Fix several things:

(1) The changes to path learning in the two previous releases were poorly thought out,
and this version should remedy that by introducing PROBE. This is basically a kind of
ECHO request and is used to authenticate endpoints that are not learned via a valid
request/response pair. Thus we will still passively learn endpoints, but securely.

(2) Turns out there was a security oversight in _doHELLO() that could have permitted...
well... I'm not sure it was exploitable to do anything particularly interesting since
a bad identity would be discarded anyway, but fix it just the same.

1 files changed, 10 insertions, 0 deletions

diff --git a/node/Switch.hpp b/node/Switch.hpp
index 6b3b8e6e..e415a2c9 100644
--- a/node/Switch.hpp
+++ b/node/Switch.hpp
@@ -130,6 +130,16 @@ public:
 	bool sendHELLO(const SharedPtr<Peer> &dest,Demarc::Port localPort,const InetAddress &remoteAddr);
 
 	/**
+	 * Send a PROBE immediately to the indicated address
+	 *
+	 * @param localPort Originating local port or ANY_PORT to pick
+	 * @param remoteAddr IP address to send to
+	 * @param dest Destination peer
+	 * @return True if send appears successful
+	 */
+	bool sendPROBE(const SharedPtr<Peer> &dest,Demarc::Port localPort,const InetAddress &remoteAddr);
+
+	/**
 	 * Send RENDEZVOUS to two peers to permit them to directly connect
 	 *
 	 * This only works if both peers are known, with known working direct