Only apply session firewall to pings for sessions we don't already have

This commit is contained in:
Neil Alexander 2018-10-08 19:05:50 +01:00
parent 2e2c58bfef
commit 3f237372c9
No known key found for this signature in database
GPG Key ID: A02A2019A2BB0944

View File

@ -390,7 +390,7 @@ func (ss *sessions) handlePing(ping *sessionPing) {
// Get the corresponding session (or create a new session) // Get the corresponding session (or create a new session)
sinfo, isIn := ss.getByTheirPerm(&ping.SendPermPub) sinfo, isIn := ss.getByTheirPerm(&ping.SendPermPub)
// Check the session firewall // Check the session firewall
if ss.sessionFirewallEnabled { if !isIn && ss.sessionFirewallEnabled {
if !ss.isSessionAllowed(&ping.SendPermPub) { if !ss.isSessionAllowed(&ping.SendPermPub) {
return return
} }