github/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/ZeroTier/ZeroTierOne synced 2025-07-16 10:03:14 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Do not allow VERB_RENDEZVOUS from non-upstream peers to block potential DOS vector.

Browse source
This commit is contained in:
Adam Ierymenko 2015-10-19 12:56:29 -07:00
parent aa6e3c79a0
commit 95953b48f9
3 changed files with 43 additions and 20 deletions
Download patch file Download diff file Expand all files Collapse all files

19
node/Topology.cpp
View file

@ -29,6 +29,8 @@
#include "Topology.hpp"
#include "RuntimeEnvironment.hpp"
#include "Node.hpp"
#include "Network.hpp"
#include "NetworkConfig.hpp"
#include "Buffer.hpp"
namespace ZeroTier {
@ -283,6 +285,23 @@ keep_searching_for_roots:
return bestRoot;
}
bool Topology::isUpstream(const Identity &id) const
{
if (isRoot(id))
return true;
std::vector< SharedPtr<Network> > nws(RR->node->allNetworks());
for(std::vector< SharedPtr<Network> >::const_iterator nw(nws.begin());nw!=nws.end();++nw) {
SharedPtr<NetworkConfig> nc((*nw)->config2());
if (nc) {
for(std::vector< std::pair<Address,InetAddress> >::const_iterator r(nc->relays().begin());r!=nc->relays().end();++r) {
if (r->first == id.address())
return true;
}
}
}
return false;
}
bool Topology::worldUpdateIfValid(const World &newWorld)
{
Mutex::Lock _l(_lock);