }
} }

9
node/Node.hpp
View file

@ -214,12 +214,11 @@ private:
inline SharedPtr<Network> _network(uint64_t nwid) const inline SharedPtr<Network> _network(uint64_t nwid) const
{ {
std::vector< SharedPtr<Network> >::const_iterator iter = std::lower_bound(_networks.begin(), _networks.end(), nwid, NetworkComparator()); for(std::vector< SharedPtr<Network> >::const_iterator iter(_networks.begin());iter!=_networks.end();++iter) {
if(iter != _networks.end() && (*iter)->id() == nwid) { if((*iter)->id() == nwid)
return *iter; return *iter;
} else {
return SharedPtr<Network>();
} }
return SharedPtr<Network>();
} }
RuntimeEnvironment _RR; RuntimeEnvironment _RR;