From 1c838cf7d4b4a97fe1038bfacbcb4207ca3ce9ca Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Sun, 25 Oct 2020 22:17:29 +0100 Subject: [PATCH] Check blacklist status before committing an invitation. Although we delete invitation files when blacklisting a node, there is a race condition where an invitation connection is created right before the invitee is blacklisted. So check that the node is blacklisted right before committing the node config file to disk. --- src/protocol_auth.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 7bf12198..e1a9a313 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -48,8 +48,21 @@ bool send_id(meshlink_handle_t *mesh, connection_t *c) { } static bool commit_invitation(meshlink_handle_t *mesh, connection_t *c, const void *data) { + // Check if the node is known + node_t *n = lookup_node(mesh, c->name); + + if(n) { + if(n->status.blacklisted) { + logger(mesh, MESHLINK_ERROR, "Invitee %s is blacklisted", c->name); + } else { + logger(mesh, MESHLINK_ERROR, "Invitee %s already known", c->name); + } + + return false; + } + // Create a new node - node_t *n = new_node(); + n = new_node(); n->name = xstrdup(c->name); n->devclass = DEV_CLASS_UNKNOWN; n->ecdsa = ecdsa_set_public_key(data); -- 2.39.2