Certificate of ownership -- used to secure against IP address spoofing, especially for IPv4 and regular IPv6.

author: Adam Ierymenko <adam.ierymenko@gmail.com> 2017-02-23 11:47:36 -0800
committer: Adam Ierymenko <adam.ierymenko@gmail.com> 2017-02-23 11:47:36 -0800
commit: 10185e92faa77a4b032a27a7c01b4186727b91b9 (patch)
tree: 5ce223c4cbeda31551d80ee3f42445924902f2ad /controller
parent: 33b94e8478e99d1e185041fa522b01de25fe53d4 (diff)
download: infinitytier-10185e92faa77a4b032a27a7c01b4186727b91b9.tar.gz
infinitytier-10185e92faa77a4b032a27a7c01b4186727b91b9.zip
1 files changed, 9 insertions, 0 deletions
diff --git a/controller/EmbeddedNetworkController.cpp b/controller/EmbeddedNetworkController.cpp
index ca548fd4..78a9b7c7 100644
--- a/controller/EmbeddedNetworkController.cpp
+++ b/controller/EmbeddedNetworkController.cpp
@@ -1706,6 +1706,15 @@ void EmbeddedNetworkController::_request(
 		}
 	}
 
+	// Issue a certificate of ownership for all static IPs
+	if (nc.staticIpCount) {
+		nc.certificatesOfOwnership[0] = CertificateOfOwnership(nwid,now,identity.address(),1);
+		for(unsigned int i=0;i<nc.staticIpCount;++i)
+			nc.certificatesOfOwnership[0].addThing(nc.staticIps[i]);
+		nc.certificatesOfOwnership[0].sign(_signingId);
+		nc.certificateOfOwnershipCount = 1;
+	}
+
 	CertificateOfMembership com(now,credentialtmd,nwid,identity.address());
 	if (com.sign(_signingId)) {
 		nc.com = com;
author	Adam Ierymenko <adam.ierymenko@gmail.com>	2017-02-23 11:47:36 -0800
committer	Adam Ierymenko <adam.ierymenko@gmail.com>	2017-02-23 11:47:36 -0800
commit	10185e92faa77a4b032a27a7c01b4186727b91b9 (patch)
tree	5ce223c4cbeda31551d80ee3f42445924902f2ad /controller
parent	33b94e8478e99d1e185041fa522b01de25fe53d4 (diff)
download	infinitytier-10185e92faa77a4b032a27a7c01b4186727b91b9.tar.gz infinitytier-10185e92faa77a4b032a27a7c01b4186727b91b9.zip