Only add confirmed reflexive UDP addresses to ANS_KEY messages.

[meshlink] / src / protocol_key.c

diff --git a/src/protocol_key.c b/src/protocol_key.c
index a9bc1c0ae04784b66bf8f3a0cf4b518c22234ec7..1d708e4a3bb2fc3b70a6468f446c5a6f04aac307 100644 (file)
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -34,7 +34,7 @@
 static const int req_key_timeout = 2;
 
 void send_key_changed(meshlink_handle_t *mesh) {
-       send_request(mesh, mesh->everyone, NULL, "%d %x %s", KEY_CHANGED, rand(), mesh->self->name);
+       send_request(mesh, mesh->everyone, NULL, "%d %x %s", KEY_CHANGED, prng(mesh, UINT_MAX), mesh->self->name);
 
        /* Force key exchange for connections using SPTPS */
 
@@ -275,12 +275,6 @@ bool req_key_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
        return true;
 }
 
-bool send_ans_key(meshlink_handle_t *mesh, node_t *to) {
-       (void)mesh;
-       (void)to;
-       abort();
-}
-
 bool ans_key_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
        assert(request);
        assert(*request);
@@ -330,7 +324,8 @@ bool ans_key_h(meshlink_handle_t *mesh, connection_t *c, const char *request) {
                        return true;
                }
 
-               if(!*address && from->address.sa.sa_family != AF_UNSPEC) {
+               /* Append the known UDP address of the from node, if we have a confirmed one */
+               if(!*address && from->status.udp_confirmed && from->address.sa.sa_family != AF_UNSPEC) {
                        char *address, *port;
                        logger(mesh, MESHLINK_DEBUG, "Appending reflexive UDP address to ANS_KEY from %s to %s", from->name, to->name);
                        sockaddr2str(&from->address, &address, &port);