uapi: skip peers with invalid keys
This commit is contained in:
parent
b4010123f7
commit
4e3018a967
|
@ -68,7 +68,6 @@ type Peer struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
|
func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
|
||||||
|
|
||||||
if device.isClosed.Get() {
|
if device.isClosed.Get() {
|
||||||
return nil, errors.New("device closed")
|
return nil, errors.New("device closed")
|
||||||
}
|
}
|
||||||
|
@ -103,20 +102,28 @@ func (device *Device) NewPeer(pk NoisePublicKey) (*Peer, error) {
|
||||||
if ok {
|
if ok {
|
||||||
return nil, errors.New("adding existing peer")
|
return nil, errors.New("adding existing peer")
|
||||||
}
|
}
|
||||||
device.peers.keyMap[pk] = peer
|
|
||||||
|
|
||||||
// pre-compute DH
|
// pre-compute DH
|
||||||
|
|
||||||
handshake := &peer.handshake
|
handshake := &peer.handshake
|
||||||
handshake.mutex.Lock()
|
handshake.mutex.Lock()
|
||||||
handshake.remoteStatic = pk
|
|
||||||
handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(pk)
|
handshake.precomputedStaticStatic = device.staticIdentity.privateKey.sharedSecret(pk)
|
||||||
|
ssIsZero := isZero(handshake.precomputedStaticStatic[:])
|
||||||
|
handshake.remoteStatic = pk
|
||||||
handshake.mutex.Unlock()
|
handshake.mutex.Unlock()
|
||||||
|
|
||||||
// reset endpoint
|
// reset endpoint
|
||||||
|
|
||||||
peer.endpoint = nil
|
peer.endpoint = nil
|
||||||
|
|
||||||
|
// conditionally add
|
||||||
|
|
||||||
|
if !ssIsZero {
|
||||||
|
device.peers.keyMap[pk] = peer
|
||||||
|
} else {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
|
||||||
// start peer
|
// start peer
|
||||||
|
|
||||||
if peer.device.isUp.Get() {
|
if peer.device.isUp.Get() {
|
||||||
|
|
|
@ -243,7 +243,12 @@ func (device *Device) IpcSetOperation(socket *bufio.Reader) *IPCError {
|
||||||
logError.Println("Failed to create new peer:", err)
|
logError.Println("Failed to create new peer:", err)
|
||||||
return &IPCError{ipc.IpcErrorInvalid}
|
return &IPCError{ipc.IpcErrorInvalid}
|
||||||
}
|
}
|
||||||
logDebug.Println(peer, "- UAPI: Created")
|
if peer == nil {
|
||||||
|
dummy = true
|
||||||
|
peer = &Peer{}
|
||||||
|
} else {
|
||||||
|
logDebug.Println(peer, "- UAPI: Created")
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
case "remove":
|
case "remove":
|
||||||
|
|
Loading…
Reference in a new issue