Get rid of HELLO rate gate on path since its basically worthless. There are 65535 ports per IP.

2 files changed, 4 insertions, 24 deletions

diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp
index 7510fec8..64dccef3 100644
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -211,11 +211,6 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut
 	try {
 		const uint64_t now = RR->node->now();
 
-		if (!_path->rateGateHello(now)) {
-			TRACE("dropped HELLO from %s(%s): rate limiting circuit breaker for HELLO on this path tripped",source().toString().c_str(),_path->address().toString().c_str());
-			return true;
-		}
-
 		const uint64_t pid = packetId();
 		const Address fromAddress(source());
 		const unsigned int protoVersion = (*this)[ZT_PROTO_VERB_HELLO_IDX_PROTOCOL_VERSION];
@@ -258,14 +253,14 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut
 				if (peer->identity() != id) {
 					// Identity is different from the one we already have -- address collision
 
-					unsigned char key[ZT_PEER_SECRET_KEY_LENGTH];
+					uint8_t key[ZT_PEER_SECRET_KEY_LENGTH];
 					if (RR->identity.agree(id,key,ZT_PEER_SECRET_KEY_LENGTH)) {
 						if (dearmor(key)) { // ensure packet is authentic, otherwise drop
 							TRACE("rejected HELLO from %s(%s): address already claimed",id.address().toString().c_str(),_path->address().toString().c_str());
 							Packet outp(id.address(),RR->identity.address(),Packet::VERB_ERROR);
-							outp.append((unsigned char)Packet::VERB_HELLO);
+							outp.append((uint8_t)Packet::VERB_HELLO);
 							outp.append((uint64_t)pid);
-							outp.append((unsigned char)Packet::ERROR_IDENTITY_COLLISION);
+							outp.append((uint8_t)Packet::ERROR_IDENTITY_COLLISION);
 							outp.armor(key,true);
 							_path->send(RR,outp.data(),outp.size(),RR->node->now());
 						} else {
@@ -296,7 +291,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR,const bool alreadyAut
 				return true;
 			}
 
-			// Check identity proof of work
+			// Check that identity's address is valid as per the derivation function
 			if (!id.locallyValidate()) {
 				TRACE("dropped HELLO from %s(%s): identity invalid",id.address().toString().c_str(),_path->address().toString().c_str());
 				return true;
diff --git a/node/Path.hpp b/node/Path.hpp
index 6278532d..27cff645 100644
--- a/node/Path.hpp
+++ b/node/Path.hpp
@@ -104,7 +104,6 @@ public:
 	Path() :
 		_lastOut(0),
 		_lastIn(0),
-		_lastHello(0),
 		_addr(),
 		_localAddress(),
 		_ipScope(InetAddress::IP_SCOPE_NONE)
@@ -114,7 +113,6 @@ public:
 	Path(const InetAddress &localAddress,const InetAddress &addr) :
 		_lastOut(0),
 		_lastIn(0),
-		_lastHello(0),
 		_addr(addr),
 		_localAddress(localAddress),
 		_ipScope(addr.ipScope())
@@ -231,22 +229,9 @@ public:
 	 */
 	inline uint64_t lastIn() const { return _lastIn; }
 
-	/**
-	 * @return True if we should allow HELLO via this path
-	 */
-	inline bool rateGateHello(const uint64_t now)
-	{
-		if ((now - _lastHello) >= ZT_PATH_HELLO_RATE_LIMIT) {
-			_lastHello = now;
-			return true;
-		}
-		return false;
-	}
-
 private:
 	uint64_t _lastOut;
 	uint64_t _lastIn;
-	uint64_t _lastHello;
 	InetAddress _addr;
 	InetAddress _localAddress;
 	InetAddress::IpScope _ipScope; // memoize this since it's a computed value checked often