diff --git a/src/yggdrasil/peer.go b/src/yggdrasil/peer.go index 51175ef3..a67e3f65 100644 --- a/src/yggdrasil/peer.go +++ b/src/yggdrasil/peer.go @@ -297,6 +297,13 @@ func (p *peer) handleSwitchMsg(packet []byte) { prevKey = hop.Next } p.core.switchTable.handleMsg(&msg, p.port) + if !p.core.switchTable.checkRoot(&msg) { + // Bad switch message + // Stop forwarding traffic from it + // Stop refreshing it in the DHT + p.dinfo = nil + return + } // Pass a mesage to the dht informing it that this peer (still) exists loc.coords = loc.coords[:len(loc.coords)-1] dinfo := dhtInfo{ diff --git a/src/yggdrasil/switch.go b/src/yggdrasil/switch.go index 4db4c67f..6c42f456 100644 --- a/src/yggdrasil/switch.go +++ b/src/yggdrasil/switch.go @@ -263,6 +263,27 @@ func (t *switchTable) getMsg() *switchMsg { } } +func (t *switchTable) checkRoot(msg *switchMsg) bool { + // returns false if it's a dropped root, not a better root, or has an older timestamp + // returns true otherwise + // used elsewhere to keep inserting peers into the dht only if root info is OK + t.mutex.RLock() + defer t.mutex.RUnlock() + dropTstamp, isIn := t.drop[msg.Root] + switch { + case isIn && dropTstamp >= msg.TStamp: + return false + case firstIsBetter(&msg.Root, &t.data.locator.root): + return true + case t.data.locator.root != msg.Root: + return false + case t.data.locator.tstamp > msg.TStamp: + return false + default: + return true + } +} + func (t *switchTable) handleMsg(msg *switchMsg, fromPort switchPort) { t.mutex.Lock() defer t.mutex.Unlock()