From 56febbf2bac2c51d9478616a1dd28243ef03f406 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 4 Aug 2016 10:39:28 -0700
Subject: .

---
 node/CertificateOfMembership.cpp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'node/CertificateOfMembership.cpp')

diff --git a/node/CertificateOfMembership.cpp b/node/CertificateOfMembership.cpp
index 0c36aa45..43efcd20 100644
--- a/node/CertificateOfMembership.cpp
+++ b/node/CertificateOfMembership.cpp
@@ -20,6 +20,7 @@
 #include "RuntimeEnvironment.hpp"
 #include "Topology.hpp"
 #include "Switch.hpp"
+#include "Network.hpp"
 
 namespace ZeroTier {
 
@@ -208,7 +209,7 @@ bool CertificateOfMembership::sign(const Identity &with)
 
 int CertificateOfMembership::verify(const RuntimeEnvironment *RR) const
 {
-	if ((!_signedBy)||(_qualifierCount > ZT_NETWORK_COM_MAX_QUALIFIERS))
+	if ((!_signedBy)||(_signedBy != Network::controllerFor(networkId()))||(_qualifierCount > ZT_NETWORK_COM_MAX_QUALIFIERS))
 		return -1;
 
 	const Identity id(RR->topology->getIdentity(_signedBy));
-- 
cgit v1.2.3