diff options
Diffstat (limited to 'node')
| -rw-r--r-- | node/Constants.hpp | 5 | ||||
| -rw-r--r-- | node/IncomingPacket.cpp | 7 | ||||
| -rw-r--r-- | node/Packet.hpp | 29 |
3 files changed, 35 insertions, 6 deletions
diff --git a/node/Constants.hpp b/node/Constants.hpp index a73d4d89..ab6dfb32 100644 --- a/node/Constants.hpp +++ b/node/Constants.hpp @@ -215,6 +215,11 @@ #define ZT_RECEIVE_QUEUE_TIMEOUT (ZT_WHOIS_RETRY_DELAY * (ZT_MAX_WHOIS_RETRIES + 1)) /** + * Maximum latency to allow for OK(HELLO) before packet is discarded + */ +#define ZT_HELLO_MAX_ALLOWABLE_LATENCY 60000 + +/** * Maximum number of ZT hops allowed (this is not IP hops/TTL) * * The protocol allows up to 7, but we limit it to something smaller. diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp index c11b0377..cecbe2fa 100644 --- a/node/IncomingPacket.cpp +++ b/node/IncomingPacket.cpp @@ -413,7 +413,10 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p switch(inReVerb) { case Packet::VERB_HELLO: { - const unsigned int latency = std::min((unsigned int)(RR->node->now() - at<uint64_t>(ZT_PROTO_VERB_HELLO__OK__IDX_TIMESTAMP)),(unsigned int)0xffff); + const uint64_t latency = RR->node->now() - at<uint64_t>(ZT_PROTO_VERB_HELLO__OK__IDX_TIMESTAMP); + if (latency > ZT_HELLO_MAX_ALLOWABLE_LATENCY) + return true; + const unsigned int vProto = (*this)[ZT_PROTO_VERB_HELLO__OK__IDX_PROTOCOL_VERSION]; const unsigned int vMajor = (*this)[ZT_PROTO_VERB_HELLO__OK__IDX_MAJOR_VERSION]; const unsigned int vMinor = (*this)[ZT_PROTO_VERB_HELLO__OK__IDX_MINOR_VERSION]; @@ -445,7 +448,7 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p TRACE("%s(%s): OK(HELLO), version %u.%u.%u, latency %u, reported external address %s",source().toString().c_str(),_path->address().toString().c_str(),vMajor,vMinor,vRevision,latency,((externalSurfaceAddress) ? externalSurfaceAddress.toString().c_str() : "(none)")); if (!hops()) - peer->addDirectLatencyMeasurment(latency); + peer->addDirectLatencyMeasurment((unsigned int)latency); peer->setRemoteVersion(vProto,vMajor,vMinor,vRevision); if ((externalSurfaceAddress)&&(hops() == 0)) diff --git a/node/Packet.hpp b/node/Packet.hpp index 26e87af8..a5831c8d 100644 --- a/node/Packet.hpp +++ b/node/Packet.hpp @@ -536,7 +536,7 @@ public: * <[1] software major version> * <[1] software minor version> * <[2] software revision> - * <[8] timestamp for determining latench> + * <[8] timestamp for determining latency> * <[...] binary serialized identity (see Identity)> * <[1] destination address type> * [<[...] destination address to which packet was sent>] @@ -548,8 +548,9 @@ public: * [<[8] 64-bit timestamp of moon>] * [... additional moons ...] * - * This is the only message that ever must be sent in the clear, since it - * is used to push an identity to a new peer. + * Important security note: this message is sent in the clear as it + * contains the initial identity for key agreement. It can therefore + * contain no secrets or sensitive information. * * The destination address is the wire address to which this packet is * being sent, and in OK is *also* the destination address of the OK @@ -1058,7 +1059,27 @@ public: * ZeroTier, Inc. itself. We recommend making up random ones for your own * implementations. */ - VERB_USER_MESSAGE = 0x14 + VERB_USER_MESSAGE = 0x14, + + /** + * Announce that we can reach a particular address: + * <[1] protocol version> + * <[1] software major version> + * <[1] software minor version> + * <[2] software revision> + * <[...] binary serialized identity (see Identity)> + * <[1] 8-bit number of direct addresses where peer is reachable (if any)> + * [... serialized direct addresses ...] + * + * This message can be sent upstream to announce that we can reach a + * particular address. It can optionally report physical paths upstream + * to allow upstream peers to send RENDEZVOUS, but this may be omitted + * if it is not known or if endpoint address privacy is desired. + * + * The receiving peer should confirm this message by sending a message + * downstream and waiting for a reply. + */ + VERB_CAN_REACH = 0x15 }; /** |