summaryrefslogtreecommitdiff
path: root/node/IncomingPacket.cpp
diff options
context:
space:
mode:
authorAdam Ierymenko <adam.ierymenko@gmail.com>2016-09-06 14:05:58 -0700
committerAdam Ierymenko <adam.ierymenko@gmail.com>2016-09-06 14:05:58 -0700
commit48a374c82c89b69a71d1922c4396265394e9045f (patch)
tree6d4ad3c397afebbf3cb47c77fdfb9e2bc271ad12 /node/IncomingPacket.cpp
parentdeee39343e27a4ccae6a0ed8d61b8f5e4d200f45 (diff)
downloadinfinitytier-48a374c82c89b69a71d1922c4396265394e9045f.tar.gz
infinitytier-48a374c82c89b69a71d1922c4396265394e9045f.zip
(1) fix crazy bug introduced in doRENDEZVOUS(), (2) reclaim Paths after paths[] condense, (3) fix an edge case around symmetric NAT and external IP change detection.
Diffstat (limited to 'node/IncomingPacket.cpp')
-rw-r--r--node/IncomingPacket.cpp12
1 files changed, 6 insertions, 6 deletions
diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp
index a84b2beb..3d2d586e 100644
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -283,7 +283,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,SharedPtr<Peer> &peer
// VALID -- if we made it here, packet passed identity and authenticity checks!
}
- if (externalSurfaceAddress)
+ if ((externalSurfaceAddress)&&(hops() == 0))
RR->sa->iam(id.address(),_path->localAddress(),_path->address(),externalSurfaceAddress,RR->topology->isUpstream(id),RR->node->now());
Packet outp(id.address(),RR->identity.address(),Packet::VERB_OK);
@@ -391,7 +391,7 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p
peer->addDirectLatencyMeasurment(latency);
peer->setRemoteVersion(vProto,vMajor,vMinor,vRevision);
- if (externalSurfaceAddress)
+ if ((externalSurfaceAddress)&&(hops() == 0))
RR->sa->iam(peer->address(),_path->localAddress(),_path->address(),externalSurfaceAddress,RR->topology->isUpstream(peer->identity()),RR->node->now());
} break;
@@ -516,8 +516,8 @@ bool IncomingPacket::_doRENDEZVOUS(const RuntimeEnvironment *RR,const SharedPtr<
{
try {
const Address with(field(ZT_PROTO_VERB_RENDEZVOUS_IDX_ZTADDRESS,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH);
- const SharedPtr<Peer> withPeer(RR->topology->getPeer(with));
- if (withPeer) {
+ const SharedPtr<Peer> rendezvousWith(RR->topology->getPeer(with));
+ if (rendezvousWith) {
const unsigned int port = at<uint16_t>(ZT_PROTO_VERB_RENDEZVOUS_IDX_PORT);
const unsigned int addrlen = (*this)[ZT_PROTO_VERB_RENDEZVOUS_IDX_ADDRLEN];
if ((port > 0)&&((addrlen == 4)||(addrlen == 16))) {
@@ -525,8 +525,8 @@ bool IncomingPacket::_doRENDEZVOUS(const RuntimeEnvironment *RR,const SharedPtr<
if (!RR->topology->isUpstream(peer->identity())) {
TRACE("RENDEZVOUS from %s says %s might be at %s, ignoring since peer is not upstream",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str());
} else if (RR->node->shouldUsePathForZeroTierTraffic(_path->localAddress(),atAddr)) {
- RR->node->putPacket(_path->localAddress(),atAddr,"NATSUX",6,2); // send low-TTL packet to 'open' local NAT(s)
- peer->sendHELLO(_path->localAddress(),atAddr,RR->node->now());
+ RR->node->putPacket(_path->localAddress(),atAddr,"ABRE",4,2); // send low-TTL junk packet to 'open' local NAT(s) and stateful firewalls
+ rendezvousWith->sendHELLO(_path->localAddress(),atAddr,RR->node->now());
TRACE("RENDEZVOUS from %s says %s might be at %s, sent verification attempt",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str());
} else {
TRACE("RENDEZVOUS from %s says %s might be at %s, ignoring since path is not suitable",peer->address().toString().c_str(),with.toString().c_str(),atAddr.toString().c_str());
generated by cgit v1.2.3 (git 2.39.1) at 2026-01-14 15:13:06 +0000