Fix several things:

(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.

(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.

1 files changed, 14 insertions, 0 deletions

diff --git a/node/Switch.cpp b/node/Switch.cpp
index a46746e7..585b8716 100644
--- a/node/Switch.cpp
+++ b/node/Switch.cpp
@@ -226,6 +226,20 @@ bool Switch::sendHELLO(const SharedPtr<Peer> &dest,Demarc::Port localPort,const
 	} else return false;
 }
 
+bool Switch::sendPROBE(const SharedPtr<Peer> &dest,Demarc::Port localPort,const InetAddress &remoteAddr)
+{
+	uint64_t now = Utils::now();
+	Packet outp(dest->address(),_r->identity.address(),Packet::VERB_PROBE);
+	outp.append(now);
+	outp.append(dest->lastDirectSend()); // FIXME: need to refactor to also track relayed sends
+	outp.armor(dest->key(),true);
+
+	if (_r->demarc->send(localPort,remoteAddr,outp.data(),outp.size(),-1)) {
+		dest->expectResponseTo(outp.packetId(),Packet::VERB_PROBE,localPort,now);
+		return true;
+	} else return false;
+}
+
 bool Switch::unite(const Address &p1,const Address &p2,bool force)
 {
 	if ((p1 == _r->identity.address())||(p2 == _r->identity.address()))