diff options
| author | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-09-26 16:17:02 -0700 |
|---|---|---|
| committer | Adam Ierymenko <adam.ierymenko@gmail.com> | 2016-09-26 16:17:02 -0700 |
| commit | eac3667ec1391baaf83c64403e8a19c22c24c9f2 (patch) | |
| tree | 5a748a547332d6e6ebb08f2a26653abc94f08075 /node/Network.cpp | |
| parent | 46049a1ef6d2f95d752ff860a7fbd9356e8e7b9d (diff) | |
| download | infinitytier-eac3667ec1391baaf83c64403e8a19c22c24c9f2.tar.gz infinitytier-eac3667ec1391baaf83c64403e8a19c22c24c9f2.zip | |
Bunch more refactoring and work on revocations, etc.
Diffstat (limited to 'node/Network.cpp')
| -rw-r--r-- | node/Network.cpp | 37 |
1 files changed, 35 insertions, 2 deletions
diff --git a/node/Network.cpp b/node/Network.cpp index 0fab6a27..487766a7 100644 --- a/node/Network.cpp +++ b/node/Network.cpp @@ -36,7 +36,7 @@ #include "Peer.hpp" // Uncomment to make the rules engine dump trace info to stdout -#define ZT_RULES_ENGINE_DEBUGGING 1 +//#define ZT_RULES_ENGINE_DEBUGGING 1 namespace ZeroTier { @@ -1116,8 +1116,41 @@ Membership::AddCredentialResult Network::addCredential(const CertificateOfMember return result; } -Membership::AddCredentialResult Network::addCredential(const Revocation &rev) +Membership::AddCredentialResult Network::addCredential(const Address &sentFrom,const Revocation &rev) { + if (rev.networkId() != _id) + return Membership::ADD_REJECTED; + + Mutex::Lock _l(_lock); + Membership &m = _membership(rev.target()); + + const Membership::AddCredentialResult result = m.addCredential(RR,_config,rev); + + if ((result == Membership::ADD_ACCEPTED_NEW)&&(rev.fastPropagate())) { + /* Fast propagation is done by using a very aggressive rumor mill + * propagation algorithm. When we see a Revocation that we haven't + * seen before we blast it to every known member. This leads to + * a huge number of redundant messages, but eventually everybody + * will get it. This helps revocation speed and also helps in cases + * where the controller is under attack. It need only get one + * revocation out and the rest is history. */ + Address *a = (Address *)0; + Membership *m = (Membership *)0; + Hashtable<Address,Membership>::Iterator i(_memberships); + while (i.next(a,m)) { + if ((*a != sentFrom)&&(*a != rev.signer())) { + Packet outp(*a,RR->identity.address(),Packet::VERB_NETWORK_CREDENTIALS); + outp.append((uint8_t)0x00); // no COM + outp.append((uint16_t)0); // no capabilities + outp.append((uint16_t)0); // no tags + outp.append((uint16_t)1); // one revocation! + rev.serialize(outp); + RR->sw->send(outp,true); + } + } + } + + return result; } void Network::destroy() |