From 7bae95836c8824a76e0299df776a708eb3e58576 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 19 Jun 2015 10:23:25 -0700
Subject: Root server terminology cleanup, and tighten up a security check by
 checking full identity of peers instead of just address.

---
 node/IncomingPacket.cpp | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'node/IncomingPacket.cpp')

diff --git a/node/IncomingPacket.cpp b/node/IncomingPacket.cpp
index 8f95b9ba..7e2bcdaa 100644
--- a/node/IncomingPacket.cpp
+++ b/node/IncomingPacket.cpp
@@ -110,7 +110,7 @@ bool IncomingPacket::_doERROR(const RuntimeEnvironment *RR,const SharedPtr<Peer>
 
 			case Packet::ERROR_OBJ_NOT_FOUND:
 				if (inReVerb == Packet::VERB_WHOIS) {
-					if (RR->topology->isRootserver(peer->address()))
+					if (RR->topology->isRoot(peer->identity()))
 						RR->sw->cancelWhoisRequest(Address(field(ZT_PROTO_VERB_ERROR_IDX_PAYLOAD,ZT_ADDRESS_LENGTH),ZT_ADDRESS_LENGTH));
 				} else if (inReVerb == Packet::VERB_NETWORK_CONFIG_REQUEST) {
 					SharedPtr<Network> network(RR->node->network(at<uint64_t>(ZT_PROTO_VERB_ERROR_IDX_PAYLOAD)));
@@ -128,7 +128,7 @@ bool IncomingPacket::_doERROR(const RuntimeEnvironment *RR,const SharedPtr<Peer>
 				break;
 
 			case Packet::ERROR_IDENTITY_COLLISION:
-				if (RR->topology->isRootserver(peer->address()))
+				if (RR->topology->isRoot(peer->identity()))
 					RR->node->postEvent(ZT1_EVENT_FATAL_ERROR_IDENTITY_COLLISION);
 				break;
 
@@ -268,7 +268,7 @@ bool IncomingPacket::_doHELLO(const RuntimeEnvironment *RR)
 		peer->setRemoteVersion(protoVersion,vMajor,vMinor,vRevision);
 
 		bool trusted = false;
-		if (RR->topology->isRootserver(id.address())) {
+		if (RR->topology->isRoot(id)) {
 			RR->node->postNewerVersionIfNewer(vMajor,vMinor,vRevision);
 			trusted = true;
 		}
@@ -353,7 +353,7 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p
 				peer->setRemoteVersion(vProto,vMajor,vMinor,vRevision);
 
 				bool trusted = false;
-				if (RR->topology->isRootserver(peer->address())) {
+				if (RR->topology->isRoot(peer->identity())) {
 					RR->node->postNewerVersionIfNewer(vMajor,vMinor,vRevision);
 					trusted = true;
 				}
@@ -362,10 +362,10 @@ bool IncomingPacket::_doOK(const RuntimeEnvironment *RR,const SharedPtr<Peer> &p
 			}	break;
 
 			case Packet::VERB_WHOIS: {
-				// Right now only rootservers are allowed to send OK(WHOIS) to prevent
-				// poisoning attacks. Further decentralization will require some other
-				// kind of trust mechanism.
-				if (RR->topology->isRootserver(peer->address())) {
+				/* Right now only root servers are allowed to send OK(WHOIS) to prevent
+				 * poisoning attacks. Further decentralization will require some other
+				 * kind of trust mechanism. */
+				if (RR->topology->isRoot(peer->identity())) {
 					const Identity id(*this,ZT_PROTO_VERB_WHOIS__OK__IDX_IDENTITY);
 					if (id.locallyValidate())
 						RR->sw->doAnythingWaitingForPeer(RR->topology->addPeer(SharedPtr<Peer>(new Peer(RR->identity,id))));
-- 
cgit v1.2.3