X-Git-Url: http://git.meshlink.io/?a=blobdiff_plain;f=src%2Fprotocol_key.c;h=1d708e4a3bb2fc3b70a6468f446c5a6f04aac307;hb=a5750efefc491d77ff6a45f0ebc21976831eebfe;hp=bf6c40a20230420eb4dc4b471d75822d723e2a3c;hpb=6eb1cfb2b112baf54d7c91e6d303f823ddb8acdd;p=meshlink

diff --git a/src/protocol_key.c b/src/protocol_key.c
index bf6c40a2..1d708e4a 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -34,7 +34,7 @@
 static const int req_key_timeout = 2;
 
 void send_key_changed(meshlink_handle_t *mesh) {
-	send_request(mesh, mesh->everyone, NULL, "%d %x %s", KEY_CHANGED, rand(), mesh->self->name);
+	send_request(mesh, mesh->everyone, NULL, "%d %x %s", KEY_CHANGED, prng(mesh, UINT_MAX), mesh->self->name);
 
 	/* Force key exchange for connections using SPTPS */
 
@@ -324,7 +324,8 @@ bool ans_key_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
 			return true;
 		}
 
-		if(!*address && from->address.sa.sa_family != AF_UNSPEC) {
+		/* Append the known UDP address of the from node, if we have a confirmed one */
+		if(!*address && from->status.udp_confirmed && from->address.sa.sa_family != AF_UNSPEC) {
 			char *address, *port;
 			logger(mesh, MESHLINK_DEBUG, "Appending reflexive UDP address to ANS_KEY from %s to %s", from->name, to->name);
 			sockaddr2str(&from->address, &address, &port);