uapi: skip peers with invalid keys
This commit is contained in:
parent
b4010123f7
commit
4e3018a967
|
@ -68,7 +68,6 @@ type Peer struct {
|
|||
}
|
||||
|
||||
func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
|
||||
|
||||
if device.isClosed.Get() {
|
||||
return nil, errors.New("device closed")
|
||||
}
|
||||
|
@ -103,20 +102,28 @@ func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
|
|||
if ok {
|
||||
return nil, errors.New("adding existing peer")
|
||||
}
|
||||
device.peers.keyMap[pk] = peer
|
||||
|
||||
// pre-compute DH
|
||||
|
||||
handshake := &peer.handshake
|
||||
handshake.mutex.Lock()
|
||||
handshake.remoteStatic = pk
|
||||
handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(pk)
|
||||
ssIsZero := isZero(handshake.precomputedStaticStatic[:])
|
||||
handshake.remoteStatic = pk
|
||||
handshake.mutex.Unlock()
|
||||
|
||||
// reset endpoint
|
||||
|
||||
peer.endpoint = nil
|
||||
|
||||
// conditionally add
|
||||
|
||||
if !ssIsZero {
|
||||
device.peers.keyMap[pk] = peer
|
||||
} else {
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
// start peer
|
||||
|
||||
if peer.device.isUp.Get() {
|
||||
|
|
|
@ -243,7 +243,12 @@ func (device *Device) IpcSetOperation(socket *bufio.Reader) *IPCError {
|
|||
logError.Println("Failed to create new peer:", err)
|
||||
return &IPCError{ipc.IpcErrorInvalid}
|
||||
}
|
||||
logDebug.Println(peer, "- UAPI: Created")
|
||||
if peer == nil {
|
||||
dummy = true
|
||||
peer = &Peer{}
|
||||
} else {
|
||||
logDebug.Println(peer, "- UAPI: Created")
|
||||
}
|
||||
}
|
||||
|
||||
case "remove":
|
||||
|
|
Loading…
Reference in a new issue