From b8729de9daa925f45705e72861b4986b328e65e9 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 8 Sep 2014 08:25:06 -0700
Subject: Temporarily DISABLE multicast authentication (doing in branch, will
 reenable in dev)

---
 node/Switch.cpp | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'node/Switch.cpp')

diff --git a/node/Switch.cpp b/node/Switch.cpp
index dd4aec21..c00c9ef3 100644
--- a/node/Switch.cpp
+++ b/node/Switch.cpp
@@ -213,9 +213,13 @@ void Switch::onLocalEthernet(const SharedPtr<Network> &network,const MAC &from,c
 			outp.append((uint16_t)data.size());
 			outp.append(data);
 
-			C25519::Signature sig(_r->identity.sign(outp.field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX__START_OF_SIGNED_PORTION,signedPartLen),signedPartLen));
-			outp.append((uint16_t)sig.size());
-			outp.append(sig.data,(unsigned int)sig.size());
+			if (network->authenticateMulticasts()) {
+				C25519::Signature sig(_r->identity.sign(outp.field(ZT_PROTO_VERB_MULTICAST_FRAME_IDX__START_OF_SIGNED_PORTION,signedPartLen),signedPartLen));
+				outp.append((uint16_t)sig.size());
+				outp.append(sig.data,(unsigned int)sig.size());
+			} else {
+				outp.append((uint16_t)0);
+			}
 
 			// FIXME: now we send the netconf cert with every single multicast,
 			// which pretty much ensures everyone has it ahead of time but adds
-- 
cgit v1.2.3